Cookies

You can read more about cookies here http://www.allaboutcookies.org

Marine Chart Services use cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users.

Users are those people who have registered an account with the Marine Chart Services website, for instance when you make a purchase.

On login, Marine Chart Services use the wordpress_[hash] cookie to store your authentication details. Its use is limited to the admin console area, /wp-admin/

After login, Marine Chart Services sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.

Marine Chart Services also set a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customise your view of admin interface, and possibly also the main site interface.

The cookies length can be adjusted with the ‘auth_cookie_expiration’ hook.

The actual cookies contain hashed data, so you don’t have to worry about someone gleaning your username and password by reading the cookie data. A hash is the result of a specific mathematical formula applied to some input data (in this case your user name and password, respectively). It’s quite hard to reverse a hash (bordering on practical infeasibility with today’s computers). This means it is very difficult to take a hash and “unhash” it to find the original input data.

Marine Chart Services use the two cookies to bypass the password entry portion of wp-login.php. If Marine Chart Services recognise that you have valid, non-expired cookies, you go directly to the Marine Chart Services Administration interface. If you don’t have the cookies, or they’re expired, or in some other way invalid (like you edited them manually for some reason), Marine Chart Services will require you to log in again, in order to obtain new cookies.

The functions to set and remove cookies are currently defined in /wp-includes/pluggable.php.

auth_redirect()
This function also utilizes the cookies. Checks whether the cookie is present on the client browser. If it is not, the user is sent to the wp-login.php login screen. After logging in, the user is sent back to the page he or she attempted to access.

To keep track of cart data we make use of 3 cookies:

  • woocommerce_cart_hash
  • woocommerce_items_in_cart
  • wp_woocommerce_session_

The first two cookies contain information about the cart as a whole and helps us know when the cart data changes. The final cookie (wp_woocommerce_session_) contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies.