0

I am trying to prevent a user from coming back to the secure portion of the site after logging out, I check if $_SESSION['email'] is set, and if not I redirect them to the login page. but I get a "Cannot modify header information - headers already sent by (output " warning message. If I can fix this message then I can prevent user from clicking back to go to the secure site.Some suggest I needed to do the check before any output, but since my two include files have output how would I get around this?

beginning of my secure login page

<?php
include_once "inc/head.php";
include_once "inc/menu.php";

if(!isset($_SESSION['email']))
{
    header("Location: ../html/sign-in.html");
}
?>

menu.php has session_start in it.

  • 1
    wrap the includes in ob_start, do your check then after if statement echo the output buffer, or move out session start from them files, this is why you should not mix logic with views/html – Lawrence Cherone Oct 09 '21 at 22:50

0 Answers0