$name ($percent%) created"); redirect(); } if (isset($_POST['edit_tax'])) { validateCSRFToken($_POST['csrf_token']); $tax_id = intval($_POST['tax_id']); $name = sanitizeInput($_POST['name']); $percent = floatval($_POST['percent']); mysqli_query($mysqli,"UPDATE taxes SET tax_name = '$name', tax_percent = $percent WHERE tax_id = $tax_id"); logAction("Tax", "Edit", "$session_name edited tax $name - $percent%", 0, $tax_id); flash_alert("Tax $name ($percent%) edited"); redirect(); } if (isset($_GET['archive_tax'])) { validateCSRFToken($_GET['csrf_token']); $tax_id = intval($_GET['archive_tax']); $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name')); mysqli_query($mysqli,"UPDATE taxes SET tax_archived_at = NOW() WHERE tax_id = $tax_id"); logAction("Tax", "Archive", "$session_name archived tax $tax_name", 0, $tax_id); flash_alert("Tax $tax_name Archived", 'error'); redirect(); } if (isset($_GET['delete_tax'])) { $tax_id = intval($_GET['delete_tax']); $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name')); mysqli_query($mysqli,"DELETE FROM taxes WHERE tax_id = $tax_id"); logAction("Tax", "Delete", "$session_name deleted tax $tax_name"); flash_alert("Tax $tax_name deleted", 'error'); redirect(); }