conn->real_escape_string(trim($_POST['invoice_no'] ?? '')); $client_name = $db->conn->real_escape_string(trim($_POST['client_name'] ?? '')); $client_address = $db->conn->real_escape_string(trim($_POST['client_address'] ?? '')); $client_email = $db->conn->real_escape_string(trim($_POST['client_email'] ?? '')); $client_phone = $db->conn->real_escape_string(trim($_POST['client_phone'] ?? '')); $invoice_date = $db->conn->real_escape_string(trim($_POST['invoice_date'] ?? '')); $due_date = $db->conn->real_escape_string(trim($_POST['due_date'] ?? '')); $notes = $db->conn->real_escape_string(trim($_POST['notes'] ?? '')); $status = $db->conn->real_escape_string(trim($_POST['status'] ?? 'UNPAID')); $rows = (int) ($_POST['no_rows'] ?? 0); if (empty($invoice_no) || empty($client_name) || empty($invoice_date) || $rows < 1) { echo ""; exit; } $db->conn->begin_transaction(); try { $db->query("invoices", "INSERT INTO invoices (invoice_no, client_name, client_address, client_email, client_phone, invoice_date, due_date, notes, status) VALUES ('$invoice_no','$client_name','$client_address','$client_email','$client_phone','$invoice_date','$due_date','$notes','$status')" ); $i = 1; while ($i <= $rows) { $desc = $db->conn->real_escape_string(trim($_POST["desc_$i"] ?? '')); $qty = (float) ($_POST["qty_$i"] ?? 0); $unit_price = (float) ($_POST["unit_price_$i"] ?? 0); $total = $qty * $unit_price; if (empty($desc)) { $i++; continue; } $db->query("invoice_items", "INSERT INTO invoice_items (invoice_no, description, quantity, unit_price, total) VALUES ('$invoice_no','$desc','$qty','$unit_price','$total')" ); $i++; } $db->conn->commit(); echo ""; } catch (Exception $e) { $db->conn->rollback(); echo ""; }