My PHP skills are lacking a bit and I've tried troubleshooting this for a while and searching for an answer with no luck... and I'm sure it's something simple.
I have a page on one domain that is checking to see if a cookie exists, and if it does not, it sends the user to a completely separate domain to enter in their Date of Birth. Once they enter it in and are over 21, they are to be redirected back to the original domain, but for some reason my script is only capturing the sub-directory of the referring domain, rather than the whole thing.
So, user visits the following page at a hypothetical URL, abc.com:
<?php
function over21(){
session_start();
$redirect_url='http://xyz.com';
$validated=false;
if(!empty($_COOKIE["over21"])) { $validated=true; }
if(!$validated && isset($_SESSION['over21'])) { $validated=true; }
if($validated) { return; }
else {
$redirect_url=$redirect_url."?return=".$_SERVER['REQUEST_URI'];
header('location: '.$redirect_url);
exit(0);
}
}
over21();
?>
<html>
<head>
<title>abc.com page</title>
</head>
<body>
Before you are able to read this content, you will be redirected to xyz.com to validate your age
</body>
</html>
So far so good, they are now sent to xyz.com to enter in their date of birth:
<?php
session_start();
if(isset($_POST['submit']))
{
$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$birthday = mktime(0,0,0,$month,$day,$year);
$difference = time() - $birthday;
$age = floor($difference - 662256000);
if($age >= 21)
{
setcookie("over21",$value, time()+3600*24);
$_SESSION['over21'] = 1;
$redirect=isset($_GET['return'])?urldecode($_GET['return']):'./';
header("location: ".$redirect);
exit;
}
else
{
$_SESSION['under21'] = 0;
header("location: http://google.com");
exit;
}
}
?>
<html>
<head>
<title>this is xyz.com</title>
</head>
<body>
<form>
There is a form in here with input's and such to gather day, month and year of birth.
</form>
</body>
</html>
The script is working great if I keep the age verification piece and the referring page all on the same domain. But how do I modify this so that the age verification page is capturing the full URL of the referring domain, not just the sub-domain?