Update Admin posts to use new functions flash_alert and getFieldById which greatly cleans up and reduces the code also removed logging comments as implied by the function logAction

2026-02-28 19:04:52 +00:00 · 2025-08-01 17:21:35 -04:00
parent cc5b1c8040
commit 012b0f1a77
39 changed files with 145 additions and 246 deletions
--- a/admin/post/tax.php
+++ b/admin/post/tax.php
@@ -16,10 +16,9 @@ if (isset($_POST['add_tax'])) {

    $tax_id = mysqli_insert_id($mysqli);

-    // Logging
    logAction("Tax", "Create", "$session_name created tax $name - $percent%", 0, $tax_id);

-    $_SESSION['alert_message'] = "Tax <strong>$name</strong> ($percent%) created";
+    flash_alert("Tax <strong>$name</strong> ($percent%) created");

    redirect();

@@ -34,51 +33,42 @@ if (isset($_POST['edit_tax'])) {

    mysqli_query($mysqli,"UPDATE taxes SET tax_name = '$name', tax_percent = $percent WHERE tax_id = $tax_id");

-    // Logging
    logAction("Tax", "Edit", "$session_name edited tax $name - $percent%", 0, $tax_id);

-    $_SESSION['alert_message'] = "Tax <strong>$name</strong> ($percent%) edited";
+    flash_alert("Tax <strong>$name</strong> ($percent%) edited");

    redirect();

 }

 if (isset($_GET['archive_tax'])) {
+    
    validateCSRFToken($_GET['csrf_token']);
    $tax_id = intval($_GET['archive_tax']);

-    // Get Tax Name for logging
-    $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxes WHERE tax_id = $tax_id");
-    $row = mysqli_fetch_array($sql);
-    $tax_name = sanitizeInput($row['tax_name']);
+    $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name'));

    mysqli_query($mysqli,"UPDATE taxes SET tax_archived_at = NOW() WHERE tax_id = $tax_id");

-    // Logging
    logAction("Tax", "Archive", "$session_name archived tax $tax_name", 0, $tax_id);

-    $_SESSION['alert_type'] = "error";
-    $_SESSION['alert_message'] = "Tax <strong>$tax_name</strong> Archived";
+    flash_alert("Tax <strong>$tax_name</strong> Archived", 'error');

    redirect();

 }

 if (isset($_GET['delete_tax'])) {
+    
    $tax_id = intval($_GET['delete_tax']);

-    // Get Tax Name for logging
-    $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxs WHERE tax_id = $tax_id");
-    $row = mysqli_fetch_array($sql);
-    $tax_name = sanitizeInput($row['tax_name']);
+    $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name'));

    mysqli_query($mysqli,"DELETE FROM taxes WHERE tax_id = $tax_id");

-    // Logging
    logAction("Tax", "Delete", "$session_name deleted tax $tax_name");

-    $_SESSION['alert_type'] = "error";
-    $_SESSION['alert_message'] = "Tax <strong>$tax_name</strong> deleted";
+    flash_alert("Tax <strong>$tax_name</strong> deleted", 'error');

    redirect();