Sessions/ redirect error

Beginners - Learning PHP
#1

I am trying to create a script for a website that will ask the user to agree to a disclaimer before entering the site. I was attempting to use sessions to store whether the disclaimer has been to agreed to already so that it will only ask once and I can reference that session data across multiple pages on the site.

I have it working but there’s a logical error I can’t seem to figure out with the redirecting. I have three main files

  1. disclaimer_form.php --which is the form for the user to agree to the terms.

[code]<?php
#start the session before any output
session_start();

if($_GET[‘error’] == “1”){ $error_code = 1;
//this means that there’s been an error and we need to notify the customer
}?>

Disclaimer

Please read and agree to our Disclaimer in order to gain access

<?php if ($error_code){ echo "
Please help us with the following:
"; } ?> [code]
By entering this web site you agree to the following:
  • sample disclaimer text
  • sample disclaimer text
I agree to the terms of use <?php if ($error_code && !($_GET['agree'])){ echo "
Please check the box above to agree to our disclaimer.
"; } ?>
[/code]

  1. demo.php --my test page to see if it works
    in the html header before any output I placed the php script:
    [php]<?php
    require($_SERVER[‘DOCUMENT_ROOT’]."/disclaimer.php");
    ?>[/php]

  2. disclaimer.php – which determines using sessions whether a user has already agreed to the terms. If not, it will redirect to the disclaimer form. If a session already exists, it is supposed to let the user into the proper page. Unfortunately it is grabbing a random index page on my server even after I moved the index file to a different location.
    [php]

<?php #start the session session_start(); #check if the disclaimer is checked off #if not, block the user from entering the site and redirect to the disclaimer form if (!(isset($_GET['agree']))){ //$_SESSION['agree'] = $letmein; I'm not sure if I should use this with a function instead... $query_string = $_SERVER['QUERY_STRING']; $url = "http://".$_SERVER['HTTP_HOST']."/disclaimer_form.php?".$query_string."&error=1"; header("Location: ".$url); exit(); } #if the session stored the disclaimer form was already checked off & submitted, allow the user into the page if (isset($_GET['agree'])){ $url = "http://".$_SERVER['HTTP_HOST'].$query_string; header("Location: ".$url); exit(); } [/php] Any help you could provide would be [u]greatly[/u] appreciated. I'm a newbie and I feel like this task can be accomplished in PHP, but I'm not sure where I'm going wrong here.
#2

I have no idea why you are using all the server calls. Just use the session call instead.

On the requirement form, when they press the “I-AGREE” button, it sends them to a small php page that is something like this:

Agree.php

[php]
session_start();
if (isset($_POST[‘AgreeButton’]))
$_SESSION[‘AgreementAccepted’]=“yes”; //this can be any session variable name you want
header(“Location: ActualSitePage.php”); // redirect to the real page below…
[/php]

Then at the top of EVERY page in the real site, you add this small code to make sure it is okay…
SitePages.php
[php]
session_start();
if ($_SESSION[‘AgreementAcepted’]!=“yes”)
header(“Location: AgreementNotAccepted.php”);
[/php]

I am not sure if that is what you were asking, but, hope it helps…

Sponsor our Newsletter | Privacy Policy | Terms of Service