We help IT Professionals succeed at work.

Setting over 18 years old agreement on whole page

celtician
celtician asked
on
I have some adult site, i want to set a mandatory agreement before anyone access the content, to simple verify (by pressing so) that they are over 18 years old, if they click "YES" they will be able to continue using the site flawlessly, if they are under 18 and click "NO" will be sent elsewhere, with some cookie, so i dont need to be asking all the time, just once and keep the cookie on the user computer for lets say, 1 month.
Comment
Watch Question

Most Valuable Expert 2011
Top Expert 2016

Commented:
The concepts in this article will be helpful to you.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_3314-How-to-Show-an-Introductory-Web-Page-Once-Using-PHP.html

Here is an example of how to set a cookie.  It uses a ZIP code, but any form input would be easy to use, including a checkbox.

<?php // RAY_cookie_zipcode_example.php
error_reporting(E_ALL);


// RECEIVE FORM INPUT AND SET A COOKIE WITH THE ZIP CODE - SHOW WEATHER
// MAN PAGE: http://us.php.net/manual/en/function.setcookie.php
// TO SEE COOKIES IN FIREFOX, FOLLOW TOOLS => OPTIONS => PRIVACY => SHOW COOKIES


// SET A DEFAULT VALUE FROM THE COOKIE
$z = '';
if (isset($_COOKIE["ZIP_Code"])) $z = $_COOKIE["ZIP_Code"];


// SEE IF CLIENT POSTED THE ZIP CODE - FORM INPUT OVERRIDES THE COOKIE
if (!empty($_POST["z"])) // IF THE FORM HAS BEEN POSTED WITH A ZIP CODE
{

// TIDY UP THE POST INPUT - CLEAN AND NOT MORE THAN 16 BYTES
   $z = substr(clean_string($_POST["z"]),0,5);

// BE SURE WE HAVE USEFUL INFORMATION
   if ( ($z == '') || (strlen($z) != 5) ) die("BOGUS:$z<br/>PLEASE <a href=\"{$_SERVER["PHP_SELF"]}\">TRY AGAIN</a>");

// CHOOSE THE COOKIE NAME AND VALUE
   $cookie_name    = 'ZIP_Code';
   $cookie_value   = $z;

// COOKIE EXPIRES AT END OF BROWSER LIFE
   $cookie_expires = 0;

// MAKE THE COOKIE AVAILABLE TO ALL DIRECTORY PATHS IN THE WWW ROOT
   $cookie_path	= '/';

// MAKE THE COOKIE AVAILABLE TO ALL SUBDOMAINS - DOMAIN NAME STARTS WITH DOT AND OMITS WWW (OR OTHER SUBDOMAINS).
   $x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
   $y = count($x);
   if ($y == 1) // MAYBE 'localhost'?
   {
      $cookie_domain = $x[0];
   } else // SOMETHING LIKE 'www2.atf70.whitehouse.gov'?
   {
// USE THE LAST TWO POSITIONS TO MAKE THE HOST DOMAIN
      $cookie_domain = '.' . $x[$y-2] . '.' . $x[$y-1];
   }

// MAKE THE COOKIE AVAILABLE TO HTTP, NOT JUST HTTPS
   $cookie_secure    = FALSE;

// SET THE COOKIE
   if (!setcookie($cookie_name, $cookie_value, $cookie_expires, $cookie_path, $cookie_domain, $cookie_secure))
   {
      echo "<br/>FAILURE!  THE COOKIE WAS NOT SET AS EXPECTED \n";
   }
} // END OF SETTING THE COOKIE FROM THE POST DATA





// AND NOW, IF WE HAVE A ZIP CODE, SIMULATE GETTING THE WEATHER
if (!empty($z))
{
   echo "<br/>SIMULATED WEATHER REPORT: ";
   echo "<a target=\"_blank\" href=\"http://www.wunderground.com/cgi-bin/findweather/getForecast?wuSelect=WEATHER&query=$z\">$z</a>";
   echo "<br/><br/>\n";
}




// END OF PHP - PUT UP THE FORM
?>
<form method="post">
SET OR CHANGE YOUR ZIP CODE: <input name="z" value="<?php echo $z; ?>" /><br/>
<input type="submit" />
</form>


<?php // MISCELLANEOUS STUFF
// SHOW THE COOKIE ARRAY, IF ANY
echo '<pre>$_COOKIE CONTAINS '; var_dump($_COOKIE); echo "</pre>\n";



// A FUNCTION TO FORCE A STRING TO CHARACTERS ONLY
function clean_string($string)
{
   return trim(preg_replace('/[^A-Z0-9_]/i', '', $string));
}
?>

Open in new window

HTH, ~Ray

Author

Commented:
But i think i would need to include that on every single page, right?

I dont want to change the code, i would want some sort of solution requiring from a higher level that code when the page loads, you know what i mean.
Top Expert 2013

Commented:
When they come on the site, you use your common code for allowing access to test and set the cookie. Are you not already checking the session for every page load?

Cd&
Most Valuable Expert 2011
Top Expert 2016

Commented:
I start all of my "real" PHP scripts with a common script that creates the framework.  In a page script, it looks like this:

<?php require_once('common.php');
// REST OF SCRIPT HERE

In my common.php script I have things like session_start(), database connections, custom classes and extensions.  It's a design that has served me well.

Basic PHP client authentication is described in this article.  Instead of requiring the client to use a password, you can simply require the client to use a checkbox instead.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

I'll see if I can come up with an example for you.
Top Expert 2013

Commented:
@ray,

My approach is virtually identical to that. So how come you are on top in PHP and I'm only a wannabe. ;^)  


Cd&
Most Valuable Expert 2011
Top Expert 2016
Commented:
Please see http://www.laprbass.com/RAY_temp_celtician.php

The relevant scripts are shown below with comments to annotate the code.

<?php // RAY_temp_celtician.php
require_once('RAY_temp_celtician_common.php');

// IF WE GET THIS FAR, THE AUTHORIZATION HAS BEEN GIVEN
echo '<p>You are now allowed access</p>';

Open in new window

<?php // RAY_temp_celtician_common.php
error_reporting(E_ALL);

// REQUIRED AT PHP 5+
date_default_timezone_set('America/New_York');

// IS THE COOKIE SET TO ALLOW ACCESS?
$cookie = isset($_COOKIE['ok']) ? TRUE : FALSE;
if (!$cookie)
{
    // IF THE COOKIE IS NOT THERE, GO REQUEST AUTHORIZATION
    header("Location: RAY_temp_celtician_auth.php");
    exit;
}

Open in new window

<?php // RAY_temp_celtician_auth.php

// WE CANNOT USE THIS SCRIPT HERE - ENDLESS LOOP
// require_once('RAY_temp_celtician_common.php');

// REQUIRED AT PHP 5+
date_default_timezone_set('America/New_York');


// IF THE FORM HAS BEEN SUBMITTED
if (!empty($_POST))
{
    // IF THE CLIENT SET THE CHECKBOX
    if (isset($_POST['I_am_18']))
    {
        // SET THE COOKIE TO LAST FOR A YEAR
        setcookie('ok', 'forever', time() + 60*60*24*365, DIRECTORY_SEPARATOR);

        // REDIRECT TO THE HOME PAGE
        header("Location: RAY_temp_celtician.php");
        exit;
    }
}

// IF THE FORM HAS NOT BEEN SUBMITTED
$form = <<<ENDFORM
<form method="post">
<input type="checkbox" name="I_am_18" />
Check this box to indicate that you are 18 or older
<input type="submit" />
or <a href="http://google.com">Leave Site</a>
</form>
ENDFORM;

echo $form;

Open in new window

HTH, ~Ray
Most Valuable Expert 2011
Top Expert 2016

Commented:
@CD&

You must be busier than I am :-)  I teach PHP for Boston University.  It's usually only a two-day-a-week workload, so I fill my time with other things, and I've found that answering questions at EE keeps me technically sharp.

All the best, ~Ray

Author

Commented:
Thank you very much for the work ray, this site has pieces of code from here and there and thats why I don't have a common code structure, i've always thought of fixing it, but you know... I'll accept this solution as good, but is there any other way to require the code besides that?

I mean, just like when you set a directive in httpd.conf /.htaccess file or requiring a password at a directory level without touching the code inside.
Most Valuable Expert 2011
Top Expert 2016

Commented:
Not that I know of.  I am kind of dependent on the idea of a common include script and cannot imagine working without it, sorry.

Author

Commented:
Great answer, thank you.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.