" . numfmt_format_currency($currency_format, $amount, $account_currency_code) . " from $source_account_name to $destination_account_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_transfer'])) { enforceUserPermission('module_financial', 2); require_once 'transfer_model.php'; $transfer_id = intval($_POST['transfer_id']); $expense_id = intval($_POST['expense_id']); $revenue_id = intval($_POST['revenue_id']); mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = $amount, expense_account_id = $account_from WHERE expense_id = $expense_id"); mysqli_query($mysqli,"UPDATE revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_account_id = $account_to WHERE revenue_id = $revenue_id"); mysqli_query($mysqli,"UPDATE transfers SET transfer_method = '$transfer_method', transfer_notes = '$notes' WHERE transfer_id = $transfer_id"); // Logging logAction("Account Transfer", "Edit", "$session_name edited transfer", 0, $transfer_id); $_SESSION['alert_message'] = "Transfer edited"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['delete_transfer'])) { enforceUserPermission('module_financial', 3); $transfer_id = intval($_GET['delete_transfer']); // Query the transfer ID to get the Payment and Expense IDs, so we can delete those as well $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT * FROM transfers WHERE transfer_id = $transfer_id")); $expense_id = intval($row['transfer_expense_id']); $revenue_id = intval($row['transfer_revenue_id']); mysqli_query($mysqli,"DELETE FROM expenses WHERE expense_id = $expense_id"); mysqli_query($mysqli,"DELETE FROM revenues WHERE revenue_id = $revenue_id"); mysqli_query($mysqli,"DELETE FROM transfers WHERE transfer_id = $transfer_id"); // Logging logAction("Account Transfer", "Delete", "$session_name deleted transfer"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Transfer deleted"; header("Location: " . $_SERVER["HTTP_REFERER"]); }