Creating a Login Script for a PHP Invoicing System

In this first part of “Building an Invoicing System,” we are going to look at invoice management. Why would anyone want an online invoicing system? Well, if you are a freelance web developer like myself, you will undoubtedly need to invoice your clients so as to be able to get paid at the end of the month. This application will help you to manage your client details as well as your invoices.

Of course there are a great many invoicing systems out there, but most of them(or at least the good ones) will cost you a lot of money. What you get with this system is:

  • Client Management: create, update and view client information.
  • Invoice Management: create, update, view and print invoice data.
  • User Management: create and keep a log of people using your invoicing system.

Because every person will have different requirements for an invoicing system, I’ve decided to make this program as general as possible. Of course there are common aspects that everyone will need from a invoicing system, such as the ability to create a new invoice or to create a list of all clients that you work with, among others. These commonalities are adequately covered in this article.

Tools needed:

PHP4 or higher: Available from http://www.php.net

MYSQL: Available from http://www.mysql.com

The best way to make invoices printable is to create them in pdf format. This is why we will use the php_pdf.dll extension, available to PHP since PHP version 4. To use this extension please do the following:

First you will need the PDF Acrobat reader/viewer. If you do not have it on your system, please go to: http://www.adobe.com/products/acrobat/  and download Adobe Acrobat. It will not cost you a cent, so go ahead and download it. Then once you’ve downloaded and installed Acrobat Reader, the next step is to locate the  php_ini file that came with your PHP installation. If you are running a Windows system, it should be located in your C:windows directory or in your C:php directory. Open it up in notepad and use the find dialog box:

This should help you find the extensions list fairly quickly. Once you’ve reached the list, scroll down until you find php_pdf.dll, then remove the semicolon(;) just in front of it.  Save  and close the file. To make sure that the pdf library is available, open a new document in notepad or any text editor and type the following:

<?
phpinfo();
?>

Save the file as test.php, NOT test.php.txt or anything else. It has to have the .php extension only, otherwise it will not work. Run the script and make sure that you see the following in the resulting page:

As you can see from the screen shot above, it should have pdf enabled.

{mospagebreak title=What if I don’t see that page?}

If it is not there at all, then it means that the extension has not been enabled or cannot be found. In that case you should go back to the php site (http://www.php.net/) and download a version that includes the source, unzip the package and copy the extensions directory to your php directory. Then you should open up the php ini file, find the line that says ‘extension_dir’ and add the location of your php directory to the line.

For example if your php directory is ‘c:php’ then add ‘extension_dir = “C:phpextensions”. This will enable PHP to find the pdf extension quickly. Do the test again as before. Hopefully this time you will see the pdf enabled text. The pdf creation is a big part of the invoicing application so it is vital that you get this part right and that everything works fine.

Let’s look at the complete login and main page screens:

 

Fig 1 The login Screen

 

Fig 2 The main page

{mospagebreak title=Database schema}

Because we are starting the series off with invoice management, we are going to be building the invoices table, so

CREATE TABLE `invoices` (
  `invno` int(4) unsigned zerofill NOT NULL auto_increment,
   `status` enum(‘Paid’,’Unpaid’) NOT NULL default ‘Unpaid’,
  `VAT` decimal(9,2) NOT NULL default ‘0.00’,
  `inv_date` date default NULL,
    `cid` int(11) NOT NULL default ‘0’,
  `uID` int(4) NOT NULL default ‘0’,
  PRIMARY KEY  (`invno`)
)

Let’s run through the table fields:

The invno field is the primary key generator which gives a unique number to every new invoice that is created. The invoice numbers will be in the format 0001, 0002, 0003, and so on. The status field is of enumerate type and contains the values Paid and Unpaid. These values will be used to show the status of an invoice.

The Inv_date  field will show the date that the invoice was issued. VAT, by the way, will be calculated automatically. The cid is the foreign key that will help identify the client name associated with an invoice. The uID field identifies the user who created the invoice. This table is at the heart of the program; it will tell us everything we want to know about a particular invoice, such as how many invoices a particular user issued or how many invoices were made to a particular client etc.

The next table we are going to create is called “clientinv.” It is going to hold specific invoice and client details, such as the description of the invoice and the total cost of a invoice:

CREATE TABLE `clientinv` (
  `invnum` int(4) unsigned zerofill NOT NULL auto_increment,
  `descr` text NOT NULL,
  `totxVAT` decimal(9,2) NOT NULL default ‘0.00’,
  `totwVAT` decimal(9,2) NOT NULL default ‘0.00’,
  `finv` int(11) NOT NULL default ‘0’,
  PRIMARY KEY  (`invnum`)
)

Let’s go through the table fields:

The “descr” field will hold the description of the invoice. The totxVAT and totwVAT fields will store the total cost of the product with and without VAT. The “finv” field is the foreign key that will hold the invoice number. I created this table because it will give us flexibility in terms of how we store information. Remember, one client can have many invoices and one invoice can contain information on many different products, which I could not store in either the invoices or the (soon to be created)client table.

{mospagebreak title=Login program}

When you start the program, you will be faced with a login screen. Now I know that a login script is not strictly necessary, but for those of you who work in a company or for those of you who are security conscious and want to know who issued an invoice when, this might be useful.  So I will run through the creation and function of the login script.

The first thing we need to do is create a table. Here is the script: 

CREATE TABLE `users` (
  `uid` int(11) NOT NULL auto_increment,
  `uname` varchar(10) NOT NULL default ”,
  `upass` varchar(6) NOT NULL default ”,
  `fname` varchar(100) NOT NULL default ”,
  `lname` varchar(100) NOT NULL default ”,
  `level` enum(‘admin’,’normal’) NOT NULL default ‘normal’,
  `ploggedin` datetime NOT NULL default ‘0000-00-00 00:00:00′,
  PRIMARY KEY  (`uid`)
)

The table fields are pretty much self explanatory:

Uid – user ID generates a unique number for every user

Uname – Shows user name

Upass – The user password

Fname – Stores the actual name of the user

Lname – Stores the actual surname  of the user

Level – Shows which privileges a user is assigned

Ploggedin – Stores the date the user logged in previously.

It is a very general way of recording user data. You can of course add more user data as you see fit. Additional information that you might want to add can be an email/home address, home/mobile phone numbers, and so on. This is the table that we will use to log a user in and out of the system.

Open up your favorite text editor, create a new PHP document and save it as login.php. Add the following code:

Code 1. Login Script

<?PHP
ob_start();
session_start();
include “connect.php”;
if(isset($_POST['Submit'])){
//transfer to shorter var
$n=$_POST['uname'];
$p=$_POST['upass'];
$query=”select * from users where uname=’$n’  and upass=’$p’ “;
$result=mysql_query($query);
$num=mysql_num_rows($result);
if($num<1 ){
$act = “Login failed! Either your password or username did not match”;
}else{
$row = mysql_fetch_assoc($result);
//put in session vars
$mytime=time();
$mytime=date(“H:i:s A”,$mytime);
$_SESSION['time'] = $mytime;
$_SESSION['status'] = ‘logged';
$_SESSION['username'] = $n;
$_SESSION['u_id']=$row['uid'];
//goto next page
header(“location:main.php”);
exit;
}
}
?>

What is going on in this script? Well, let’s walk through the code. The first line is ‘ob_start().’ This function prevents the ‘Headers already sent’ error from occurring by turning output buffering on. No output is sent when buffering is turned on except for headers. As you will see lower down in the script I call the ‘header’ function.

Then we start the session by calling the ‘session_start()’ function. This function will enable us to use session variables that will be used throughout the program. The next step is to check whether the form has been submitted:

if(isset($_POST['Submit'])){

If so, we take the submitted username and password and run a query based on those values:

$n=$_POST['uname'];
$p=$_POST['upass'];
$query=”select * from users where uname=’$n’  and upass=’$p’ “;
$result=mysql_query($query);
$num=mysql_num_rows($result);

The total number of rows returned is stored in the $num variable. If no rows are returned, then it means that no records matching that username and password were found, in which case the user is returned to the login page with a error message:

if($num<1 ){
$act = “Login failed! Either your password or username did not
match”;

Otherwise, if there is a matching record, we retrieve it, store the username and user ID in session variables and then send the user through to the main page of the program:

$_SESSION['time'] = $mytime;
$_SESSION['status'] = ‘logged';
$_SESSION['username'] = $n;
$_SESSION['u_id']=$row['uid'];
header(“location:main.php”);
exit;
}

That’s all there is to the login script. To finish off the login script, create a new PHP document, save it as logout.php and add the following code:

Code2 Logout.php

<?
ob_start();
session_start();
include “connect.php”;
$query = “UPDATE users SET ploggedin = ‘”.$datemod.”‘ WHERE uid =
‘”.$_SESSION['u_id'].”‘”;
mysql_query($query);
session_unset();
session_destroy();
header( “Location:login.php” );
exit();
?>

Basically this code enables the user to log out of the system. You need to call session_start() whenever you are going to use session variables. Session_unset and session_destroy are used to delete or destroy the session that the user was logged into. And the header call is used to send the user back to the login page:

session_unset();
session_destroy();
header( “Location:login.php” );
exit();

Before all this is done the users table is updated. This is because we need to record the time and date that the user logged out of the system:

$query = “UPDATE users SET ploggedin = ‘”.$datemod.”‘ WHERE uid = ‘”.$_SESSION['u_id'].”‘”;
mysql_query($query);

The $datemod variable is created in the ‘connect.php’ file, which is included in the script. It is basically a variable that stores the current date and time.

This is what the connect script looks like:

Code3Connect.php

<?
$db=”bills”;
$host=”localhost”;
$uname=””;
$pw=””;
mysql_pconnect($host) or die(” Unable to connect to SQL server”);
mysql_select_db($db) or die( “Unable to select database”);
global $datemod;
// Set the current date/time before updating the DB
$datemod = date(“y/m/d : H:i:s”, Time());
?>

That’s all there is to the login system!

Conclusion

As always, a login script will help you to keep track of when a user logged in and what that user was doing. For example when a user creates a new invoice, his or her name is recorded in the invoice table. The script can be further improved by adding password recovery and user registration, as well as other features. Next we will be looking at invoice management.

[gp-comments width="770" linklove="off" ]

antalya escort bayan antalya escort bayan Antalya escort diyarbakir escort