style="max-width: 1000px;margin: 1px auto;" >
$query";
}
if ($stmt->execute()) {
}
} else {
//update
$query = "update " . $g_projectSlug . "_invoices set id='$id' $queryExtra where id='$actionId'";
$stmt = $con->prepare($query);
if (!$stmt) {
echo "err: $query";
}
if (!$stmt->execute()) {
echo "err: $query";
}
}
//update files
foreach ($files_array as $col => $file) {
$stmt = $con->prepare("update " . $g_projectSlug . "_invoices" . " set $col='$file' where id='$actionId'");
if (!$stmt) {
echo "err: $query";
}
if (!$stmt->execute()) {
echo "err: $query";
}
}
if ($g_redirectHomeOnSave) {
header("Location: ./home.php?m=Data was saved successfully!");
} else {
header("Location: ?view=$invoiceId&m=Data was saved successfully!");
}
}
if (isset($_GET['delete-record'])) {
$id = mb_htmlentities($_GET['delete-record']);
if ($id != "admin") {
$stmt = $con->prepare("delete from " . $g_projectSlug . "_invoices where id=?");
$stmt->bind_param("s", $id);
if (!$stmt->execute()) {
echo "err";
}
}
}
//myupdate
if (isset($_POST['updateInvoice'])) {
$custom_description = mb_htmlentities(($_POST['custom_description']));
$old_attachment = mb_htmlentities(($_POST['old_attachment']));
$attachment = storeFile($_FILES['attachment']);
$updateid = $_GET['update'];
if ($attachment == '') {
$new_attachment = $old_attachment;
} else {
$new_attachment = $attachment;
}
$order_id = $_GET['order_id'];
$stmt = $con->prepare("update " . $g_projectSlug . "_invoices set custom_description='$custom_description', order_id='$order_id', attachment='$new_attachment' where id='$updateid'");
if (!$stmt) {
echo "err: $query";
}
if (!$stmt->execute()) {
echo "err: $query";
}
}
if (isset($_GET['invoiceIdDuplicate'])) {
$invoiceIdDuplicate = $_GET['invoiceIdDuplicate'];
// (recurring_type='Monthly' or recurring_type='Annual') or
$invoices = getAll($con, "select * from " . $g_projectSlug . "_invoices where id='$invoiceIdDuplicate'");
foreach ($invoices as $invoiceRow) {
$invoiceId = $invoiceRow['id'];
$client_id = mb_htmlentities(($invoiceRow['client_id']));
$custom_description = mb_htmlentities(($invoiceRow['custom_description']));
$title = mb_htmlentities(($invoiceRow['title'])) . " - New";
$recurring_type = mb_htmlentities(($invoiceRow['recurring_type']));
$attachment = mb_htmlentities(($invoiceRow['attachment']));
$total = $invoiceRow['total'];
$timeAdded = time();
$invoiceIdNew = generateRandomString();
$order_id = $_GET['order_id'];
$query = "insert into " . $g_projectSlug . "_invoices set id='$invoiceIdNew', user_id='$session_userId', client_id='$client_id',
custom_description='$custom_description', total='$total',
attachment='$attachment', timeAdded='$timeAdded', title='$title',order_id='$order_id' ;";
$stmt = $con->prepare($query);
if (!$stmt) {
echo "err: $query";
}
if ($stmt->execute()) {
}
$invoiceItems = getAll($con, "SELECT * FROM " . $g_projectSlug . "_invoices_products WHERE invoice_id='$invoiceId'");
foreach ($invoiceItems as $item) {
$invoice_product_id = generateRandomString();
$subtotal = $item['subtotal'];
$product_id = $item['product_id'];
$category = $item['category'];
$cost = $item['cost'];
$quantity = $item['qty'];
$unit_cost = $item['cost'];
$items = $item['items'];
$query = "insert into " . $g_projectSlug . "_invoices_products set id='$invoice_product_id', invoice_id='$invoiceIdNew',
product_id='$product_id', items='$items', category='$category', cost='$unit_cost', quantity='$quantity', subtotal='$subtotal'";
$stmt = $con->prepare($query);
$stmt->execute();
}
}
header("Location: ?m=Invoice was duplicated successfully.");
}
?>