prepare("SELECT u.* FROM user_tokens ut JOIN users u ON u.id = ut.user_id WHERE ut.token = ? AND ut.expires_at > NOW() AND u.is_active = 1");
$ts->execute([$token]);
$user = $ts->fetch();
if (!$user) { http_response_code(401); die('Unauthorised'); }
} else {
$user = requireAuth();
}
$db = getDB();
$isAdmin = in_array($user['role_id'], [1, 5]);
$dateFrom = $_GET['date_from'] ?? date('Y-m-01');
$dateTo = $_GET['date_to'] ?? date('Y-m-d');
$status = $_GET['status'] ?? '';
$myOnly = ($_GET['my_only'] ?? '0') === '1';
// Build slip query
$slipWhere = ['s.slip_date BETWEEN ? AND ?'];
$slipParams = [$dateFrom, $dateTo];
if ($myOnly || !$isAdmin) { $slipWhere[] = 's.user_id = ?'; $slipParams[] = $user['id']; }
if ($status && $status !== 'fuel') { $slipWhere[] = 's.status = ?'; $slipParams[] = $status; }
$showFuelOnly = ($status === 'fuel');
$showSlips = !$showFuelOnly;
$showFuel = ($status === '' || $status === 'fuel');
$fuelWhere = ["fc.cost_type = 'fuel'", 'fc.cost_date BETWEEN ? AND ?'];
$fuelParams = [$dateFrom, $dateTo];
if ($myOnly || !$isAdmin) { $fuelWhere[] = 'fc.created_by = ?'; $fuelParams[] = $user['id']; }
$parts = []; $params = [];
if ($showSlips) {
$parts[] = "SELECT s.id, s.slip_date, s.merchant, s.category, s.amount, s.vat_amount, s.payment_method, s.description, s.status, u.full_name AS user_name, p.name AS project_name, jc.job_number, NULL AS vehicle_reg, 'slip' AS source_type FROM slips s JOIN users u ON u.id = s.user_id LEFT JOIN projects p ON p.id = s.project_id LEFT JOIN job_cards jc ON jc.id = s.job_card_id WHERE " . implode(' AND ', $slipWhere);
$params = array_merge($params, $slipParams);
}
if ($showFuel) {
$parts[] = "SELECT fc.id, fc.cost_date AS slip_date, v.registration AS merchant, 'Fuel' AS category, fc.amount, NULL AS vat_amount, 'card' AS payment_method, fc.description, 'fuel' AS status, u.full_name AS user_name, NULL AS project_name, NULL AS job_number, v.registration AS vehicle_reg, 'fuel' AS source_type FROM fleet_costs fc JOIN fleet_vehicles v ON v.id = fc.vehicle_id LEFT JOIN users u ON u.id = fc.created_by WHERE " . implode(' AND ', $fuelWhere);
$params = array_merge($params, $fuelParams);
}
$slips = [];
if ($parts) {
$stmt = $db->prepare(implode(' UNION ALL ', $parts) . ' ORDER BY slip_date DESC, id DESC');
$stmt->execute($params);
$slips = $stmt->fetchAll();
}
$total = array_sum(array_column($slips, 'amount'));
$totalVat = array_sum(array_column($slips, 'vat_amount'));
// Company name
$coStmt = $db->query("SELECT setting_value FROM settings WHERE setting_key='company_name' LIMIT 1");
$company = $coStmt ? ($coStmt->fetchColumn() ?: 'Elegant Work') : 'Elegant Work';
// Category summary
$catSummary = [];
foreach ($slips as $s) {
$cat = $s['category'] ?: 'Uncategorised';
$catSummary[$cat] = ($catSummary[$cat] ?? 0) + (float)$s['amount'];
}
arsort($catSummary);
$statusLabel = $status ? ucfirst($status) : 'All';
$dateLabel = date('d M Y', strtotime($dateFrom)) . ' โ ' . date('d M Y', strtotime($dateTo));
$generated = date('d M Y H:i');
function fmt($n) { return 'R ' . number_format((float)$n, 2); }
function statusColor($s) {
return ['linked'=>'#1d4ed8','reimbursed'=>'#15803d','rejected'=>'#dc2626','unlinked'=>'#92400e','fuel'=>'#6d28d9'][$s] ?? '#374151';
}
function statusBg($s) {
return ['linked'=>'#eff6ff','reimbursed'=>'#f0fdf4','rejected'=>'#fff1f2','unlinked'=>'#fffbeb','fuel'=>'#f5f3ff'][$s] ?? '#f3f4f6';
}
?>
Slip Report โ <?= htmlspecialchars($company) ?>
records ยท
Total Expenses
records in period
VAT Amount
Total VAT across slips
Slip Detail
| Date |
Merchant |
Category |
Description |
Method |
Linked To |
Employee |
Status |
Amount |
VAT |
|
|
|
|
|
|
|
|
|
|
| TOTAL |
|
|