Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What does header('P3P: CP="CAO PSA OUR"'); do?

Tags:

php

session

p3p

What is header('P3P: CP="CAO PSA OUR"'); for?

How/why will it let this script work fine in IE?

session_start();  if (!session_is_registered(pre_myusername)) {     header("location:index.php");     exit(); } 
like image 964
wyman Avatar asked Mar 10 '11 09:03

wyman


2 Answers

P3P is the Platform for Privacy Preferences. The value CP="CAO PSA OUR" describes a compact policy with the tokens

  • contact and others (access information: What information is collected?)

    Identified Contact Information and Other Identified Data: access is given to identified online and physical contact information as well as to certain other identified data.

  • pseudo-analysis (purpose information: What is the collected information used for?)

    Pseudonymous Analysis: Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. For example, a marketer may wish to understand the interests of visitors to different portions of a Web site.

  • ours (receipient information: Who gets that collected information?)

    Ourselves and/or entities acting as our agents or entities for whom we are acting as an agent: An agent in this instance is defined as a third party that processes data only on behalf of the service provider for the completion of the stated purposes. (e.g., the service provider and its printing bureau which prints address labels and does nothing further with the information.)

like image 127
Gumbo Avatar answered Oct 05 '22 06:10

Gumbo


Gumbo has already explained what P3P is. Now, about your code, session_is_registered is deprecated. You are using pre_myusername as a constant. If it's not defined, PHP will assume a string, but relying on this behavior is discouraged. If you really intended to use constants, use uppercase for clarity. Note that a variable should be prefixed with a dollar ($).

  • Make sure that no content is sent before session_start(); or the session cookie will not be sent.
  • Session variables are available from the $_SESSION array.
  • isset() can be used for checking the existence of a variable (array key in this case).

So, the actual code becomes:

session_start(); if(!isset($_SESSION['pre_myusername'])){     header("Location: index.php");     exit(); } 

For examples and documentation of the session functions, visit the PHP Manual.

like image 42
Lekensteyn Avatar answered Oct 05 '22 05:10

Lekensteyn