Added Export Expenses Records with custom from and to Date, Fixed Advanced Search under expenses some other minor code formatting fixups

2022-01-22 14:37:45 -05:00 · 2022-01-22 14:37:45 -05:00 · a3c63b0649
parent d6749337d6
commit a3c63b0649
5 changed files with 109 additions and 16 deletions
--- a/clients.php
+++ b/clients.php
@ -46,10 +46,10 @@ if(isset($_GET['order'])){
  $order_display = "ASC";
 }

-if (empty($_GET['canned_date'])) {
-    //Prevents lots of undefined variable errors.
-    // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
-    $_GET['canned_date'] = 'custom';
+if(empty($_GET['canned_date'])) {
+  //Prevents lots of undefined variable errors.
+  // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
+  $_GET['canned_date'] = 'custom';
 }

 //Date Filter
--- a/expenses.php
+++ b/expenses.php
@ -36,6 +36,12 @@ if(isset($_GET['o'])){
  $disp = "ASC";
 }

+if(empty($_GET['canned_date'])){
+  //Prevents lots of undefined variable errors.
+  // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
+  $_GET['canned_date'] = 'custom';
+}
+
 //Date Filter
 if($_GET['canned_date'] == "custom" AND !empty($_GET['dtf'])){
  $dtf = mysqli_real_escape_string($mysqli,$_GET['dtf']);
@ -69,20 +75,15 @@ if($_GET['canned_date'] == "custom" AND !empty($_GET['dtf'])){
  $dtt = "9999-00-00";
 }

-if(empty($_GET['canned_date'])){
-  //Prevents lots of undefined variable errors.
-  // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
-  $_GET['canned_date'] = 'custom';
-}
-
 //Rebuild URL
 $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));

-$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses, categories, vendors, accounts
-  WHERE expense_category_id = category_id
-  AND expense_vendor_id = vendor_id
-  AND expense_account_id = account_id
-  AND expenses.company_id = $session_company_id
+$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses
+  LEFT JOIN categories ON expense_category_id = category_id
+  LEFT JOIN vendors ON expense_vendor_id = vendor_id
+  LEFT JOIN accounts ON expense_account_id = account_id
+  WHERE expenses.company_id = $session_company_id
+  AND expense_vendor_id > 0
  AND DATE(expense_date) BETWEEN '$dtf' AND '$dtt'
  AND (vendor_name LIKE '%$q%' OR category_name LIKE '%$q%' OR account_name LIKE '%$q%' OR expense_description LIKE '%$q%' OR expense_amount LIKE '%$q%')
  ORDER BY $sb $o LIMIT $record_from, $record_to");
@ -111,6 +112,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
            </div>
          </div>
        </div>
+        <div class="col-sm-8">
+          <div class="float-right">
+            <button type="button" class="btn btn-default" data-toggle="modal" data-target="#exportExpensesModal"><i class="fa fa-fw fa-download"></i> Export</button>
+            <button type="button" class="btn btn-default" data-toggle="modal" data-target="#importExpensesModal"><i class="fa fa-fw fa-upload"></i> Import</button>
+          </div>
+        </div>
      </div>
      <div class="collapse mt-3 <?php if(!empty($_GET['dtf'])){ echo "show"; } ?>" id="advancedFilter">
        <div class="row">
@ -222,6 +229,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
          include("edit_expense_modal.php");
          include("add_expense_copy_modal.php");
          include("add_expense_refund_modal.php");
+          include("export_expenses_modal.php");
          
          }

--- a/export_expenses_modal.php
+++ b/export_expenses_modal.php
@ -0,0 +1,29 @@
+<div class="modal" id="exportExpensesModal" tabindex="-1">
+	<div class="modal-dialog">
+		<div class="modal-content bg-dark">
+			<div class="modal-header">
+				<h5 class="modal-title"><i class="fa fa-fw fa-download"></i> Export Expenses to CSV</h5>
+				<button type="button" class="close text-white" data-dismiss="modal">
+					<span>&times;</span>
+				</button>
+			</div>
+			<form action="post.php" method="post" autocomplete="off">
+				<div class="modal-body bg-white">
+          <div class="form-group">
+            <label>Date From</label>
+            <input type="date" class="form-control" name="date_from" value="<?php echo $dtf; ?>">
+          </div>
+   
+          <div class="form-group">
+            <label>Date To</label>
+            <input type="date" class="form-control" name="date_to" value="<?php echo $dtt; ?>">
+          </div>
+          
+				</div>
+				<div class="modal-footer bg-white">
+					<button type="submit" name="export_expenses_csv" class="btn btn-primary">Download CSV</button>
+				</div>
+			</form>
+		</div>
+	</div>
+</div>
--- a/login.php
+++ b/login.php
@ -21,7 +21,7 @@ ini_set("session.cookie_httponly", True);

 // Tell client to only send cookie(s) over HTTPS
 if($config_https_only){
-    ini_set("session.cookie_secure", True);
+  ini_set("session.cookie_secure", True);
 }

 if(isset($_POST['login'])){
--- a/post.php
+++ b/post.php
@ -2394,6 +2394,62 @@ if(isset($_GET['delete_expense'])){
  
 }

+if(isset($_POST['export_expenses_csv'])){
+    $date_from = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date_from'])));
+    $date_to = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date_to'])));
+    if(!empty($date_from) AND !empty($date_to)){
+        $date_query = "AND DATE(expense_date) BETWEEN '$date_from' AND '$date_to'";
+        $file_name_date = "$date_from-$date_to";
+    }else{
+        $date_query = "";
+        $file_name_date = date('Y-m-d');
+    }
+    
+    //get records from database
+    $sql = mysqli_query($mysqli,"SELECT * FROM expenses
+      LEFT JOIN categories ON expense_category_id = category_id
+      LEFT JOIN vendors ON expense_vendor_id = vendor_id
+      LEFT JOIN accounts ON expense_account_id = account_id
+      WHERE expenses.company_id = $session_company_id
+      AND expense_vendor_id > 0
+      $date_query
+      ORDER BY expense_date DESC
+    ");
+
+    if(mysqli_num_rows($sql) > 0){
+        $delimiter = ",";
+        $filename = "$session_company_name-Expenses-$file_name_date.csv";
+        
+        //create a file pointer
+        $f = fopen('php://memory', 'w');
+        
+        //set column headers
+        $fields = array('Date', 'Amount', 'Vendor', 'Description', 'Category', 'Account');
+        fputcsv($f, $fields, $delimiter);
+        
+        //output each row of the data, format line as csv and write to file pointer
+        while($row = mysqli_fetch_assoc($sql)){
+            $lineData = array($row['expense_date'], $row['expense_amount'], $row['vendor_name'], $row['expense_description'], $row['category_name'], $row['account_name']);
+            fputcsv($f, $lineData, $delimiter);
+        }
+        
+        //move back to beginning of file
+        fseek($f, 0);
+        
+        //set headers to download file rather than displayed
+        header('Content-Type: text/csv');
+        header('Content-Disposition: attachment; filename="' . $filename . '";');
+        
+        //output all remaining data on a file pointer
+        fpassthru($f);
+    }
+    
+    //Logging
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Export', log_description = '$session_name exported expenses to CSV File', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
+
+    exit;
+}
+
 if(isset($_POST['add_transfer'])){

    $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));