When you start the program, you will be faced with a login screen. Now I know that a login script is not strictly necessary, but for those of you who work in a company or for those of you who are security conscious and want to know who issued an invoice when, this might be useful. So I will run through the creation and function of the login script.
The first thing we need to do is create a table. Here is the script:
CREATE TABLE `users` (
The table fields are pretty much self explanatory:
Uid - user ID generates a unique number for every user
Uname - Shows user name
Upass - The user password
Fname - Stores the actual name of the user
Lname - Stores the actual surname of the user
Level - Shows which privileges a user is assigned
Ploggedin - Stores the date the user logged in previously.
It is a very general way of recording user data. You can of course add more user data as you see fit. Additional information that you might want to add can be an email/home address, home/mobile phone numbers, and so on. This is the table that we will use to log a user in and out of the system.
Open up your favorite text editor, create a new PHP document and save it as login.php. Add the following code:
Code 1. Login Script
What is going on in this script? Well, let's walk through the code. The first line is 'ob_start().' This function prevents the 'Headers already sent' error from occurring by turning output buffering on. No output is sent when buffering is turned on except for headers. As you will see lower down in the script I call the 'header' function.
Then we start the session by calling the 'session_start()' function. This function will enable us to use session variables that will be used throughout the program. The next step is to check whether the form has been submitted:
If so, we take the submitted username and password and run a query based on those values:
The total number of rows returned is stored in the $num variable. If no rows are returned, then it means that no records matching that username and password were found, in which case the user is returned to the login page with a error message:
Otherwise, if there is a matching record, we retrieve it, store the username and user ID in session variables and then send the user through to the main page of the program:
$_SESSION['time'] = $mytime;
That's all there is to the login script. To finish off the login script, create a new PHP document, save it as logout.php and add the following code:
Basically this code enables the user to log out of the system. You need to call session_start() whenever you are going to use session variables. Session_unset and session_destroy are used to delete or destroy the session that the user was logged into. And the header call is used to send the user back to the login page:
Before all this is done the users table is updated. This is because we need to record the time and date that the user logged out of the system:
$query = "UPDATE users SET ploggedin = '".$datemod."' WHERE uid = '".$_SESSION['u_id']."'";
The $datemod variable is created in the 'connect.php' file, which is included in the script. It is basically a variable that stores the current date and time.
This is what the connect script looks like:
That's all there is to the login system!
As always, a login script will help you to keep track of when a user logged in and what that user was doing. For example when a user creates a new invoice, his or her name is recorded in the invoice table. The script can be further improved by adding password recovery and user registration, as well as other features. Next we will be looking at invoice management.
blog comments powered by Disqus