Have Geek Brain

PHP / XHTML. Should I put everything in echo tags?

Quick question related to PHP development, I seem to get more and more interested in this when I develop more complex sites. Basically it is said that we have a basic PHP / XHTML (messaging system) mailbox. I am doing checks at the top (check if the user is logged in, check if the user has the correct permissions, etc.). Then use the 'header (' location: www.abc.com) 'function if authentication fails. The question is, am I writing the rest of the incoming mail code in a huge "else" block, or am I just using standard html. I read somewhere that it is bad to use code after using the "header" function.

+2


a source to share


4 answers


Just follow the title

exit();

Than it won't be a problem.



see third example here

Also you don't need that big echo, you can echo html like this if you want:

<?php
  //php stuff
  if(test){
?>

   html here

<?php
  }
  else{
?>

   other html

<?php
  }
?>
+4


a source


The reason you read this badly is because customers don't need to respect the header Location: abc

, so if you keep sending them data, they might just show it, perhaps allowing them to track your user data.

What you can do is after sending the header Location: abc

, you just exit the script, like this:



if(!$user->is_authenticated()) {
    header("Location: abc");
    exit();
}
+1


a source


After redirecting the header, you add the fat "return" or "exit" so your script ends there, then you close the if. Then you can happily program the code as usual.

It is not true that after calling header () you should not put anything. However, you must remember that if you output anything before calling the header, the script will fail. There are headers that require you to enter a code, such as the Content-type header. After the redirect header, however, you should always call exit () if the browser does not execute the statement.

+1


a source


I read somewhere that it is bad to use any code after using the 'header' function.

This is not entirely true because it is not allowed to send output (HTML or original output) to the browser before you send the header. When you send the output before the header is sent, you will receive a "Header already sent" message.

After the header function, the rest will not execute, so no return or exit is required.

For the question if everything needs to be put in an if / else structure: this is also not required, the only thing you need to do is check a basic check if someone is logged in, and if not, you redirect using the header function. There is no need for an extensive if / else structure.

+1


a source






More articles:


All Articles