Added Expense and categories module

2026-02-28 02:44:53 +00:00 · 2019-03-16 16:38:36 -04:00
parent cb60f43e60
commit ab5e4af15b
11 changed files with 470 additions and 96 deletions
--- a/post.php
+++ b/post.php
@@ -27,6 +27,27 @@ if(isset($_POST['add_client'])){

 }

+if(isset($_POST['edit_client'])){
+
+    $client_id = intval($_POST['client_id']);
+    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
+    $address = strip_tags(mysqli_real_escape_string($mysqli,$_POST['address']));
+    $city = strip_tags(mysqli_real_escape_string($mysqli,$_POST['city']));
+    $state = strip_tags(mysqli_real_escape_string($mysqli,$_POST['state']));
+    $zip = strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip']));
+    $phone = strip_tags(mysqli_real_escape_string($mysqli,$_POST['phone']));
+    $phone = preg_replace("/[^0-9]/", '',$phone);
+    $email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
+    $website = strip_tags(mysqli_real_escape_string($mysqli,$_POST['website']));
+
+    mysqli_query($mysqli,"UPDATE clients SET client_name = '$name', client_address = '$address', client_city = '$city', client_state = '$state', client_zip = '$zip', client_phone = '$phone', client_email = '$email', client_website = '$website', client_updated_at = UNIX_TIMESTAMP() WHERE client_id = $client_id");
+
+    $_SESSION['alert_message'] = "Client updated";
+    
+    header("Location: clients.php");
+
+}
+
 if(isset($_POST['add_vendor'])){

    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
@@ -47,6 +68,27 @@ if(isset($_POST['add_vendor'])){

 }

+if(isset($_POST['edit_vendor'])){
+
+    $vendor_id = intval($_POST['vendor_id']);
+    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
+    $address = strip_tags(mysqli_real_escape_string($mysqli,$_POST['address']));
+    $city = strip_tags(mysqli_real_escape_string($mysqli,$_POST['city']));
+    $state = strip_tags(mysqli_real_escape_string($mysqli,$_POST['state']));
+    $zip = strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip']));
+    $phone = strip_tags(mysqli_real_escape_string($mysqli,$_POST['phone']));
+    $phone = preg_replace("/[^0-9]/", '',$phone);
+    $email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
+    $website = strip_tags(mysqli_real_escape_string($mysqli,$_POST['website']));
+
+    mysqli_query($mysqli,"UPDATE vendors SET vendor_name = '$name', vendor_address = '$address', vendor_city = '$city', vendor_state = '$state', vendor_zip = '$zip', vendor_phone = '$phone', vendor_email = '$email', vendor_website = '$website', vendor_updated_at = UNIX_TIMESTAMP() WHERE vendor_id = $vendor_id");
+
+    $_SESSION['alert_message'] = "Vendor modified";
+    
+    header("Location: vendors.php");
+
+}
+
 if(isset($_POST['add_mileage'])){

    $date = strtotime($_POST['date']);
@@ -76,6 +118,50 @@ if(isset($_POST['add_account'])){

 }

+if(isset($_POST['add_category'])){
+
+    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
+    $type = strip_tags(mysqli_real_escape_string($mysqli,$_POST['type']));
+
+    mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type'");
+
+    $_SESSION['alert_message'] = "Category added";
+    
+    header("Location: categories.php");
+
+}
+
+if(isset($_POST['edit_category'])){
+
+    $category_id = intval($_POST['category_id']);
+    $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
+    $type = strip_tags(mysqli_real_escape_string($mysqli,$_POST['type']));
+
+    mysqli_query($mysqli,"UPDATE categories SET category_name = '$name', category_type = '$type' WHERE category_id = $category_id");
+
+    $_SESSION['alert_message'] = "Category modified";
+    
+    header("Location: categories.php");
+
+}
+
+if(isset($_POST['add_expense'])){
+
+    $date = strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']));
+    $amount = $_POST['amount'];
+    $account = intval($_POST['account']);
+    $vendor = intval($_POST['vendor']);
+    $category = intval($_POST['category']);
+    $description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
+
+    mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description'");
+
+    $_SESSION['alert_message'] = "Expense added";
+    
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
 if(isset($_POST['add_user'])){
    $email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
    $password = mysqli_real_escape_string($mysqli,$_POST['password']);