[grichter]

Hi All,

Having a bit of trouble with an Age Verification Script I pieced together from a few sources. I have a site where regardless of the page or directory the user initially enters on, each page will check for the existence of a cookie and if it does not exist, will redirect them to a verify.php page. From there the user will enter in their date of birth and if the total seconds = greater than 21 years old, the cookie is created and the user is sent back to the page that they entered on. If they are not 21, they get sent to google.com. The issue I am having is that regardless of what they enter, they are being sent to google.com.

Here is the bit of PHP at the top of each page...

<?php 

function over21(){ 
    $redirect_url='/verify.php'; 
    $expires=-1; 
    session_start(); 
    $validated=false;  
    if(!empty($_COOKIE["over21"])) { $validated=true; } 
    if(!$validated && isset($_SESSION['over21'])) { $validated=true; } 
    if(is_numeric($expires) && $expires==-1 && !isset($_SESSION['over21'])) { $validated=false; } 
    if($validated) { return; } 
    else { 
    $redirect_url=$redirect_url."?return=".$_SERVER['REQUEST_URI']."&x=".$expires; 
    Header('Location: '.$redirect_url); 
    exit(0); 
    } 
} 
over21(); 
?>

And here is the verify.php file

<?php

session_start();
if($_SERVER['REQUEST_METHOD']=='POST')
{
	if(isset($_SESSION['over21']))
{
	$redirect=isset($_GET['return'])?urldecode($_GET['return']):'./'; 
$expire=isset($_GET['x']) && is_numeric($_GET['x'])?intval($_GET['x']):-1; 
if($expire==-1) 
{ 
setcookie("verified", "yes", "over21", mktime(0,0,0,01,01,date("Y")+30));
$_SESSION['verified']="yes"; 
header("location: ".$redirect); 
exit(0); 
}

}

if(isset($_SESSION['under21']))
{
	header("location: http://google.com");
}

if(isset($_POST['submit']))
{
	$day = $_POST['day'];
	$month = $_POST['month'];
	$year = $_POST['year'];
	
	$birthday = mktime(0,0,0,$month,$day,$year);
	$difference = time() - $birthday;
	$age = floor($difference / 662256000);
	
	if($age >= 21)
	{
		setcookie("verified", "yes", "over21", mktime(0,0,0,01,01,date("Y")+30));
		$_SESSION['over21'] = 1;
		header("location: ".$redirect);
	}
	else
	{
		$_SESSION['under21'] = 0;
		header("location: http://google.com");
	}
}
}


?>

<html>

	<form action="" method="POST">
    	Day: <select name="day">
        		<option>01</option>
                <option>02</option>
                <option>03</option>
                <option>04</option>
                <option>05</option>
                <option>06</option>
                <option>07</option>
                <option>08</option>
                <option>09</option>
                <option>10</option>
                <option>11</option>
                <option>12</option>
                <option>13</option>
                <option>14</option>
                <option>15</option>
                <option>16</option>
                <option>17</option>
                <option>18</option>
                <option>19</option>
                <option>20</option>
                <option>21</option>
                <option>22</option>
                <option>23</option>
                <option>24</option>
                <option>25</option>
                <option>26</option>
                <option>27</option>
                <option>28</option>
                <option>29</option>
                <option>30</option>
                <option>31</option>
        	</select>
            	Month:<select name="month">
                	  <option value="01">Jan</option>
            		<option value="02">Feb</option>
            		<option value="03">Mar</option>
            		<option value="04">Apr</option>
            		<option value="05">May</option>
            		<option value="06">Jun</option>
            		<option value="07">Jul</option>
            		<option value="08">Aug</option>
            		<option value="09">Sept</option>
            		<option value="10">Oct</option>
            		<option value="11">Nov</option>
            		<option value="12">Dec</option>
            	</select>
                Year: <select name="year">
                		<option>1990</option>
                        <option>1991</option>
                        <option>1992</option>
                        <option>1993</option>
                        <option>1994</option>
                        <option>1995</option>
                        <option>1996</option>
                        <option>1997</option>
                        <option>1998</option>
                        <option>1999</option>
                        <option>2000</option>
                        <option>2001</option>
                        <option>2002</option>
                        <option>2003</option>
                        <option>2004</option>
                        <option>2005</option>
                        <option>2006</option>
                        <option>2007</option>
                        <option>2008</option>
                        <option>2009</option>
                        <option>2010</option>
                        <option>2011</option>
               		</select>
            <input type="submit" value="Enter" name="submit">
    </form>

</html>

I am clearly a PHP newb so I appreciate any pointers on syntax as well as how to get this thing to actually work.

Thanks!
Gregg

[KingCuddles]

I haven't had a proper read yet, but have you started sessions?

Nope ignore me I spotted session_start!

This post has been edited by KingCuddles: 18 September 2012 - 10:05 AM

[JackOfAllTrades]

I would suggest turning on error logging to a file and add some error_log calls of your variables (for array variables, like $_POST, use error_log(print_r($variable_name, true));) to see if they contain what you think they do. Your use of header calls precludes the use of simple echo() statements for debugging.

[ShaneK]

I shoved my birthday into the formula to calculate the age of the user and it returned 1, but I'm pretty sure I'm older than 1 year (Should that be plural? Sounds wrong either way) old.

This, however, works:

<?php
$birthday = mktime(0,0,0,$month,$day,$year);
$age = date("Y", time() - $birthday) - 1970;

echo $age;
?>

So I hope you can understand that enough to figure out what's going on. Time in PHP - as most languages that rely on unix timestamps - starts in 1970, that's why I subtracted the 1970 at the end. Date accepts a second parameter (a timestamp) to base the date off of. Using this information, I created the above. Might not be the best way to do it, but it seems simple enough.

Hopefully you'll understand enough that if you choose to use that code you can implement it into your solution easily enough, but if you need help let me know.

Edit: Also let us know if this change fixes your problem or not.

Yours,
Shane

This post has been edited by ShaneK: 18 September 2012 - 12:03 PM

[Atli]

The strtotime function is also pretty clever when it comes to calculating timestamps. You can give it formats such as: 1942-12-30 +21 years and it will give you the correct timestamp, 21 years after the given date.

With that in mind, finding out whether the given date of birth makes that person old enough is a simple. Matter of checking if the time stamp that returns is higher than the current timestamp.

$tsWhenAllowed = strtotime("$year-$month-$day +21 years");
if ($tsWhenAllowed < time()) {
    echo "Welcome!";
} else { 
    echo "You must pretend to be 21 to enter this site,";
}

[grichter]

Hey All,

Thanks for your help. I actually got the date thing figured out and at this point have the script working except for one thing... which is likely something stupid. At this point, when someone enters in a birthdate that = > 21 years old, and click submit twice or refresh after submit, it actually redirects to the original page with no problem. If they enter in an age less than 21 years old it sends them to google like it should.

Any ideas on why I have to hit submit twice? It's like it's setting the cookie the first time, but not redirecting back to the original URL until I hit refresh and then it reads the cookie properly.

I also simplified the code quite a bit and took out the attempt at setting the cookies to expire for now. You can see this currently on http://rwd-development3.com.

Here are the new files

verify.php

<?php

session_start();
 
	if(isset($_SESSION['over21']))
{
	$redirect=isset($_GET['return'])?urldecode($_GET['return']):'./';  
}

if(isset($_SESSION['under21']))
{
	header("location: http://google.com");
}

if(isset($_POST['submit']))
{
	$month = $_POST['month'];
	$day = $_POST['day'];
	$year = $_POST['year'];
	
	$birthday = mktime(0,0,0,$month,$day,$year);
	$difference = time() - $birthday;
	$age = floor($difference - 662256000);

	
	if($age >= 21)
	{
		$_SESSION['over21'] = 1;
		header("location: ".$redirect);
	}
	else
	{
		$_SESSION['under21'] = 0;
		header("location: http://google.com");
	}
}


?>

<html>

	<form action="" method="POST">
    			<select name="month">
                	<option>Month</option>
                    	<option value="01">Jan</option>
            		<option value="02">Feb</option>
            		<option value="03">Mar</option>
            		<option value="04">Apr</option>
            		<option value="05">May</option>
            		<option value="06">Jun</option>
            		<option value="07">Jul</option>
            		<option value="08">Aug</option>
            		<option value="09">Sept</option>
            		<option value="10">Oct</option>
            		<option value="11">Nov</option>
            		<option value="12">Dec</option>
            	</select>
        		<select name="day">
        		<option>Day</option>
                <option>01</option>
                <option>02</option>
                <option>03</option>
                <option>04</option>
                <option>05</option>
                <option>06</option>
                <option>07</option>
                <option>08</option>
                <option>09</option>
                <option>10</option>
                <option>11</option>
                <option>12</option>
                <option>13</option>
                <option>14</option>
                <option>15</option>
                <option>16</option>
                <option>17</option>
                <option>18</option>
                <option>19</option>
                <option>20</option>
                <option>21</option>
                <option>22</option>
                <option>23</option>
                <option>24</option>
                <option>25</option>
                <option>26</option>
                <option>27</option>
                <option>28</option>
                <option>29</option>
                <option>30</option>
                <option>31</option>
        	</select>
                		<select name="year">
                		<option>Year</option>
                        <option>2012</option>
                        <option>2011</option>
                        <option>2010</option>
                        <option>2009</option>
                        <option>2008</option>
                        <option>2007</option>
                        <option>2006</option>
                        <option>2005</option>
                        <option>2004</option>
                        <option>2003</option>
                        <option>2002</option>
                        <option>2001</option>
                        <option>2000</option>
                        <option>1999</option>
                        <option>1998</option>
                        <option>1997</option>
                        <option>1996</option>
                        <option>1995</option>
                        <option>1994</option>
                        <option>1993</option>
                        <option>1992</option>
                        <option>1991</option>
                        <option>1990</option>
                        <option>1989</option>
                        <option>1988</option>
                        <option>1987</option>
                        <option>1986</option>
                        <option>1985</option>
                        <option>1984</option>
                        <option>1983</option>
                        <option>1982</option>
                        <option>1981</option>
                        <option>1980</option>
                        <option>1979</option>
                        <option>1978</option>
                        <option>1977</option>
                        <option>1976</option>
                        <option>1975</option>
                        <option>1974</option>
                        <option>1973</option>
                        <option>1972</option>
                        <option>1970</option>
                        <option>1969</option>
                        <option>1968</option>
                        <option>1967</option>
                        <option>1966</option>
                        <option>1965</option>
               		</select>
            <input type="submit" value="Enter" name="submit">
    </form>

</html>

And the index page

<?php 

function over21(){  
    session_start();
    $redirect_url='/verify3.php'; 
    $validated=false;  
    if(!empty($_COOKIE["over21"])) { $validated=true; } 
    if(!$validated && isset($_SESSION['over21'])) { $validated=true; } 
    if($validated) { return; } 
    else { 
    $redirect_url=$redirect_url."?return=".$_SERVER['REQUEST_URI']; 
    header('Location: '.$redirect_url); 
    exit(0); 
    } 
} 
over21(); 
?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>This is the index page you should see</title>
</head>

<body>

This is the test index page you should see after validating your age via the verify3.php page and setting a cookie.

</body>

</html>

Thanks again for your help
Gregg

[Atli]

The problem there would be that the $redirect variable is set at the start of the script, only if the "over21" session variable is set. So later in the script, once the form has been processed and the session variable has been set for the first time, you try to redirect the user to the value of the $redirect variable. But because the session variable wasn't set att the start of the script, the redirect variable has no value.

What you need to do is get the redirect value only after the age has been verified. It's not used any other point in the script in any case, so setting it where it is now makes no sense.

[grichter]

@ Atli, you're awesome. That makes total sense and I was able to get the verify page to work with the following php in place:

<?php

session_start();
if(isset($_POST['submit']))
{
	$month = $_POST['month'];
	$day = $_POST['day'];
	$year = $_POST['year'];
	
	$birthday = mktime(0,0,0,$month,$day,$year);
	$difference = time() - $birthday;
	$age = floor($difference - 662256000);

	
	if($age >= 21)
	{
		$_SESSION['over21'] = 1;
		$redirect=isset($_GET['return'])?urldecode($_GET['return']):'./';
		header("location: ".$redirect);
	}	
	else
	{
		$_SESSION['under21'] = 0;
		header("location: http://google.com");
	}
}
?>

[CTphpnwb]

Some things I noticed:

• If you're going to use header it should be followed by exit.
  
• You can use include to "redirect" to your same server. That will cut down on bandwidth used.
  
• Functions should have simple purposes. Redirecting should rarely be one of them.
  
• Indenting is important because it makes debugging easier and most of your time will be spent debugging.
  
• Using $x = $_POST['x'] is unnecessary and it clutters your code.

<?php
session_start();

// Sample data:
$_POST['month'] = 9;
$_POST['day'] = 19;
$_POST['year'] = 1991;
$_POST['submit'] = 1;

if (isset($_POST['submit'])) {
	$_SESSION['over21'] = over21();
}

if(!empty($_SESSION['over21']) && $_SESSION['over21'] == true) {
	include "homepage.php"; // Whatever "page" you want.
	exit;		
}

header("location: http://google.com");
exit;

function over21(){ 
	$birthday = mktime(0,0,0,$_POST['month'],$_POST['day'],$_POST['year']);
	$age_in_seconds = time() - $birthday;
	$year_in_seconds = 365.25 * 24 * 60 * 60;
	
	$age = $age_in_seconds / $year_in_seconds;

	echo $age; // For demonstration purposes. Remve this line when in actual use since this function should not echo any HTML.
	
	if($age < 21) {
		return false;
	}
	return true;
} 

[betyonfire]

I am setting up the same sort of age verification script and have the code working, thanks to these posts. I don't know much about setting cookies, however. When are the cookies in the script above set to expire? How could I modify this so they would last for a browser session?

Thanks for any help.