Split out item edits into seperate posts and modals for editing invoice, quote and recurring invoice items

2026-03-11 08:14:52 +00:00 · 2026-03-07 12:12:27 -05:00
parent c8273b2052
commit 6d2cb0aea3
9 changed files with 354 additions and 66 deletions
--- a/agent/post/invoice.php
+++ b/agent/post/invoice.php
@@ -418,7 +418,7 @@ if (isset($_POST['invoice_note'])) {

 }

-if (isset($_POST['edit_item'])) {
+if (isset($_POST['edit_invoice_item'])) {

    validateCSRFToken($_POST['csrf_token']);

@@ -446,75 +446,30 @@ if (isset($_POST['edit_item'])) {
    $total = $subtotal + $tax_amount;

    // Determine what type of line item
-    $sql = mysqli_query($mysqli,"SELECT item_invoice_id, item_quote_id, item_recurring_invoice_id FROM invoice_items WHERE item_id = $item_id");
+    $sql = mysqli_query($mysqli,"SELECT item_invoice_id FROM invoice_items WHERE item_id = $item_id");
    $row = mysqli_fetch_assoc($sql);
    $invoice_id = intval($row['item_invoice_id']);
-    $quote_id = intval($row['item_quote_id']);
-    $recurring_invoice_id = intval($row['item_recurring_invoice_id']);

-    if ($invoice_id) {
-        //Get Discount Amount
-        $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id");
-        $row = mysqli_fetch_assoc($sql);
-        $invoice_prefix = sanitizeInput($row['invoice_prefix']);
-        $invoice_number = intval($row['invoice_number']);
-        $client_id = intval($row['invoice_client_id']);
-        $invoice_discount = floatval($row['invoice_discount_amount']);
-        enforceClientAccess();
-    } elseif ($quote_id) {
-        //Get Discount Amount
-        $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id");
-        $row = mysqli_fetch_assoc($sql);
-        $quote_prefix = sanitizeInput($row['quote_prefix']);
-        $quote_number = intval($row['quote_number']);
-        $client_id = intval($row['quote_client_id']);
-        $quote_discount = floatval($row['quote_discount_amount']);
-        enforceClientAccess();
-    } else {
-        //Get Discount Amount
-        $sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
-        $row = mysqli_fetch_assoc($sql);
-        $recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
-        $recurring_invoice_number = intval($row['recurring_invoice_number']);
-        $client_id = intval($row['recurring_invoice_client_id']);
-        $recurring_invoice_discount = floatval($row['recurring_invoice_discount_amount']);
-        enforceClientAccess();
-    }
+    //Get Discount Amount
+    $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id");
+    $row = mysqli_fetch_assoc($sql);
+    $invoice_prefix = sanitizeInput($row['invoice_prefix']);
+    $invoice_number = intval($row['invoice_number']);
+    $client_id = intval($row['invoice_client_id']);
+    $invoice_discount = floatval($row['invoice_discount_amount']);
+
+    enforceClientAccess();

    mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id WHERE item_id = $item_id");

-    if ($invoice_id) {
-        //Update Invoice Balances by tallying up invoice items
-        $sql_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS invoice_total FROM invoice_items WHERE item_invoice_id = $invoice_id");
-        $row = mysqli_fetch_assoc($sql_invoice_total);
-        $new_invoice_amount = floatval($row['invoice_total']) - $invoice_discount;
+    //Update Invoice Balances by tallying up invoice items
+    $sql_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS invoice_total FROM invoice_items WHERE item_invoice_id = $invoice_id");
+    $row = mysqli_fetch_assoc($sql_invoice_total);
+    $new_invoice_amount = floatval($row['invoice_total']) - $invoice_discount;

-        mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = $new_invoice_amount WHERE invoice_id = $invoice_id");
+    mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = $new_invoice_amount WHERE invoice_id = $invoice_id");

-        logAction("Invoice", "Edit", "$session_name edited item $name on invoice $invoice_prefix$invoice_number", $client_id, $invoice_id);
-
-    } elseif ($quote_id) {
-        //Update Quote Balances by tallying up items
-        $sql_quote_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS quote_total FROM invoice_items WHERE item_quote_id = $quote_id");
-        $row = mysqli_fetch_assoc($sql_quote_total);
-        $new_quote_amount = floatval($row['quote_total']) - $quote_discount;
-
-        mysqli_query($mysqli,"UPDATE quotes SET quote_amount = $new_quote_amount WHERE quote_id = $quote_id");
-
-        logAction("Quote", "Edit", "$session_name edited item $name on quote $quote_prefix$quote_number", $client_id, $quote_id);
-
-    } else {
-        //Update Invoice Balances by tallying up invoice items
-        $sql_recurring_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_invoice_total FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
-        $row = mysqli_fetch_assoc($sql_recurring_invoice_total);
-        $new_recurring_invoice_amount = floatval($row['recurring_invoice_total']) - $recurring_invoice_discount;
-
-        mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $new_recurring_invoice_amount WHERE recurring_invoice_id = $recurring_invoice_id");
-
-        // Logging
-        logAction("Recurring Invoice", "Edit", "$session_name edited item $name on recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
-
-    }
+    logAction("Invoice", "Edit", "$session_name edited item $name on invoice $invoice_prefix$invoice_number", $client_id, $invoice_id);

    flash_alert("Item <strong>$name</strong> updated");

--- a/agent/post/quote.php
+++ b/agent/post/quote.php
@@ -273,6 +273,65 @@ if (isset($_POST['add_quote_item'])) {

 }

+if (isset($_POST['edit_quote_item'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    enforceUserPermission('module_sales', 2);
+
+    $item_id = intval($_POST['item_id']);
+    $name = sanitizeInput($_POST['name']);
+    $description = sanitizeInput($_POST['description']);
+    $qty = floatval($_POST['qty']);
+    $price = floatval($_POST['price']);
+    $tax_id = intval($_POST['tax_id']);
+    $product_id = intval($_POST['product_id']);
+
+    $subtotal = $price * $qty;
+
+    if ($tax_id > 0) {
+        $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
+        $row = mysqli_fetch_assoc($sql);
+        $tax_percent = floatval($row['tax_percent']);
+        $tax_amount = $subtotal * $tax_percent / 100;
+    } else {
+        $tax_amount = 0;
+    }
+
+    $total = $subtotal + $tax_amount;
+
+    // Get Quote ID from Item ID
+    $sql = mysqli_query($mysqli,"SELECT item_quote_id FROM invoice_items WHERE item_id = $item_id");
+    $row = mysqli_fetch_assoc($sql);
+    $quote_id = intval($row['item_quote_id']);
+
+    //Get Discount Amount
+    $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id");
+    $row = mysqli_fetch_assoc($sql);
+    $quote_prefix = sanitizeInput($row['quote_prefix']);
+    $quote_number = intval($row['quote_number']);
+    $client_id = intval($row['quote_client_id']);
+    $quote_discount = floatval($row['quote_discount_amount']);
+
+    enforceClientAccess();
+
+    mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id WHERE item_id = $item_id");
+
+    //Update Quote Balances by tallying up items
+    $sql_quote_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS quote_total FROM invoice_items WHERE item_quote_id = $quote_id");
+    $row = mysqli_fetch_assoc($sql_quote_total);
+    $new_quote_amount = floatval($row['quote_total']) - $quote_discount;
+
+    mysqli_query($mysqli,"UPDATE quotes SET quote_amount = $new_quote_amount WHERE quote_id = $quote_id");
+
+    logAction("Quote", "Edit", "$session_name edited item $name on quote $quote_prefix$quote_number", $client_id, $quote_id);
+
+    flash_alert("Item <strong>$name</strong> updated");
+
+    redirect();
+
+}
+
 if (isset($_POST['quote_note'])) {

    validateCSRFToken($_POST['csrf_token']);
--- a/agent/post/recurring_invoice.php
+++ b/agent/post/recurring_invoice.php
@@ -255,6 +255,66 @@ if (isset($_POST['add_recurring_invoice_item'])) {

 }

+if (isset($_POST['edit_recurring_invoice_item'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    enforceUserPermission('module_sales', 2);
+
+    $item_id = intval($_POST['item_id']);
+    $name = sanitizeInput($_POST['name']);
+    $description = sanitizeInput($_POST['description']);
+    $qty = floatval($_POST['qty']);
+    $price = floatval($_POST['price']);
+    $tax_id = intval($_POST['tax_id']);
+    $product_id = intval($_POST['product_id']);
+
+    $subtotal = $price * $qty;
+
+    if ($tax_id > 0) {
+        $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
+        $row = mysqli_fetch_assoc($sql);
+        $tax_percent = floatval($row['tax_percent']);
+        $tax_amount = $subtotal * $tax_percent / 100;
+    } else {
+        $tax_amount = 0;
+    }
+
+    $total = $subtotal + $tax_amount;
+
+    // Get Recurring_invoice_id from item_id
+    $sql = mysqli_query($mysqli,"SELECT item_recurring_invoice_id FROM invoice_items WHERE item_id = $item_id");
+    $row = mysqli_fetch_assoc($sql);
+    $recurring_invoice_id = intval($row['item_recurring_invoice_id']);
+
+    //Get Discount Amount
+    $sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
+    $row = mysqli_fetch_assoc($sql);
+    $recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
+    $recurring_invoice_number = intval($row['recurring_invoice_number']);
+    $client_id = intval($row['recurring_invoice_client_id']);
+    $recurring_invoice_discount = floatval($row['recurring_invoice_discount_amount']);
+
+    enforceClientAccess();
+
+    mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id WHERE item_id = $item_id");
+
+    //Update Invoice Balances by tallying up invoice items
+    $sql_recurring_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_invoice_total FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
+    $row = mysqli_fetch_assoc($sql_recurring_invoice_total);
+    $new_recurring_invoice_amount = floatval($row['recurring_invoice_total']) - $recurring_invoice_discount;
+
+    mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $new_recurring_invoice_amount WHERE recurring_invoice_id = $recurring_invoice_id");
+
+    // Logging
+    logAction("Recurring Invoice", "Edit", "$session_name edited item $name on recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
+
+    flash_alert("Item <strong>$name</strong> updated");
+
+    redirect();
+
+}
+
 if (isset($_POST['recurring_invoice_note'])) {

    validateCSRFToken($_POST['csrf_token']);