From 3b608a84febb15c7c8e3054ee75446b3aec68229 Mon Sep 17 00:00:00 2001
From: root <root@pittpc-crm.localDomain>
Date: Sat, 16 Mar 2019 16:52:26 -0400
Subject: [PATCH] Added post for edit expense

---
 post.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/post.php b/post.php
index cde9d0bd..9a262848 100644
--- a/post.php
+++ b/post.php
@@ -162,6 +162,24 @@ if(isset($_POST['add_expense'])){
 
 }
 
+if(isset($_POST['edit_expense'])){
+
+    $expense_id = intval($_POST['expense_id']);
+    $date = strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']));
+    $amount = $_POST['amount'];
+    $account = intval($_POST['account']);
+    $vendor = intval($_POST['vendor']);
+    $category = intval($_POST['category']);
+    $description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
+
+    mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description' WHERE expense_id = $expense_id");
+
+    $_SESSION['alert_message'] = "Expense modified";
+    
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
 if(isset($_POST['add_user'])){
     $email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
     $password = mysqli_real_escape_string($mysqli,$_POST['password']);