authentication, redirect and security

[eluser]vanzl[/eluser]
Is redirecting secure way to prevent non logged in users to acces parts of your page?

In most examples i've seen something like this:

Code:

class Admin extends Controller{
function admin(){
  parent::controller();
  if (!$this->auth->logged_in()){
   redirect('somewhere');
  }
}
}

I guess my question is: can a potential hacker somehow avoid the redirect and still access admin functions?

[eluser]xwero[/eluser]
I can't think of a way to avoid the redirect other than stealing somebodies login data.

[eluser]Référencement Google[/eluser]
The redirect function does an exit() too after redirecting.

[eluser]Mirage[/eluser]

I guess my question is: can a potential hacker somehow avoid the redirect and still access admin functions?

If you're asking whether they could manually construct a URL to get to actions in this controller, then I'd say no. The constructor will run first and so you effectively protected the entire class. As xwero says, any intrusion would have to happen before the controller executes.

Cheers,
-m

[eluser]vanzl[/eluser]
Thank you for your replies. The exit() after redirect sets my mind at ease