PHP Flash Messages – One-Time User Feedback with Sessions

Implement flash messages in PHP to provide one-time feedback after form submission, login actions, or redirects.

Introduction – Why Flash Messages Matter in PHP

Flash messages are temporary notifications that inform users of success, errors, or warnings after a form submission or action. They’re commonly used in redirects following the Post–Redirect–Get (PRG) pattern to display messages only once and then disappear.

In this guide, you’ll learn:

• What flash messages are and when to use them
• How to create flash messages using PHP sessions
• How to display and clear flash messages effectively
• Best practices for styling and message types

PHP Flash Messages

session_start();
$_SESSION['flash'] = "Form submitted successfully!";
header("Location: index.php");
exit;

session_start();
if (isset($_SESSION['flash'])) {
    echo $_SESSION['flash'];
    unset($_SESSION['flash']);
}

Flash messages provide one-time user feedback after redirects
Store messages in $_SESSION, then unset after displaying

Example – Flash Message After Form Submission

form.php

<form action="submit.php" method="post">
  <input type="text" name="username">
  <input type="submit" value="Submit">
</form>

<?php
session_start();
if (isset($_SESSION['flash'])) {
  echo "<p style='color: green;'>" . $_SESSION['flash'] . "</p>";
  unset($_SESSION['flash']);
}
?>

submit.php

session_start();
$_SESSION['flash'] = "Your form was submitted!";
header("Location: form.php");
exit;

This example displays the flash message after the redirect, then removes it.

Flash Message Types (Optional)

You can enhance UX by categorizing flash messages:

$_SESSION['flash'] = [
  'type' => 'error', // success | warning | info
  'message' => 'Invalid credentials.'
];

Display with styling:

if (isset($_SESSION['flash'])) {
  $type = $_SESSION['flash']['type'];
  $msg = $_SESSION['flash']['message'];
  echo "<div class='$type'>$msg</div>";
  unset($_SESSION['flash']);
}

Use CSS to style .success, .error, .warning, etc.

Best Practices

• Always call session_start() before setting or reading flash messages
• Unset messages immediately after displaying to avoid repetition
• Use CSS classes to visually distinguish message types
• Store only serializable and safe text content in flash sessions

Summary – Recap & Next Steps

Flash messages are a lightweight and powerful feedback tool in PHP. Combined with the PRG pattern, they make your web forms more user-friendly and professional by providing clear, temporary feedback.

Key Takeaways:

• Flash messages are temporary messages shown after actions
• Store them in $_SESSION and unset after display
• Use message types (success, error, info) for better UX
• Integrate with redirects and PRG for effective flow

Real-World Use Cases:
Form submissions, login/logout, registration confirmation, data updates, payment success/failure

Frequently Asked Questions (FAQs)

What are flash messages in PHP?
Temporary messages stored in $_SESSION and cleared after displaying to the user.

Why use flash messages with redirects?
Because header("Location:") clears POST data, flash messages let you carry the response through.

How do I clear flash messages after showing them?
Use unset($_SESSION['flash']); immediately after outputting the message.

Can I show multiple flash messages?
Yes. Use an array of messages and loop through them:

$_SESSION['flash'][] = "Message 1";
$_SESSION['flash'][] = "Message 2";

Are flash messages secure?
Yes, as long as you sanitize user-generated content before displaying it in HTML.