Why I have to call 'exit' after redirection through header('Location..') in PHP?

Question

You know that if you want to redirect an user in PHP you can use the header function:

header(\'Location: http://smowhere.com\');

It is also

Answer 1

re: could the code after the header-location call be effectively executed?

Yes if you don't close the script.

re: In which cases?

In every case.

Can a malicious user be able to completely ignore the header('Location..') call?

No, it will get exacted the user has no say in the matter.