What is the best method to display error message in the same login form












-1















I have a login.php file and a login_process.php file. My login form is in the first file and validation in the other. I do not know how to display error messages in the login form in login.php after validation in login_process.php.



I have been researching and below is what I've found :



(Note : I have multiple error messages and I use selection to display those messages)




  1. Using header('Location:login.php?submit=conError') to redirect to the login.php file and in that file, use $_GET to retrieve the query

  2. Using header('Location:login.php#conError')to redirect to the login.php and file in that file, use location.hash in javascript to retrieve the fragment

  3. By including login_process.php in login.php and declare some variables and use PHP_SELF to use those variables to display error

  4. Some use global session variable $_SESSION['error']


Which is better and safer? Which method does developer use the most? Can somebody help clarify? Is there a better way than ways mentioned above (in terms of security and optimum run time)?






javascript php html html5 session







share|improve this question

























  • @GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

    – Funk Forty Niner
    Nov 24 '18 at 4:19











  • This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

    – Funk Forty Niner
    Nov 24 '18 at 4:20


















-1















I have a login.php file and a login_process.php file. My login form is in the first file and validation in the other. I do not know how to display error messages in the login form in login.php after validation in login_process.php.



I have been researching and below is what I've found :



(Note : I have multiple error messages and I use selection to display those messages)




  1. Using header('Location:login.php?submit=conError') to redirect to the login.php file and in that file, use $_GET to retrieve the query

  2. Using header('Location:login.php#conError')to redirect to the login.php and file in that file, use location.hash in javascript to retrieve the fragment

  3. By including login_process.php in login.php and declare some variables and use PHP_SELF to use those variables to display error

  4. Some use global session variable $_SESSION['error']


Which is better and safer? Which method does developer use the most? Can somebody help clarify? Is there a better way than ways mentioned above (in terms of security and optimum run time)?






javascript php html html5 session







share|improve this question

























  • @GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

    – Funk Forty Niner
    Nov 24 '18 at 4:19











  • This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

    – Funk Forty Niner
    Nov 24 '18 at 4:20
















-1












-1








-1








I have a login.php file and a login_process.php file. My login form is in the first file and validation in the other. I do not know how to display error messages in the login form in login.php after validation in login_process.php.



I have been researching and below is what I've found :



(Note : I have multiple error messages and I use selection to display those messages)




  1. Using header('Location:login.php?submit=conError') to redirect to the login.php file and in that file, use $_GET to retrieve the query

  2. Using header('Location:login.php#conError')to redirect to the login.php and file in that file, use location.hash in javascript to retrieve the fragment

  3. By including login_process.php in login.php and declare some variables and use PHP_SELF to use those variables to display error

  4. Some use global session variable $_SESSION['error']


Which is better and safer? Which method does developer use the most? Can somebody help clarify? Is there a better way than ways mentioned above (in terms of security and optimum run time)?






javascript php html html5 session







share|improve this question
















I have a login.php file and a login_process.php file. My login form is in the first file and validation in the other. I do not know how to display error messages in the login form in login.php after validation in login_process.php.



I have been researching and below is what I've found :



(Note : I have multiple error messages and I use selection to display those messages)




  1. Using header('Location:login.php?submit=conError') to redirect to the login.php file and in that file, use $_GET to retrieve the query

  2. Using header('Location:login.php#conError')to redirect to the login.php and file in that file, use location.hash in javascript to retrieve the fragment

  3. By including login_process.php in login.php and declare some variables and use PHP_SELF to use those variables to display error

  4. Some use global session variable $_SESSION['error']


Which is better and safer? Which method does developer use the most? Can somebody help clarify? Is there a better way than ways mentioned above (in terms of security and optimum run time)?






javascript php html html5 session




javascript php html html5 session






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 24 '18 at 4:19









Funk Forty Niner

1




1










asked Nov 24 '18 at 2:04









Tyson ReeseTyson Reese

11




11













  • @GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

    – Funk Forty Niner
    Nov 24 '18 at 4:19











  • This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

    – Funk Forty Niner
    Nov 24 '18 at 4:20





















  • @GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

    – Funk Forty Niner
    Nov 24 '18 at 4:19











  • This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

    – Funk Forty Niner
    Nov 24 '18 at 4:20



















@GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

– Funk Forty Niner
Nov 24 '18 at 4:19





@GoojajiGreg About your (suggestive) edit and the comment you left: "This question is PHP related only.". I beg to differ. The OP wants to display a message and it can be done with languages other than PHP including the ones the OP originally chose. The tags are relevant and I've added another, being "javascript" and "sessions", also being relevant to the question.

– Funk Forty Niner
Nov 24 '18 at 4:19













This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

– Funk Forty Niner
Nov 24 '18 at 4:20







This question is too broad and probably opinion-based. In terms of security and sessions; look up "sessions middle-man" and "sessions security" on the Web.

– Funk Forty Niner
Nov 24 '18 at 4:20














2 Answers
2






active

oldest

votes


















0














I think you should use session option which is better way to show messages as most frameworks like codeigniter laravel and cms like WordPress opecart uses this approach.



And the sending error in URL doesn't seems good for the look of the application. If this is not a case for you then go ahead and change.



But I think message that we want to show almost includes in every page so it is better idea toh use session you dont need to pass it in URL.



Use session to store after displaying use unset to remove the message.



And with that you also ensuring to get rid of the burden of different names of variables for message on each page. You have single session variable which will do it for your whole application.






share|improve this answer































    0














    I think sending the error in the URL is easy and it is used in many applications. Error message is not a sensitive information. I think you should try the first method.






    share|improve this answer























      Your Answer






      StackExchange.ifUsing("editor", function () {
      StackExchange.using("externalEditor", function () {
      StackExchange.using("snippets", function () {
      StackExchange.snippets.init();
      });
      });
      }, "code-snippets");

      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "1"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53454595%2fwhat-is-the-best-method-to-display-error-message-in-the-same-login-form%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      0














      I think you should use session option which is better way to show messages as most frameworks like codeigniter laravel and cms like WordPress opecart uses this approach.



      And the sending error in URL doesn't seems good for the look of the application. If this is not a case for you then go ahead and change.



      But I think message that we want to show almost includes in every page so it is better idea toh use session you dont need to pass it in URL.



      Use session to store after displaying use unset to remove the message.



      And with that you also ensuring to get rid of the burden of different names of variables for message on each page. You have single session variable which will do it for your whole application.






      share|improve this answer




























        0














        I think you should use session option which is better way to show messages as most frameworks like codeigniter laravel and cms like WordPress opecart uses this approach.



        And the sending error in URL doesn't seems good for the look of the application. If this is not a case for you then go ahead and change.



        But I think message that we want to show almost includes in every page so it is better idea toh use session you dont need to pass it in URL.



        Use session to store after displaying use unset to remove the message.



        And with that you also ensuring to get rid of the burden of different names of variables for message on each page. You have single session variable which will do it for your whole application.






        share|improve this answer


























          0












          0








          0







          I think you should use session option which is better way to show messages as most frameworks like codeigniter laravel and cms like WordPress opecart uses this approach.



          And the sending error in URL doesn't seems good for the look of the application. If this is not a case for you then go ahead and change.



          But I think message that we want to show almost includes in every page so it is better idea toh use session you dont need to pass it in URL.



          Use session to store after displaying use unset to remove the message.



          And with that you also ensuring to get rid of the burden of different names of variables for message on each page. You have single session variable which will do it for your whole application.






          share|improve this answer













          I think you should use session option which is better way to show messages as most frameworks like codeigniter laravel and cms like WordPress opecart uses this approach.



          And the sending error in URL doesn't seems good for the look of the application. If this is not a case for you then go ahead and change.



          But I think message that we want to show almost includes in every page so it is better idea toh use session you dont need to pass it in URL.



          Use session to store after displaying use unset to remove the message.



          And with that you also ensuring to get rid of the burden of different names of variables for message on each page. You have single session variable which will do it for your whole application.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 24 '18 at 2:32









          AkhileshAkhilesh

          626




          626

























              0














              I think sending the error in the URL is easy and it is used in many applications. Error message is not a sensitive information. I think you should try the first method.






              share|improve this answer




























                0














                I think sending the error in the URL is easy and it is used in many applications. Error message is not a sensitive information. I think you should try the first method.






                share|improve this answer


























                  0












                  0








                  0







                  I think sending the error in the URL is easy and it is used in many applications. Error message is not a sensitive information. I think you should try the first method.






                  share|improve this answer













                  I think sending the error in the URL is easy and it is used in many applications. Error message is not a sensitive information. I think you should try the first method.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 24 '18 at 3:53









                  Ashan SamarasingheAshan Samarasinghe

                  12




                  12






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53454595%2fwhat-is-the-best-method-to-display-error-message-in-the-same-login-form%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      Wiesbaden

                      Image
                      Wappen Deutschlandkarte 50.0825 8.24 117 Koordinaten: 50° 5′  N , 8° 14′  O Basisdaten Bundesland: Hessen Regierungsbezirk: Darmstadt Höhe: 117 m ü. NHN Fläche: 203,93 km 2 Einwohner: 278.654 (31. Dez. 2017) [1] Bevölkerungsdichte: 1366 Einwohner je km 2 Postleitzahlen: 65183–65207, 55246, 55252 Vorlage:Infobox Gemeinde in Deutschland/Wartung/PLZ enthält Text Vorwahlen: 0611, 06122, 06127, 06134 Kfz-Kennzeichen: WI Gemeindeschlüssel: 06 4 14 000 LOCODE: DE WIB NUTS: DE714 Stadtgliederung: 26 Ortsbezirke Adresse der Stadtverwaltung: Schlossplatz 6 65183 Wiesbaden Webpräsenz: www.wiesbaden.de Oberbürgermeister: Sven Gerich (SPD) Lage der Landeshauptstadt Wiesbaden in Hessen und im Regierungsbezirk Darmstadt Offizielles Logo der Landeshauptstadt Wiesbaden Flagge der Landeshauptstadt Wiesbaden Wiesbaden is
                      Read more

                      Marschland

                      Image
                      Kilometerweite Marsch in den Vier- und Marschlanden am Elbdeich Die Wedeler Marschlandschaft in Schleswig-Holstein Der Hadelner Kanal zur Entwässerung der Marsch Die tief gelegene Marsch und ein Entwässerungskanal Das Schöpfwerk Otterndorf im Land Hadeln zur Entwässerung der Medem verfügte damals bereits über die größte Kreiselpumpe Europas. Das Schöpfwerk in Neuhaus für die Aue und des Neuhaus-Bülkauer Kanals Als Marsch(land) (v. niederdt., altsächs. mersc ) – auch Masch , Mersch oder Schwemmland genannt – bezeichnet man eine nacheiszeitlich entstandene geomorphologische Landform im Gebiet der nordwestdeutschen Küsten und Flüsse sowie vergleichbare Landformen weltweit. Inhaltsverzeichnis 1 Landschaft 2 Entstehung 3 Marschböden 4 Nutzung 5 Marschgebiete in Deutschland 6 Siehe auch 7 Literatur 8 Weblinks 9 Einzelnachweise Landschaft | Marschen sind generell flache Landstriche ohne natürliche Erhebungen. Si
                      Read more

                      Dieringhausen

                      Image
                      Dieringhausen Stadt Gummersbach 50.982777777778 7.5316666666667 165 Koordinaten: 50° 58′ 58″  N , 7° 31′ 54″  O Höhe: 165  (160–245)  m Einwohner: 5055  (30. Jun. 2016) Postleitzahl: 51645 Vorwahl: 02261 Lage von Dieringhausen in Gummersbach Im Hohl ca. 1927–1930 Ansicht von Südwesten bei Bünghausen Dieringhausen (im örtlichen Dialekt Dierkesen ) ist ein Ortsteil von Gummersbach im Oberbergischen Kreis, Regierungsbezirk Köln, Nordrhein-Westfalen (Deutschland). Inhaltsverzeichnis 1 Geographie 2 Geschichte 3 Kultur 3.1 Sehenswürdigkeiten 3.2 Regelmäßige Veranstaltungen 4 Infrastruktur und Wirtschaft 4.1 Verkehr 4.1.1 Schienen- und Busverkehr 4.1.2 Straßen 4.2 Öffentliche Einrichtungen 4.2.1 Schulen und Bildungseinrichtungen 4.2.2 Kirchliche Einrichtungen 5 Persönlichkeiten 5.1 In Dieringhausen geboren 5.2 In Dieringhausen gelebt 6 Einzelnachweise 7
                      Read more