Recommended way to pass errors to a styled document on exit-CodePudding

I am working on a PHP login project.

I have 3 documents:

index.php
auth.php
home.php

index.php posts to auth.php. If successful auth redirects to home.php. On failure it exits with a message.

Works perfectly, however I want to give my users a better experience and have index.php report the errors. What is the recommended way to pass errors off to index.php? Store them in a session and check if the session is set to display them, or pass it though a GET, like this:

header('Location: index.php?error='.$error);
exit;

Or should I just redo everything using AJAX or hopefully there's other options that I haven't though of.

CodePudding user response：

What stops someone from going to home.php instead of index.php?
You are giving the user the link to home.
In a secure web app, I never let the user see the names of the PHP scripts.

I would not post to auth.php. I'd put the auth.php code in index.php.
and then include ('./home.php'). Or just copy the home code in to index.php.
You add a post value to index.php from the auth form so when index.php sees the post value it knows to run the auth code

I am not a big fan of Session variables.
I would pass the error and a random value in a file.
The random value authenticates message
You may not need it here
I pass the value as accession so no one can guess what it means.

In the auth.php

if($error){
  $code = rand(100000,999999);
  file_put_contents('./error.txt',"$code|$error");
  header("Location: http://url.com/?accession=$code");
  exit;
}

In index.php.

$accession = intval($_GET['accession']);
if($accession > 99999 && file_exists('./error.txt')){
  $data = file_get_contents('./error.txt');
  unlink('./error.txt');
  list($code,$error) = explode('|',$data);
  
  if($code == $accession){
    <your error handler code here>
  }
}
include('./home.php');

CodePudding user response：

If You switch to Ajax, You will have to handle the response in js. As You want to keep things in php You can provide the error message in session while redirecting.

The index.php should particpipiate in every request but without a router this might be difficalt. For now You can put the home.php somewhere where it won't be available from the brawser and post to the auth.php for redirection to index.php and include the home.php there if needed.