PHPPhp,Mysql,JavascriptFull Project

Id Card Maker Tool

PB Pb28 Master Team Complete Source Code
Id Card Maker Tool
🌐 Live Demo

PDFJoy.in - Dashboard & Technical System Architecture Report

1. Project Overview & System Purpose

PDFJoy.in is an advanced, web-based digital utility portal engineered for automated document processing and identity card formatting. Designed primarily for local service centers, digital service providers (E-Sewa), and web developers, the platform streamlines the conversion of standard documents into optimized, print-ready layouts.

The core feature set revolves around an automated cropping engine that extracts and formats identity documents (such as Aadhaar Cards, Voter e-EPIC, PAN Cards, Labor Cards, and Ayushman Bharat health cards) from standard A4 or official PDF formats into standardized PVC or printable paper sizes. Governed by a secure authentication layer (login.php), the platform provides a centralized, single-point administrative dashboard to manage processing pipelines, wallet states, and user interactions securely.

2. Dashboard Interface & Visual Workspace Analysis

The application's backend dashboard is divided into specific structural components designed for high scannability and intuitive layout routing:

A. Central Analytics & Activity Metric Widgets

  • Total Prints Counter: A real-time monitoring widget tracking the aggregate number of documents processed across the system lifecycle.

  • Wallet Balance Interface: A persistent digital ledger display showing current operational platform credits (e.g., ₹148) allocated for transactional document processing operations.

  • System Notifications Alert: An administrative message indicator flagging unread alerts, maintenance updates, or incoming customer inquiries.

B. Core Automated Cropping Canvas (The Identity Processing Engine)

This workspace hosts the primary functional tool. The user updates documents via a multi-file upload slot (supporting up to 5 concurrent PDF inputs). The system utilizes automated template coordinate matching to cleanly isolate the front and back layouts of documents, displaying side-by-side previews of the cards. Users can instantly generate a formatted template optimized for standard paper dimensions by clicking "Download A4 Print File".

C. Sidebar Navigation Hierarchy

  • Dashboard: The main landing console displaying metrics, quick-start shortcuts, and utility widgets.

  • Identity Matrices (Aadhaar, Voter, PAN, UDID): Dedicated operational routing targets configured with precise pixel dimensions tailored to each card type.

  • Labour & Health: Expanded cascading menus containing localized document tools (e.g., Labour Card (PB), e-Shram Card, MMSBY (PB), Ayushman Crop Tool, and ABHA ID).

  • Punjab Government / Passport Photo / PDF Tools: Advanced processing modules handling specialized regional documents and image resizing vectors.

  • Account Panel: Isolated session termination routing (Logout) and profile credential updating nodes.

3. Request Execution Lifecycle Workflow

PDFJoy utilizes a lightweight, highly efficient procedural-functional software pattern layered over a robust relational database layer. The runtime request lifecycle operates through a structured sequence:

[ Client Document Upload Action ]
               |
               v
1. Include bootstrap.php     ---> Triggers core constants, system paths, and error modes
               |
               v
2. Call db() PDO Singleton   ---> Instantiates lazy-loaded persistent database mapping
               |
               v
3. Session Authentication    ---> Enforces auth.php status checks and token permissions
               |
               v
4. Client-Side Rendering     ---> PDF.js parses inputs onto canvas coordinates to crop cards
               |
               v
[ Output Compiled & Downloaded ]

4. Database Schema Design (InnoDB Relational Blueprint)

The database backend is structured over the high-availability transactional InnoDB database engine. It features explicit cross-table mapping, strict reference tracking, and a universal character set (utf8mb4_unicode_ci) to ensure absolute storage compatibility.

Relational Entity Ledger

  1. users_master: Encapsulates unique system identifiers, validated usernames, wallet balances, and cryptographically stretched password hashes.

  2. wallet_transactions: A precise financial accounting ledger auditing debit and credit entries, transaction references, and timestamp variables.

  3. document_logs: An audit trail monitoring the type of files processed, execution statuses, and user keys to compute general system load analytics.

  4. system_configurations: Stores operational key-value parameters, active API credentials, and portal layout options.

Production SQL Schema Blueprint (install.sql)

SQL 
CREATE TABLE IF NOT EXISTS users_master (
    id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(100) NOT NULL UNIQUE,
    password_hash VARCHAR(255) NOT NULL,
    wallet_balance DECIMAL(10, 2) NOT NULL DEFAULT 0.00,
    is_active TINYINT(1) NOT NULL DEFAULT 1,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

CREATE TABLE IF NOT EXISTS document_logs (
    id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
    user_id INT UNSIGNED NOT NULL,
    card_type VARCHAR(50) NOT NULL,
    processing_status VARCHAR(20) NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users_master(id) ON DELETE CASCADE
) ENGINE=InnoDB;

5. Security Controls & Defensive Sanitization Matrix

A. Authentication Hardening & Identity Assurance

The login.php framework bypasses plain text credential evaluation by strictly deploying secure hashing Stretching mechanisms via native PASSWORD_DEFAULT routines. This strategy ensures comprehensive protection against brute-force matrices and dictionary lookup arrays:

PHP 
// Context: Secure credential validation sequence
$stmt = db()->prepare('SELECT id, username, password_hash FROM users_master WHERE username = ? LIMIT 1');
$stmt->execute([$username]);
$user = $stmt->fetch();

if ($user && password_verify($password, $user['password_hash'])) {
    $_SESSION['user_id'] = (int) $user['id'];
    $_SESSION['user_name'] = $user['username'];
    // Session safely initiated, proceed to dashboard
}

B. Parameterized Injection Containment (SQLi Defense)

To completely prevent SQL Injection vulnerabilities, the application channels all operational parameters through parameter-bound prepared statements. In addition, outputs printed back to the client interface pass through a global e() utility to mitigate Cross-Site Scripting (XSS) risks by escaping script tags:

PHP 
function e(?string $value): string {
    return htmlspecialchars((string) $value, ENT_QUOTES, 'UTF-8');
}

C. Storage Root Hardening & File Protection

The asset directory uses explicit structural configuration rules via .htaccess to block arbitrary file execution vectors. This wrapper guarantees that any uploaded exploit file is transformed into a non-executable plain text block:

Apache 
# Enforces severe content constraints inside binary processing paths
Options -Indexes

"(?i)\.(php|phtml|php3|php4|php5|php7|phps|pht|pl|py|jsp|asp|sh|cgi)$">
    ForceType text/plain
    Order deny,allow
    Deny from all

6. Server Infrastructure & Deployment Roadmap

System Requirements

  • Operating System: Linux Production Workspace Layer (Ubuntu Server 24.04 LTS or RHEL 9 recommended).

  • HTTP Engine Platform: Apache Web Server with active mod_rewrite capabilities, or an Nginx reverse-proxy stack.

  • PHP Environment Specifications: PHP 8.2+ runtime environment compiled with modules for pdo_mysql, mbstring, gd, and native JSON parsing.

  • Database Software Ecosystem: MySQL Server 8.0+ or MariaDB 10.6+ utilizing InnoDB storage tables.

Deployment Instructions

  1. Deploy File Tree: Extract the application layout package cleanly into your isolated host web path directory (e.g., /var/www/html/pdfjoy).

  2. Bind Database Environment: Initialize a fresh copy of your production connection configurations. Map host URLs, schema names, usernames, and high-entropy database password keys securely.

  3. Run Schema Provisioning: Import the structural install.sql file via a command line interface to assemble the base system tables and default values.

  4. Enforce File System Safety: Assign strict read-only permissions (0755 for directories, 0644 for file sheets) across the directory layout. Allow write permissions exclusively on designated document folders to enable automated canvas generation routines.

  5. Remove Setup Artifacts: Once the portal is verified and online, completely delete all installer directories and installation logs to eliminate any risk of malicious database re-initialization.