csrtechnew.ohctech.in/save_fee.php

<?php
include('includes/config/config.php');
include('includes/functions.php');
include('log_entry.php');

// Start logging
error_log("Start Printing Request Attributes");

// Initialize request log string
$requestStr = "";

// Log request parameters
foreach ($_REQUEST as $key => $value) {
    $requestStr .= htmlspecialchars($key) . " : " . htmlspecialchars($value) . "\n";
    error_log(htmlspecialchars($key) . " : " . htmlspecialchars($value));
}

error_log("End Printing Request Attributes");

// Save request log
save_log($requestStr, 'Schedule', 'SAVE', 'save_fee.php');

// Collect POST data safely
$fee_collection_id = isset($_POST['fee_collection_id']) ? $_POST['fee_collection_id'] : '';
$batch_name = isset($_POST['batch_name']) ? $_POST['batch_name'] : '';
$fee_schedule_id = isset($_POST['fee_schedule_id']) ? $_POST['fee_schedule_id'] : '';
$beneficiary_id = isset($_POST['beneficiary_id']) ? $_POST['beneficiary_id'] : '';
$collection_date = isset($_POST['collection_date']) ? $_POST['collection_date'] : '';
$fee_amount = isset($_POST['fee_amount']) ? $_POST['fee_amount'] : '';
$collection_status = isset($_POST['collection_status']) ? $_POST['collection_status'] : '';
$payment_mode = isset($_POST['payment_mode']) ? $_POST['payment_mode'] : '';
$payment_remarks = isset($_POST['payment_remarks']) ? $_POST['payment_remarks'] : '';
$modified_by = isset($_SESSION['logged_user_empid']) ? $_SESSION['logged_user_empid'] : '';
$ohc_type_id = isset($_SESSION['current_ohcttype']) ? $_SESSION['current_ohcttype'] : ''; // Ensure the value is set

error_log("Beneficiary Id: " . $beneficiary_id);

// Ensure database connection is successful
if (!$conn) {
    error_log('Database connection failed.');
    exit('Database connection failed.');
}

// Prepare SQL query using prepared statements
if (!empty($fee_collection_id)) {
    // Update existing record
    $query = "UPDATE fee_collection SET 
                batch_name = ?, 
                fee_schedule_id = ?, 
                beneficiary_name = ?, 
                collection_date = ?, 
                fee_amount = ?, 
                collection_status = ?, 
                payment_mode = ?, 
                remarks = ?, 
                ohc_type_id = ?, 
                modified_by = ?
              WHERE fee_collection_id = ?";

    $stmt = $conn->prepare($query);
    if ($stmt === false) {
        error_log('Prepare failed: ' . $conn->error);
        exit('Prepare failed.');
    }
    $stmt->bind_param('sissssssssi', $batch_name, $fee_schedule_id, $beneficiary_id, $collection_date, $fee_amount, $collection_status, $payment_mode, $payment_remarks, $ohc_type_id, $modified_by, $fee_collection_id);
} else {
    // Insert new record
    $query = "INSERT INTO fee_collection(
                batch_name, 
                fee_schedule_id, 
                beneficiary_name, 
                collection_date, 
                fee_amount, 
                collection_status, 
                payment_mode, 
                remarks, 
                ohc_type_id, 
                modified_by 
              ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";

    $stmt = $conn->prepare($query);
    if ($stmt === false) {
        error_log('Prepare failed: ' . $conn->error);
        exit('Prepare failed.');
    }
    $stmt->bind_param('sissssssss', $batch_name, $fee_schedule_id, $beneficiary_id, $collection_date, $fee_amount, $collection_status, $payment_mode, $payment_remarks, $ohc_type_id, $modified_by);
}

// Log the query (note: avoid logging sensitive data in production)
error_log($query);

// Execute the query and handle errors
if (!$stmt->execute()) {
    error_log('Execute failed: ' . $stmt->error);
    exit('Execute failed.');
}

// Close the statement
$stmt->close();

// Close the database connection
$conn->close();
?>