Jump to content

Get PDF invoice without loging in

Vincent Vega

By Vincent Vega
in Developer Corner

 Share

Recommended Posts

craigedmonds Member

craigedmonds

Posted
Posted
What is your objective? By doing this, you would compromise the security of your customers by allowing anyone to view any invoice and in turn view customer information.

 

Not if you pass an additional parameter in the string such as customerid or someother unique variable. (cloning admin session is obviously a bad idea though)

 

I am looking for this solution also for normal invoices.

 

Alot of my clients just want to be sent a link, open the invoice in their browser and pay the invoice.

 

They perceive it as being a hassle and inconvenience to have to login somewhere and view the invoices.

 

I would like to see in future releases this option in the settings, of course giving a warning that it reduces the security slightly. Perhaps allowing this to be set at the client level even.

 

It cant be any worse than those people who run WHMCS on none SSL sites.

 

Kindest Regards

Craig Edmonds

0
Link to comment
Share on other sites
drtduarte Senior Member

drtduarte

Posted
Posted

Yes, that is possible.

 

Matt could do it for you.

 

In our case we have the invoices on a public folder with index protection, and we have added a 12 characters md5 string to the invoice number with dinamic parameters as date and others, so it's impossible for someone to guess what is the link to the invoice unless he receives the link on the email or access it on the customer area as in our case...

 

Here you have the example of the link:

107_1a6fg0d72c65b309ae777fadb8c6f8bc.pdf

 

Take care ;)

David

0
Link to comment
Share on other sites
  • 3 months later...
edercoll Junior Member

edercoll

Posted
Posted

Hello Craig,

 

Were you able to implement it with the least security?

I'm in the same situation, with a few hundred invoices to send and only yesterday I noticed that the client has to be logged in to view and print the invoice,. That will put a drag on my process as I will receive a lot of complaints, cause Im migrating from a system that would send the invoice straight into their mailboxes.

 

I know I can send a pdf to them, but the pdf wont link to the payment gateway we use, so they have to get to the invoice inside the browser to be redirected.

 

If you have accomplished it and can provide me with instructions I'd really appreciate it.

 

Thanks!

 

Eder

 

Not if you pass an additional parameter in the string such as customerid or someother unique variable. (cloning admin session is obviously a bad idea though)

 

I am looking for this solution also for normal invoices.

 

Alot of my clients just want to be sent a link, open the invoice in their browser and pay the invoice.

 

They perceive it as being a hassle and inconvenience to have to login somewhere and view the invoices.

 

I would like to see in future releases this option in the settings, of course giving a warning that it reduces the security slightly. Perhaps allowing this to be set at the client level even.

 

It cant be any worse than those people who run WHMCS on none SSL sites.

 

Kindest Regards

Craig Edmonds

0
Link to comment
Share on other sites
m00 Senior Member

m00

Posted
Posted (edited)

Well, the easiest method is just creating a new PHP-page, sett an admin id, load the invoice and unset the admin id.

 

<?php
session_start();
$_SESSION['adminid'] = 1;
require "viewinvoice.php";
unset($_SESSION['adminid']);
?>

 

Secure? No. But you could build a check where you give in the password hash and user-id to verify the user.

Edited by m00
0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept