LankaWashingSite

A full-stack enterprise-style web portal for coordinating customer orders, supplier purchase orders, invoice submission, and payment tracking for a washing/production workflow.

The project combines static frontend pages (HTML/CSS/JavaScript) with a PHP backend and MySQL database, and integrates with external services such as Stripe, Google Drive, and SMTP email.

---

1) Project Overview

This repository provides two role-based portals:

• Customer portal

  • Register/login
  • Place requests
  • View and manage orders
  • Make payments
  • View payment history
  • Manage profile and password

• Supplier portal

  • Login
  • View dashboard and purchase orders
  • Accept/reject PO or delivery requests
  • Upload invoices (stored in Google Drive, metadata saved in DB)
  • Track invoice payment status
  • View remittance receipts
  • Manage company/bank/security profile

---

2) Tech Stack

• Frontend: HTML5, CSS3, Vanilla JavaScript, Font Awesome
• Backend: PHP (PDO + JSON endpoints)
• Database: MySQL (production_db expected in php/db_config.php)
• Dependencies (Composer):
  • google/apiclient
  • phpmailer/phpmailer
• External Services:
  • Stripe (card tokenization on frontend)
  • Google Drive API (invoice/receipt file hosting)
  • Gmail SMTP via PHPMailer (payment notifications)
• CI/CD: GitHub Actions workflow for GitHub Pages (.github/workflows/static.yml)

---

3) Repository Structure

LankaWashingSite/
├── index.html                     # Public landing page
├── style.css                      # Landing page stylesheet
├── css/                           # Page-specific stylesheets
├── html/                          # Role-based UI pages
├── js/                            # Frontend logic for dashboards/payments/orders/profile
├── php/                           # API endpoints, auth/session logic, integrations
│   ├── db_config.php              # PDO connection config
│   ├── composer.json              # PHP dependencies
│   ├── upload_invoice.php         # Supplier invoice upload + Google Drive + DB save
│   ├── upload_receipt.php         # Customer bank receipt upload to Google Drive
│   ├── process_payment.php        # Payment insertion + email receipt send
│   └── ...
├── images/
└── .github/workflows/static.yml   # GitHub Pages deploy workflow

---

4) Main Functional Modules

Customer-side flows

• html/register.html → php/register.php
• html/customer-login.html → php/customer-login.php
• html/customer-dashboard.html + js/dashboard.js → php/dashboard-data.php
• html/place-order.html → php/create-request.php
• html/view-orders.html + js/view-orders.js →
  • php/customer-all-orders.php
  • php/update-request.php
  • php/cancel-request.php
• html/make-payment.html + js/customer-pay.js →
  • php/due.php
  • php/upload_receipt.php (bank method)
  • php/process_payment.php
• html/payment-history.html + js/payment-history.js → php/payments.php
• html/profile.html + js/profile-edit.js →
  • php/get-profile.php
  • php/update-profile.php
  • php/update-password.php

Supplier-side flows

• html/supplier-login.html → php/supplier-login.php
• html/supplier-dashboard.html + js/supplier-dashboard.js → php/supplier-dashboard-data.php
• html/view-po.html →
  • php/supplier-get-pos.php
  • php/supplier-update-po-status.php
• html/upload-invoice.html →
  • php/supplier-get-pos.php
  • php/upload_invoice.php
• html/supplier-payments.html (+ optional js/supplier-payments.js) →
  • php/supplier-get-payments.php
  • php/supplier-update-invoice.php
• html/view-receipts.html → php/supplier-get-receipts.php
• html/supplier-profile.html (inline JS) →
  • php/supplier-get-profile.php
  • php/supplier-update-company.php
  • php/supplier-update-bank.php
  • php/supplier-update-password.php

---

5) Local Setup

Prerequisites

• PHP 8+
• Composer
• MySQL / MariaDB
• Web server (Apache/Nginx) or XAMPP/LAMP stack

Step 1: Clone and install PHP dependencies

cd /path/to/LankaWashingSite/php
composer install

Step 2: Configure database

Update connection values in php/db_config.php:

• host
• port
• db name
• username/password

The code expects a schema with tables referenced in endpoints, including examples such as:

• customer, supplier
• customerrequest, orders, purchaseorder, purchaseorderitem
• invoices, payments
• stock_transaction, resource, receipt_log

Step 3: Configure external services

• Google Drive API: configure php/invoice.json, then authorize once via php/setup_auth.php to generate/refresh php/token.json.
• Stripe: replace publishable key in js/customer-pay.js.
• SMTP/Email: configure SMTP credentials in php/process_payment.php.

Step 4: Run locally

Serve the project through a PHP-capable web server and open index.html as the entry point.

Note: Several scripts use hard-coded absolute/relative paths (for example /AFinal/... and ../php/...). Ensure your web root/path mapping matches these references.

---

6) Deployment

This repo includes .github/workflows/static.yml for GitHub Pages deployment of static content.

Because this application requires PHP + MySQL + server-side sessions, GitHub Pages alone is not sufficient for full functionality. Use Pages only for static previews unless backend services are hosted separately.

---

7) Validation / Health Checks

Commands used in this repository:

# Composer manifest validation
cd php && composer validate

# PHP syntax checks
find php -name '*.php' ! -path 'php/vendor/*' -print0 | xargs -0 -n1 php -l

---

8) Security & Hardening Notes

Current codebase behavior indicates areas to harden before production use:

• Remove hardcoded secrets/keys and use environment variables or secret managers.
• Do not store plaintext passwords; enforce secure hashing (password_hash / password_verify) consistently.
• Add CSRF protection and stricter CORS policy.
• Restrict sensitive debug output in authentication endpoints.
• Keep OAuth token/credential files out of version control.

---

9) License

This repository is licensed under the Apache License 2.0. See LICENSE.