Redirect an include in PHP without redirecting main page

Question

I have a site with an index.php that looks like this:

<?php
ob_start();
include_once 'config.php';
include_once 'dbconn.php';


session_start();


?>
<html>
<body>
<p>Some content</p>
<br>
<?php include_once 'loginform.php'; ob_end_flush(); ?>
</form>
</body>
</html>

loginform.php checks the user cookie to see if they are logged in, and if so redirects to account.php:

$regAddr = mysqli_query($conn, "SELECT * FROM users WHERE address = '$addr'");
$addrRow = mysqli_num_rows($regAddr);

//check if address is in db
if($addrRow !== 0) {
    header("Location: account.php");

If they aren't logged in it displays a login form. I have two problems here:

1. If I remove the ob_start() and ob_end_flush(), the headers get sent on the include line, and I can't redirect.
2. If I leave them and the user is logged in, the whole index.php is redirected to account.php.

Is there any way to redirect login.php to account.php while keeping index.php static(not refreshing) and without using iframes?

Answer 1

No. The Whole document will be redirected because you're asuming that loginform.php will behave like an iframe, but instead it behaves like part of the whole document.

You have a bunch of available options to achieve that... Using an Iframe is something I would not recommend, but instead use a class or a function that validates the user login, then includes a file depending on that result.

<?php
if($logedin) {
     include("dashboard.php");
} else {
     include("loginform.php");
}

Obviously, this can be achieved in a lot of ways, I recommend using classes that validate sessions and a class that will render the views so you don't have to repeat the HTML headers or stuff like that for every view you're gonna load.

Real code I use for one of my systems.

<?php
include_once("../models/class-Admin.php");

class AdminViewRender {

    public static function render() {
        $request = "home";
        $baseFolder = "../views/admin/";

        //index.php?url=theURLGoesHere -> renders theURLGoesHere.php if
        //exists, else redirects to the default page: home.php
        if(isset($_GET["url"])) {
            if(file_exists($baseFolder.$_GET["url"].".php")) {
                $request = $_GET["url"];
            } else {
                header("Location: home");
            }
        }

        $inc = $baseFolder.$request.".php";
        if($request !== "login") { //if you are not explicitly requesting login.php 
            $admin = new Admin();
            if($admin->validateAdminSession()) { //I have a class that tells me if the user is loged in or not
                AdminPanelHTML::renderTopPanelFrame(); //renders <html>, <head>.. ETC
                include($inc); //Includes requestedpage
                AdminPanelHTML::renderBottomPanelFrame(); //Renders some javascript at the bottom and the </body></html>
            } else {
                include($baseFolder."login.php"); //if user validation (login) fails, it renders the login form.
            }
        } else {
            include($inc); //renders login form because you requested it
        }

    }

}