In our previous project, returning a view directly from the POST request when validation failed was not the best approach.
When a user submits a login form with invalid data, the form displays error messages and redirects the user to the login page. However, if the user refreshes the page or navigates away and returns to the login page, the same error messages persist.
To resolve this issue, we can use sessions to store errors and implement the PRG pattern. We can store errors in the $_SESSION superglobal variable and update the errors statement in create.php as:
$_SESSION['errors'] = $form->errors(); view('session/create.view.php', [ 'errors' => $_SESSION['errors'] ?? [] ]);
But even with this change, the problem still persists. To solve this we have to change return statement as :
return redirect ('/login');
l
It moves the user to login page if any error occurred but don't shows the error to user w
We then flash the $_SESSION superglobal variable to destroy the session after a short time:
$_SESSION['_flashed']['errors'] = $form->errors();
Now you can notice that the problem is solved but to refactor this code we have to add PRG method in a class
For refactoring, We create a new file named Core/Session.php containing a Session class that manages user sessions:
<?php namespace Core; class Session { public static function has($key) { return (bool) static::get($key); } public static function put($key, $value) { $_SESSION[$key] = $value; } public static function get($key, $default = null) { return $_SESSION['_flash'][$key] ?? $_SESSION[$key] ?? $default; } public static function flash($key, $value) { $_SESSION['_flash'][$key] = $value; } public static function unflash() { unset($_SESSION['_flash']); } public static function flush() { $_SESSION = []; } public static function destroy() { static::flush(); session_destroy(); $params = session_get_cookie_params(); setcookie('PHPSESSID', '', time() - 3600, $params['path'], $params['domain'], $params['secure'], $params['httponly']); } }
By using this Session class, we can implement the PRG pattern and session flashing to manage user sessions and prevent duplicate form submissions, and unwanted error message persistence.
In this file, has method returns a Boolean value indicating whether a key exists in the session:
. public static function has($key) { return (bool) static::get($key); }
In function.php file, we refactor the logout function to use the Session class:
Session::destroy();
As the project is already working well. But We need to get refactor the get method in Core/Session.php to consolidate the code into a single statement:
public static function get($key, $default = null) { return $_SESSION['_flash'][$key] ?? $_SESSION[$key] ?? $default; }
A lot of refactoring is done in our today project to make it better in look ,easy to understand and to increase the performance of the code.
I hope that you have clearly understood it!.
The above is the detailed content of Session Handling with the PRG pattern and Flashing. For more information, please follow other related articles on the PHP Chinese website!