Trying To Understand The Post/Redirect/Get Design Pattern (implemented With PHP)

All, Sorry in advance - I'm not a PHP expert or knowledgeable in design patterns, so this question might be a little basic... Anyway, I'm working on a web app that will require a l

Solution 1:

Post Redirect Get comes in to play to stop a user resending their POST data if they refresh the page they've been redirected to after submitting a form. When you want to implement a PRG, you should set the HTTP header code to 303 like this:

header('Location: level1.php', 303);

Solution 2:

If the credentials are valid, then login.php creates a session to establish the user's authenticated status:

I'm shooting in the dark as well but I have the impression that you may output something before the setting the session in login.php. Place session_start as first instruction in every file.