Necuima 18 Posted February 25, 2014 Report Share Posted February 25, 2014 Hi, I recently restructured a website along the modularization lines (page 44 onwards). The content modules all start with a check to see if the BASE_URL constant has been defined and redirect the user if it has not been defined. This is clear and works just fine in the visitor-accessible part of the site. In the administration part of my website, the modules also check to make sure that an administrator is using the script via a check to a session set up like page 82 onwards. I am having trouble with 'headers already sent' and understand why this is happening and know how to fix that. But my question is do I need both the BASE_URL constant check as well as the administrator/session check in the admin content scripts? There are no financials in the website and also no sensitive data in the database though I need to ensure that non-administrators cannot use the admin scripts. Your thoughts/advice will be welcomed. Cheers from Oz. Quote Link to post Share on other sites
Larry 428 Posted March 3, 2014 Report Share Posted March 3, 2014 Sorry for not replying earlier. So the BASE_URL check is there to prevent something from being accessed directly (if I recall correctly). I would argue it's worth having in there. Quote Link to post Share on other sites
Necuima 18 Posted March 9, 2014 Author Report Share Posted March 9, 2014 Hi Larry, Thanks for getting back to me. Yes, in the end I left both the checks in the admin section and the BASE_URL check in the 'public-view' section. Cheers from Oz. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.