$months) { foreach ($months as $month => $amount) { $amount = (int)$amount; // Check if budget exists $query = "SELECT * FROM budget WHERE budget_category_id = $category_id AND budget_month = $month AND budget_year = $year"; $result = mysqli_query($mysqli, $query); if (mysqli_num_rows($result) > 0) { // Update existing budget $query = "UPDATE budget SET budget_amount = $amount WHERE budget_category_id = $category_id AND budget_month = $month AND budget_year = $year"; } else { // Insert new budget $query = "INSERT INTO budget SET budget_category_id = $category_id, budget_month = $month, budget_year = $year, budget_amount = $amount"; } mysqli_query($mysqli, $query); } } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Edit', log_description = '$session_name updated the budget for $year', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Budget Updated for $year"; header("Location: " . $_SERVER["HTTP_REFERER"]); exit; } if (isset($_POST['delete_budget'])) { enforceUserPermission('module_financial', 3); validateCSRFToken($_POST['csrf_token']); $year = intval($_POST['year']); mysqli_query($mysqli,"DELETE FROM budget WHERE budget_year = $year"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Budget', log_action = 'Delete', log_description = '$session_name deleted the budget for $year', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Budget deleted for $year"; header("Location: " . $_SERVER["HTTP_REFERER"]); }