At the top of every page in my site I have a snippet of code that
authenticates the user by checking for valid SESSION vars and their
contents. If they don't, they are redirected with a header() statement to a
log-in page like this:
include_once("function_library.php");
session_start();
if (!LoggedIn()) { // If not logged in, take to Login page.
header("Location: /login.php");
}
LogAccess($_SESSION['user']); // This function logs user's access.
I noticed that the LogAccess() function I have after the header() redirect
is executing, even if the user is not logged in and is redirected to the
Log-In page. I did confirm that the LoggedIn() custom function is working
properly and returning the right value.
I thought the code below the header() redirect would not actually be
executed unless the user was logged in and allowed to proceed. Is this how
PHP is supposed to work? Is there any way to prevent the script from
executing below a certain point if the user is not logged in?
Thanks,
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
