'Master Page' mechanism on php web-page must be revised

I’m using web-page in php and recently starting using the ‘Master Pages’ feature of PG, but…

The best pratice in php-page is starting file with instruction start_session(); (or any other function managing session) to avoiding problem with some error or tips in the HTTP header.

My ‘Master Page’.php starting:

<!DOCTYPE html>
<html lang="it" data-pgc-set-master>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="User access security system, Sistema di accesso e autenticazione utente in php">
    <meta name="author" content="Michele Saltori (Italy) ~ tecnoinformatica@ivgw.eu">
    <title data-pgc-edit="SecMasterTitlePage">Master page per sistema di sicurezza</title>
    <!-- Bootstrap core CSS -->
    <style data-pgc-edit="SecMasterStyle"></style>
    <link href="bootstrap/css/bootstrap.css" rel="stylesheet">

And my ‘slave page’.php …

<?php
require_once('security_access.inc.php');
//require_once ('security_access_anonym.inc.php');
?>
<!doctype html>
<html lang="it" data-pgc-master="SecMaster.php">
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="User access security system, Sistema di accesso e autenticazione utente in php">
    <meta name="author" content="Michele Saltori (Italy) ~ tecnoinformatica@ivgw.eu">

After ‘PG component update’ the header part of file:

<?php
require_once('security_access.inc.php');
//require_once ('security_access_anonym.inc.php');
?>

Is removed!

Outside of html code of page, ‘php block script’ cannot be inserted or/and marked as an editable area.

:pray: Why not implement script block outer html code on the ‘Master Page’?
eg:

<?php /*data-pgc-field="SecMasterHeadScriptArea"*/
?>
<!doctype html>
<html lang="it" data-pgc-master="SecMaster.php">
<head>....

Please Help me and us (php developers).

I’m using: PG 4.8 on Linux Mint LMDE 2 Cinnamon 64-bit, Apache2, PHP 5.6.36

@micheleSaltori why not adding this code to the master page?

<?php require_once(‘security_access.inc.php’); //require_once (‘security_access_anonym.inc.php’); ?>

@matjaz
Yes you can insert php tag in master-page outside html (before the <!DOCTYPE> tag) same you suggest but if you need that php script never change in slave page, because any update of master-page the php tag are refreshed it.
Following the correct code that you suggest:

<?php
   //fixed php statement not changable in slave page
?>
<!DOCTYPE html>
<html lang="en" data-pgc-set-master>
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="">
....

This not resolve my problem in wich I have necessity to insert different php-code in slave-page manipulating the http headers (e.g. php-session).

:+1::+1::+1:
Finally I resolved the problem in the following method:
In master-page, after <HTML> and before the <HEAD> tags (area in which browser still has not altered any http header) I inserted one tag <script> defined as editable area in which insert any php script in their php-tag <?php...?>.

----->Edit 27 aug 2018: NON VALID SOLUTION see topic below.

See exemple bellow:

<!DOCTYPE html>
<html lang="en" data-pgc-set-master>
<script data-pgc-edit="phpscriptinhtmlscript">
<?php
   //editable area for php script (expecially for session and http-header)
?>
</script>
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="">

This solution run fine. Any problem related to php-session and modify http-headers are solved.
PHP-code in slave-page are preserved!
:sun_with_face::sun_with_face::sun_with_face:

@myself

Unfortunately my proposed solution fail in this condition:
If php-page is contained in an iframe object and the php included script make a redirect, rendering of page fail.
Only solution is to place the php script with the ‘include’ option on the top of page (before the html tag DOCTYPE).
Therefore
my original issue (create a master php-page with inside an php script-tag on top of file wich can be edited in the slave page…) :exclamation:still remain unresolved!

@micheleSaltori you can add a PHP code like this to the master:

<?php
if(basename(__FILE__) == 'index.php') {
    require_once 'mainpage.php';
} else {
    require_once 'slavepage.php';
}