AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Delete the receipt as well when an expense is deleted

This commit is contained in:
root 2019-05-17 18:17:25 -04:00
parent 85a8e071b8
commit a4e08b7296
1 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
post.php
View File

@ -184,18 +184,18 @@ if(isset($_POST['edit_user'])){
}else{ }else{
$password = md5($password); $password = md5($password);
} }
$avatar_path = $_POST['current_avatar_path']; $path = strip_tags(mysqli_real_escape_string($mysqli,$_POST['current_avatar_path']));
$check = getimagesize($_FILES["avatar"]["tmp_name"]);
if($check !== false) { if($_FILES['file']['tmp_name']!='') {
if($avatar_path != "img/default_user_avatar.png"){ //remove old receipt
unlink($avatar_path); unlink($path);
} $path = "uploads/user_avatars/";
$avatar_path = "uploads/user_avatars/"; $path = $path . basename( $_FILES['file']['name']);
$avatar_path = $avatar_path . $user_id . '_' . time() . '_' . basename( $_FILES['avatar']['name']); $file_name = basename($path);
move_uploaded_file($_FILES['avatar']['tmp_name'], "$avatar_path"); move_uploaded_file($_FILES['file']['tmp_name'], $path);
} }
mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', password = '$password', avatar = '$avatar_path', updated_at = NOW() WHERE user_id = $user_id"); mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', password = '$password', avatar = '$path', updated_at = NOW() WHERE user_id = $user_id");
$_SESSION['alert_message'] = "User updated"; $_SESSION['alert_message'] = "User updated";
@ -641,17 +641,15 @@ if(isset($_POST['edit_expense'])){
$category = intval($_POST['category']); $category = intval($_POST['category']);
$description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description'])); $description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
$reference = strip_tags(mysqli_real_escape_string($mysqli,$_POST['reference'])); $reference = strip_tags(mysqli_real_escape_string($mysqli,$_POST['reference']));
$receipt = strip_tags(mysqli_real_escape_string($mysqli,$_POST['expense_receipt'])); $path = strip_tags(mysqli_real_escape_string($mysqli,$_POST['expense_receipt']));
if($_FILES['file']['tmp_name']!='') { if($_FILES['file']['tmp_name']!='') {
//remove old receipt
unlink($path);
$path = "uploads/expenses/$vendor/"; $path = "uploads/expenses/$vendor/";
$path = $path . basename( $_FILES['file']['name']); $path = $path . basename( $_FILES['file']['name']);
$file_name = basename($path); $file_name = basename($path);
move_uploaded_file($_FILES['file']['tmp_name'], $path); move_uploaded_file($_FILES['file']['tmp_name'], $path);
//remove old receipt
unlink($receipt);
}else{
$path = $receipt;
} }
mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description', expense_reference = '$reference', expense_receipt = '$path', expense_updated_at = NOW() WHERE expense_id = $expense_id"); mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description', expense_reference = '$reference', expense_receipt = '$path', expense_updated_at = NOW() WHERE expense_id = $expense_id");
@ -665,6 +663,12 @@ if(isset($_POST['edit_expense'])){
if(isset($_GET['delete_expense'])){ if(isset($_GET['delete_expense'])){
$expense_id = intval($_GET['delete_expense']); $expense_id = intval($_GET['delete_expense']);
$sql = mysqli_query($mysqli,"SELECT * FROM expenses WHERE expense_id = $expense_id");
$row = mysqli_fetch_array($sql);
$expense_receipt = $row['expense_receipt'];
unlink($expense_receipt);
mysqli_query($mysqli,"DELETE FROM expenses WHERE expense_id = $expense_id"); mysqli_query($mysqli,"DELETE FROM expenses WHERE expense_id = $expense_id");
$_SESSION['alert_message'] = "Expense deleted"; $_SESSION['alert_message'] = "Expense deleted";