Jump to content

Adding User ID to URL That Redirects after 30 Seconds?

supertooper

By supertooper
in PHP Coding Help

 Share

Recommended Posts

supertooper Newbie

supertooper

Posted
Posted (edited)

Hello!

 

I am trying to display content that will only be displayed for 30 seconds to each visitor. I want to have a  unique ID given to each user that visits my page and also add that assigned ID to the end of the URL.  If the page is loaded again after 30 seconds, I want the unique user ID to redirect using header(); 

 

So When a suer visits my page, I want the end of the url to have “userid=“ like this: 

http://example.com/page.php?userid=0000000001

If that user comes back to the same url after 30 seconds, I want to redirect using header();

 

How do I do this? what is the best way?

Edited by supertooper
Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Not sure what you are trying to achieve here. If you are trying to prevent the user from viewing content after that 30 seconds it is an impossible task. It would be very easy for someone to circumvent that if they have any clue about how the process works. But, since you asked:

 

1. On page load check to see if there is an expiration timestamp for that user ID in the database (we'll see how it gets there later). If no, skip to step 3

 

2A. If yes, AND if the current time is past the expiration, use a header() function to redirect to some other page.

2B. If Yes AND the current time is not past the expiration, display the page and set a META REFRESH tag with the number of seconds until the expiration timestamp

 

3. If the expiration timestamp is not set, insert/update the entry for the user setting an expiration timestamp 30 seconds in the future. Then display the content using a META REFRESH tag to redirect after 30 seconds.

Link to comment
Share on other sites
supertooper Newbie

supertooper

Posted
  • Author
Posted

Not sure what you are trying to achieve here. If you are trying to prevent the user from viewing content after that 30 seconds it is an impossible task. It would be very easy for someone to circumvent that if they have any clue about how the process works. But, since you asked:

 

1. On page load check to see if there is an expiration timestamp for that user ID in the database (we'll see how it gets there later). If no, skip to step 3

 

2A. If yes, AND if the current time is past the expiration, use a header() function to redirect to some other page.

2B. If Yes AND the current time is not past the expiration, display the page and set a META REFRESH tag with the number of seconds until the expiration timestamp

 

3. If the expiration timestamp is not set, insert/update the entry for the user setting an expiration timestamp 30 seconds in the future. Then display the content using a META REFRESH tag to redirect after 30 seconds.

A little confusing and I didn't understand the timestamp part but I'll explain how I have it setup currently and maybe that will help

 

I have it setup like this:

1. User visits http://example.com/page-a.php - A 30 second cookie called "setcookie" is set then the user is redirected.

2. Step 1 redirects user to http://example.com/page-b.php after the cookie is set - The browser checks for "setcookie" and if the cookie is not set, redirects user to http://example.com/page-c.php

 

 

I'm trying to achieve this same setup without cookies by using a unique id in the url

 

1. every user is given a unique id such as: http://example.com/page.php?userid=0000000001 - is this possible? It's important that the URL changes for each user

2. If the url http://example.com/page.php?userid=0000000001 has been created within 30 seconds, display the content.. if not then i want to redirect the user with header();

 

Is it possible this way? I'm trying to get this to work without needing a page before the http://example.com/page.php?userid=0000000001 page 

Link to comment
Share on other sites
LeJack Newbie

LeJack

Posted
Posted

A little confusing and I didn't understand the timestamp part but I'll explain how I have it setup currently and maybe that will help

 

I have it setup like this:

1. User visits http://example.com/page-a.php - A 30 second cookie called "setcookie" is set then the user is redirected.

2. Step 1 redirects user to http://example.com/page-b.php after the cookie is set - The browser checks for "setcookie" and if the cookie is not set, redirects user to http://example.com/page-c.php

 

 

I'm trying to achieve this same setup without cookies by using a unique id in the url

 

1. every user is given a unique id such as: http://example.com/page.php?userid=0000000001 - is this possible? It's important that the URL changes for each user

2. If the url http://example.com/page.php?userid=0000000001 has been created within 30 seconds, display the content.. if not then i want to redirect the user with header();

 

Is it possible this way? I'm trying to get this to work without needing a page before the http://example.com/page.php?userid=0000000001 page 

Cookies are a bad idea. What makes you think the user won't just delete the cookie by right clicking > Page Info > Security > View Cookies > Delete specific cookie.

 

Just use sessions instead of cookies because sessions works better and it's server side so the user won't see the cookies.

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted (edited)

@supertrooper.

 

I gave you an answer for what you want to achieve. WHat, specifically, did you not understand? This forum is for people to get help with code they have written. I understand you didn't provide any, but there is an assumption that people coming here have some understanding of the technology.

 

So, I'll be generous, here is some "sample" code. You still need to flesh it out though - specifically the parts I put // . . .  where you need to build the DB queries to run. Also, I didn't put in any error handling in the case that a user ID does not exists. I'll leave that to you to figure out.

<?php
 
//Get uesr ID if passed
$userID = isset($_GET['userid']) ? $_GET['userid'] : false;
 
if(!$userID)
{
    //No userid passed, redirect somewhere (Note, not valid if User ID can be '0'
    header("Location: somewhere.php");
    exit;
}

//Run query to get expiration time from DB
// . . . 
// . . . 
// . . . 
$expiration = "SET AS VALUE FROM DB OR FALSE IF NOT SET";
 
if($expiration!=false && $expiration <= time())
{
    //If expiration is past current, redirect user somewhere
    header("Location: somewhere.php");
    exit;
}
 
if(!$expiration)
{
    //Expiration not set, set it to 30 seconds from now and populate record in DB
    // . . . 
    // . . . 
    // . . . 
    //Set value for page refresh
    $refreshSeconds = 30;
}
else
{
    //Expiration is set in future
    //Calculate remaining seconds
    $refreshSeconds = $expiration - time();
}
?>
<html>
<head>
    <meta http-equiv="refresh" content="<?php echo $refreshSeconds; ?>">
</head>
<body>
    <?php echo "Content goes here"; ?>
</body>
</html>
Edited by Psycho
Link to comment
Share on other sites
cpd Member

cpd

Posted
Posted

I get the impression the question asks how to display content within 30 seconds of some action as opposed to forcing a redirect after 30 seconds?

 

Do you even need to redirect after 30 seconds?

 

Your posts reflect both at the moment.

Link to comment
Share on other sites
supertooper Newbie

supertooper

Posted
  • Author
Posted

Cookies are a bad idea. What makes you think the user won't just delete the cookie by right clicking > Page Info > Security > View Cookies > Delete specific cookie.

 

Just use sessions instead of cookies because sessions works better and it's server side so the user won't see the cookies.

LeJack I'm not worried about the cookies expiring since the cookies will expire in 30 seconds so if the user does not visit the site through a specific link, the cookie will not be set and they will be redirected to page-c.php

 

 

@supertrooper.

 

I gave you an answer for what you want to achieve. WHat, specifically, did you not understand? This forum is for people to get help with code they have written. I understand you didn't provide any, but there is an assumption that people coming here have some understanding of the technology.

 

So, I'll be generous, here is some "sample" code. You still need to flesh it out though - specifically the parts I put // . . .  where you need to build the DB queries to run. Also, I didn't put in any error handling in the case that a user ID does not exists. I'll leave that to you to figure out.

<?php
 
//Get uesr ID if passed
$userID = isset($_GET['userid']) ? $_GET['userid'] : false;
 
if(!$userID)
{
    //No userid passed, redirect somewhere (Note, not valid if User ID can be '0'
    header("Location: somewhere.php");
    exit;
}

//Run query to get expiration time from DB
// . . . 
// . . . 
// . . . 
$expiration = "SET AS VALUE FROM DB OR FALSE IF NOT SET";
 
if($expiration!=false && $expiration <= time())
{
    //If expiration is past current, redirect user somewhere
    header("Location: somewhere.php");
    exit;
}
 
if(!$expiration)
{
    //Expiration not set, set it to 30 seconds from now and populate record in DB
    // . . . 
    // . . . 
    // . . . 
    //Set value for page refresh
    $refreshSeconds = 30;
}
else
{
    //Expiration is set in future
    //Calculate remaining seconds
    $refreshSeconds = $expiration - time();
}
?>
<html>
<head>
    <meta http-equiv="refresh" content="<?php echo $refreshSeconds; ?>">
</head>
<body>
    <?php echo "Content goes here"; ?>
</body>
</html>

 

ill test this out and see if this is what I want but im 

I get the impression the question asks how to display content within 30 seconds of some action as opposed to forcing a redirect after 30 seconds?

 

Do you even need to redirect after 30 seconds?

 

Your posts reflect both at the moment.

 

I just want to create a URL that will expire after 30 seconds.. if the user is still on the page thats fine, but i dont want new users or even the user that visited the original page to be able to visit the same page again.. So if they do visit the page again, I want it to redirect

Link to comment
Share on other sites
LeJack Newbie

LeJack

Posted
Posted

LeJack I'm not worried about the cookies expiring since the cookies will expire in 30 seconds so if the user does not visit the site through a specific link, the cookie will not be set and they will be redirected to page-c.php

That's not even the whole point. The whole point of you letting the person read what for 30 seconds and then forcing them not to.

 

Here's what will happen.

 

You're basically letting the person do anything bad. Even though you might set a cookie on the front page so they get redirected after 30 seconds, you still need another set of cookies in order to remember if the cookies is set or not. In the end, you're just leading yourself to injections every where.

 

What I suggest is use sessions because sessions are back end and you can always delete sessions at a certain time. It's not just there to be deleted after the browser is closed. You can always specify when and where the session is deleted.

 

Sessions act just like cookies. They remember what the person does.

 

Try this code for a second and tell me if you can delete it without knowing session_destroy()

<?php
session_start();
$_SESSION['example'] = "30 seconds are up";
echo $_SESSION['example'];
?>
Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

OK, maybe I inferred a requirement to force a redirect after 30 seconds. Even so, the logic I provided will still apply but can be simplified. As LeJack has stated, cookies are the wrong solution since they reside on the user's PC and can be edited or deleted. You need to enforce this on the server side using data that is stateless - i.e. does not change due to expiring cookies or sessions.

 

Here is a quick revise of what I posted previously that is much simplified. This is all off-the-cuff, so I'm sure there are some loose ends to resolve

 

 

<?php
 
//Get uesr ID if passed
$userID = isset($_GET['userid']) ? $_GET['userid'] : false;
//Create flag for expired status, default to true
$expired = true;
 
//Run query to get expiration time from DB for selected user
$userIDSql = mysqli_real_escape_string($link, $userID);
$query = "SELECT expiration FROM users WHERE user_id = '$userIDSql'";
$result = mysqli_query($link, $query);
$user = mysqli_fetch_assoc($link, $result); //Will return false is no record returned
 
//Verify a record was retrieved for selected user
if($user)
{
    //If the expiration value is NULL, then user has not tried to access the page yet
    if($user['expiration']=='')
    {
        //Add the expiration for the user
        $user['expiration'] = date('Y-m-d', time()+30);
        $query = "UPDATE users SET expiration = '$expiration' WHERE user_id = '$userIDSql'";
        $result = mysqli_query($link, $query);
    }
 
    //Verify expiration time is in the future
    if(strtotime($user['expiration']) > time())
    {
        $expired = false;
    }
}
 
//If expiration is true (user not found or expiration has passed)
//Redirect to some other page
if($expiration)
{
    //If expiration is past current, redirect user somewhere
    header("Location: somewhere.php");
    exit;
}
 
// . . . continue with displaying the page
 
?>
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.