Ultimate GDPR – check privacy level and load scripts

CHALLENGE: we want to check user cookie level and load custom scripts

SOLUTION: use the ct_ultimate_gdpr_get_encoded_cookie() global function

The Ultimate GDPR & CCPA WordPress plugin is a toolkit for handling Data Protection Regulations (GDPR in Europe, CCPA in California, USA). One of its many functions is to configure different services and assign them to “Privacy Level”. The most popular levels include:

• Essentials
• Functionality
• Analytics
• Advertising

By accepting a proper level, the user agrees to load certain scripts and register the related cookie/cookies in the browser. Services, scripts and cookie definitions can be configured  in the Service Manager plugin in the WordPress Admin Panel, but sometimes this is not enough. A PHP function should be used to enqueue custom scripts based on a unique condition.

Deactivate items in the Service Manager

Our goal is to add 3 different GTM (GoogleTagManager) containers and load them for each specific level separately. First, deactivate those items in the Service Manager. If you previously ran ‘Cookie Scanner’, those services will be visible on the listing: GTM, GTM-*** . We don’t want the plugin to block them – ‘Do you want to activate this service?’ should be unchecked in the Edit Item settings.

Read Cookie Level and enqueue script

Users can change their privacy settings in the Cookie Bar ‘Advanced Mode’. We will read user privacy level (from a cookie) and enqueue scripts based on Cookie value. WordPress wp_head hook allows us to add additional code in the page head section.

function ct_custom_gtm_code(){
    /**
     * Levels:
     * false: Block all
     * 2: Essentials
     * 3: Functionality
     * 4: Analytics
     * 5: Advertising
     */
    $ct_cookie_level = ct_ultimate_gdpr_get_encoded_cookie("ct-ultimate-gdpr-cookie-level");
if($ct_cookie_level == 3):
 ?>
    <script>// load GMT Script 1</script>
    <?php
endif;
if($ct_cookie_level == 4):
    ?>
    <script>// load GMT Script 2</script>
    <?php
endif;
if($ct_cookie_level == 5):
    ?>
    <script>// load GMT Script 3</script>
    <?php
endif;
    ?>
    <?php
}
add_action( 'wp_head', 'ct_custom_gtm_code', 10 );

Troubleshooting

• The user changed his privacy level, but the old Cookie level still exists in the browser
• There might be an issue with the delete_cookies($cookies) function. It uses the get_all_domains() method that is reading $_SERVER[‘HTTP_HOST’] from the server. Incorrect hosting configuration or the use of subdomain may cause a function error. The direct effect is that the get_all_domains() function returns an array with an empty value/values, for example:

/**
array(2) {
[0]=>
string(12) "mysubdomain.example.com"
[1]=>
string(6) "example.com"
 [2]=>
string(6) ""
}
 */

To fix the issue, we can use the ‘ct_ultimate_gdpr_controller_cookie_get_all_domains’ filter and remove the empty values from the array.

function ct_fix_domains_cookies( $domains, $host ){
    return array_filter($domains);
}
add_filter("ct_ultimate_gdpr_controller_cookie_get_all_domains", "ct_fix_domains_cookies", 2, 10);

That’s it. Make sure you follow us for other useful tips.