a script that will check subsequent pages w/o login

  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Hi.
I've a bit of a quandry. I need code that will check to see if a user has accepted the "terms of agreement" prior to viewing certain pages in the site without a log-in. IE - I don't want them bookmarking a page behind the agreement at the initial visit and then returning without viewing the terms and conditions again. But I don't want to know who they are or have a login.
I have a little java thing to do the terms...

if(!document.form1.agree.checked){alert("Please Read the guidelines and check the box below");
return false; }


return true;
}
</script>
But not all the pages that follow.
Any ideas? PS Love your site. :?:
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

Guess the easiest way to archive that is to use cookies. Set a cookie when the user has read the terms, and on every subsequent page, read out the cookie. If the cookie i.e. has no or the value 0, the user didn't read the terms and so force him to do so by redirecting him to the page with the terms.
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

I did think of that but wondered if there was another way as many of the users have their cookies turned off.
I thought about a php session but everytime I tried it I couldn't get it to work. So I went to the trusty PHP manual and it said ... well my basic understanding of what it said was , Yep! those darn PHP sessions can sure act a little crazy when you are dealing with sub-domains. I am dealing with building and replicating strictly subdomains on some templates I have and am in the process of building. Kind of like "Oh - ok well you do business with us and we will give you this sub domain that is attached to our databases and hooked up to these certain links that normally you'd have to pay an arm and a leg for."
See my problem?
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

Yes - you made it clear :)

Hm, even if you want to use sessions - isn't a session cancelled latest when the browser is closed? It will loose it's session state, as far as I know, so this is also not working. ( When I use sessions I give them always a timeout of 1 h, so I can't name it exactly. )

Using a DB and the IP of the referrer is also crap, as IP's change frequently, the referrer is not always present, and now I run out of ideas how to do such a thing without putting anything on the users pc or creating a login section.
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13504
  • Loc: Florida

Post 3+ Months Ago

You might be supprized just how many of the people who have cookies turned off, will turn them on for certain sites that appeal to them.
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

Even if that is true, you cannot rely on that. As the vast majority turn cookies off for some special reason, you cannot automatically consider that they will turn on. That way you might be missing a lot of people visiting your site.

In my opinion it is still the easiest way to have a login somewhere, as people can save their passwords and just have to click on ok to enter the page. Guess this is not too much work to enter a site worth it.
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Right. Which made me think that a session would be fine. To test it, I bookmarked the index page past the "terms of agreement." I closed the browser and restarted my computer. (I need to be absolutely sure) and sure enough, I could pull up the page.
I can get all my little redirects to work if they click "No!" or whatnot, but I am stumped on this session/cookie/no login business.
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

"In my opinion it is still the easiest way to have a login somewhere, as people can save their passwords and just have to click on ok to enter the page. Guess this is not too much work to enter a site worth it."
True - but my boss doesn't want it done this way.
The head of the IT department suggested a "generic, invisible login" - meaning once they checked yes - they were issued that generic login name that the user never sees - but would expire when they leave. I am not sure how to do that 100 percent.
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

So can't you save a session variable in this session to authenticate the user then?
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

I tried to do that - but that is (I think) where my subdomain issue comes in.

They give the example of this in the PHP Manual
"something that wasn't made clear to me here and totally confused me for a while was that domain names must contain at least two dots (.), hence 'localhost' is invalid and the browser will refuse to set the cookie! instead for localhost you should use false.

to make your code work on both localhost and a proper domain, you can do this:

<?php

$domain = ($_SERVER['HTTP_HOST'] != 'localhost') ? $_SERVER['HTTP_HOST'] : false;
setcookie('cookiename', 'data', time()+60*60*24*365, '/', $domain, false);

?>"

http://us2.php.net/setcookie

But I could not get it to work. I think because I am passing (and parsing) thru many subfolders within a subdomain but I am not sure.
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

So, you say your domain listens at localhost instead of a server name ( i.e. test.com ) ? Yet, it's a production server or just a local test server?
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Oh no. I just copied that out of the PHP Manual so that you could see WHAT they said in case I was misintrepreting. Right now I am trying to run it on a test that is internal only... beth.mycompany.com.
Our subdomains are like if you would do business you would be http://ecuador.mycompany.com.
Then I would copy all of the file structure that would apply to your company on thru as far as product lines/
so you could have; http://ecuador.mycompany.com/product/services/index.php or http://ecuador.mycompany.com/commission ... /index.php
or it could be as simple as; http://ecuador.mycompany.com/index.php It would entirely depend on which page you want to look at - at any given time.
I think that is where I am losing my session cookie. It won't pass thru all of the structures, so it doesn't plant at all.
  • ecuador
  • Student
  • Student
  • User avatar
  • Posts: 90
  • Loc: Germany

Post 3+ Months Ago

Hm, it's a bit hard to follow if you can't see the appropriate code... I suggest you try to dump on each page the session ( var_dump($_SESSION) ) to see what is happening.
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Let me see if I can recreate it and get it on for you tomorrow(ish). I have since tried so many different things I am not sure which end is up.
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Sorry that took so long. I have been given another project with a due date of this week. So this one is on the back burner until next week. But here was my cookie plant code that I couldn't get to work.

<?php
function _check_auth($_COOKIE)
{ if(isset($_POST['submit']));

elseif
($_GET["http://beta.homepage.php"]);

else
die ("You must accept the disclaimer terms before proceeding.");
}
?>
  • Lizzard
  • quirky redhead
  • Silver Member
  • User avatar
  • Posts: 69
  • Loc: Indiana

Post 3+ Months Ago

Oddly - now it has changed up a bit and I need to attach it to an existing db login. So most of my problem is solved. :) Now to get it to check for that login so they can not bookmark the pages and return. Which shouldn't be too bad.. just a tad bit of research,

Post Information

  • Total Posts in this topic: 16 posts
  • Users browsing this forum: No registered users and 53 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.