$provider created"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_payment_provider'])) { validateCSRFToken($_POST['csrf_token']); $provider_id = intval($_POST['provider_id']); $description = sanitizeInput($_POST['description']); $public_key = sanitizeInput($_POST['public_key']); $private_key = sanitizeInput($_POST['private_key']); $threshold = floatval($_POST['threshold']); $enable_expense = intval($_POST['enable_expense'] ?? 0); $percentage_fee = floatval($_POST['percentage_fee']) / 100; $flat_fee = floatval($_POST['flat_fee']); mysqli_query($mysqli,"UPDATE payment_providers SET payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee WHERE payment_provider_id = $provider_id"); // Logging logAction("Payment Provider", "Edit", "$session_name edited Payment Provider $provider"); $_SESSION['alert_message'] = "Payment Provider $provider edited"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['delete_payment_provider'])) { $provider_id = intval($_GET['delete_payment_provider']); $sql = mysqli_query($mysqli,"SELECT payment_provider_name FROM payment_providers WHERE payment_provider_id = $provider_id"); $row = mysqli_fetch_array($sql); $provider_name = sanitizeInput($row['payment_provider_name']); mysqli_query($mysqli,"DELETE FROM payment_providers WHERE payment_provider_id = $provider_id"); // Logging logAction("Payment Provider", "Delete", "$session_name deleted Payment Provider $provider_name"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Payment Provider $provider_name deleted"; header("Location: " . $_SERVER["HTTP_REFERER"]); }