Guys,
Building a site that needs certain pages securing - therefore I've created an include file that is included at the top of every PHP page, above where this script is included, I'm setting a variable that I can change depending on whether each specific page is secure - so the top of each page looks like this......
$TheSecurePageOrNot = "yes";
require_once('_inc_conn.php');
The include script then contains the following the following...
// ASH: Now we'll check whether this page should be secure...
if ($TheSecurePageOrNot == "yes") {
// ASH: If the above is true, check whether the user is logged in, then put their profile details into a session variable...
if (session_is_registered("Session_LoggedIn")) {
$TheUserLoggedIn = $_SESSION['Session_LoggedIn'];
} else {
header("Location: login.php?Redirect=" . $_SERVER['SCRIPT_NAME']);
}
}
The odd thing is that the pages containing this DO redirect perfectly to the Login page if the user isn't logged in BUT if the page happens to contain a SQL script where I've used the 'header location redirect' on SQL fail, and the SQL does have an error, the page processes and ignores the first redirect to the Login page?
In summary - the pages seem to give low priority to the redirect contained within the Include file and instead continue processing the page...only when finished does it actually redirect?
Does that make sense? Its very odd and I don't understand why the PHP isn't exiting at the first redirect contained within the include file?
