Jump to content

SESSION and COOKIE problem

samoht

By samoht
in PHP Coding Help

 Share

Recommended Posts

samoht Advanced Member

samoht

Posted
Posted

hello all,

 

I have a client that wants to protect their web page with a password protected landing page. Once the password is entered the user is directed to a "disclaimer" page that they have to agree to first before going into the site. I have put both the landing page and the disclaimer page in my root directory and then the site I put in a sub directory /cms/

 

in the main site index.php I check for the post password and then set a $_COOKIE for the user that will expire in 1 month

<?php 
// this goes on the very top of the index.php file in the template you are using
//check if user has entered password and needs cookie set
if(isset($_POST['fpass']) && !isset($_COOKIE['fpass'])) setcookielive('fpass', $_POST['fpass'], strtotime( '+1 month' ));


function setcookielive($name, $value='', $expire=0, $path='', $domain='', $secure=false, $httponly=false) {
    //set a cookie as usual, but ALSO add it to $_COOKIE so the current page load has access
    $_COOKIE[$name] = $value;
    return setcookie($name,$value,$expire,$path,$domain,$secure,$httponly);
}

 

The next thing I do is check if a user is trying to access the main site with having the COOKIE - if so I redirect the user to the landing page 

//check if user has not entered password
if (!isset($_COOKIE['fpass']) || $_COOKIE['fpass'] == "") header('location: http://www.mypage.com');

This works fine up to this point.

Now my problem is that I also need to check if a user has the month long cookie set but is trying to access the main page without viewing the disclaimer page first.

I thought this would work:

//check if the user has a cookie set but is on a new session
if (isset($_COOKIE['fpass']) && !isset($_SESSION['fpass'])) header('location: http://www.mypage.com/disclaimer.php');

But this only throws the user into a loop of "disclaimer" -> "landing page" -> "disclaimer" etc. They can never get into the main site.

 

How do I check for the cookie and whether the user has visited the disclaimer page - but then allow the user to continue once they go to the disclaimer page?

 

NB: the $_SESSION is not set until the main site.

Link to comment
Share on other sites
ChemicalBliss Newbie

ChemicalBliss

Posted
Posted

$_SESSION['fpass'] needs to be set on the Disclaimer page. Or use a different session var - $_SESSION['viewed_disclaimer'];

 

Also, I would get people to register, and save their details on a database, then save the value in the database that they viewed the disclaimer (which would be required to register).

 

hope this helps

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.