SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Age Verification with PHP?

    Hey guys,

    I'm working on a site that needs age verification...I've found some (mostly java) scripts out there, but nothing that quite suits the need. I'd really prefer to use mySQL and PHP to do it!

    I need a way to ask our visitor's birthdate (on homepage load maybe,) and then send them to the appropriate page based on their age. We'd also need time-configurable (by admin) cookies to ensure that our younger visitors didn't just retry the form with an older birthdate. I think cookies would also allow users to bypass the birthdate query if they'd already answered it "last month," "last week," or "yesterday." (Right?)

    Also, if they were to enter a birthdate that made them "under 13," we'd need to redirect them to a parental permission form that they'd have to print out.

    The function of all this is to allow us to collect information on forms throughout the site from visitors who are 13 and over...and at the same time, allow those who are 12 and under to submit their information only after we've gotten a written ok from the parents.

    I hope I've explained this right...I'm confused myself now. Am I crazy in thinking I might find such a thing as what I've outlined? Or should I maybe be looking as some sort of "user sign up" code?

    Please help!

    Thank you!

    John Alarcon

  2. #2
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Anything! Anyone!?!

  3. #3
    PHP manual bot bronze trophy Gaheris's Avatar
    Join Date
    Oct 2003
    Location
    Germany
    Posts
    2,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sure.
    Untested, horrible code.
    PHP Code:
    $bd '1980'// This data should come from the form
    if (($timestamp strtotime($bd)) == -1) {
        
    // Wrong date format
        
    die('Wrong date format');
    } else {
        
    $diff time() - $timestamp;
        if (
    $diff <= 0) {
            
    // We got a time traveler
            
    die("Hooah! How's the future?");
        } else {
            
    $ysec  60 60 24 365;
            
    $years floor($diff $ysec);
            if (
    $years >= 13) {
                
    // Hooray, they are 13 or older
                // do whatever you want
                
    echo 'You got in';
            } else {
                
    // No, you won't get in here
                
    $expire 60*60*24;
                
    $days   30// How many days should the access be blocked 
                
    setcookie('not_old_enough'1$expire*$days time());
                die(
    "You're not old enough");
            }
        }    


  4. #4
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you for responding to my post! May I ask a few questions about this?

    1. Where you've set $bd to '1980', do I just change the '1980' to whatever my fieldname from the form was? (And on the form...where do I POST it to?)

    2. Can this be used to "guard" an HTML page?

    3. How can I add two more variables to it so that it could automatically calculate their birthDAY, instead of only the birth year?

    4. Will this check to see if they have a cookie already, or will it make them fill out my "birthday query" form each time they come?

    If you don't want to explain all this, I can understand, but I thank you for your effort thus far nonetheless.

    Thank you.

    John Alarcon

  5. #5
    PHP manual bot bronze trophy Gaheris's Avatar
    Join Date
    Oct 2003
    Location
    Germany
    Posts
    2,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    1. It's just a sample value, it should come from the form. The easy way would be to have a form with a <input type="text" name="birth_day" /> and to get the value with $_POST['birt_day'] (or whatever method the form uses)

    2. I don't know what you mean with "guard" but it isn't secure at all (fake birthday)

    3. You want them to enter their exact birth day?

    4. This only handles the form data, you'll have to do a check before posting the form. Actually, if you want you can create a cookie when they entered the site with a valid birt year. Just add
    PHP Code:
    $expire 60*60*24;
    $days   30// How many days should the access be blocked
    setcookie('not_old_enough'0$expire*$days time()); 
    after
    PHP Code:
    if ($years >= 13) { 
    Then before outputting your form
    PHP Code:
    if (isset($_COOKIE['not_old_enough'])) {
        if (
    $_COOKIE['not_old_enough']) {
            echo 
    'To young, get out of here!'
            
    exit;  
        } else {
            echo 
    'You're old enough';
            exit;
        }
    }
    // No cookie, display the form
    echo '
    <form ...>'; 
    You're content file could be like this
    PHP Code:
    <?php
    if (isset($_COOKIE['not_old_enough'])) {
        if (
    $_COOKIE['not_old_enough']) {
            
    // To young, can't enter site
            
    echo 'To young, get out of here!';
            exit;  
        } else {
            
    // Here goes your content
            
    echo "You're old enough";
            exit;
        }
    } else {
        if (isset(
    $_POST['send'])) {
            if ((
    $timestamp strtotime($_POST['bd'])) == -1) {
                die(
    'Wrong date format');
            } else {
                
    $diff time() - $timestamp;
                if (
    $diff <= 0) {
                    die(
    "Hooah! How's the future?" );
                } else {
                    
    $ysec  60 60 24 365;
                    
    $years floor($diff $ysec);
                    if (
    $years >= 13) {
                        
    $expire 60*60*24;
                        
    $days   30;
                        
    setcookie('not_old_enough'0$expire*$days time());
                        
    header('Location: '.$_SERVER['PHP_SELF']);
                        exit;
                    } else {
                        
    $expire 60*60*24;
                        
    $days   30;
                        
    setcookie('not_old_enough'1$expire*$days time());
                        
    header('Location: '.$_SERVER['PHP_SELF']);
                        exit;
                    }
                }
            }
        } else {
            
    // No cookie, display the form
            
    echo '<form methos="post" action="'.$_SERVER['PHP_SELF'].'">';
            echo 
    '<input type="text" name="bd" maxlenght="4" />';
            echo 
    '<input type="submit" name="send" value="Enter" />';
            echo 
    '</form>';
            exit;
        }
    }
    ?>
    The only thing is that cookies are required to enter the site.
    The code is untested, but you might get the idea.

  6. #6
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I thank you again for a great explanation! Yes, it does help me get the idea...but what I really lack is a clue!

    It's obvious to me now that this is out of my league....I don't know who the hell I thought I was...thanks for the reality check.

    When I said "guard" I didn't mean to imply that it was secure...it simply establishes that we've done our part and been diligent and deliberate in our attempt.

    I would love it if they could enter their exact birthday...that way there would be no problems with dates...if they turn 13 tomorrow, they can come back tomorrow...

    We don't actually want to use cookies for the majority of the site...just on the form...that way when they tried to access the "13 and over" area, it will write (or read) the cookie and give them either the content, or the "you're not old enough" page.

    All this would ideally happen in a pop up window of 357x610, which would be activated by a link on our homepage.

    I think I'm going to have to pay someone else for all this...it's just more than I can swallow. Do you have any idea what I might expect to pay for all the necessary files?

    Thanks again for your excellent help!

    John Alarcon

  7. #7
    PHP manual bot bronze trophy Gaheris's Avatar
    Join Date
    Oct 2003
    Location
    Germany
    Posts
    2,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    About this guard thing, I don't know your law, so I can't tell you anything about this point.

    If you want I could edit the code so that they can enter a exact date.

    Well, no problem, if the content's for everyone then just display it, if it's for 13 over then use the sample code I posted.

    The windows hasn't got to do anything with PHP, so there aren't any problems with this one.

    No, sorry, it really depends, you know?

  8. #8
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you very much for you offer! I believe I'd be a fool to pass that up...so, yes, I'd very much appreciate if you wrote the code. How much would it cost?

    Thank you again!

  9. #9
    PHP manual bot bronze trophy Gaheris's Avatar
    Join Date
    Oct 2003
    Location
    Germany
    Posts
    2,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This works with a full date, it includes a sweet form with select fields and hey, it works.
    Look at the comments, they should tell you where you should replace things.
    This is the function.
    PHP Code:
    function isOldEnough()
    {
        if (isset(
    $_POST['send'])) {
            if (
    checkdate($_POST['bd_month'], $_POST['bd_day'], $_POST['bd_year'])) {
                if ((
    $timestamp mktime(000$_POST['bd_month'], $_POST['bd_day'], $_POST['bd_year'])) == -1) {
                    die(
    'Wrong date format');               // Replace this with your own error message
                
    } else {
                    
    $diff time() - $timestamp;
                    if (
    $diff <= 0) {
                        die(
    "Hooah! How's the future?" );   // Replace this with your own error message
                    
    } else {
                        
    $ysec  60 60 24 365;
                        
    $years floor($diff $ysec);
                        if (
    $years >= 13) {
                            
    $expire 60*60*24;
                            
    $days   30;
                            
    setcookie('not_old_enough'0$expire*$days time());
                            
    header('Location: '.$_SERVER['PHP_SELF']);
                            exit;
                        } else {
                            
    $expire 60*60*24;
                            
    $days   30;
                            
    setcookie('not_old_enough'1$expire*$days time());
                            
    header('Location: '.$_SERVER['PHP_SELF']);
                            exit;
                        }
                    }
                }
            } else {
                die(
    'Invalid date');                        // Replace this with your own error message
            
    }
        } else {
            if (isset(
    $_COOKIE['not_old_enough'])) {
                return !(bool)
    $_COOKIE['not_old_enough'];
            } else {
                echo 
    '<form method="post" action="'.$_SERVER['PHP_SELF'].'">';
                echo 
    '<input type="text" name="bd_day" maxlenght="2" size="2" />&nbsp;';
                echo 
    '<select name="bd_month" size="1">';
                for (
    $i 1$i <= 12$i++) {
                    
    $time mktime(000$i);
                    
    $date date('F'$time);
                    echo 
    '<option value="'.$i.'">'.$date.'</option>';
                }
                echo 
    '</select>&nbsp;';
                echo 
    '<select name="bd_year" size="1">';
                for (
    $i 1970$i <= date('Y'); $i++) {
                    echo 
    '<option>'.$i.'</option>';
                }
                echo 
    '</select>&nbsp;';
                echo 
    '<input type="submit" name="send" value="Enter" />';
                echo 
    '</form>';
                exit;
            }
        }

    Now, in every file where you have to be >= 13 you do this
    PHP Code:
    if (isOldEnough()) {
        
    // Your content
        
    echo 'Hooray! You\'re old enough!';
    } else {
        
    // Not old enough message
        
    echo 'Sorry mate, wait till you\'re 13.';


  10. #10
    SitePoint Enthusiast
    Join Date
    Feb 2002
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You have been a great help! Is there not some way I can offer to repay you for your effort? If not monetarily...then how about in graphic work?

    You've done the community a great service by providing this script...I know...I've already been over hundreds of sites. I prefer to research...and then ask...not vice versa.

    If you need any help, don't hesitate to call on me!

    Thank you!

    John Alarcon

  11. #11
    PHP manual bot bronze trophy Gaheris's Avatar
    Join Date
    Oct 2003
    Location
    Germany
    Posts
    2,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No problem, I'm glad I could help you out.
    And thanks a lot for you offer, I won't forget it.

    See you and good luck,
    Frederik Bülthoff

  12. #12
    SitePoint Guru
    Join Date
    Nov 2001
    Location
    Fort Lauderdale
    Posts
    814
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry for reviving a very old post, but curious if the above coding is up to standards for todays latest version of PHP, especially security wise. I can use that script for an upcoming project, but wondering whether or not it's too old to use.

    I use php5 on my server.

    Thank you in advance.

  13. #13
    SitePoint Guru
    Join Date
    Jul 2004
    Location
    Netherlands
    Posts
    672
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hehe well security wise age verifications are totally pointless anyway... if you are too young, you just enter an older date lolz.
    Go visit my site :-D you know you want to ;-)
    www.mech7.net

  14. #14
    SitePoint Zealot
    Join Date
    Apr 2003
    Location
    Connecticut
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The above code should work fine with PHP5.

    Age verification isn't really for security, but rather, to comply with COPPA. If you check for age, and the person lies, you're less at fault than if you didn't check at all.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •