diff --git a/user.php b/user.php
index 3d612e4..edba9d9 100644
--- a/user.php
+++ b/user.php
@@ -58,6 +58,7 @@ if ($config->settings->authModule == 'Y'){
 		$authURL = $util->getCORALURL() . "auth/" . $addURL . htmlentities($_SERVER['REQUEST_URI']);
 		header('Location: ' . $authURL, true);
 
+		exit; //PREVENT SECURITY HOLE
 	}