Jump to content

Recommended Posts

Hi Guys

 

I run a small roofing company and have been asked by many customers to be able to view / print / save Invoices & Estimates online rather than post etc.

I host my own private site using IIS 7, with PHP and MySQL installed and setup properly, I also have a hosted domain from 1and1

What I would like is:

Login Area (I can do this using the MySQL for the database)

Once the user logs in, I want them to be directed to their "own" page with links to Their Own Invoices, Estimates and PIctures

I would like an option somewhere for them to upload pictures into their own folder so if anything happens to their roof, they can simply log onto their account upload the pic of the damage and I can see it. and vice versa

Can someone help me out a little?

All I have so far is the Login page :D
 

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/
Share on other sites

Create a naming convention using the userid (or some token) for all your docs and store them with that token as a prefix to the name.  Use a tree of folders that divides them into the various types of files you will expect to host and display.  Then when user logs in use their id (or token) and pull together all the files in all those folders using that id as a search argument.  Build your user's web page using these items. 

 

Fancy touches - make thumbnails for the initial user page display with links around them to take them to a full-size image. 

 

I'm sure you can find several good examples file uploading to use - just be sure to get a decent, modern one using adequate security precautions.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488010
Share on other sites

Wow thanks for the quick reply. Your reply sounds good. I understand very basic PHP and HTML as I've been playing around with it for years but have never actually used it for something like this.

I have Dreamweaver 2004 and Mysql, I have been able to create dynamic content to play around with and can get the info from the DB by using a "username" but not 100% sure how to implement all that into a single page privately for the user.

Do you have time to spare over the next few weeks etc to sort of walk through this?

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488013
Share on other sites

You will not be writing 'private user pages'.  You will be writing a set page that handles a specific user by getting his id and using it to pull together the 'dynamic' data and then outputs that in a web page containing static things like appl name and button options as well as the php-built divs (?) containing each set of docs that the user owns.  One page - many users.

 

"over the next few weeks"?  I know you are a noob but this really is not that complex.  Get familiar with how to create sql tables and then read up on using pdo as your db interface (do not use MySQL_* functions.  Check the manual to see why).  Be sure to use prepared queries!!   Write your file upload page - a good start actually - and do it safely.  Get some opinions after you have it working.  Then use the glob() function to take the userid and seek all the files for him/her and create the needed html for each result and then output it all.

 

Do not get in the habit of mixing tons of html with php code.  The beauty of php is that you can use code to get those filenames and build a chunk of html into a single php var.  Then you simply place that var inside your main html ( function perhaps?) so that when you output all your html (headers, names, backgrounds, etc.) you will also output the contents of that var (or vars).  Too many beginners like to mingle html and php results and more html, and repeat.  Not good practice and hell on reading and understanding it later.

 

Of course I have the time - I'm retired!

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488016
Share on other sites

ah ok now I see what you meant. I found a guide to help me a little, Its for creating a Auth Login with Dreamweaver MX and passes the Username to a redirect page which I think is what you were talking about with passing tokens? I'll try and follow that guide tonight and see if I can get that working

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488029
Share on other sites

My use of the word token was simply to indicate "some piece of data".  Perhaps you don't (or shouldn't) use the userid as the identifier, but some other 'code' that you create for each user and maybe store in the db where the login credentials are stored.  The token that DW passes may not be the thing in this case, altho I don't know anything about dw other than it makes things tricky for newbies doing their first projects I've been told.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488032
Share on other sites

Yes that works as long as you are comfortable with the possible exposure of that value. 

 

As I said I've never seen DW.  A couple friends who have used it though and who are new to this whole environment do use it and in our conversations the concepts they are dealing with are just so foreign to me that we tend to have difficulty communicating.  My impression is that DW has a way of arranging things and doesn't let you freely determine where things go and how projects/folders are organized on your site.  I'm used to having complete control over my site (and I do use 'control') and not having an IDE tell me where to put things.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488036
Share on other sites

Hi

I'm really struggling here. I managed to get User Cakes installed and working 100%, so now I have a full login page for the customers, but they all land on a generic page that isn't unique.

I tried messing with dreamweaver and create my own Login with Auth and starting a user variable in the form off MM_Username and when the cmr logs in it lands on a generic page but a filtered recoredset but everytime I run it, it shows nothing but the table headers and outlines no data, but if I click on Test within DW it works.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488079
Share on other sites

Whatever page any login process lands you on can easily be customized if you just have the user id that just logged in.  If it's your login page then you can easily pass the user id thru a session var and then use it to customize your 'real' page.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488084
Share on other sites

Yeah thats what I tried to do but it fails. I created a log in page and started session to catch the Username, created a recordset with filter on Username on the private.php page and once logged in it re-directs to private.php showing all the info for that username in the recordset but it always returns blank. Not sure if the sessions is working

Heres the code for the Login page


<?php require_once('Connections/new.php'); ?>
<?php
session_start();



$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $GLOBALS['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}

if (isset($_POST['Username'])) {
  $loginUsername=$_POST['Username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "private.php";
  $MM_redirectLoginFailed = "failed.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_new, $new);
  
  $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $new) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	      

    //register the session variables
    session_register("MM_Username");
    session_register("MM_UserGroup");

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>
<form action="<?php echo $loginFormAction; ?>" method="POST" name="Login" id="Login">
  <p>Username: 
    <input name="Username" type="text" id="Username">
    <br>
  Password: 
  <input name="password" type="text" id="password">
</p>
  <p>
    <input type="submit" name="Submit" value="Submit">
</p>
</form>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488097
Share on other sites

and the code for Private.php

Forgot to say, IIS 7.5 with PHP 5.3 & Mysql

 


<?php require_once('Connections/new.php'); ?>
<?php
session_start();
$maxRows_Recordset1 = 10;
$pageNum_Recordset1 = 0;
if (isset($_GET['pageNum_Recordset1'])) {
  $pageNum_Recordset1 = $_GET['pageNum_Recordset1'];
}
$startRow_Recordset1 = $pageNum_Recordset1 * $maxRows_Recordset1;

$colname_Recordset1 = "1";
if (isset($_SESSION['MM_username'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['MM_username'] : addslashes($_SESSION['MM_username']);
}
mysql_select_db($database_new, $new);
$query_Recordset1 = sprintf("SELECT * FROM users WHERE username = '%s'", $colname_Recordset1);
$query_limit_Recordset1 = sprintf("%s LIMIT %d, %d", $query_Recordset1, $startRow_Recordset1, $maxRows_Recordset1);
$Recordset1 = mysql_query($query_limit_Recordset1, $new) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);

if (isset($_GET['totalRows_Recordset1'])) {
  $totalRows_Recordset1 = $_GET['totalRows_Recordset1'];
} else {
  $all_Recordset1 = mysql_query($query_Recordset1);
  $totalRows_Recordset1 = mysql_num_rows($all_Recordset1);
}
$totalPages_Recordset1 = ceil($totalRows_Recordset1/$maxRows_Recordset1)-1;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>
<form name="form1" method="get" action="">
  <table border="1">
    <tr>
      <td>userid</td>
      <td>cmrid</td>
      <td>username</td>
      <td>password</td>
    </tr>
    <?php do { ?>
    <tr>
      <td><?php echo $row_Recordset1['userid']; ?></td>
      <td><?php echo $row_Recordset1['cmrid']; ?></td>
      <td><?php echo $row_Recordset1['username']; ?></td>
      <td><?php echo $row_Recordset1['password']; ?></td>
    </tr>
    <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?>
  </table>
</form>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
Edited by RidgeandGable
Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488099
Share on other sites

Turn on error checking at the top of your php code.  BTW - you only need to turn on php once until you no longer need it.  Turning it on for one line, turning it off , and then turning it on for the next line is just so silly.

 

 

error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', '1');

 

This will show you your errors, of which I think you have several, hence the blank page.

Link to comment
https://forums.phpfreaks.com/topic/290497-uploading-pdf/#findComment-1488120
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.