The Moodle can installed in a subdirectory within a domain. It is not always right to assume that the root directory of the domain is the best place to redirect the user to.
That script already has other authorization checks like require_user() and require_capability().
https://github.com/sebsoftnl/moodle-enrol_gwpayments/blob/30a0d63381473358392acea36bd119ddfd48f863/couponmanager.php#L32-L35
Please avoid things like this.
require_user()andrequire_capability().