What code is better to use for unauthorized users?

1 code

$res_login = mysql_query( 'SELECT * FROM `datacenter` WHERE `login` = "'.$_POST['login'].'"' ); if (mysql_num_rows($res_login) != 1){ echo '<script>location.replace("nologin.php");</script>'; exit; }

2 code

  session_start(); $a = $_SESSION['login']; if ($a ! = null ){ echo '<script>location.replace("nologin.php");</script>'; exit; }

    2 answers 2

    Redirection is better to do this:

      header("Location: nologin.php"); exit;

    PS: It is necessary to control that before this there is no output ( echo, print, print_r )

    And between the ways - according to the idea, it will be faster with the session (but the coherence suffers - the user is deleted, and his session is still alive)

    PS Session and cookie can be stolen, it is worth taking care of in any case

    • add just in case - the output can also be the same whitespace character before the opening php tag <? - Zowie

    I would not use the other one, without a Java script, they will not redirect to the right place ...

    • so <script> location.replace ("nologin.php"); </ script> this is yakaskipt - Zow
    • I did not quite clearly put it, if javascript support is disabled in the browser (or still does not work for some reason), then neither the first nor the second will work, if you can do without javascript, you should do so, but here you can ... I would I gave advice on this, but I didn’t come close to writing the registration / authorization system, but if I started writing, I’d generate separate HTML for unregistered users on the server side ... Or redirect them to other pages there are lots of ways to do this except javascript ... - triplustri