Home arrow PHP arrow Page 5 - Time is Money (part 1)

Open Sesame - PHP

For consultancies that bill on an hourly basis - lawyers,accountants et al - time tracking is a critical part of the billingprocess. For small- and medium-size organizations, resource tracking,allocation and analysis is essential for business efficiency and planning.This article addresses both requirements by teaching you how to build atimesheet system to track and analyze work hours with PHP and MySQL.

  1. Time is Money (part 1)
  2. Up A Creek
  3. Bills, Bills, Bills
  4. So Many Tables, So Little Time
  5. Open Sesame
  6. The Lazy Programmer Strikes Again
  7. Today's Menu
  8. Too Much Information
  9. Time For Bed
By: The Disenchanted Developer, (c) Melonfire
Rating: starstarstarstarstar / 5
October 22, 2001

print this article


With the database designed and out of the way, it's time to actually start writing some code. First up, the user login process, and the scripts which verify the user's password and grant him access to the system.

Here's the initial login form, "index.html".

<table border="0" cellspacing="5" cellpadding="5"> <form action="login.php" method="post"> <tr> <td>Username</td> <td><input type="Text" name="frmuser" size="15"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="frmpass" size="15"></td> </tr> <tr> <td colspan="2" align="CENTER"><input type="Submit" name="submit" value="Enter"></td> </tr> </form> </table>
Here's what it looks like:

Once the form is submitted, the data is processed by "login.php", which connects to the database to verify the username and password against the "users" table.

<? // login.php - verifies user login // includes include("config.php"); include("functions.php"); // check login and password // connect and execute query $connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!"); $query = "SELECT uid, uperms from users WHERE uname = '$frmuser' AND upass = PASSWORD('$frmpass')"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); // if row exists - login/pass is correct if (mysql_num_rows($result) == 1) { // initiate a session session_start(); // register the user's ID and permission level session_register("SESSION_UID"); session_register("SESSION_UPERMS"); list($uid, $uperms) = mysql_fetch_row($result); $SESSION_UID = $uid; $SESSION_UPERMS = $uperms; // redirect to main menu page header("Location:menu.php"); mysql_free_result ($result); // close connection mysql_close($connection); } else // login/pass check failed { mysql_free_result ($result); mysql_close($connection); // redirect to error page header("Location: error.php?ec=0"); exit; } ?>
Assuming the username and password is correct, the script initiates a session, and registers two session variables, $SESSION_UID (which contains the user's ID) and $SESSION_UPERMS (which contains the user's permission level). These variables will remain available throughout the session, and will be used in many of the subsequent scripts. The script then redirects the browser to "menu.php", which sets up the main menu for the system, via an HTTP header.

A login failure will redirect the browser to the generic error handler, "error.php", with an error code indicating the type of error. I'll be using this error handler extensively, to handle the different types of errors possible.

It is important to note that calls to header() and session_start() must take place before *any* output is sent to the browser. Even something as minor as whitespace or a carriage return outside the PHP tags can cause these calls to barf all over your script.

Finally, the include()d files, "config.php" and "functions.php", contain variables and functions which will be used throughout the application. The most important of these are the database name, user name and password, which are stored in "config.php" - take a look:

<? // config.php - useful variables/functions // database parameters // alter this as per your configuration $database="timesheet"; $user = "time_agent"; $pass = "gs645kaf"; $hostname = "localhost"; ?>

>>> More PHP Articles          >>> More By The Disenchanted Developer, (c) Melonfire

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates


Dev Shed Tutorial Topics: