Cookies – Kekse
Ok, so what do we want to do? If someone wants do download an image in fullsize, original or hires mode or requests a video in any format, a copyright message shall be displayed and the user has to click on “I accept” before he is taken to the requested file.
Using cookies makes it all a bit easier. When the user accepts cookies, he will not be bothered by the copyright messages for 30 days. And Apache can test on the existance of the cookie. So now the .htaccess looks like this.
## do that only if the cookie is not set
RewriteCond %{HTTP_COOKIE} !CopyrightCookie
## comes not from the copyright page
RewriteCond %{HTTP_REFERER} !(^.*/public/copyright\.html$)
## comes not from itself, so has been redirected already
RewriteCond %{HTTP_REFERER} !(^.*(jpg|tif|tiff|jpeg|mov|mp4|mpg|ram|wmv|avi)(\?.*)?$)
## is a request for a hires or fullres image
RewriteCond %{REQUEST_URI} ^.*(\/original\/|\/wallpaper(1|2|3)\/|\/publication.*\/).*$
## then do the trick...
RewriteRule ^(.*)$ /public/copyright.html
The copyright message sets the cookie after the user has accepted it (post to itself) and redirects the user to the requested file afterwards. So this should also work when the user has cookies disabled like in the version before.
if ($accept = $_REQUEST["accept"]) {
# just submitted, so set the cookie
$cvalue = "accepted";
$cookie = setcookie("CopyrightCookie",$cvalue, time()+60*60*24*30, "/",".domain.org");
# and redirect the user to his desired destination
if ($target == $_SERVER["PHP_SELF"]) {
# go back to source
header("Location: ".$source);
} else {
# go to target
header("Location: ".$target);
}
}
and just for completeness the form:
<form name="copyright" action="<?=$_SERVER["PHP_SELF"]?>" method="post">
<input type="hidden" name="target" value="<?=$target?>">
<input type="hidden" name="source" value="<?=$source?>">
<input type="hidden" name="accept" value="1">
<input type="button" value="I accept the conditions" class="button_yes"
onClick="document.forms[1].submit();">
<input type="button" value="I do not accept the conditions" class="button_no"
onClick="location.href='<?=$source?>';">
</form>
There are some problems concerning video though:
- when using Firefox on Windows and requesting a wmv file, the copyright notice is displayed and accepted. Afterwards, Windows Media Player opens and tries to access the file which is denied as WMP uses of course the cookies set by Internet Explorer. As we browsed to the site using FF, WMP is not working here. 2 Possibilities:
- right-click the file and save as… and then play it
- or browse to the site with IE and accept the cookie here…
- Cookies are not evaluated when doing a right-click-save-as. So you’ll probably always get the copyright.html when trying to download a file… So I’ll have to get back to my slogan: try something different…
(does anyone have a better idea?) To make things worse, Safari won’t let you download an MPG file. When clicking on it, it displays fine with Quicktime inside the browser but when “right-clicking” and trying to download it, it just downloads the copyright notice again. So it seems it does not do the cookie check here. This really drives me nuts…