Sho6tyBby Posted June 7, 2013 Share Posted June 7, 2013 I have found an age verification code on the web. I would like to know if someone will help me to say what exact happens in the code? I'm kind a newbie to this and would like to know how it all works before I use it. Here comes the code. verify.php (page that will serve as the yes / no to the user) <?php session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['YES'])) { $redirect = isset($_GET['return']) ? urldecode($_GET['return']) : './'; $expire = isset($_GET['x']) && is_numeric($_GET['x']) ? intval($_GET['x']) : -1; if ($expire == - 1) { $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } if ($expire == 0) { setcookie("verified", "yes", mktime(0, 0, 0, 01, 01, date("Y") + 30)); $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } setcookie("verified", "yes", (time() + $expire)); $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } else { header("location: http://www.youtube.com/watch?v=gppbrYIcR80"); exit(0); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Alcohol Age Verification Example Page </title> <link href="style.css" type="text/css" rel="stylesheet" /> </head> <body> <form action="" method="POST"> <p id="textVerify"> PLEASE VERIFY THAT YOU ARE OVER AGE 21 BEFORE ENTERING THIS SITE </p> <input name="NO" id="no" type="Submit" value="NO - Leave" /> <input name="YES" id="yes" type="Submit" value="Yes - Enter" /> </form> </body> </html> add to existing pages (at the top of each .html or .php page in your site,) <?php function verified(){ $redirect_url = 'http://www.YOURSITEROOT.com/verify.php'; $expires = - 1; session_start(); $validated = false; if (!empty($_COOKIE["verified"])) { $validated = true; } if (!$validated && isset($_SESSION['verified'])) { $validated = true; } if (is_numeric($expires) && $expires == - 1 && !isset($_SESSION['verified'])) { $validated = false; } if ($validated) { return; } else { $redirect_url = $redirect_url . "?return=" . $_SERVER['REQUEST_URI'] . "&x=" . $expires; Header('Location: ' . $redirect_url); exit(0); } } verified(); ?> Quote Link to comment https://forums.phpfreaks.com/topic/278899-help-to-explanation-the-script/ Share on other sites More sharing options...
requinix Posted June 7, 2013 Share Posted June 7, 2013 // use sessions session_start(); // if the form was submitted if ($_SERVER['REQUEST_METHOD'] == 'POST') { // if they clicked the YES button if (isset($_POST['YES'])) { // this script supports a ?return= in the URL for where to return the user // default of whatever the current "directory" is (like /foo/verify.php -> /foo) $redirect = isset($_GET['return']) ? urldecode($_GET['return']) : './'; // also supports a custom expiration time (in seconds) // default of "only during this session" $expire = isset($_GET['x']) && is_numeric($_GET['x']) ? intval($_GET['x']) : -1; // only lasts during this session if ($expire == - 1) { $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } // cookie that doesn't expire for a long time if ($expire == 0) { setcookie("verified", "yes", mktime(0, 0, 0, 01, 01, date("Y") + 30)); $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } // otherwise a regular expiration time setcookie("verified", "yes", (time() + $expire)); $_SESSION['verified'] = "yes"; header("location: " . $redirect); exit(0); } // clicked NO else { header("location: http://www.youtube.com/watch?v=gppbrYIcR80"); exit(0); } } ?> ... // checks that the user has verified themselves already function verified(){ $redirect_url = 'http://www.YOURSITEROOT.com/verify.php'; $expires = - 1; session_start(); $validated = false; // different cases to check for... if (!empty($_COOKIE["verified"])) { $validated = true; } if (!$validated && isset($_SESSION['verified'])) { $validated = true; } if (is_numeric($expires) && $expires == - 1 && !isset($_SESSION['verified'])) { $validated = false; } if ($validated) { return; } else { $redirect_url = $redirect_url . "?return=" . $_SERVER['REQUEST_URI'] . "&x=" . $expires; Header('Location: ' . $redirect_url); exit(0); } } verified(); ?>Code's a little amateurish, a little buggy, and could definitely benefit from formatting and indentation. Quote Link to comment https://forums.phpfreaks.com/topic/278899-help-to-explanation-the-script/#findComment-1434703 Share on other sites More sharing options...
Sho6tyBby Posted June 8, 2013 Author Share Posted June 8, 2013 Thank you, really useful! (:But I have a few more questions i: (:The variable $redircet. I don't understand what ?urldecode ($ _GET ['return']): '. /' exactly do?Also i don't understand the variable $expire what it exactly do? What do you mean by "supports a custom expiration time"? And i don't understand ($ _GET ['x']), what is x? And is_numeric, and the rest of the variable?And what do ($ expire == -1) and if ($ expire == 0)?And how long is mktime (0, 0, 0, 01, 01, date ("Y") + 30));?And why is cookie set twice? And what do you mean by "regular expiration time"?And at the function verified script.What do $ expires = - 1;?And why after the session_start (); are $ validated = false;?And at the different cases to check if cookie for verified is there, can you just delete the others and keep one of them? Quote Link to comment https://forums.phpfreaks.com/topic/278899-help-to-explanation-the-script/#findComment-1434880 Share on other sites More sharing options...
boompa Posted June 8, 2013 Share Posted June 8, 2013 (edited) Regarding $redirect: If there is a variable named "return" in the URL, http://www.example.com/myscript.php?return=http%3A%2F%2Fwww.example.com%2Flanding.php (note that the %3A and %2F symbols are url-endoded values of ':' and '/' respectively) then the url-decoded value of that variable will be used as the location to which the user will be redirected; in the case above this would be http://www.example.com/landing.php If there is no "return" variable in the url, then they would be redirected to the root of the site, i.e., http://www.example.com The ?: operator is called the ternary operator. It seems like you need to read a PHP tutorial from the start; a lot of your questions seem pretty basic. People have to stop just cutting and pasting code they find and not understanding it; I applaud you for looking for answers on how it works, but much of what you ask would be covered by basic tutorials. Better to go read there and learn rather than expect contant hand-holding. Edited June 8, 2013 by boompa Quote Link to comment https://forums.phpfreaks.com/topic/278899-help-to-explanation-the-script/#findComment-1434887 Share on other sites More sharing options...
requinix Posted June 8, 2013 Share Posted June 8, 2013 (edited) Also i don't understand the variable $expire what it exactly do? What do you mean by "supports a custom expiration time"? And i don't understand ($ _GET ['x']), what is x? And is_numeric, and the rest of the variable?Take a look at the code: it uses is_numeric and intval. Even just guessing at what those functions do based on their names, they show $expire is supposed to be a number. If it's used then it gets added to time. That's the current number of seconds since a point in the past, so the number being added to it must also be in seconds. And what do ($ expire == -1) and if ($ expire == 0)?Since those two values get special treatment they have special meanings besides the general case. The code for -1 involves $_SESSION so that special case is to store the verification in the session (which typically only lasts as long as the browser is open). The code for 0 involves creating an expiration point in the future that's 30 years ahead so that special case is to store the validation, for all intents and purposes, indefinitely. And how long is mktime (0, 0, 0, 01, 01, date ("Y") + 30));?Check the manual for what mktime() does. And why is cookie set twice? And what do you mean by "regular expiration time"?It's not. It is set two different ways in two different places, but it is not set twice. And at the function verified script. What do $ expires = - 1;? Presumably a default value for $expires. Seems like you're supposed to change it to suit how and when you want the validation to expire. And why after the session_start (); are $ validated = false;?Doesn't matter. You might as well ask why $redirect_url is set before $expires. And at the different cases to check if cookie for verified is there, can you just delete the others and keep one of them?If you want to allow "remembering" the validation in only one particular way then sure. Like boompa said you need to learn PHP and programming in general. If you keep up your strategy of copy and pasting things you find on the Internet then you're gonna have a bad time. Edited June 8, 2013 by requinix Quote Link to comment https://forums.phpfreaks.com/topic/278899-help-to-explanation-the-script/#findComment-1434899 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.