ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated All Exports to include your company name if exporting all and if exporting just from a client prepend the client name to file, introduced a sanitize_filename function and used it for the exports to always get a clean file name that works on every OS

Browse Source
This commit is contained in:
johnnyq
2025-09-10 12:50:10 -04:00
parent 23b2dcba70
commit 981fb9585d
18 changed files with 96 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
user/post/invoice.php
View File

@@ -1935,8 +1935,12 @@ if (isset($_POST['export_invoices_csv'])) {
if (isset($_POST['client_id'])) {
$client_id = intval($_POST['client_id']);
$client_query = "AND invoice_client_id = $client_id";
$client_name = getFieldById('clients', $client_id, 'client_name');
$file_name_prepend = "$client_name-";
} else {
$client_query = '';
$client_name = '';
$file_name_prepend = "$session_company_name-";
}
$date_from = sanitizeInput($_POST['date_from']);
@@ -1946,21 +1950,18 @@ if (isset($_POST['export_invoices_csv'])) {
$file_name_date = "$date_from-to-$date_to";
}else{
$date_query = "";
$file_name_date = date('Y-m-d');
$file_name_date = date('Y-m-d_H-i-s');
}
$sql = mysqli_query($mysqli,"SELECT * FROM invoices LEFT JOIN clients ON invoice_client_id = client_id WHERE $date_query $client_query ORDER BY invoice_number ASC");
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
$num_rows = mysqli_num_rows($sql);
if ($num_rows > 0) {
$delimiter = ",";
$enclosure = '"';
$escape = '\\'; // backslash
$filename = "$session_company_name-Invoices-$file_name_date.csv";
$filename = sanitize_filename($file_name_prepend . "Invoices-$file_name_date.csv");
//create a file pointer
$f = fopen('php://memory', 'w');
@@ -2045,8 +2046,12 @@ if (isset($_POST['export_payments_csv'])) {
if (isset($_POST['client_id'])) {
$client_id = intval($_POST['client_id']);
$client_query = "AND invoice_client_id = $client_id";
$client_name = getFieldById('clients', $client_id, 'client_name');
$file_name_prepend = "$client_name-";
} else {
$client_query = '';
$client_name = '';
$file_name_prepend = "$session_company_name-";
}
$sql = mysqli_query($mysqli,"SELECT * FROM payments, invoices WHERE payment_invoice_id = invoice_id $client_query ORDER BY payment_date ASC");
@@ -2057,7 +2062,7 @@ if (isset($_POST['export_payments_csv'])) {
$delimiter = ",";
$enclosure = '"';
$escape = '\\'; // backslash
$filename = "Payments-" . date('Y-m-d') . ".csv";
$filename = sanitize_filename($file_name_prepend . "Payments-" . date('Y-m-d_H-i-s') . ".csv");
//create a file pointer
$f = fopen('php://memory', 'w');