Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Setting over 18 years old agreement on whole page

Posted on 2012-08-13
10
Medium Priority
?
424 Views
Last Modified: 2012-08-15
I have some adult site, i want to set a mandatory agreement before anyone access the content, to simple verify (by pressing so) that they are over 18 years old, if they click "YES" they will be able to continue using the site flawlessly, if they are under 18 and click "NO" will be sent elsewhere, with some cookie, so i dont need to be asking all the time, just once and keep the cookie on the user computer for lets say, 1 month.
0
Comment
Question by:celtician
  • 5
  • 3
  • 2
10 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 38291586
The concepts in this article will be helpful to you.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_3314-How-to-Show-an-Introductory-Web-Page-Once-Using-PHP.html

Here is an example of how to set a cookie.  It uses a ZIP code, but any form input would be easy to use, including a checkbox.

<?php // RAY_cookie_zipcode_example.php
error_reporting(E_ALL);


// RECEIVE FORM INPUT AND SET A COOKIE WITH THE ZIP CODE - SHOW WEATHER
// MAN PAGE: http://us.php.net/manual/en/function.setcookie.php
// TO SEE COOKIES IN FIREFOX, FOLLOW TOOLS => OPTIONS => PRIVACY => SHOW COOKIES


// SET A DEFAULT VALUE FROM THE COOKIE
$z = '';
if (isset($_COOKIE["ZIP_Code"])) $z = $_COOKIE["ZIP_Code"];


// SEE IF CLIENT POSTED THE ZIP CODE - FORM INPUT OVERRIDES THE COOKIE
if (!empty($_POST["z"])) // IF THE FORM HAS BEEN POSTED WITH A ZIP CODE
{

// TIDY UP THE POST INPUT - CLEAN AND NOT MORE THAN 16 BYTES
   $z = substr(clean_string($_POST["z"]),0,5);

// BE SURE WE HAVE USEFUL INFORMATION
   if ( ($z == '') || (strlen($z) != 5) ) die("BOGUS:$z<br/>PLEASE <a href=\"{$_SERVER["PHP_SELF"]}\">TRY AGAIN</a>");

// CHOOSE THE COOKIE NAME AND VALUE
   $cookie_name    = 'ZIP_Code';
   $cookie_value   = $z;

// COOKIE EXPIRES AT END OF BROWSER LIFE
   $cookie_expires = 0;

// MAKE THE COOKIE AVAILABLE TO ALL DIRECTORY PATHS IN THE WWW ROOT
   $cookie_path	= '/';

// MAKE THE COOKIE AVAILABLE TO ALL SUBDOMAINS - DOMAIN NAME STARTS WITH DOT AND OMITS WWW (OR OTHER SUBDOMAINS).
   $x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
   $y = count($x);
   if ($y == 1) // MAYBE 'localhost'?
   {
      $cookie_domain = $x[0];
   } else // SOMETHING LIKE 'www2.atf70.whitehouse.gov'?
   {
// USE THE LAST TWO POSITIONS TO MAKE THE HOST DOMAIN
      $cookie_domain = '.' . $x[$y-2] . '.' . $x[$y-1];
   }

// MAKE THE COOKIE AVAILABLE TO HTTP, NOT JUST HTTPS
   $cookie_secure    = FALSE;

// SET THE COOKIE
   if (!setcookie($cookie_name, $cookie_value, $cookie_expires, $cookie_path, $cookie_domain, $cookie_secure))
   {
      echo "<br/>FAILURE!  THE COOKIE WAS NOT SET AS EXPECTED \n";
   }
} // END OF SETTING THE COOKIE FROM THE POST DATA





// AND NOW, IF WE HAVE A ZIP CODE, SIMULATE GETTING THE WEATHER
if (!empty($z))
{
   echo "<br/>SIMULATED WEATHER REPORT: ";
   echo "<a target=\"_blank\" href=\"http://www.wunderground.com/cgi-bin/findweather/getForecast?wuSelect=WEATHER&query=$z\">$z</a>";
   echo "<br/><br/>\n";
}




// END OF PHP - PUT UP THE FORM
?>
<form method="post">
SET OR CHANGE YOUR ZIP CODE: <input name="z" value="<?php echo $z; ?>" /><br/>
<input type="submit" />
</form>


<?php // MISCELLANEOUS STUFF
// SHOW THE COOKIE ARRAY, IF ANY
echo '<pre>$_COOKIE CONTAINS '; var_dump($_COOKIE); echo "</pre>\n";



// A FUNCTION TO FORCE A STRING TO CHARACTERS ONLY
function clean_string($string)
{
   return trim(preg_replace('/[^A-Z0-9_]/i', '', $string));
}
?>

Open in new window

HTH, ~Ray
0
 

Author Comment

by:celtician
ID: 38292188
But i think i would need to include that on every single page, right?

I dont want to change the code, i would want some sort of solution requiring from a higher level that code when the page loads, you know what i mean.
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38292380
When they come on the site, you use your common code for allowing access to test and set the cookie. Are you not already checking the session for every page load?

Cd&
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 111

Expert Comment

by:Ray Paseur
ID: 38292571
I start all of my "real" PHP scripts with a common script that creates the framework.  In a page script, it looks like this:

<?php require_once('common.php');
// REST OF SCRIPT HERE

In my common.php script I have things like session_start(), database connections, custom classes and extensions.  It's a design that has served me well.

Basic PHP client authentication is described in this article.  Instead of requiring the client to use a password, you can simply require the client to use a checkbox instead.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

I'll see if I can come up with an example for you.
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38292708
@ray,

My approach is virtually identical to that. So how come you are on top in PHP and I'm only a wannabe. ;^)  


Cd&
0
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 38292717
Please see http://www.laprbass.com/RAY_temp_celtician.php

The relevant scripts are shown below with comments to annotate the code.

<?php // RAY_temp_celtician.php
require_once('RAY_temp_celtician_common.php');

// IF WE GET THIS FAR, THE AUTHORIZATION HAS BEEN GIVEN
echo '<p>You are now allowed access</p>';

Open in new window

<?php // RAY_temp_celtician_common.php
error_reporting(E_ALL);

// REQUIRED AT PHP 5+
date_default_timezone_set('America/New_York');

// IS THE COOKIE SET TO ALLOW ACCESS?
$cookie = isset($_COOKIE['ok']) ? TRUE : FALSE;
if (!$cookie)
{
    // IF THE COOKIE IS NOT THERE, GO REQUEST AUTHORIZATION
    header("Location: RAY_temp_celtician_auth.php");
    exit;
}

Open in new window

<?php // RAY_temp_celtician_auth.php

// WE CANNOT USE THIS SCRIPT HERE - ENDLESS LOOP
// require_once('RAY_temp_celtician_common.php');

// REQUIRED AT PHP 5+
date_default_timezone_set('America/New_York');


// IF THE FORM HAS BEEN SUBMITTED
if (!empty($_POST))
{
    // IF THE CLIENT SET THE CHECKBOX
    if (isset($_POST['I_am_18']))
    {
        // SET THE COOKIE TO LAST FOR A YEAR
        setcookie('ok', 'forever', time() + 60*60*24*365, DIRECTORY_SEPARATOR);

        // REDIRECT TO THE HOME PAGE
        header("Location: RAY_temp_celtician.php");
        exit;
    }
}

// IF THE FORM HAS NOT BEEN SUBMITTED
$form = <<<ENDFORM
<form method="post">
<input type="checkbox" name="I_am_18" />
Check this box to indicate that you are 18 or older
<input type="submit" />
or <a href="http://google.com">Leave Site</a>
</form>
ENDFORM;

echo $form;

Open in new window

HTH, ~Ray
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 38292803
@CD&

You must be busier than I am :-)  I teach PHP for Boston University.  It's usually only a two-day-a-week workload, so I fill my time with other things, and I've found that answering questions at EE keeps me technically sharp.

All the best, ~Ray
0
 

Author Comment

by:celtician
ID: 38297642
Thank you very much for the work ray, this site has pieces of code from here and there and thats why I don't have a common code structure, i've always thought of fixing it, but you know... I'll accept this solution as good, but is there any other way to require the code besides that?

I mean, just like when you set a directive in httpd.conf /.htaccess file or requiring a password at a directory level without touching the code inside.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 38297764
Not that I know of.  I am kind of dependent on the idea of a common include script and cannot imagine working without it, sorry.
0
 

Author Closing Comment

by:celtician
ID: 38298702
Great answer, thank you.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Suggested Courses
Course of the Month20 days, 23 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question