diff --git a/client.php b/client.php
index 8e07ecac..a8943b74 100644
--- a/client.php
+++ b/client.php
@@ -1,11 +1,17 @@
 <?php include("config.php"); ?>
+<?php include("check_login.php"); ?>
 
 <?php 
 
 if(isset($_GET['client_id'])){
   $client_id = intval($_GET['client_id']);
 
-  $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_id = $client_id");
+  $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_id = $client_id AND company_id = $session_company_id");
+
+  if(mysqli_num_rows($sql) == 0){
+    include("header.php");
+    echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1></center>";
+  }else{
 
   $row = mysqli_fetch_array($sql);
   $client_name = $row['client_name'];
@@ -157,6 +163,8 @@ if(isset($_GET['client_id'])){
 
 <?php 
 
+  }
+
 }
 
 ?>
diff --git a/dashboard.php b/dashboard.php
index e8e45617..05b9ab73 100644
--- a/dashboard.php
+++ b/dashboard.php
@@ -14,11 +14,11 @@ if(isset($_GET['year'])){
 }
 
 //GET unique years from expenses, payments and revenues
-$sql_payment_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses UNION DISTINCT SELECT YEAR(payment_date) FROM payments UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues ORDER BY all_years DESC");
+$sql_payment_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id ORDER BY all_years DESC");
 
 
 //GET unique years from expenses, payments and revenues
-$sql_payment_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses UNION DISTINCT SELECT YEAR(payment_date) FROM payments UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues ORDER BY all_years DESC");
+$sql_payment_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id ORDER BY all_years DESC");
 //Define var so it doesnt throw errors in logs
 $largest_income_month = 0;
 
diff --git a/login.php b/login.php
index 530c0073..12d45f9e 100644
--- a/login.php
+++ b/login.php
@@ -7,6 +7,16 @@ if(!file_exists('config.php')){
 ?>
 
 <?php include("config.php"); ?>
+<?php include("functions.php"); ?>
+
+<?php 
+
+$ip = get_ip();
+$os = get_os();
+$browser = get_web_browser();
+$device = get_device();
+
+?>
 
 <?php
 
@@ -25,9 +35,12 @@ if(isset($_POST['login'])){
     $token = $row['token'];
     $_SESSION['user_id'] = $row['user_id'];
     $_SESSION['name'] = $row['name'];
-    
+    $name = $row['name'];
+    $user_id = $row['user_id'];
+
     if(empty($token)){
       $_SESSION['logged'] = TRUE;
+      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Successful', log_description = '$name successfully logged in from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
          
       header("Location: dashboard.php");
     }else{
@@ -35,9 +48,12 @@ if(isset($_POST['login'])){
 
       if(TokenAuth6238::verify($token,$current_code)){
         $_SESSION['logged'] = TRUE;
+        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Successful', log_description = '$name successfully logged in with 2FA from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
         //header("Location: $config_start_page");
         header("Location: dashboard.php");
       }else{
+        mysqli_query($mysqli,"INSERT INTO logs SET log_type = '2FA Login Failed', log_description = '$name failed 2FA from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
+
         $response = "
           <div class='alert alert-danger'>
             Invalid Code.
@@ -48,6 +64,8 @@ if(isset($_POST['login'])){
     }
   
   }else{
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Failed', log_description = '$email failed to login from $ip using $os | $browser on a $device', log_created_at = NOW()");
+
     $response = "
       <div class='alert alert-danger'>
         Incorrect email or password.
diff --git a/logs.php b/logs.php
new file mode 100644
index 00000000..647b2fad
--- /dev/null
+++ b/logs.php
@@ -0,0 +1,105 @@
+<?php include("header.php");
+  
+  //Rebuild URL
+
+  $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
+
+  if(isset($_GET['p'])){
+    $p = intval($_GET['p']);
+    $record_from = (($p)-1)*10;
+    $record_to =  10;
+  }else{
+    $record_from = 0;
+    $record_to = 10;
+    $p = 1;
+  }
+    
+  if(isset($_GET['q'])){
+    $q = mysqli_real_escape_string($mysqli,$_GET['q']);
+  }else{
+    $q = "";
+  }
+
+  if(!empty($_GET['sb'])){
+    $sb = mysqli_real_escape_string($mysqli,$_GET['sb']);
+  }else{
+    $sb = "log_id";
+  }
+
+  if(isset($_GET['o'])){
+    if($_GET['o'] == 'ASC'){
+      $o = "ASC";
+      $disp = "DESC";
+    }else{
+      $o = "DESC";
+      $disp = "ASC";
+    }
+  }else{
+    $o = "DESC";
+    $disp = "ASC";
+  }
+
+  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logs 
+    WHERE log_type LIKE '%$q%' OR log_description = '%$q%'
+    ORDER BY $sb $o LIMIT $record_from, $record_to");
+
+  $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
+  $total_found_rows = $num_rows[0];
+  $total_pages = ceil($total_found_rows / 10);
+
+?>
+
+<div class="card mb-3">
+  <div class="card-header bg-dark text-white">
+    <h6 class="float-left mt-1"><i class="fa fa-fw fa-book mr-2"></i>Logs</h6>
+  </div>
+  <div class="card-body">
+    <form autocomplete="off">
+      <div class="input-group">
+        <input type="search" class="form-control col-md-4" name="q" value="<?php if(isset($q)){echo stripslashes($q);} ?>" placeholder="Search Logs">
+        <div class="input-group-append">
+          <button class="btn btn-primary"><i class="fa fa-search"></i></button>
+        </div>
+      </div>
+    </form>
+    <hr>
+    <div class="table-responsive">
+      <table class="table table-striped table-borderless table-hover">
+        <thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
+          <tr>
+            <th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_type&o=<?php echo $disp; ?>">Type</a></th>
+            <th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_description&o=<?php echo $disp; ?>">Description</a></th>
+            <th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_created_at&o=<?php echo $disp; ?>">Timestamp</a></th>
+          </tr>
+        </thead>
+        <tbody>
+          <?php
+      
+          while($row = mysqli_fetch_array($sql)){
+            $log_id = $row['log_id'];
+            $log_type = $row['log_type'];
+            $log_description = $row['log_description'];
+            $log_created_at = $row['log_created_at'];
+          
+          ?>
+          
+          <tr>
+            <td><?php echo $log_type; ?></td>
+            <td><?php echo $log_description; ?></td>
+            <td><?php echo $log_created_at; ?></td>
+          </tr>
+
+          <?php
+          }
+          ?>
+
+        </tbody>
+      </table>
+
+      <?php include("pagination.php"); ?>  
+
+    </div>
+  </div>
+</div>
+
+<?php include("footer.php");
\ No newline at end of file
diff --git a/report_income_summary.php b/report_income_summary.php
index 4e7a7f19..d3b700ba 100644
--- a/report_income_summary.php
+++ b/report_income_summary.php
@@ -7,7 +7,7 @@ if(isset($_GET['year'])){
   $year = date('Y');
 }
 
-$sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues ORDER BY payment_year DESC");
+$sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
 
 $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
 
diff --git a/report_profit_loss.php b/report_profit_loss.php
index 5e016985..51661ee8 100644
--- a/report_profit_loss.php
+++ b/report_profit_loss.php
@@ -9,7 +9,7 @@ if(isset($_GET['year'])){
 }
 
 //GET unique years from expenses, payments and revenues
-$sql_all_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses UNION DISTINCT SELECT YEAR(payment_date) FROM payments UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues ORDER BY all_years DESC");
+$sql_all_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id ORDER BY all_years DESC");
 
 $sql_categories_income = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
 
diff --git a/side_nav.php b/side_nav.php
index 95c78083..a4969fd0 100644
--- a/side_nav.php
+++ b/side_nav.php
@@ -111,6 +111,7 @@
       <a class="dropdown-item" href="categories.php">Categories</a>
       <a class="dropdown-item" href="users.php">Users</a>
       <a class="dropdown-item" href="companies.php">Companies</a>
+      <a class="dropdown-item" href="logs.php">Logs</a>
     </div>
   </li>
 </ul>
\ No newline at end of file