All geek questions in one place

Should I use a "refund"; after the header ()?

Quick question, I noticed that on some of my headers, I was getting some lag while processing the header. Does the return standard use after using headers? Also, if you use the title on pages that you do not need for direct access, for example, processing pages are returned; stop this processing even if the page is not directly accessible? IF return is a good idea, would it be better to use exit ()?

+4
source share
5 answers

header("Location: ......"); exit; - A fairly common pattern.

+10
source

You do not need to specify return; after calling header , but I know some people use the delivery convention exit; after calling header to make sure the code below will not execute during the redirect.

+7
source

Remember that you can use header() for things other than Location: redirects:

 header("Content-type: image/jpeg"); // for example

The reason you exit after the header is redirected is that any content displayed after the header() redirected (most likely) will not be displayed by the browser. More importantly, you don’t want any code to execute after header() redirected, so calling exit() after redirecting is good practice.

+3
source

When you send the header, this is just a consultation to the client (browser), who, in your opinion, should request a different URL. However, nothing can stop them from following your recommendation. They can continue to read more data from the current URL if your server continues to feed it. This is why you usually see php code that calls exit () after sending the redirect header, because if you stop issuing more data, they have nothing to read.

Besides the fact that they do not read unintentional data, there are other reasons:

It may just be pointless for the rest of the script to continue executing, wasting resources.

It is possible that runtime errors will occur if the script continues (for example, there were no variables or a connection to db could not be established).

It is possible that logical errors will occur if the script is continued (for example, the verification of user input / authentication has failed).

+2
source

It is for the client to determine what to do after header("Location: ...") .

Any code after header() will be executed independently. Room exit(); Immediately after the headline is protection and is required to ensure the security of your site.

If you have candy after header("Location: ...") , the only thing the browser should do is ignore the request. Then it will be as clear as day. Using exit(); you stop the page and hopefully there are no other attacks for your application!

+1
source

Source: https://habr.com/ru/post/1305602/

More articles:


All Articles