you are right thats something i will work on next.
is this still a good way to send someone back to the form in this case? (accidentally go to process page)
i found out what the problem was this is a example of my code
Code: Select all
<?php
session_start();
if(empty($POST['name'])) {
header('Location: GO_TO_FORM');
exit();
}
//CODE
//ADD INFO TO DB
header('Location: GO_TO_NEXT_PAGE');
?>
i have 2 headers in the code. one was the one i was adding the if empty one that will send them back to the form.
the second one i have is for at the end of my code after it posts the data into db it sends them to the next page.
to make it work right i had to add the exit() function in. i thought the header would act as the exit here, i don't know why it still reads the rest of the code when its being told to redirect.
can i use something like this then?
Code: Select all
if(empty($_POST['name'])) {
exit(header('Location: back_to_form'));
}
any input? how would you protect the pages in my case? i have a few pages i need to protect