Jump to content
Larry Ullman's Book Forums

Recommended Posts

Hi,

 

I recently restructured a website along the modularization lines (page 44 onwards).

 

The content modules all start with a check to see if the BASE_URL constant has been defined and redirect the user if it has not been defined. This is clear and works just fine in the visitor-accessible part of the site.

 

In the administration part of my website, the modules also check to make sure that an administrator is using the script via a check to a session set up like page 82 onwards.

 

I am having trouble with 'headers already sent' and understand why this is happening and know how to fix that.

 

But my question is do I need both the BASE_URL constant check as well as the administrator/session check in the admin content scripts? There are no financials in the website and also no sensitive data in the database though I need to ensure that non-administrators cannot use the admin scripts.

 

Your thoughts/advice will be welcomed.

 

Cheers from Oz.

Link to comment
Share on other sites

 Share

×
×
  • Create New...