At the top of every page in my site I have a snippet of code that authenticates the user by checking for valid SESSION vars and their contents. If they don't, they are redirected with a header() statement to a log-in page like this:
include_once("function_library.php"); session_start(); if (!LoggedIn()) { // If not logged in, take to Login page. header("Location: /login.php"); } LogAccess($_SESSION['user']); // This function logs user's access. I noticed that the LogAccess() function I have after the header() redirect is executing, even if the user is not logged in and is redirected to the Log-In page. I did confirm that the LoggedIn() custom function is working properly and returning the right value. I thought the code below the header() redirect would not actually be executed unless the user was logged in and allowed to proceed. Is this how PHP is supposed to work? Is there any way to prevent the script from executing below a certain point if the user is not logged in? Thanks, Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php