For example, here: <?php session_start(); if (!isset($_SESSION[‘is_logged_in’])) { header(Location: login.php); die(); } ?> <Some

Question

0

Asked: May 17, 20262026-05-17T15:58:00+00:00 2026-05-17T15:58:00+00:00

For example, here: <?php session_start(); if (!isset($_SESSION[‘is_logged_in’])) { header(Location: login.php); die(); } ?> <Some

0

For example, here:

<?php
    session_start();

    if (!isset($_SESSION['is_logged_in'])) {
        header("Location: login.php");
        die();
    }
?>
<Some HTML content>

Is die() really necessary here ?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-17T15:58:00+00:00

Editorial Team

2026-05-17T15:58:00+00:00Added an answer on May 17, 2026 at 3:58 pm

Is die() really necessary here ?

It is: Otherwise, the client will still get the HTML code in the response body. The header asks the client to terminate and go to the new page, but it can’t force it.

The client can always continue listening to the response, and receive everything output afterwards, which is a fatal security hole e.g. when protecting sensitive data in a login area.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

For example, here: <?php session_start(); if (!isset($_SESSION[‘is_logged_in’])) { header(Location: login.php); die(); } ?> <Some

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply