In our previous project, returning a view directly from the POST request when validation failed was not the best approach.
The Problem
When a user submits a login form with invalid data, the form displays error messages and redirects the user to the login page. However, if the user refreshes the page or navigates away and returns to the login page, the same error messages persist.
The Solution
To resolve this issue, we can use sessions to store errors and implement the PRG pattern. We can store errors in the $_SESSION superglobal variable and update the errors statement in create.php as:
$_SESSION['errors'] = $form->errors();
view('session/create.view.php', [ 'errors' => $_SESSION['errors'] ?? [] ]);
But even with this change, the problem still persists. To solve this we have to change return statement as :
return redirect ('/login');
l
It moves the user to login page if any error occurred but don't shows the error to user w
We then flash the $_SESSION superglobal variable to destroy the session after a short time:
$_SESSION['_flashed']['errors'] = $form->errors();
Now you can notice that the problem is solved but to refactor this code we have to add PRG method in a class
The Session Class (PRG pattern)
For refactoring, We create a new file named Core/Session.php containing a Session class that manages user sessions:
<?php
namespace Core;
class Session {
public static function has($key) {
return (bool) static::get($key);
}
public static function put($key, $value) {
$_SESSION[$key] = $value;
}
public static function get($key, $default = null) {
return $_SESSION['_flash'][$key] ?? $_SESSION[$key] ?? $default;
}
public static function flash($key, $value) {
$_SESSION['_flash'][$key] = $value;
}
public static function unflash() {
unset($_SESSION['_flash']);
}
public static function flush() {
$_SESSION = [];
}
public static function destroy() {
static::flush();
session_destroy();
$params = session_get_cookie_params();
setcookie('PHPSESSID', '', time() - 3600, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
}
}
- The
flashmethod stores data in the$_SESSION['_flash']array, which is used for session flashing. - The
getmethod checks if there's flashed data in$_SESSION['_flash']and returns it. If not, it returns the regular session data or the default value. - The
unflashmethod unsets the flashed data, making it available only for the next request. - The PRG pattern is implemented by storing data in the session using the
putmethod, redirecting (e.g., usingreturn redirect('/login');), and then retrieving the data in the next request using thegetmethod.
By using this Session class, we can implement the PRG pattern and session flashing to manage user sessions and prevent duplicate form submissions, and unwanted error message persistence.
has Method
In this file, has method returns a Boolean value indicating whether a key exists in the session:
.
public static function has($key) {
return (bool) static::get($key);
}
Refactoring the Logout Function
In function.php file, we refactor the logout function to use the Session class:
Session::destroy();
Refactoring the get Method
As the project is already working well. But We need to get refactor the get method in Core/Session.php to consolidate the code into a single statement:
public static function get($key, $default = null) {
return $_SESSION['_flash'][$key] ?? $_SESSION[$key] ?? $default;
}
A lot of refactoring is done in our today project to make it better in look ,easy to understand and to increase the performance of the code.
I hope that you have clearly understood it!.
Top comments (0)