Hi,
I recently restructured a website along the modularization lines (page 44 onwards).
The content modules all start with a check to see if the BASE_URL constant has been defined and redirect the user if it has not been defined. This is clear and works just fine in the visitor-accessible part of the site.
In the administration part of my website, the modules also check to make sure that an administrator is using the script via a check to a session set up like page 82 onwards.
I am having trouble with 'headers already sent' and understand why this is happening and know how to fix that.
But my question is do I need both the BASE_URL constant check as well as the administrator/session check in the admin content scripts? There are no financials in the website and also no sensitive data in the database though I need to ensure that non-administrators cannot use the admin scripts.
Your thoughts/advice will be welcomed.
Cheers from Oz.