PHP create cookie and only show website if cookie exists
Question
I want to protect a website from being accessed until a user has agreed to something. The basic idea is that at the top of each page it will check if the cookie exists if not then exit and include a php page that contains the message and two buttons one which will create the cookie and the other simply moving them off the site eg google.com
EDIT:
This is what I ended up with:
The warning include would look something like this:
<?php
function pageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {
$pageURL .= "s";
}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
}
else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
$pageRedirect = pageURL();
if (
isset($_POST['agree_button']) && ($_POST['agree_button'] == 'I agree')
) {
setcookie('agreed', 'true');
header("Location:$pageRedirect",303);
}
?>
<form action="<?php echo pageURL(); ?>" method="post">
<p>INSERT MESSAGE HERE (User must agree)</p>
<input type="submit" value="I agree" name="agree_button" />
<input type="button" value="I disagree" />
</form>
and the at the top of pages something like this:
<?php
if(!isset($_COOKIE['agreed']) || ($_COOKIE['agreed'] != 'true'))
{
include('warning.php'); exit;
}
?>
4 answers
solution1
3 ACCPTED 2010-08-19 21:14:58
i would do it client-side...
<script src="js/jquery.cookie.js" type="text/javascript"></script>
<form>
<p>INSERT MESSAGE HERE (User must agree)</p>
<input type="submit" value="I agree" onclick="$.cookie('agreed', 'true'); location.href='/'" />
<input type="button" value="I disagree" />
</form>
and the check would be...
if (
!isset($_COOKIE['agreed'])||
($_COOKIE['agreed'] != 'true')
) {
include('warning.php');
exit;
}
if you want to set the cookie on server side, you need to...
<?php
if (
isset($_POST['agree_button'])&&
($_POST['agree_button'] == 'I agree')
) {
setcookie('agreed', 'true');
header('Location: /'); // redirect to main page
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<p>INSERT MESSAGE HERE (User must agree)</p>
<input type="submit" value="I agree" name="agree_button" />
<input type="button" value="I disagree" />
</form>
solution2
1 2010-08-19 21:03:05
Use Sessions instead Cookies, because cookies can be disabled by user. And Sessions are more secure than Cookies
to set session use:
session_start();
$_SESSION['session_exists'] = 1;
and to check use this:
if($_SESSION['session_exists'] != 1) { include('warning.php'); exit; }
If you have any problems let me know I'll edit.
solution3
1 2010-08-19 21:32:29
Here's a server side method.
You have to reload the page after setting the cookie for it to take effect - hence the redirection using Location. This is a good practice for POST forms, anyway, to use HTTP 303 to avoid the 'Did you want to resubmit?' if the user reloads the page.
<?php
$redir=false;
if($_POST['agreed']){ setcookie('allow','yes',time()+3600); $redir=true;}
elseif($_POST['refused']) { setcookie('allow','no',time()+3600); $redir=true;}
if($redir){ header("Location: thispage.php",303); }
?>
<form method='post' action='thispage.php'>
<p>Do you agree to our voluminous and vast list of preconditions?</p>
<input type="submit" name='agreed' value="I agree" />
<input type="submit" name='refused' value="I disagree" />
</form>
<?php
if($_COOKIE['allow']=='no'){ echo 'Not authorized'; exit; }
elseif($_COOKIE['allow']=='yes'){ echo 'Welcome to my amazing site - thanks for bein$
else{ echo 'Please read our terms and select your choice to continue'; exit; }
See PHP setcookie docs, and the cookie main section . Cookies are accessed thorugh the '$_COOKIE superglobal'.
solution4
1 2010-08-19 21:33:46
I'd go with something like:
<form>
<p>INSERT MESSAGE HERE (User must agree)</p>
<input type="submit" name="conditional_access_agree" value="I agree" />
<input type="button" name="conditional_access_disagree" value="I disagree" />
</form>
Then
if(($_COOKIE['agreed'] != 'true')
&& ($_POST['conditional_access_agree'] != "I agree")) {
include('warning.php');
exit;
} elseif (($_COOKIE['agreed'] != 'true')
&& ($_POST['conditional_access_agree'] == "I agree")) {
setcookie('agreed', 'true', time()+60*60*24*30, '/');
}
C.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.