Jump to content
Larry Ullman's Book Forums

Recommended Posts



I recently restructured a website along the modularization lines (page 44 onwards).


The content modules all start with a check to see if the BASE_URL constant has been defined and redirect the user if it has not been defined. This is clear and works just fine in the visitor-accessible part of the site.


In the administration part of my website, the modules also check to make sure that an administrator is using the script via a check to a session set up like page 82 onwards.


I am having trouble with 'headers already sent' and understand why this is happening and know how to fix that.


But my question is do I need both the BASE_URL constant check as well as the administrator/session check in the admin content scripts? There are no financials in the website and also no sensitive data in the database though I need to ensure that non-administrators cannot use the admin scripts.


Your thoughts/advice will be welcomed.


Cheers from Oz.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...