conn->real_escape_string(trim($_POST['invoice_no'] ?? '')); $client_name = $db->conn->real_escape_string(trim($_POST['client_name'] ?? '')); $client_address = $db->conn->real_escape_string(trim($_POST['client_address'] ?? '')); $client_email = $db->conn->real_escape_string(trim($_POST['client_email'] ?? '')); $client_phone = $db->conn->real_escape_string(trim($_POST['client_phone'] ?? '')); $invoice_date = $db->conn->real_escape_string(trim($_POST['invoice_date'] ?? '')); $due_date = $db->conn->real_escape_string(trim($_POST['due_date'] ?? '')); $notes = $db->conn->real_escape_string(trim($_POST['notes'] ?? '')); $status = $db->conn->real_escape_string(trim($_POST['status'] ?? 'UNPAID')); $rows = (int) ($_POST['no_rows'] ?? 0); if (!$record_id || empty($invoice_no) || empty($client_name)) { echo ""; exit; } $db->conn->begin_transaction(); try { /* Update invoice header */ $db->query("invoices", "UPDATE invoices SET client_name = '$client_name', client_address = '$client_address', client_email = '$client_email', client_phone = '$client_phone', invoice_date = '$invoice_date', due_date = '$due_date', notes = '$notes', status = '$status' WHERE record_id = $record_id" ); /* Delete old line items and re-insert */ $db->query("invoice_items", "DELETE FROM invoice_items WHERE invoice_no = '$invoice_no'" ); $i = 1; while ($i <= $rows) { $desc = $db->conn->real_escape_string(trim($_POST["desc_$i"] ?? '')); $qty = (float) ($_POST["qty_$i"] ?? 0); $unit_price = (float) ($_POST["unit_price_$i"] ?? 0); $total = $qty * $unit_price; if (empty($desc)) { $i++; continue; } $db->query("invoice_items", "INSERT INTO invoice_items (invoice_no, description, quantity, unit_price, total) VALUES ('$invoice_no','$desc','$qty','$unit_price','$total')" ); $i++; } $db->conn->commit(); echo ""; } catch (Exception $e) { $db->conn->rollback(); echo ""; }