We do not use cookies for tracking visitors or for advertising purposes.
The framework within which our website is built is WordPress, and this is also used for our entry system.
We only use Cookies and record data for the purpose of running our entry system, and the main festival administration system. Cookies are required to track you and your entry process.
If you proceed to submit entries then you are passed over to Paypal (who handle credit and debit card payments for us). We assume that they use cookies but this is out of our control, and no information acquired by Paypal is passed to us, except that essential to the entry/payment process.
Here is a (rather technical) summary of the way WordPress uses cookies. If you register or login, then this system comes into play. It does not apply to casual visitors.
Users Cookie
Users are those people who have registered an account with our web site.
On login, WordPress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the Administration Screen area, /wp-admin/
After login, WordPress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use. The actual use is only when you are submitting entries. If you just browse the site then this cookie is irrelevant and ignored.
WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of the admin interface (where you have access to your User Profile), and for managing the entry system.
The cookies length can be adjusted with the ‘auth_cookie_expiration’ hook (An example can be found at what’s the easiest way to stop wp from ever logging me out).
Non-Version-Specific Data
The actual cookies contain hashed data, so you don’t have to worry about someone gleaning your username and password by reading the cookie data. A hash is the result of a specific mathematical formula applied to some input data (in this case your user name and password, respectively). It’s quite hard to reverse a hash (bordering on practical infeasibility with today’s computers). This means it is very difficult to take a hash and “unhash” it to find the original input data.
WordPress uses the two cookies to bypass the password entry portion of wp-login.php
. If WordPress recognizes that you have valid, non-expired cookies, you go directly to the WordPress Administration Screen. If you don’t have the cookies, or they’re expired, or in some other way invalid (like you edited them manually for some reason), WordPress will require you to log in again, in order to obtain new cookies.