new EU cookie rule question

Hi

As some of you may know the EU (European union) recently introduced a new law on cookies.As the UK is part of the EU I need to comply.
cookies.aspx

One of the first steps suggested re compliance is to identify cookies being set when someone logs into your website i.e. a 'Cookie audit'
I have used internet explorer 9 F12 Developer tools to do this as a first step (and I notice that on my contact page (which uses web assist pre built PHP solution pack) it appears that a cookie is set when someone visits the page?
According to F12 developer tools
i.e. IE9 Click on the 'gear' then F12 developer tools/cache/view cookie information)
the cookie is:
NAME PHPSESSID

Thus re complying with the above mentioned EU directive I am wondering
1)Is this cookie set by the code in the PHP solutions pack (and is it set by the CSS form builder I bought?)
2)If the answer to 1) is yes then what does the cookie do? - the name suggests that it is something to do with security?
3)If the answer to 1) is yes then can I delete this section of the code (you would need to help me identify the code section) and what would be the consequence of deleting it?

It may be the Cookie is not set by my web assist products but by my ISP? (Fasthosts)

In any event if I keep the Cookie then I need to know what it does so I can ask my users if they want to opt into it being set....there are some software companies who are starting to produce software for this purpose see
jpecr-package/

This is all a bit of a headache and my goal is to only include cookies that are essential to the functioning of my websites...including security.

Sorry about the long question but the key point is "is the cookie set by the web assist products (contact form solution pack or CSS form builder) or by my ISP and what does this Cookie do?
j.dobres@blueyonder.co.uk
best wishes

Jonathan

the PHPSESSID cookie is set by the PHP Processor. it is the ID of the current browsing session and is used for setting and tracking session variables.

Hi Jonathon
I recently had to address this accross multiple websites, I think you will find the law only applies to 3rd party cookies, the cookies you are refering to are 1st party cookies i.e. created by your website and therefore are essential to the running of your site and are not covered by the law.
The solution you mention is one that I am using, if you have any 3rd party cookies, simply add the scripts for them within the php code if else statments, these could be anything from Google Analytics, +1's or Facebook likes etc.

EXAMPLE OF HOW I COMPLY

<script type="text/javascript">
var z = jQuery.noConflict();
z(document).ready( function () {
z.ws.jconsent({
displaySettingsSelector: '.displayCookieSettings',
moreInfo: 'Please see our <a href="http://YOUR WEBSITE/privacypolicy.php">Privacy Policy</a>',
geolocate: true
});
});
</script>
<?php
if ((isset($_COOKIE['wsjconsent_consent'])) && ($_COOKIE['wsjconsent_consent'] == true)) {
//We are allowed to present the feature that requires cookies
require_once ("js/analytics.js");
} else {
//We are not allowed to present the feature that requires cookies
// Tell the user that they are getting a less-than-perfect experience?
echo '<p style="background-color:#333333; color:#ffffff; padding:5px; text-align:center; font-family:Arial, Helvetica, sans-serif; text-transform:uppercase; font-size:10px; border:1px solid #ff0000;">3 ^rd party cookies are disabled !</p>';
}
?>

If you notice the cookies notice will not display if you are outside the EU, also it will display a message that notifies the user that they have disabled the 3rd party cookies.

It works very well and I strongly recomend it, you can remove the link by purchacing a licence for £25.

Hope this helps.

I have been conducting my cookie audit for the new eu cookie law using google chrome tools and I tested what happens when I clicked the submit button on the contact form.To my suprise according to these tools google analytics cookies appear to be set in my domain when the submit button is clicked and an email is successfully sent from the form
_utma
_utmb
_utmc
_utmz
How come?
If this s really happening then I need to include these cookiesin my cookie list so users can opt in or out.
Is this really happening and if so why?

Jonathan

I don't think they are set by us. What else do you have on the page. Do you have a URL where I can see the problem? Are you using google analytics? That might be what is setting the cookies.

Hi Ray

The url is
contactus.php

You will notice that google translate is on the page,however the only cookies that this widget produces on other pages on my site are???

googtrans
Pref

I think the purpose of the googtrans cookie is?
Sets language preferences for the session selected by google translate widget Expires at the end of the session.As the cookie is set in my domain I think that makes it a non essential 1st party cookie??? - I assume the translate widget sets it???

I think the purpose of the Pref cookie is:
Stores language preferences for the Google Translate widget. Expires in two years???This cookie is set in the google domainnso I think this is a non essentail third party cookie???

Thus I am puzzlled as to why (when clicking the submit button succesfully sends an email)
That google chrome reports the following cookies set from my domain???
_utma
_utmb
_utmc
_utmz

I think these cookies are google anylitics cookies,one of them is session cookie (_utmc )and the others more persistant according to my research.

I tested all this by using google chrome developer tools to delete the above cookies and then tried sending an email from the site and all 4 of the above cookies reappeared with the domain indicated as my domain.

As far as I am aware I dont have the google analytics code in any page(I previously deleted it) but as you can see google translate is in all pages...
I dont understand whats going on here.....what is so special about sending an email from the contact page that causes the cookies to be set???

I am sure I must have missed something obvious???

Jonathan

Jonathan

By the way I am about to implement the final part of the compliance procedure by using the wolf software solution to create an opt in/out bar on the site

Jonathan

These cookies are set and used by google analytics and aren't set or used by webassist.

I found this article about their use: from-__utma-to-__utmz-google-analytics-cookies.html

....Thanks for your reply but I already had this information...I am still unclear why these cookies are being set as I had thought I deleted the google analytics code I originally had on my website hoping to simplify my cookie audit...hopefully I will figure this out,particularly why it only seems to affect the contact form page .....and in the meantime I shall list all 4 google analytics cookies in my cookie audit as google chrome developer tools reports they are being set on the contact form page when an email is sent from the page....