Updated Budget to now include easy updating and creating and viewing Yearly budgets in one POST

post/budget.php

@@ -4,57 +4,48 @@
  * ITFlow - GET/POST request handler for budget
  */
 
-if (isset($_POST['create_budget'])) {
-
-    $month = intval($_POST['month']);
+if (isset($_POST['save_budget'])) {
+    $budgets = $_POST['budget'];
     $year = intval($_POST['year']);
-    $amount = floatval($_POST['amount']);
-    $description = sanitizeInput($_POST['description']);
-    $category = intval($_POST['category']);
+
+    foreach ($budgets as $category_id => $months) {
+        foreach ($months as $month => $amount) {
+            $amount = (int)$amount;
+
+            // Check if budget exists
+            $query = "SELECT * FROM budget WHERE budget_category_id = $category_id AND budget_month = $month AND budget_year = $year";
+            $result = mysqli_query($mysqli, $query);
+            if (mysqli_num_rows($result) > 0) {
+                // Update existing budget
+                $query = "UPDATE budget SET budget_amount = $amount WHERE budget_category_id = $category_id AND budget_month = $month AND budget_year = $year";
+            } else {
+                // Insert new budget
+                $query = "INSERT INTO budget SET budget_category_id = $category_id, budget_month = $month, budget_year = $year, budget_amount = $amount";
+            }
+            mysqli_query($mysqli, $query);
+        }
+    }
+
+    //Logging
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Edit', log_description = '$session_name updated the budget for $year', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+
+    $_SESSION['alert_message'] = "Budget Updated for $year";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
     
-    mysqli_query($mysqli,"INSERT INTO budget SET budget_month = $month, budget_year = $year, budget_amount = $amount, budget_description = '$description', budget_category_id = $category");
-
-    $budget_id = mysqli_insert_id($mysqli);
-
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Create', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
-
-    $_SESSION['alert_message'] = "Budget created";
-
-    header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+    exit;
 }
 
-if (isset($_POST['edit_budget'])) {
-
-    $budget_id = intval($_POST['budget_id']);
-    $month = intval($_POST['month']);
+if (isset($_POST['delete_budget'])) {
     $year = intval($_POST['year']);
-    $amount = floatval($_POST['amount']);
-    $description = sanitizeInput($_POST['description']);
-    $category = intval($_POST['category']);
 
-    mysqli_query($mysqli,"UPDATE budget SET budget_month = $month, budget_year = $year, budget_amount = $amount, budget_description = '$description', budget_category_id = $category WHERE budget_id = $budget_id");
+    mysqli_query($mysqli,"DELETE FROM budget WHERE budget_year = $year");
 
     //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Edit', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
-
-    $_SESSION['alert_message'] = "Budget edited";
-
-    header("Location: " . $_SERVER["HTTP_REFERER"]);
-
-}
-
-if (isset($_GET['delete_budget'])) {
-    $budget_id = intval($_GET['delete_budget']);
-
-    mysqli_query($mysqli,"DELETE FROM budget WHERE budget_id = $budget_id");
-
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Delete', log_description = '$budget_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Delete', log_description = '$session_name deleted the budget for $year', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
 
     $_SESSION['alert_type'] = "error";
-    $_SESSION['alert_message'] = "Budget deleted";
+    $_SESSION['alert_message'] = "Budget deleted for $year";
 
     header("Location: " . $_SERVER["HTTP_REFERER"]);
 

post/rack.php

@@ -168,3 +168,75 @@ if (isset($_GET['delete_rack'])) {
     header("Location: " . $_SERVER["HTTP_REFERER"]);
 
 }
+
+if (isset($_POST['add_rack_unit'])) {
+
+    validateTechRole();
+
+    $client_id = intval($_POST['client_id']);
+    $rack_id = intval($_POST['rack_id']);
+    $name = sanitizeInput($_POST['name']);
+    $unit_start = intval($_POST['unit_start']);
+    $unit_end = intval($_POST['unit_end']);
+    $asset = intval($_POST['asset']);
+
+    mysqli_query($mysqli,"INSERT INTO rack_units SET unit_device = '$name', unit_asset_id = $asset, unit_start_number = $unit_start, unit_end_number = $unit_end, unit_rack_id = $rack_id");
+
+    $unit_id = mysqli_insert_id($mysqli);
+
+    //Logging
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Create', log_description = '$session_name added a unit the rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
+
+    $_SESSION['alert_message'] = "Device Added to Unit $unit_start - $unit_end to rack";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
+if (isset($_POST['edit_rack_unit'])) {
+
+    validateTechRole();
+
+    $unit_id = intval($_POST['unit_id']);
+    $client_id = intval($_POST['client_id']);
+    $rack_id = intval($_POST['rack_id']);
+    $name = sanitizeInput($_POST['name']);
+    $unit_start = intval($_POST['unit_start']);
+    $unit_end = intval($_POST['unit_end']);
+    $asset = intval($_POST['asset']);
+
+    mysqli_query($mysqli,"UPDATE rack_units SET unit_device = '$name', unit_asset_id = $asset, unit_start_number = $unit_start, unit_end_number = $unit_end WHERE unit_id = $unit_id");
+
+    //Logging
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Edit', log_description = '$session_name edited a unit on the rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
+
+    $_SESSION['alert_message'] = "Device edited on the rack";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
+if (isset($_GET['delete_rack_unit'])) {
+
+    validateAdminRole();
+
+    $unit_id = intval($_GET['delete_rack_unit']);
+
+    // Get Name and Client ID for logging and alert message
+    $sql = mysqli_query($mysqli,"SELECT rack_name, rack_id, rack_client_id FROM racks LEFT JOIN rack_units ON unit_rack_id = rack_id WHERE rack_id = $rack_id");
+    $row = mysqli_fetch_array($sql);
+    $rack_name = sanitizeInput($row['rack_name']);
+    $client_id = intval($row['rack_client_id']);
+    $rack_id = intval($row['rack_id']);
+
+    mysqli_query($mysqli,"DELETE FROM rack_unit WHERE unit_id = $unit_id");
+
+    //Logging
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Delete', log_description = '$session_name removed device from rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
+
+    $_SESSION['alert_type'] = "error";
+    $_SESSION['alert_message'] = "You removed device from the rack";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}