I have an age gate set up on my site, so that users under 17 can't enter the site, but I want people, who have bookmarked a specific link to be able to go to that link after passing through the age gate:
Here is my age gate code:
<?php
session_start();
if(isset($_SESSION['legal'])) { # Check to see if session has already been set
$url = ($_SESSION['legal'] == 'yes') ? 'index.php' : 'message.php';
header ('Location: ' .$url);
}
// If visitor hasn't gone through the age gate - Age Gate function and Set Session//
if(isset($_POST['checkage'])) {
$day = ctype_digit($_POST['day']) ? $_POST['day'] : '';
$month = ctype_digit($_POST['month']) ? $_POST['month'] : '';
$year = ctype_digit($_POST['year']) ? $_POST['year'] : '';
$birthstamp = mktime(0, 0, 0, $month, $day, $year);
$diff = time() - $birthstamp;
$age_years = floor($diff / 31556926);
if($age_years >= 18) {
$_SESSION['legal'] = 'yes';
$url = 'index.php';
} else {
$_SESSION['legal'] = 'no';
// If failed the Age Gate go to specific page
$url = 'message.php';
}
header ('Location: ' .$url);
}
?>
What can I add to this code so that if I wanted to go to domain/page.php or domain/subdirectory/ -- the Age Gate will take me there after I pass it? (I know I have to use HTTP Referrer, but I can't figure out how to include it).
Edit to Add : I know that sometimes Browsers will not keep/send the HTTP Referrer, so I will need a solution for those who don't pass that value.
EDIT : AGE Calculation based on the form submission -
$day = ctype_digit($_POST['day']) ? $_POST['day'] : '';
$month = ctype_digit($_POST['month']) ? $_POST['month'] : '';
$year = ctype_digit($_POST['year']) ? $_POST['year'] : '';
$birthstamp = mktime(0, 0, 0, $month, $day, $year);
$diff = time() - $birthstamp;
$age_years = floor($diff / 31556926);
I'd setup this the other way around: have each page set a $_SESSION variable to indicate where to go:
if (!isset($_SESSION['legal']) || $_SESSION['legal'] == 'no') {
$_SESSION['target'] = $_SERVER['PHP_SELF'];
header('Location: message.php');
return;
}
// continue script execution...
And in your message.php:
$isLegal = check_age(); // your age checking logic
if ($isLegal && isset($_SESSION['target'])) {
header('Location: ' . $_SESSION['target']);
} else if ($isLegal) {
header('Location: index.php');
} else {
// setup message.php with a validation failed message
}
Mind, this is just one of the possible variations, but I'd suggest not relying on user data such as the referrer (some browser extensions even explicitly unset/modify that).