How to prevent the user from accessing without being logged in?

0

I'm developing an application with ExtJS 4 and PHP. My problem is this: How do I prevent the user from being able to access an application page without being logged in? I've tried everything (that I know), but it's as if HTML ignores the check I make.

IndexPrincipal page:

<!DOCTYPE HTML> 
 <?php
    include('connect.php');
    session_start();
    if (!$_SESSION['logado']){        
        header("Location: index.html");
        session_destroy();
    } 
?>   
<html>
<head>
    <meta charset="UTF-8">
    <title>SIG - Sistema Integrado de Gestão - EMCM/RN</title>
    <!-- <x-compile> -->
        <!-- <x-bootstrap> -->
            <link rel="stylesheet" href="bootstrap.css">
            <link rel="stylesheet" href="resources/css/app.css">
            <script src="ext/ext-dev.js"></script>
            <script src="bootstrap.js"></script>
        <!-- </x-bootstrap> -->
        <script src="app.js"></script>
        <!--<script type="text/javascript" src="app/view/Login.js"></script>-->
    <!-- </x-compile> -->
</head>
<body></body>
</html>
    
asked by anonymous 18.12.2014 / 13:42

1 answer

1

You can not send headers with the header () function after outputting some data. To fix your problem try this:

<?php
    include('connect.php');
    session_start();
    if (!isset($_SESSION['logado']) || $_SESSION['logado'] !== 1){        
        header("Location: index.html");
        session_destroy();
        exit;
    } 
?>   
<!DOCTYPE HTML>
<html>
<head>
</head><body>....</body></html>
    
18.12.2014 / 14:06