Display Notifications after front-end login

[louisstephens]

I hope this is the correct place to post this. I currently am building a "dashboard" that displays some stats etc, but also handles login/logout with a form. Currently, when a user uses the form on the homepage, they redirected (if the credentials are correct) to the backend of processwire.

However, I was hoping to direct the user back to the dashboard and display an alert (for now until I get a library to handle this). I got it somewhat working if I dont redirect the user. However, if I refresh the page, the alert still "pops up". Does anyone know of a way to redirect to the home page, but then display an alert?

My Code to login:

<?php
if($input->post->user && $input->post->pass) {
	$user = $sanitizer->username($input->post->user);
    $pass = $input->post->pass; 

    if($session->login($user, $pass)) {
    	// login successful
        $session->redirect($dash); 
    }
}
?>

 

[AndZyk]

Hello @louisstephens,

you could use a GET parameter inside your redirect. For example:

<?php
$session->redirect($dash . "?alert=success");

// On your dashboard template file
if ($input->get->alert === "success") {
	// Show your notification
}

If you plan to build a login be sure to use CSRF and maybe honeypot validation:

Regards, Andreas

[louisstephens]

Thanks  AndZyk . I will definitely give this a shot and see where this takes me. I completely forgot about GET (and I am still learning). Ill let you know how it goes. As for CSRF, that is a great idea. This is largely an internal site, but I will definitely take the precaution. 

[louisstephens]

That worked great @AndZyk! I appreciate the help. Now for a dumb question, once redirected, success="true" (in laments terms), notification displays, is there a way to remove the ?alert=success from the url ? As it stands, I have a script that refreshes the page every so often to get any new changes that might have been made on the site, and currently the alert will just keep posting.

 

There probably a better way to handle the refresh as well like ajax, but I dont quite know how to tackle that. I guess this was just an impromtu way of doing things.

[abdus]

@louisstephens you don't really need ajax, you can use History API to change address bar and browser history without refreshing

https://stackoverflow.com/a/19279428