AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

rename /user/ to /agent/ and update links to use agent/ instead

Browse Source
This commit is contained in:
johnnyq
2025-09-23 18:04:23 -04:00
parent 6b6c70f1df
commit edabc5c33f
373 changed files with 93 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
agent/post/revenue.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
/*
* ITFlow - GET/POST request handler for revenue
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_revenue'])) {
enforceUserPermission('module_sales', 2);
$date = sanitizeInput($_POST['date']);
$amount = floatval($_POST['amount']);
$account = intval($_POST['account']);
$category = intval($_POST['category']);
$payment_method = sanitizeInput($_POST['payment_method']);
$description = sanitizeInput($_POST['description']);
$reference = sanitizeInput($_POST['reference']);
mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_currency_code = '$session_company_currency', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account");
$revenue_id = mysqli_insert_id($mysqli);
logAction("Revenue", "Create", "$session_name added revenue $description", 0, $revenue_id);
flash_alert("Revenue added");
redirect();
}
if (isset($_POST['edit_revenue'])) {
enforceUserPermission('module_sales', 2);
$revenue_id = intval($_POST['revenue_id']);
$date = sanitizeInput($_POST['date']);
$amount = floatval($_POST['amount']);
$account = intval($_POST['account']);
$category = intval($_POST['category']);
$payment_method = sanitizeInput($_POST['payment_method']);
$description = sanitizeInput($_POST['description']);
$reference = sanitizeInput($_POST['reference']);
mysqli_query($mysqli,"UPDATE revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account WHERE revenue_id = $revenue_id");
logAction("Revenue", "Edit", "$session_name edited revenue $description", 0, $revenue_id);
flash_alert("Revenue edited");
redirect();
}
if (isset($_GET['delete_revenue'])) {
enforceUserPermission('module_sales', 3);
$revenue_id = intval($_GET['delete_revenue']);
// Get Revenue Details
$revenue_description = sanitizeInput(getFieldById('revenues', $revenue_id, 'revenue_description'));
mysqli_query($mysqli,"DELETE FROM revenues WHERE revenue_id = $revenue_id");
logAction("Revenue", "Delete", "$session_name deleted revenue $revenue_description");
flash_alert("Revenue removed", 'error');
redirect();
}