Deny access to certain pages based on date [closed]

Is it possible to deny access to certain pages using .htaccess based on current date?

Here’s the deal. I’ve implemented April Fool’s system to my sites (it basically displays some funny page that is designed to fool visitors something just happened – anything bad – every April 1st, and after reloading page it displays the actual site – using session id).

I want to let visitors view past April Fool’s pages using a custom dirlist index page that do not list pages that are upcoming (clearly, if it is supposed to be a surprise). But I want to lock the upcoming pages so the visitors can’t display upcoming pages using direct access (manually typing their address in browser address bar).

Pages are named using a naming schematic of year.php (so every year has its own fool page). Each of that page displays in a specific date – it’s April 1st of that year. I want to deny access to those pages that didn’t pass the current April Fool’s season. So namely it’s 2018. I’ve prepared an April Fool’s page for 2019 (named 2019.php). If visitor enters the address example.com/april_fools_dir/2019.php, it should show him Access Denied error, until it’s April 1st 2019. Don’t want to implement it in each page separately, and also do not want to have each that page rely on an included portion implementing this feature. I’d like to avoid having to implement this in PHP if it’s possible to use that in .htaccess. I can figure out PHP implementation myself, but I’d like to avoid that…

Why do I need such feature as deny certain pages until a specific date? It’s a strategic move. I don’t want to have the upcoming April Fool’s pages spoiled by exclusively investigative visitors that try to access the pages that are not yet listed in the history page. It will simply throw an Access Denied error and that page will get public after April Fool’s of that particular year passed.

Answer

Okay, I figured out the PHP way to do it. I simply call this function giving it the specific year:

function deny_access($year) {
    $current_date = [
        'day' => date("d"),
        'month' => date("m"),
        'year' => date("Y")
    ];

    if($current_date['month'] < 4) {
        if($current_date['year'] <= $year) {
            header('403 Forbidden', true, 403);
            exit();
        }
    } else {
        if($current_date['year'] < $year) {
            header('403 Forbidden', true, 403);
            exit();
        }
    }
}

This function is then included and called in each fool page. The result is 403 Forbidden HTTP request, so exactly what I expected. After importing it in my websites the response is 500 Internal Server Error (maybe because it can’t handle PHP forced 403 Forbidden response), but that’s okay, it actually makes it even better than expected…

EDIT: I forgot to say that fiddling with the given year changes the HTTP response. I wanted to try out how the server will response if the April Fool’s page was set to already passed (lowering the year), and the page displays fully working. So the only thing that gives an originally unexpected 500 Internal Server Error response is the deny_access($year) function that met the conditions for 403 Forbidden HTTP response call. So nothing I should worry about, it works as expected = denies access before it’s ready to show.

Attribution
Source : Link , Question Author : Polda18 , Answer Author : Polda18

Leave a Comment