From 45fba5762b8d0b087b1d9b03cc766cc31c46b76e Mon Sep 17 00:00:00 2001
From: "johnny@pittpc.com" <admin@app.pittpc.com>
Date: Thu, 6 Feb 2020 20:25:28 -0500
Subject: [PATCH] Added unpaid and paid invoices to guest URL view

---
 client_payments_by_invoice.php | 140 ++++++++++++++++++++++++++++++
 edit_item_modal.php            |  14 ++-
 guest_view_invoice.php         | 154 +++++++++++++++++++++++++++++++++
 post.php                       |  30 +++++++
 side_nav.php                   |   2 +-
 5 files changed, 331 insertions(+), 9 deletions(-)
 create mode 100644 client_payments_by_invoice.php

diff --git a/client_payments_by_invoice.php b/client_payments_by_invoice.php
new file mode 100644
index 00000000..0d136638
--- /dev/null
+++ b/client_payments_by_invoice.php
@@ -0,0 +1,140 @@
+<?php
+
+  //Rebuild URL
+
+$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
+
+if(isset($_GET['p'])){
+  $p = intval($_GET['p']);
+  $record_from = (($p)-1)*10;
+  $record_to =  10;
+}else{
+  $record_from = 0;
+  $record_to = 10;
+  $p = 1;
+}
+  
+if(isset($_GET['q'])){
+  $q = mysqli_real_escape_string($mysqli,$_GET['q']);
+}else{
+  $q = "";
+}
+
+if(!empty($_GET['sb'])){
+  $sb = mysqli_real_escape_string($mysqli,$_GET['sb']);
+}else{
+  $sb = "invoice_date";
+}
+
+if(isset($_GET['o'])){
+  if($_GET['o'] == 'ASC'){
+    $o = "ASC";
+    $disp = "DESC";
+  }else{
+    $o = "DESC";
+    $disp = "ASC";
+  }
+}else{
+  $o = "DESC";
+  $disp = "ASC";
+}
+
+
+$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
+  WHERE client_id = $client_id
+  AND (invoice_number LIKE '%$q%') 
+  ORDER BY $sb $o LIMIT $record_from, $record_to");
+
+$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
+$total_found_rows = $num_rows[0];
+$total_pages = ceil($total_found_rows / 10);
+
+?>
+
+<div class="card">
+  <div class="card-header bg-dark text-white">
+    <h6 class="float-left mt-1"><i class="fa fa-credit-card"></i> Payments</h6>
+  </div>
+  <div class="card-body">
+    <form autocomplete="off">
+      <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
+      <input type="hidden" name="tab" value="<?php echo $_GET['tab']; ?>">
+      <div class="input-group">
+        <input type="search" class="form-control " name="q" value="<?php if(isset($q)){echo stripslashes($q);} ?>" placeholder="Search <?php echo ucwords($_GET['tab']); ?>">
+        <div class="input-group-append">
+          <button class="btn btn-secondary"><i class="fa fa-search"></i></button>
+        </div>
+      </div>
+    </form>
+    <hr>
+    <div class="table-responsive">
+      <table class="table table-striped table-borderless table-hover">
+        <thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
+          <tr>    
+            <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
+            <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
+            <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Invoice</a></th>
+            <th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Invoice Amount</a></th>
+          </tr>
+        </thead>
+        <tbody>
+          <?php
+      
+          while($row = mysqli_fetch_array($sql)){
+            $invoice_id = $row['invoice_id'];
+            $invoice_number = $row['invoice_number'];
+            $invoice_status = $row['invoice_status'];
+            $invoice_amount = $row['invoice_amount'];
+            $invoice_date = $row['invoice_date'];
+            $invoice_due = $row['invoice_due'];
+      
+          ?>
+          <tr>
+            <td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo $invoice_date; ?></a></td>
+            <td><?php echo $invoice_due; ?></td>
+            <td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo $invoice_number; ?></a></td>
+            <td class="text-right text-monospace">$<?php echo number_format($invoice_amount,2); ?></td>
+          </tr>
+
+            <tr>    
+              <th>Date Recieved</th>
+              <th>Payment Method</th>
+              <th>Payment Reference</th>
+              <th>Payment Amount</a></th>
+            </tr>
+
+
+            <?php
+
+            $sql = mysqli_query($mysqli,"SELECT * FROM payments WHERE invoice_id = $invoice_id ORDER BY payment_date DESC");
+
+            while($row = mysqli_fetch_array($sql)){
+              $payment_id = $row['payment_id'];
+              $payment_method = $row['payment_method'];
+              $payment_reference = $row['payment_reference'];
+              $payment_amount = $row['payment_amount'];
+              $payment_date = $row['payment_date'];
+
+            ?>
+
+            <tr>
+              <td><?php echo $payment_date; ?></td>
+              <td><?php echo $payment_method; ?></td>
+              <td><?php echo $payment_reference; ?></td>
+              <td class="text-right text-monospace">$<?php echo number_format($payment_amount,2); ?></td>
+            </tr>
+
+          <?php
+        
+          }
+          
+          ?>
+
+        </tbody>
+      </table>
+
+      <?php include("pagination.php"); ?>
+      
+    </div>
+  </div>
+</div>
\ No newline at end of file
diff --git a/edit_item_modal.php b/edit_item_modal.php
index 2ed65c2d..addb8f08 100644
--- a/edit_item_modal.php
+++ b/edit_item_modal.php
@@ -8,8 +8,9 @@
         </button>
       </div>
       <form action="post.php" method="post" autocomplete="off">
-        <input type="hidden" name="item_id" value="<?php echo $item_id; ?>">
-        <input type="hidden" name="balance" value="<?php echo $balance; ?>">
+        <input type="text" name="invoice_id" value="<?php echo $invoice_id; ?>">
+        <input type="text" name="item_id" value="<?php echo $item_id; ?>">
+        <input type="text" name="balance" value="<?php echo $balance; ?>">
         <div class="modal-body bg-white">
           
           <div class="form-group">
@@ -51,14 +52,11 @@
 
           <div class="form-group">
             <label>Tax <strong class="text-danger">*</strong></label>
-            <div class="input-group"> 
+            <div class="input-group">
               <div class="input-group-prepend">
                 <span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
-              </div> 
-              <select class="form-control" name="tax">
-                <option value="0.00">None</option>
-                <option value="0.07">State Tax 7%</option>
-              </select>
+              </div>
+              <input type="number" class="form-control" step="0.01" min="0" name="tax" value="<?php echo $item_tax; ?>" required>
             </div>
           </div>
           
diff --git a/guest_view_invoice.php b/guest_view_invoice.php
index 16c1436a..3de6454b 100644
--- a/guest_view_invoice.php
+++ b/guest_view_invoice.php
@@ -111,6 +111,7 @@ if(isset($_GET['invoice_id'], $_GET['url_key'])){
   <div class="card">
     <div class="card-header d-print-none">
       <div class="float-right">
+        <a class="btn btn-secondary" data-toggle="collapse" href="#collapsePreviousInvoices"><i class="fa fa-fw fa-history"></i> Invoice History</a>
         <a class="btn btn-primary" href="#" onclick="window.print();"><i class="fa fa-fw fa-print"></i> Print</a>
         <a class="btn btn-primary" download target="_blank" href="guest_post.php?pdf_invoice=<?php echo $invoice_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-download"></i> Download</a>
         <?php
@@ -271,6 +272,159 @@ if(isset($_GET['invoice_id'], $_GET['url_key'])){
     </div>
   </div>
 
+  <?php
+
+  $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE client_id = $client_id AND invoice_id <> $invoice_id AND (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Partial') ORDER BY invoice_date DESC");
+
+  if(mysqli_num_rows($sql) > 1){
+
+  ?>
+
+
+    <div class="card d-print-none card-danger">
+      <div class="card-header">
+        <strong><i class="fa fa-fw fa-exclamation-triangle"></i> Previous Unpaid Invoices</strong>
+      </div>
+      <div card="card-body">
+        <table class="table">
+          <thead>
+            <tr>
+              <th class="text-center">Invoice #</th>
+              <th>Date</th>
+              <th>Due Date</th>
+              <th class="text-right">Amount</th>
+            </tr>
+          </thead>
+          <tbody>
+            <?php
+      
+            while($row = mysqli_fetch_array($sql)){
+              $invoice_id = $row['invoice_id'];
+              $invoice_number = $row['invoice_number'];
+              $invoice_date = $row['invoice_date'];
+              $invoice_due = $row['invoice_due'];
+              $invoice_amount = $row['invoice_amount'];
+              $invoice_url_key = $row['invoice_url_key'];
+              $invoice_tally_total = $invoice_amount + $invoice_tally_total;
+              $difference = time() - strtotime($invoice_due);
+              $days = floor($difference / (60*60*24) );
+
+            ?>
+
+              <tr>
+                <th class="text-center"><a href="guest_view_invoice.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $invoice_url_key; ?>"><?php echo $invoice_number; ?></a></th>
+                <td><?php echo $invoice_date; ?></td>
+                <td class="text-danger text-bold"><?php echo $invoice_due; ?> (<?php echo $days; ?> Days)</td>
+                <td class="text-right text-monospace">$<?php echo $invoice_amount; ?></td>
+              </tr>
+
+            <?php 
+            } 
+            ?>
+
+          </tbody>
+        </table>
+      </div>
+    </div>
+  <?php
+  }
+  ?>
+
+  <?php
+
+  $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE client_id = $client_id AND invoice_status = 'Paid' ORDER BY invoice_date DESC");
+
+  if(mysqli_num_rows($sql) > 1){
+
+  ?>
+
+
+    <div class="card d-print-none collapse" id="collapsePreviousInvoices">
+      <div class="card-header bg-dark">
+        <strong><i class="fa fa-fw fa-history"></i> Previous Invoices Paid</strong>
+      </div>
+      <div card="card-body">
+        <table class="table">
+          <thead>
+            <tr>
+              <th class="text-center">Invoice #</th>
+              <th>Date</th>
+              <th>Due Date</th>
+              <th class="text-right">Amount</th>
+            </tr>
+          </thead>
+          <tbody>
+            <?php
+      
+            while($row = mysqli_fetch_array($sql)){
+              $invoice_id = $row['invoice_id'];
+              $invoice_number = $row['invoice_number'];
+              $invoice_date = $row['invoice_date'];
+              $invoice_due = $row['invoice_due'];
+              $invoice_amount = $row['invoice_amount'];
+              $invoice_url_key = $row['invoice_url_key'];
+              $invoice_tally_total = $invoice_amount + $invoice_tally_total;
+
+            ?>
+
+              <tr class="bg-light">
+                <th class="text-center"><a href="guest_view_invoice.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $invoice_url_key; ?>"><?php echo $invoice_number; ?></a></th>
+                <td><?php echo $invoice_date; ?></td>
+                <td><?php echo $invoice_due; ?></td>
+                <td class="text-right text-monospace">$<?php echo $invoice_amount; ?></td>
+              </tr>
+
+              <tr>
+                <th colspan="4">Payments</th>
+              </tr>
+              
+              <?php
+              
+              $sql_payments = mysqli_query($mysqli,"SELECT * FROM payments WHERE invoice_id = $invoice_id ORDER BY payment_date DESC");
+
+              while($row = mysqli_fetch_array($sql_payments)){
+                $payment_id = $row['payment_id'];
+                $payment_date = $row['payment_date'];
+                $payment_amount = $row['payment_amount'];
+                $payment_method = $row['payment_method'];
+                $payment_reference = $row['payment_reference'];
+                if(strtotime($payment_date) > strtotime($invoice_due)){
+                  $payment_note = "Late";
+                  $difference = strtotime($payment_date) - strtotime($invoice_due);
+                  $days = floor($difference / (60*60*24) ) . " Days";
+                }else{
+                  $payment_note = "";
+                  $days = "";
+                }
+                
+
+                $invoice_tally_total = $invoice_amount + $invoice_tally_total;
+
+              ?>
+
+                <tr>
+                  <td colspan="4"><?php echo $payment_date; ?> - $<?php echo $payment_amount; ?> - <?php echo $payment_method; ?> - <?php echo $payment_reference; ?> - <?php echo $days; ?> <?php echo $payment_note; ?></td>
+                </tr>
+              <?php
+
+              }
+
+              ?>
+
+            <?php 
+            } 
+            ?>
+
+          </tbody>
+        </table>
+      </div>
+    </div>
+  <?php
+  }
+  ?>
+
+
+
 <?php 
   }else{
     echo "GTFO";
diff --git a/post.php b/post.php
index 85e6a938..1e973442 100644
--- a/post.php
+++ b/post.php
@@ -2228,6 +2228,36 @@ if(isset($_POST['save_invoice'])){
 
 }
 
+if(isset($_POST['edit_item'])){
+
+    $invoice_id = intval($_POST['invoice_id']);
+    $item_id = intval($_POST['item_id']);
+    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
+    $description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
+    $qty = floatval($_POST['qty']);
+    $price = floatval($_POST['price']);
+    $tax = floatval($_POST['tax']);
+     
+    $subtotal = $price * $qty;
+    $tax = $subtotal * $tax;
+    $total = $subtotal + $tax;
+
+    mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = '$qty', item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax', item_total = '$total' WHERE item_id = $item_id");
+
+    //Update Invoice Balances by tallying up invoice items
+
+    $sql_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS invoice_total FROM invoice_items WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
+    $row = mysqli_fetch_array($sql_invoice_total);
+    $new_invoice_amount = $row['invoice_total'];
+
+    mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount', invoice_updated_at = NOW() WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
+
+    $_SESSION['alert_message'] = "Item updated";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
 if(isset($_GET['delete_invoice_item'])){
     $item_id = intval($_GET['delete_invoice_item']);
 
diff --git a/side_nav.php b/side_nav.php
index 20c7cd9b..eb0c379f 100644
--- a/side_nav.php
+++ b/side_nav.php
@@ -20,7 +20,7 @@
             <p>Dashboard</p>
           </a>
         </li>
-        <li class="nav-header">CLIENT</li>
+        <li class="nav-header">MAIN</li>
         <li class="nav-item">
           <a href="clients.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "clients.php") { echo "active"; } ?>">
             <i class="nav-icon fas fa-users"></i>