Heray-Was-Here
Server : LiteSpeed
System : Linux uk-fast-web1372.main-hosting.eu 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
User : u390967363 ( 390967363)
PHP Version : 8.2.30
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
Directory :  /home/u390967363/domains/aibenproperties.com/public_html/app/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/u390967363/domains/aibenproperties.com/public_html/app/finance-accounts.php
<?php
ob_start();
require_once 'includes/header.php';

$role = $_SESSION['user_role'] ?? 'guest';
$roleLower = strtolower((string)$role);
$canView = (function_exists('isFinanceTier') && isFinanceTier($role)) || (function_exists('isAdminTier') && isAdminTier($role));
if (!$canView) {
    echo "<div class='container py-4'><div class='alert alert-danger'>Access Denied</div></div>";
    require_once 'includes/footer.php';
    exit;
}

$canManage = in_array($roleLower, ['finance','finance_officer','finance_manager'], true);

if (function_exists('ensureFinanceAccountsTable')) { ensureFinanceAccountsTable(); }

$companyId = function_exists('getCurrentCompanyId') ? getCurrentCompanyId() : null;

$error = '';
$success = '';

global $pdo;

$action = trim((string)($_POST['action'] ?? ''));
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $action !== '') {
    if (!$canManage) {
        $error = 'Access Denied';
    } else {
        try {
            if ($action === 'deactivate') {
                $id = (int)($_POST['id'] ?? 0);
                if ($id <= 0) {
                    $error = 'Invalid account.';
                } else {
                    $pdo->prepare("UPDATE finance_accounts SET status = 'inactive' WHERE id = ?")->execute([$id]);
                    $success = 'Account removed.';
                }
            } else {
                $name = trim((string)($_POST['account_name'] ?? ''));
                $type = trim((string)($_POST['account_type'] ?? 'bank'));
                $number = trim((string)($_POST['account_number'] ?? ''));
                $status = trim((string)($_POST['status'] ?? 'active'));
                $balance = (string)($_POST['balance'] ?? '0');
                $balanceVal = is_numeric($balance) ? (float)$balance : 0.0;
                if ($name === '') {
                    $error = 'Account name is required.';
                } elseif (!in_array($type, ['bank','cash'], true)) {
                    $error = 'Invalid account type.';
                } else {
                    if ($action === 'create') {
                    $cols = ['account_name','account_type','account_number','balance','status'];
                    $vals = [$name, $type, ($number !== '' ? $number : null), $balanceVal, ($status !== '' ? $status : 'active')];
                    if ($companyId && function_exists('tableHasColumn') && tableHasColumn('finance_accounts','company_id')) { $cols[] = 'company_id'; $vals[] = $companyId; }
                    $sql = "INSERT INTO finance_accounts (" . implode(',', $cols) . ") VALUES (" . implode(',', array_fill(0, count($cols), '?')) . ")";
                    $st = $pdo->prepare($sql);
                    $st->execute($vals);
                    $success = 'Account created.';
                    } elseif ($action === 'update') {
                    $id = (int)($_POST['id'] ?? 0);
                    if ($id <= 0) {
                        $error = 'Invalid account.';
                    } else {
                        $set = "account_name = ?, account_type = ?, account_number = ?, balance = ?, status = ?";
                        $params = [$name, $type, ($number !== '' ? $number : null), $balanceVal, ($status !== '' ? $status : 'active'), $id];
                        $pdo->prepare("UPDATE finance_accounts SET $set WHERE id = ?")->execute($params);
                        $success = 'Account updated.';
                    }
                }
            }
            }
        } catch (Throwable $e) {
            $error = 'Failed to save account.';
        }
    }
}

$q = trim((string)($_GET['q'] ?? ''));
$statusFilter = trim((string)($_GET['status'] ?? ''));
$rows = [];
$editRow = null;

try {
    $where = [];
    $params = [];
    if ($companyId && function_exists('tableHasColumn') && tableHasColumn('finance_accounts','company_id')) { $where[] = "(company_id = ? OR company_id IS NULL)"; $params[] = $companyId; }
    if ($q !== '') { $where[] = "LOWER(account_name) LIKE ?"; $params[] = '%' . strtolower($q) . '%'; }
    if ($statusFilter !== '') { $where[] = "LOWER(TRIM(status)) = ?"; $params[] = strtolower($statusFilter); }
    $sql = "SELECT id, account_name, account_type, account_number, balance, status, created_at, updated_at FROM finance_accounts";
    if (!empty($where)) { $sql .= " WHERE " . implode(' AND ', $where); }
    $sql .= " ORDER BY account_name ASC, id DESC";
    $st = $pdo->prepare($sql);
    $st->execute($params);
    $rows = $st->fetchAll(PDO::FETCH_ASSOC) ?: [];
} catch (Throwable $e) {
    $rows = [];
}

$editId = (int)($_GET['edit_id'] ?? 0);
if ($editId > 0) {
    try {
        $st = $pdo->prepare("SELECT id, account_name, account_type, account_number, balance, status FROM finance_accounts WHERE id = ? LIMIT 1");
        $st->execute([$editId]);
        $editRow = $st->fetch(PDO::FETCH_ASSOC) ?: null;
    } catch (Throwable $e) { $editRow = null; }
}
?>

<div class="container-fluid px-4">
    <div class="d-flex justify-content-between align-items-center flex-wrap gap-2 mt-4 mb-3">
        <div>
            <h1 class="h3 mb-1 text-gray-800"><i class="fa-solid fa-building-columns me-2"></i>Finance Accounts</h1>
            <div class="text-muted small">Manage bank and cash accounts used for expense tracking.</div>
        </div>
        <div class="d-flex gap-2">
            <a href="finance-expenses.php" class="btn btn-outline-secondary">Back to Expenses</a>
        </div>
    </div>

    <?php if ($error !== ''): ?>
        <div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
    <?php endif; ?>
    <?php if ($success !== ''): ?>
        <div class="alert alert-success"><?= htmlspecialchars($success) ?></div>
    <?php endif; ?>

    <div class="row g-3">
        <div class="col-12 col-lg-4">
            <div class="card shadow-sm border-0">
                <div class="card-body">
                    <div class="fw-bold mb-2"><?= $editRow ? 'Edit Account' : 'Add Account' ?></div>
                    <?php if (!$canManage): ?>
                        <div class="alert alert-warning mb-0">Only finance users can add, edit, or remove accounts.</div>
                    <?php else: ?>
                        <form method="POST" class="row g-2">
                            <input type="hidden" name="action" value="<?= $editRow ? 'update' : 'create' ?>">
                            <?php if ($editRow): ?>
                                <input type="hidden" name="id" value="<?= (int)$editRow['id'] ?>">
                            <?php endif; ?>
                            <div class="col-12">
                                <label class="form-label small text-muted fw-bold">Account Name</label>
                                <input type="text" name="account_name" class="form-control" value="<?= htmlspecialchars((string)($editRow['account_name'] ?? '')) ?>" required>
                            </div>
                            <div class="col-12 col-md-6">
                                <label class="form-label small text-muted fw-bold">Type</label>
                                <?php $tVal = (string)($editRow['account_type'] ?? 'bank'); ?>
                                <select name="account_type" class="form-select">
                                    <option value="bank" <?= $tVal === 'bank' ? 'selected' : '' ?>>Bank</option>
                                    <option value="cash" <?= $tVal === 'cash' ? 'selected' : '' ?>>Cash</option>
                                </select>
                            </div>
                            <div class="col-12 col-md-6">
                                <label class="form-label small text-muted fw-bold">Status</label>
                                <?php $sVal = (string)($editRow['status'] ?? 'active'); ?>
                                <select name="status" class="form-select">
                                    <option value="active" <?= strtolower($sVal) === 'active' ? 'selected' : '' ?>>Active</option>
                                    <option value="inactive" <?= strtolower($sVal) === 'inactive' ? 'selected' : '' ?>>Inactive</option>
                                </select>
                            </div>
                            <div class="col-12">
                                <label class="form-label small text-muted fw-bold">Account Number</label>
                                <input type="text" name="account_number" class="form-control" value="<?= htmlspecialchars((string)($editRow['account_number'] ?? '')) ?>">
                            </div>
                            <div class="col-12">
                                <label class="form-label small text-muted fw-bold">Balance</label>
                                <input type="number" step="0.01" name="balance" class="form-control" value="<?= htmlspecialchars((string)($editRow['balance'] ?? '0')) ?>">
                            </div>
                            <div class="col-12 d-flex gap-2">
                                <button type="submit" class="btn btn-primary"><?= $editRow ? 'Save Changes' : 'Add Account' ?></button>
                                <?php if ($editRow): ?>
                                    <a href="finance-accounts.php" class="btn btn-light border">Cancel</a>
                                <?php endif; ?>
                            </div>
                        </form>
                    <?php endif; ?>
                </div>
            </div>
        </div>

        <div class="col-12 col-lg-8">
            <div class="card shadow-sm border-0">
                <div class="card-body">
                    <form method="GET" class="row g-2 align-items-end mb-3">
                        <div class="col-12 col-md-6">
                            <label class="form-label small text-muted fw-bold">Search</label>
                            <input type="text" name="q" class="form-control" value="<?= htmlspecialchars($q) ?>" placeholder="Account name...">
                        </div>
                        <div class="col-12 col-md-3">
                            <label class="form-label small text-muted fw-bold">Status</label>
                            <select name="status" class="form-select">
                                <option value="">All</option>
                                <option value="active" <?= strtolower($statusFilter) === 'active' ? 'selected' : '' ?>>Active</option>
                                <option value="inactive" <?= strtolower($statusFilter) === 'inactive' ? 'selected' : '' ?>>Inactive</option>
                            </select>
                        </div>
                        <div class="col-12 col-md-3 d-flex gap-2 justify-content-end">
                            <a href="finance-accounts.php" class="btn btn-outline-secondary">Reset</a>
                            <button type="submit" class="btn btn-primary">Search</button>
                        </div>
                    </form>

                    <div class="table-responsive">
                        <table class="table table-striped align-middle mb-0">
                            <thead>
                                <tr>
                                    <th>Account</th>
                                    <th>Type</th>
                                    <th>Number</th>
                                    <th class="text-end">Balance</th>
                                    <th>Status</th>
                                    <th class="text-end">Action</th>
                                </tr>
                            </thead>
                            <tbody>
                                <?php if (empty($rows)): ?>
                                    <tr><td colspan="6" class="text-muted fst-italic py-4">No accounts found.</td></tr>
                                <?php else: ?>
                                    <?php foreach ($rows as $r): ?>
                                        <?php
                                            $id = (int)($r['id'] ?? 0);
                                            $bal = (float)($r['balance'] ?? 0);
                                            $st = trim((string)($r['status'] ?? ''));
                                        ?>
                                        <tr>
                                            <td class="fw-semibold"><?= htmlspecialchars((string)($r['account_name'] ?? '')) ?></td>
                                            <td><?= htmlspecialchars((string)($r['account_type'] ?? '')) ?></td>
                                            <td><?= htmlspecialchars((string)($r['account_number'] ?? '')) ?></td>
                                            <td class="text-end fw-bold">₦<?= number_format($bal, 2) ?></td>
                                            <td><?= htmlspecialchars($st !== '' ? $st : '—') ?></td>
                                            <td class="text-end">
                                                <?php if ($canManage): ?>
                                                    <div class="d-inline-flex gap-2">
                                                        <a class="btn btn-sm btn-outline-primary" href="finance-accounts.php?edit_id=<?= $id ?>">Edit</a>
                                                        <form method="POST" class="d-inline" onsubmit="return confirm('Remove this account?');">
                                                            <input type="hidden" name="action" value="deactivate">
                                                            <input type="hidden" name="id" value="<?= $id ?>">
                                                            <button type="submit" class="btn btn-sm btn-outline-danger">Remove</button>
                                                        </form>
                                                    </div>
                                                <?php else: ?>
                                                    <span class="text-muted">—</span>
                                                <?php endif; ?>
                                            </td>
                                        </tr>
                                    <?php endforeach; ?>
                                <?php endif; ?>
                            </tbody>
                        </table>
                    </div>
                </div>
            </div>
        </div>
    </div>
</div>

<?php require_once 'includes/footer.php'; ?>

Hry