<?php
/**
 * DigitalBits Accounting — Standalone App
 * Deploy to: accounts.digitalbits.co.za/index.php
 * Single-file app: PHP backend + HTML/CSS/JS frontend
 */

// ============ CONFIG ============
define('ACC_PASSWORD', 'DBAccounts2025!');
define('DB_HOST', 'localhost');
define('DB_NAME', 'digibits_wp902');
define('DB_USER', 'digibits_wp902');
define('DB_PASS', 'your_db_password_here');

// ============ HELPERS ============
function sanitize($s) { return htmlspecialchars(trim($s ?? ''), ENT_QUOTES, 'UTF-8'); }
function json_ok($d) { header('Content-Type: application/json'); echo json_encode(['success'=>true,'data'=>$d]); exit; }
function json_err($m) { header('Content-Type: application/json'); echo json_encode(['success'=>false,'data'=>['message'=>$m]]); exit; }

class DB {
    private $p;
    function __construct() { $this->p = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset=utf8mb4', DB_USER, DB_PASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION]); }
    function q($sql) { return $this->p->exec($sql); }
    function val($sql, $pr=[]) { $s=$this->p->prepare($sql); $s->execute($pr); return $s->fetchColumn(); }
    function row($sql, $pr=[]) { $s=$this->p->prepare($sql); $s->execute($pr); return $s->fetch(PDO::FETCH_ASSOC); }
    function all($sql, $pr=[]) { $s=$this->p->prepare($sql); $s->execute($pr); return $s->fetchAll(PDO::FETCH_ASSOC); }
    function ins($t, $d) { $c=implode(',',array_keys($d)); $v=implode(',',array_fill(0,count($d),'?')); $s=$this->p->prepare("INSERT INTO $t ($c) VALUES ($v)"); $s->execute(array_values($d)); return $this->p->lastInsertId(); }
    function upd($t, $d, $w) { $s=implode(',',array_map(fn($k)=>"$k=?",array_keys($d))); $wh=implode(' AND ',array_map(fn($k)=>"$k=?",array_keys($w))); $st=$this->p->prepare("UPDATE $t SET $s WHERE $wh"); $st->execute(array_merge(array_values($d),array_values($w))); }
    function del($t, $w) { $wh=implode(' AND ',array_map(fn($k)=>"$k=?",array_keys($w))); $s=$this->p->prepare("DELETE FROM $t WHERE $wh"); $s->execute(array_values($w)); }
}

// ============ AUTH ============
session_start();
if (isset($_GET['logout'])) { $_SESSION['acc_auth']=false; header('Location: ./'); exit; }
if (isset($_POST['acc_password']) && !isset($_POST['admin_action'])) {
    if ($_POST['acc_password'] === ACC_PASSWORD) $_SESSION['acc_auth'] = true;
}
$auth = !empty($_SESSION['acc_auth']);

// ============ AJAX ============
if (isset($_POST['admin_action'])) {
    if (!$auth) json_err('Not authenticated');
    try { $db = new DB(); } catch(Exception $e) { json_err('DB error: '.$e->getMessage()); }
    $act = sanitize($_POST['admin_action']);

    switch($act) {

    case 'acc_setup':
        $db->q("CREATE TABLE IF NOT EXISTS acc_settings(id INT PRIMARY KEY AUTO_INCREMENT,company_name VARCHAR(200) DEFAULT 'DigitalBits (Pty) Ltd',registration_no VARCHAR(50),tax_number VARCHAR(20),address TEXT,city VARCHAR(100),province VARCHAR(50) DEFAULT 'Gauteng',postal_code VARCHAR(10),phone VARCHAR(20),email VARCHAR(100),bank_name VARCHAR(100) DEFAULT 'Capitec Business',bank_account VARCHAR(30),bank_branch VARCHAR(20),fy_start DATE DEFAULT '2025-03-01',fy_end DATE DEFAULT '2026-02-28',invoice_prefix VARCHAR(10) DEFAULT 'DB',next_invoice_no INT DEFAULT 1001,logo_path VARCHAR(200),created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_accounts(id INT PRIMARY KEY AUTO_INCREMENT,code VARCHAR(10) NOT NULL UNIQUE,name VARCHAR(200) NOT NULL,account_type ENUM('asset','liability','equity','income','cogs','expense') NOT NULL,sub_type VARCHAR(50),is_system TINYINT(1) DEFAULT 0,is_active TINYINT(1) DEFAULT 1,description VARCHAR(500),created_at DATETIME DEFAULT CURRENT_TIMESTAMP,INDEX idx_type(account_type),INDEX idx_code(code))ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_journals(id INT PRIMARY KEY AUTO_INCREMENT,journal_no VARCHAR(20) NOT NULL,journal_date DATE NOT NULL,description VARCHAR(500),source_type ENUM('manual','opening','invoice','receipt','payment','expense','credit_note') DEFAULT 'manual',source_id INT,period VARCHAR(7),is_posted TINYINT(1) DEFAULT 1,created_at DATETIME DEFAULT CURRENT_TIMESTAMP,INDEX idx_date(journal_date),INDEX idx_period(period))ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_journal_lines(id INT PRIMARY KEY AUTO_INCREMENT,journal_id INT NOT NULL,account_code VARCHAR(10) NOT NULL,description VARCHAR(500),debit DECIMAL(12,2) DEFAULT 0.00,credit DECIMAL(12,2) DEFAULT 0.00,INDEX idx_journal(journal_id),INDEX idx_account(account_code))ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_customers(id INT PRIMARY KEY AUTO_INCREMENT,name VARCHAR(200) NOT NULL,email VARCHAR(200),phone VARCHAR(20),address VARCHAR(500),account_code VARCHAR(10) DEFAULT '1100',balance DECIMAL(12,2) DEFAULT 0.00,is_active TINYINT(1) DEFAULT 1,notes TEXT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_suppliers(id INT PRIMARY KEY AUTO_INCREMENT,name VARCHAR(200) NOT NULL,email VARCHAR(200),phone VARCHAR(20),address VARCHAR(500),account_code VARCHAR(10) DEFAULT '2000',balance DECIMAL(12,2) DEFAULT 0.00,is_active TINYINT(1) DEFAULT 1,notes TEXT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_invoices(id INT PRIMARY KEY AUTO_INCREMENT,invoice_no VARCHAR(20) NOT NULL,invoice_date DATE NOT NULL,due_date DATE NOT NULL,customer_id INT NOT NULL,subtotal DECIMAL(12,2) NOT NULL,total DECIMAL(12,2) NOT NULL,amount_paid DECIMAL(12,2) DEFAULT 0.00,status ENUM('draft','sent','paid','partial','overdue','cancelled') DEFAULT 'draft',notes TEXT,journal_id INT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_invoice_lines(id INT PRIMARY KEY AUTO_INCREMENT,invoice_id INT NOT NULL,description VARCHAR(500) NOT NULL,quantity DECIMAL(10,2) DEFAULT 1,unit_price DECIMAL(12,2) NOT NULL,line_total DECIMAL(12,2) NOT NULL,stock_item_id INT,account_code VARCHAR(10) DEFAULT '4000',INDEX idx_inv(invoice_id))ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_expenses(id INT PRIMARY KEY AUTO_INCREMENT,reference VARCHAR(50),expense_date DATE NOT NULL,supplier_id INT,account_code VARCHAR(10) NOT NULL,description VARCHAR(500),amount DECIMAL(12,2) NOT NULL,payment_method ENUM('bank','cash','card','eft') DEFAULT 'eft',is_paid TINYINT(1) DEFAULT 0,receipt_path VARCHAR(300),journal_id INT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_bank_transactions(id INT PRIMARY KEY AUTO_INCREMENT,transaction_date DATE NOT NULL,bank_account_code VARCHAR(10) DEFAULT '1000',type ENUM('receipt','payment','transfer','interest','fee') NOT NULL,reference VARCHAR(100),description VARCHAR(500),amount DECIMAL(12,2) NOT NULL,customer_id INT,supplier_id INT,invoice_id INT,is_reconciled TINYINT(1) DEFAULT 0,bank_statement_ref VARCHAR(100),journal_id INT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_stock_items(id INT PRIMARY KEY AUTO_INCREMENT,sku VARCHAR(50) NOT NULL UNIQUE,name VARCHAR(200) NOT NULL,category VARCHAR(50),description VARCHAR(500),cost_price DECIMAL(12,2) DEFAULT 0.00,selling_price DECIMAL(12,2) DEFAULT 0.00,quantity_on_hand INT DEFAULT 0,reorder_level INT DEFAULT 5,income_account VARCHAR(10) DEFAULT '4000',cogs_account VARCHAR(10) DEFAULT '5000',stock_account VARCHAR(10) DEFAULT '1300',is_active TINYINT(1) DEFAULT 1,created_at DATETIME DEFAULT CURRENT_TIMESTAMP)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
        $db->q("CREATE TABLE IF NOT EXISTS acc_stock_movements(id INT PRIMARY KEY AUTO_INCREMENT,stock_item_id INT NOT NULL,movement_date DATE NOT NULL,type ENUM('purchase','sale','adjustment','return','opening') NOT NULL,quantity INT NOT NULL,unit_cost DECIMAL(12,2),reference VARCHAR(100),notes VARCHAR(500),created_at DATETIME DEFAULT CURRENT_TIMESTAMP,INDEX idx_item(stock_item_id))ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");

        $cnt = $db->val("SELECT COUNT(*) FROM acc_accounts");
        if (!$cnt) {
            $accs = [['1000','Capitec Business Account','asset','bank',1],['1010','Yoco Settlements','asset','bank',0],['1020','Petty Cash','asset','cash',0],['1100','Trade Debtors','asset','current',1],['1110','Other Debtors','asset','current',0],['1300','Inventory - Finished Goods','asset','current',0],['1310','Inventory - Raw Materials','asset','current',0],['1320','Inventory - Packaging','asset','current',0],['1400','Prepaid Expenses','asset','current',0],['1500','Equipment - Laser Engraver','asset','fixed',0],['1510','Equipment - 3D Printer','asset','fixed',0],['1520','Equipment - Cricut','asset','fixed',0],['1530','Computer Equipment','asset','fixed',0],['1590','Accumulated Depreciation','asset','fixed',0],['2000','Trade Creditors','liability','current',1],['2010','Other Creditors','liability','current',0],['2200','Income Tax Payable','liability','current',0],['2300','Accrued Expenses','liability','current',0],['3000','Members Capital','equity','capital',1],['3100','Retained Earnings','equity','retained',1],['3200','Drawings','equity','drawings',0],['3300','Current Year Earnings','equity','current',1],['4000','Sales - HeartLink','income','sales',0],['4010','Sales - PocketPic','income','sales',0],['4020','Sales - LightLink','income','sales',0],['4030','Sales - Accessories','income','sales',0],['4040','Sales - Custom/Corporate','income','sales',0],['4100','Subscription Revenue','income','recurring',0],['4200','Shipping Income','income','other',0],['4900','Other Income','income','other',0],['4910','Interest Received','income','other',0],['5000','COGS - HeartLink','cogs','direct',0],['5010','COGS - PocketPic','cogs','direct',0],['5020','COGS - LightLink','cogs','direct',0],['5100','NFC Tags & Chips','cogs','materials',0],['5110','Filament (PLA/Silk PLA)','cogs','materials',0],['5120','Packaging Materials','cogs','materials',0],['5130','Laser Consumables','cogs','materials',0],['5140','Shipping Costs (outbound)','cogs','delivery',0],['6000','Advertising & Marketing','expense','marketing',0],['6010','Website & Hosting','expense','technology',0],['6020','Domain Names & SSL','expense','technology',0],['6030','Payment Gateway Fees','expense','banking',0],['6040','Marketplace Fees','expense','marketing',0],['6100','Equipment Repairs','expense','operational',0],['6110','Electricity','expense','operational',0],['6120','Internet & Data','expense','technology',0],['6130','Phone & Communications','expense','technology',0],['6200','Software & Subscriptions','expense','technology',0],['6210','Cloud Services','expense','technology',0],['6300','Office Supplies','expense','admin',0],['6400','Transport & Fuel','expense','operational',0],['6410','Courier & Delivery','expense','operational',0],['6500','Insurance','expense','admin',0],['6600','Bank Charges','expense','banking',0],['6700','Accounting Fees','expense','professional',0],['6800','Depreciation','expense','depreciation',0],['6900','Sundry Expenses','expense','other',0]];
            foreach($accs as $a) $db->ins('acc_accounts',['code'=>$a[0],'name'=>$a[1],'account_type'=>$a[2],'sub_type'=>$a[3],'is_system'=>$a[4]]);
        }
        if (!$db->val("SELECT COUNT(*) FROM acc_settings")) $db->ins('acc_settings',['company_name'=>'DigitalBits (Pty) Ltd','province'=>'Gauteng','bank_name'=>'Capitec Business','fy_start'=>'2025-03-01','fy_end'=>'2026-02-28']);
        json_ok(['message'=>'Accounting tables created & chart of accounts seeded','accounts'=>$cnt?'existed':'seeded']);
        break;

    case 'acc_get_coa': case 'acc_get_accounts':
        $t=sanitize($_POST['type']??'all'); $w=$t!=='all'?"WHERE account_type='".addslashes($t)."'":'';
        json_ok(['accounts'=>$db->all("SELECT * FROM acc_accounts $w ORDER BY code")]);
        break;

    case 'acc_add_account': case 'acc_save_account':
        $c=sanitize($_POST['code']??'');$n=sanitize($_POST['name']??'');$at=sanitize($_POST['account_type']??'');$st=sanitize($_POST['sub_type']??'');$eid=intval($_POST['edit_id']??0);
        if(!$c||!$n||!$at) json_err('Code, name, and type required');
        if($eid) $db->upd('acc_accounts',['code'=>$c,'name'=>$n,'account_type'=>$at,'sub_type'=>$st],['id'=>$eid]);
        else { if($db->val("SELECT id FROM acc_accounts WHERE code=?",[$c])) json_err('Code already exists'); $db->ins('acc_accounts',['code'=>$c,'name'=>$n,'account_type'=>$at,'sub_type'=>$st]); }
        json_ok(['message'=>'Account saved']);
        break;

    case 'acc_delete_account':
        $id=intval($_POST['id']??$_POST['account_id']??0); $a=$db->row("SELECT * FROM acc_accounts WHERE id=?",[$id]);
        if(!$a) json_err('Not found'); if($a['is_system']) json_err('Cannot delete system account');
        $used=$db->val("SELECT COUNT(*) FROM acc_journal_lines WHERE account_code=?",[$a['code']]);
        if($used) json_err("Has $used journal entries — cannot delete");
        $db->del('acc_accounts',['id'=>$id]); json_ok(['message'=>'Deleted']);
        break;

    case 'acc_post_journal':
        $dt=sanitize($_POST['date']??date('Y-m-d'));$desc=sanitize($_POST['description']??'');$src=sanitize($_POST['source_type']??'manual');
        $lines=json_decode($_POST['lines']??'[]',true);
        if(!$desc) json_err('Description required'); if(empty($lines)||count($lines)<2) json_err('Need at least 2 lines');
        $tdr=0;$tcr=0; foreach($lines as $l){$tdr+=floatval($l['debit']??0);$tcr+=floatval($l['credit']??0);}
        if(abs($tdr-$tcr)>0.01) json_err('Does not balance: DR '.number_format($tdr,2).' vs CR '.number_format($tcr,2));
        $jnum=$db->val("SELECT COALESCE(MAX(CAST(SUBSTRING(journal_no,4) AS UNSIGNED)),0)+1 FROM acc_journals");
        $jno='JNL'.str_pad($jnum,4,'0',STR_PAD_LEFT);
        $jid=$db->ins('acc_journals',['journal_no'=>$jno,'journal_date'=>$dt,'description'=>$desc,'source_type'=>$src,'period'=>date('Y-m',strtotime($dt))]);
        foreach($lines as $l) $db->ins('acc_journal_lines',['journal_id'=>$jid,'account_code'=>sanitize($l['account_code']),'description'=>sanitize($l['description']??''),'debit'=>floatval($l['debit']??0),'credit'=>floatval($l['credit']??0)]);
        json_ok(['message'=>"Journal $jno posted",'journal_no'=>$jno]);
        break;

    case 'acc_get_journals':
        $p=sanitize($_POST['period']??''); $w=$p?"WHERE period='".addslashes($p)."'":'';
        json_ok(['journals'=>$db->all("SELECT j.*,(SELECT SUM(debit) FROM acc_journal_lines WHERE journal_id=j.id) as total_debit,(SELECT COUNT(*) FROM acc_journal_lines WHERE journal_id=j.id) as line_count FROM acc_journals j $w ORDER BY j.journal_date DESC,j.id DESC LIMIT 200")]);
        break;

    case 'acc_get_journal':
        $jid=intval($_POST['journal_id']??0); $j=$db->row("SELECT * FROM acc_journals WHERE id=?",[$jid]);
        if(!$j) json_err('Not found');
        json_ok(['journal'=>$j,'lines'=>$db->all("SELECT jl.*,a.name as account_name FROM acc_journal_lines jl LEFT JOIN acc_accounts a ON jl.account_code=a.code WHERE jl.journal_id=? ORDER BY jl.id",[$jid])]);
        break;

    case 'acc_delete_journal':
        $jid=intval($_POST['journal_id']??0); $db->del('acc_journal_lines',['journal_id'=>$jid]); $db->del('acc_journals',['id'=>$jid]);
        json_ok(['message'=>'Journal deleted']);
        break;

    case 'acc_trial_balance':
        $d=sanitize($_POST['as_at']??date('Y-m-d'));
        json_ok(['accounts'=>$db->all("SELECT a.code,a.name,a.account_type,COALESCE(SUM(jl.debit),0) as total_debit,COALESCE(SUM(jl.credit),0) as total_credit,COALESCE(SUM(jl.debit),0)-COALESCE(SUM(jl.credit),0) as balance FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date<='$d' GROUP BY a.code,a.name,a.account_type HAVING total_debit>0 OR total_credit>0 ORDER BY a.code"),'as_at'=>$d]);
        break;

    case 'acc_pnl':
        $f=sanitize($_POST['from']??date('Y-m-01'));$t=sanitize($_POST['to']??date('Y-m-d'));
        $inc=$db->all("SELECT a.code,a.name,COALESCE(SUM(jl.credit)-SUM(jl.debit),0) as amount FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date BETWEEN '$f' AND '$t' WHERE a.account_type='income' GROUP BY a.code,a.name HAVING amount!=0 ORDER BY a.code");
        $cogs=$db->all("SELECT a.code,a.name,COALESCE(SUM(jl.debit)-SUM(jl.credit),0) as amount FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date BETWEEN '$f' AND '$t' WHERE a.account_type='cogs' GROUP BY a.code,a.name HAVING amount!=0 ORDER BY a.code");
        $exp=$db->all("SELECT a.code,a.name,COALESCE(SUM(jl.debit)-SUM(jl.credit),0) as amount FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date BETWEEN '$f' AND '$t' WHERE a.account_type='expense' GROUP BY a.code,a.name HAVING amount!=0 ORDER BY a.code");
        json_ok(['income'=>$inc,'cogs'=>$cogs,'expenses'=>$exp,'from'=>$f,'to'=>$t]);
        break;

    case 'acc_balance_sheet':
        $d=sanitize($_POST['as_at']??date('Y-m-d'));
        $assets=$db->all("SELECT a.code,a.name,a.sub_type,COALESCE(SUM(jl.debit)-SUM(jl.credit),0) as balance FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date<='$d' WHERE a.account_type='asset' GROUP BY a.code,a.name,a.sub_type HAVING balance!=0 ORDER BY a.code");
        $liab=$db->all("SELECT a.code,a.name,a.sub_type,COALESCE(SUM(jl.credit)-SUM(jl.debit),0) as balance FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date<='$d' WHERE a.account_type='liability' GROUP BY a.code,a.name,a.sub_type HAVING balance!=0 ORDER BY a.code");
        $eq=$db->all("SELECT a.code,a.name,a.sub_type,COALESCE(SUM(jl.credit)-SUM(jl.debit),0) as balance FROM acc_accounts a LEFT JOIN acc_journal_lines jl ON a.code=jl.account_code LEFT JOIN acc_journals j ON jl.journal_id=j.id AND j.journal_date<='$d' WHERE a.account_type='equity' GROUP BY a.code,a.name,a.sub_type HAVING balance!=0 ORDER BY a.code");
        json_ok(['assets'=>$assets,'liabilities'=>$liab,'equity'=>$eq,'as_at'=>$d]);
        break;

    case 'acc_ledger': case 'acc_general_ledger':
        $c=sanitize($_POST['account_code']??'');$f=sanitize($_POST['from']??date('Y-m-01'));$t=sanitize($_POST['to']??date('Y-m-d'));
        if(!$c) json_err('Select an account');
        $acc=$db->row("SELECT * FROM acc_accounts WHERE code=?",[$c]);
        $entries=$db->all("SELECT j.journal_no,j.journal_date,j.description as journal_desc,jl.description as line_desc,jl.debit,jl.credit FROM acc_journal_lines jl JOIN acc_journals j ON jl.journal_id=j.id WHERE jl.account_code=? AND j.journal_date BETWEEN ? AND ? ORDER BY j.journal_date,j.id",[$c,$f,$t]);
        $opening=$db->val("SELECT COALESCE(SUM(jl.debit)-SUM(jl.credit),0) FROM acc_journal_lines jl JOIN acc_journals j ON jl.journal_id=j.id WHERE jl.account_code=? AND j.journal_date<?",[$c,$f]);
        json_ok(['account'=>$acc,'entries'=>$entries,'opening_balance'=>floatval($opening),'from'=>$f,'to'=>$t]);
        break;

    case 'acc_save_settings':
        $fields=['company_name','registration_no','tax_number','address','city','province','postal_code','phone','email','bank_name','bank_account','bank_branch','invoice_prefix'];
        $data=[]; foreach($fields as $f) $data[$f]=sanitize($_POST[$f]??'');
        $db->upd('acc_settings',$data,['id'=>1]); json_ok(['message'=>'Settings saved']);
        break;

    case 'acc_get_settings':
        json_ok(['settings'=>$db->row("SELECT * FROM acc_settings LIMIT 1")]);
        break;

    default: json_err("Unknown action: $act");
    }
    exit;
}

$url = strtok($_SERVER['REQUEST_URI'], '?');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>DigitalBits Accounting</title>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet">
<style>
*{margin:0;padding:0;box-sizing:border-box}:root{--blue:#3b82f6;--green:#22c55e;--yellow:#fbbf24;--red:#ef4444;--bg:#0f0f12;--card:#18181b;--border:#27272a;--text:#fafafa;--text-muted:#a1a1aa}body{font-family:'Inter',-apple-system,sans-serif;background:var(--bg);color:var(--text);min-height:100vh}
.login-container{min-height:100vh;display:flex;align-items:center;justify-content:center;padding:20px}.login-box{background:var(--card);border:1px solid var(--border);border-radius:16px;padding:40px;width:100%;max-width:400px;text-align:center}.login-logo{font-size:48px;margin-bottom:16px}.login-title{font-size:24px;font-weight:700;margin-bottom:8px}.login-sub{color:var(--text-muted);margin-bottom:32px}
.form-input{width:100%;padding:12px 16px;background:var(--bg);border:1px solid var(--border);border-radius:10px;color:white;font-size:15px;font-family:inherit;margin-bottom:12px}.form-input:focus{outline:none;border-color:var(--blue)}select.form-input{cursor:pointer}
.btn{display:inline-flex;align-items:center;justify-content:center;gap:8px;padding:12px 24px;border-radius:10px;font-size:14px;font-weight:600;font-family:inherit;cursor:pointer;transition:all .2s;border:none;text-decoration:none}.btn-primary{background:var(--blue);color:white}.btn-primary:hover{background:#2563eb}.btn-secondary{background:var(--card);border:1px solid var(--border);color:white}.btn-success{background:var(--green);color:white}.btn-danger{background:var(--red);color:white}.btn-sm{padding:8px 16px;font-size:13px}
.wrap{max-width:1200px;margin:0 auto;padding:24px}.page-header{display:flex;align-items:center;justify-content:space-between;margin-bottom:24px;flex-wrap:wrap;gap:16px}.page-title{font-size:28px;font-weight:800}.header-actions{display:flex;gap:12px;flex-wrap:wrap}
.card{background:var(--card);border:1px solid var(--border);border-radius:12px;margin-bottom:24px}.card-header{display:flex;align-items:center;justify-content:space-between;padding:16px 20px;border-bottom:1px solid var(--border);flex-wrap:wrap;gap:8px}.card-title{font-size:16px;font-weight:700}.card-body{padding:20px}
table{width:100%;border-collapse:collapse}th,td{padding:10px 14px;text-align:left;border-bottom:1px solid var(--border)}th{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.5px;color:var(--text-muted);background:rgba(0,0,0,.2)}td{font-size:14px}tr:hover{background:rgba(255,255,255,.02)}
.nav-tabs{display:flex;gap:8px;margin-bottom:20px;flex-wrap:wrap;border-bottom:1px solid var(--border);padding-bottom:16px}.nav-tab{padding:8px 16px;background:var(--card);border:1px solid var(--border);border-radius:8px;font-size:13px;font-weight:500;color:var(--text-muted);cursor:pointer;transition:all .2s}.nav-tab:hover{border-color:var(--text-muted);color:var(--text)}.nav-tab.active{background:var(--blue);border-color:var(--blue);color:white}
.alert{padding:14px 18px;border-radius:10px;margin-bottom:16px;font-size:14px}.alert-success{background:rgba(34,197,94,.15);border:1px solid rgba(34,197,94,.3);color:#6ee7b7}.alert-error{background:rgba(239,68,68,.15);border:1px solid rgba(239,68,68,.3);color:#fca5a5}
.modal-overlay{position:fixed;inset:0;background:rgba(0,0,0,.8);backdrop-filter:blur(4px);display:none;align-items:center;justify-content:center;z-index:1000}.modal-overlay.show{display:flex}.modal{background:var(--card);border:1px solid var(--border);border-radius:16px;width:100%;max-width:600px;max-height:90vh;overflow-y:auto}.modal-header{display:flex;align-items:center;justify-content:space-between;padding:20px;border-bottom:1px solid var(--border)}.modal-title{font-size:18px;font-weight:700}.modal-close{background:none;border:none;color:var(--text-muted);font-size:24px;cursor:pointer}.modal-body{padding:20px}
.dr{color:#22c55e}.cr{color:#f87171}.form-group{margin-bottom:16px}.form-label{display:block;font-size:13px;font-weight:600;margin-bottom:6px}
@media(max-width:768px){.wrap{padding:16px}.page-title{font-size:22px}table{font-size:12px}th,td{padding:8px}.card-header{flex-direction:column;align-items:flex-start}}
</style>
</head>
<body>

<?php if (!$auth): ?>
<div class="login-container"><div class="login-box">
    <div class="login-logo">💰</div>
    <div class="login-title">DigitalBits Accounting</div>
    <div class="login-sub">Enter password to continue</div>
    <form method="POST"><input type="password" name="acc_password" class="form-input" placeholder="Password" autofocus><button type="submit" class="btn btn-primary" style="width:100%">Login</button></form>
</div></div>
<?php else: ?>
<div class="wrap">

<div class="page-header">
    <h1 class="page-title">💰 DigitalBits Accounting</h1>
    <div class="header-actions">
        <button class="btn btn-secondary btn-sm" onclick="accSetup()">⚙️ Setup Tables</button>
        <a href="?logout=1" class="btn btn-secondary btn-sm">🚪 Logout</a>
    </div>
</div>

<div class="nav-tabs">
    <button class="nav-tab active" onclick="showSec('coa',this)">📋 Chart of Accounts</button>
    <button class="nav-tab" onclick="showSec('journal',this)">📝 Journal Entry</button>
    <button class="nav-tab" onclick="showSec('journals',this)">📖 Journals</button>
    <button class="nav-tab" onclick="showSec('tb',this)">📊 Trial Balance</button>
    <button class="nav-tab" onclick="showSec('pnl',this)">📈 P&L</button>
    <button class="nav-tab" onclick="showSec('bs',this)">🏦 Balance Sheet</button>
    <button class="nav-tab" onclick="showSec('gl',this)">📒 General Ledger</button>
    <button class="nav-tab" onclick="showSec('settings',this)">⚙️ Settings</button>
</div>
<div id="acc-alert"></div>

<!-- COA -->
<div class="sec" id="sec-coa">
<div class="card"><div class="card-header"><h3 class="card-title">📋 Chart of Accounts</h3><div style="display:flex;gap:8px"><select id="coa-filter" class="form-input" style="width:auto;padding:6px 12px;margin:0" onchange="loadCOA()"><option value="all">All</option><option value="asset">Assets</option><option value="liability">Liabilities</option><option value="equity">Equity</option><option value="income">Income</option><option value="cogs">Cost of Sales</option><option value="expense">Expenses</option></select><button class="btn btn-success btn-sm" onclick="showAddAcc()">+ Add</button></div></div>
<div class="card-body">
<div id="acc-add-form" style="display:none;padding:16px;background:rgba(0,0,0,.2);border-radius:8px;margin-bottom:16px"><div style="display:grid;grid-template-columns:100px 1fr 150px 150px;gap:12px;align-items:end"><div class="form-group" style="margin:0"><label class="form-label">Code</label><input id="acc-code" class="form-input" style="margin:0;padding:8px" placeholder="6100"></div><div class="form-group" style="margin:0"><label class="form-label">Name</label><input id="acc-name" class="form-input" style="margin:0;padding:8px"></div><div class="form-group" style="margin:0"><label class="form-label">Type</label><select id="acc-type" class="form-input" style="margin:0;padding:8px"><option value="asset">Asset</option><option value="liability">Liability</option><option value="equity">Equity</option><option value="income">Income</option><option value="cogs">Cost of Sales</option><option value="expense">Expense</option></select></div><div style="display:flex;gap:8px"><input type="hidden" id="acc-edit-id" value="0"><button class="btn btn-success btn-sm" onclick="saveAcc()">💾</button><button class="btn btn-secondary btn-sm" onclick="document.getElementById('acc-add-form').style.display='none'">✕</button></div></div><div style="margin-top:8px"><input id="acc-sub-type" class="form-input" style="margin:0;padding:8px" placeholder="Sub-type (bank, current, fixed...)"></div></div>
<div style="overflow-x:auto"><table><thead><tr><th>Code</th><th>Name</th><th>Type</th><th>Sub</th><th>Sys</th><th style="width:100px">Actions</th></tr></thead><tbody id="coa-body"><tr><td colspan="6" style="text-align:center;color:var(--text-muted);padding:40px">Click Setup Tables to initialize</td></tr></tbody></table></div>
</div></div></div>

<!-- Journal Entry -->
<div class="sec" id="sec-journal" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">📝 New Journal Entry</h3></div><div class="card-body">
<div style="display:grid;grid-template-columns:1fr 2fr 1fr;gap:16px;margin-bottom:20px"><div class="form-group" style="margin:0"><label class="form-label">Date</label><input type="date" id="je-date" class="form-input" style="margin:0;padding:8px" value="<?php echo date('Y-m-d');?>"></div><div class="form-group" style="margin:0"><label class="form-label">Description</label><input id="je-desc" class="form-input" style="margin:0;padding:8px" placeholder="Journal description"></div><div class="form-group" style="margin:0"><label class="form-label">Source</label><select id="je-source" class="form-input" style="margin:0;padding:8px"><option value="manual">Manual</option><option value="opening">Opening Balance</option><option value="invoice">Invoice</option><option value="receipt">Receipt</option><option value="payment">Payment</option><option value="expense">Expense</option></select></div></div>
<table><thead><tr><th>Account</th><th>Description</th><th style="width:140px">Debit (R)</th><th style="width:140px">Credit (R)</th><th style="width:50px"></th></tr></thead>
<tbody id="je-lines"><tr><td><select class="form-input je-acc" style="margin:0;padding:6px"></select></td><td><input class="form-input je-ldesc" style="margin:0;padding:6px"></td><td><input type="number" step="0.01" class="form-input je-dr" style="margin:0;padding:6px" oninput="calcBal()"></td><td><input type="number" step="0.01" class="form-input je-cr" style="margin:0;padding:6px" oninput="calcBal()"></td><td></td></tr>
<tr><td><select class="form-input je-acc" style="margin:0;padding:6px"></select></td><td><input class="form-input je-ldesc" style="margin:0;padding:6px"></td><td><input type="number" step="0.01" class="form-input je-dr" style="margin:0;padding:6px" oninput="calcBal()"></td><td><input type="number" step="0.01" class="form-input je-cr" style="margin:0;padding:6px" oninput="calcBal()"></td><td></td></tr>
</tbody><tfoot><tr><td colspan="2" style="text-align:right;font-weight:700">TOTALS:</td><td id="je-tdr" style="font-weight:700;color:var(--green)">R 0.00</td><td id="je-tcr" style="font-weight:700;color:#f87171">R 0.00</td><td></td></tr></tfoot></table>
<div style="display:flex;gap:12px;margin-top:16px"><button class="btn btn-secondary btn-sm" onclick="addJnlLine()">+ Add Line</button><button class="btn btn-success" onclick="postJournal()">✅ Post Journal</button><div id="je-bal" style="margin-left:auto;padding:8px 16px;border-radius:8px;font-weight:600"></div></div>
</div></div></div>

<!-- Journals List -->
<div class="sec" id="sec-journals" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">📖 Journal Entries</h3><div style="display:flex;gap:8px;align-items:center"><input type="month" id="jnl-period" class="form-input" style="margin:0;padding:6px;width:auto" onchange="loadJournals()"><button class="btn btn-sm btn-secondary" onclick="document.getElementById('jnl-period').value='';loadJournals()">All</button></div></div>
<div class="card-body" style="overflow-x:auto"><table><thead><tr><th>No</th><th>Date</th><th>Description</th><th>Source</th><th>Lines</th><th>Total DR</th><th>Actions</th></tr></thead><tbody id="jnl-body"><tr><td colspan="7" style="text-align:center;color:var(--text-muted);padding:40px">No journals</td></tr></tbody></table></div></div></div>

<!-- Trial Balance -->
<div class="sec" id="sec-tb" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">📊 Trial Balance</h3><div style="display:flex;gap:8px;align-items:center"><label class="form-label" style="margin:0">As at:</label><input type="date" id="tb-date" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-d');?>"><button class="btn btn-sm btn-primary" onclick="genTB()">Generate</button></div></div>
<div class="card-body"><div id="tb-out"><p style="color:var(--text-muted);text-align:center;padding:40px">Click Generate</p></div></div></div></div>

<!-- P&L -->
<div class="sec" id="sec-pnl" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">📈 Income Statement</h3><div style="display:flex;gap:8px;align-items:center"><input type="date" id="pnl-from" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-01');?>"><span style="color:var(--text-muted)">to</span><input type="date" id="pnl-to" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-d');?>"><button class="btn btn-sm btn-primary" onclick="genPnL()">Generate</button></div></div>
<div class="card-body"><div id="pnl-out"><p style="color:var(--text-muted);text-align:center;padding:40px">Click Generate</p></div></div></div></div>

<!-- Balance Sheet -->
<div class="sec" id="sec-bs" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">🏦 Balance Sheet</h3><div style="display:flex;gap:8px;align-items:center"><label class="form-label" style="margin:0">As at:</label><input type="date" id="bs-date" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-d');?>"><button class="btn btn-sm btn-primary" onclick="genBS()">Generate</button></div></div>
<div class="card-body"><div id="bs-out"><p style="color:var(--text-muted);text-align:center;padding:40px">Click Generate</p></div></div></div></div>

<!-- General Ledger -->
<div class="sec" id="sec-gl" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">📒 General Ledger</h3><div style="display:flex;gap:8px;align-items:center;flex-wrap:wrap"><select id="gl-acc" class="form-input" style="margin:0;padding:6px;width:auto"><option value="">Select account...</option></select><input type="date" id="gl-from" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-01');?>"><input type="date" id="gl-to" class="form-input" style="margin:0;padding:6px;width:auto" value="<?php echo date('Y-m-d');?>"><button class="btn btn-sm btn-primary" onclick="genGL()">View</button></div></div>
<div class="card-body"><div id="gl-out"><p style="color:var(--text-muted);text-align:center;padding:40px">Select account and click View</p></div></div></div></div>

<!-- Settings -->
<div class="sec" id="sec-settings" style="display:none">
<div class="card"><div class="card-header"><h3 class="card-title">⚙️ Company Settings</h3></div><div class="card-body">
<div style="display:grid;grid-template-columns:1fr 1fr;gap:16px">
<div class="form-group"><label class="form-label">Company Name</label><input id="s-company_name" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Registration No</label><input id="s-registration_no" class="form-input" style="padding:8px" placeholder="2024/123456/07"></div>
<div class="form-group"><label class="form-label">Tax Number</label><input id="s-tax_number" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Email</label><input id="s-email" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Phone</label><input id="s-phone" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Province</label><input id="s-province" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Address</label><input id="s-address" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">City</label><input id="s-city" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Postal Code</label><input id="s-postal_code" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Bank Name</label><input id="s-bank_name" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Bank Account No</label><input id="s-bank_account" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Branch Code</label><input id="s-bank_branch" class="form-input" style="padding:8px"></div>
<div class="form-group"><label class="form-label">Invoice Prefix</label><input id="s-invoice_prefix" class="form-input" style="padding:8px" placeholder="DB"></div>
</div>
<button class="btn btn-success" onclick="saveSettings()" style="margin-top:16px">💾 Save Settings</button>
</div></div></div>

<!-- View Journal Modal -->
<div class="modal-overlay" id="jnlModal"><div class="modal"><div class="modal-header"><h3 class="modal-title" id="jnlModalTitle">Journal</h3><button class="modal-close" onclick="document.getElementById('jnlModal').classList.remove('show')">&times;</button></div><div class="modal-body" id="jnlModalBody"></div></div></div>

</div>
<?php endif; ?>
<script>
const U='<?php echo $url; ?>';
let cache=[];

function showSec(id,btn){document.querySelectorAll('.sec').forEach(s=>s.style.display='none');document.getElementById('sec-'+id).style.display='block';document.querySelectorAll('.nav-tab').forEach(t=>t.classList.remove('active'));if(btn)btn.classList.add('active');if(id==='coa')loadCOA();if(id==='journals')loadJournals();if(id==='journal')fillDropdowns();if(id==='gl')fillGLDropdown();if(id==='settings')loadSettings();}
function alert2(m,t='success'){const e=document.getElementById('acc-alert');e.innerHTML='<div class="alert alert-'+t+'">'+m+'</div>';setTimeout(()=>e.innerHTML='',4000);}
function R(n){return'R '+parseFloat(n||0).toLocaleString('en-ZA',{minimumFractionDigits:2,maximumFractionDigits:2})}

async function api(action,data={}){const fd=new FormData();fd.append('admin_action',action);for(const[k,v]of Object.entries(data))fd.append(k,v);const r=await fetch(U,{method:'POST',body:fd});return await r.json();}

// === SETUP ===
async function accSetup(){if(!confirm('Create accounting tables and seed chart of accounts?'))return;const d=await api('acc_setup');if(d.success){alert2(d.data.message);loadCOA();}else alert2(d.data.message,'error');}

// === COA ===
async function loadCOA(){const t=document.getElementById('coa-filter')?.value||'all';const d=await api('acc_get_coa',{type:t});if(!d.success)return;cache=d.data.accounts;const b=document.getElementById('coa-body');if(!cache.length){b.innerHTML='<tr><td colspan="6" style="text-align:center;color:var(--text-muted);padding:40px">No accounts. Run Setup first.</td></tr>';return;}const clr={asset:'#3b82f6',liability:'#f59e0b',equity:'#8b5cf6',income:'#22c55e',cogs:'#ef4444',expense:'#f87171'};b.innerHTML=cache.map(a=>`<tr><td style="font-family:monospace;font-weight:600">${a.code}</td><td>${a.name}</td><td><span style="padding:2px 8px;border-radius:4px;font-size:11px;background:${clr[a.account_type]}22;color:${clr[a.account_type]}">${a.account_type}</span></td><td style="color:var(--text-muted);font-size:12px">${a.sub_type||''}</td><td>${a.is_system==1?'🔒':''}</td><td>${a.is_system==1?'':`<button class="btn btn-sm btn-secondary" onclick="editAcc(${a.id},'${a.code}','${a.name}','${a.account_type}','${a.sub_type||''}')">✏️</button> <button class="btn btn-sm btn-danger" onclick="delAcc(${a.id})">🗑️</button>`}</td></tr>`).join('');}
function showAddAcc(){document.getElementById('acc-add-form').style.display='block';document.getElementById('acc-edit-id').value='0';document.getElementById('acc-code').value='';document.getElementById('acc-name').value='';}
function editAcc(id,c,n,t,s){document.getElementById('acc-add-form').style.display='block';document.getElementById('acc-edit-id').value=id;document.getElementById('acc-code').value=c;document.getElementById('acc-name').value=n;document.getElementById('acc-type').value=t;document.getElementById('acc-sub-type').value=s;}
async function saveAcc(){const d=await api('acc_add_account',{edit_id:document.getElementById('acc-edit-id').value,code:document.getElementById('acc-code').value,name:document.getElementById('acc-name').value,account_type:document.getElementById('acc-type').value,sub_type:document.getElementById('acc-sub-type').value});if(d.success){alert2('Account saved');document.getElementById('acc-add-form').style.display='none';loadCOA();}else alert2(d.data.message,'error');}
async function delAcc(id){if(!confirm('Delete this account?'))return;const d=await api('acc_delete_account',{id});if(d.success){alert2('Deleted');loadCOA();}else alert2(d.data.message,'error');}

// === JOURNAL ENTRY ===
function fillDropdowns(){if(!cache.length){api('acc_get_coa',{type:'all'}).then(d=>{if(d.success){cache=d.data.accounts;fill();}});}else fill();function fill(){const opts='<option value="">Select...</option>'+cache.map(a=>`<option value="${a.code}">${a.code} - ${a.name}</option>`).join('');document.querySelectorAll('.je-acc').forEach(s=>{const v=s.value;s.innerHTML=opts;s.value=v;});}}
function fillGLDropdown(){if(!cache.length){api('acc_get_coa',{type:'all'}).then(d=>{if(d.success){cache=d.data.accounts;gl();}});}else gl();function gl(){document.getElementById('gl-acc').innerHTML='<option value="">Select account...</option>'+cache.map(a=>`<option value="${a.code}">${a.code} - ${a.name}</option>`).join('');}}
function addJnlLine(){const tb=document.getElementById('je-lines');const r=document.createElement('tr');r.innerHTML=`<td><select class="form-input je-acc" style="margin:0;padding:6px"></select></td><td><input class="form-input je-ldesc" style="margin:0;padding:6px"></td><td><input type="number" step="0.01" class="form-input je-dr" style="margin:0;padding:6px" oninput="calcBal()"></td><td><input type="number" step="0.01" class="form-input je-cr" style="margin:0;padding:6px" oninput="calcBal()"></td><td><button class="btn btn-sm btn-danger" onclick="this.closest('tr').remove();calcBal()">✕</button></td>`;tb.appendChild(r);fillDropdowns();}
function calcBal(){let dr=0,cr=0;document.querySelectorAll('.je-dr').forEach(i=>dr+=parseFloat(i.value||0));document.querySelectorAll('.je-cr').forEach(i=>cr+=parseFloat(i.value||0));document.getElementById('je-tdr').textContent=R(dr);document.getElementById('je-tcr').textContent=R(cr);const b=document.getElementById('je-bal');const diff=Math.abs(dr-cr);if(diff<0.01){b.textContent='✅ Balanced';b.style.background='rgba(34,197,94,.2)';b.style.color='#6ee7b7';}else{b.textContent='⚠️ Out by '+R(diff);b.style.background='rgba(239,68,68,.2)';b.style.color='#fca5a5';}}
async function postJournal(){const lines=[];document.querySelectorAll('#je-lines tr').forEach(row=>{const a=row.querySelector('.je-acc')?.value;const desc=row.querySelector('.je-ldesc')?.value||'';const dr=parseFloat(row.querySelector('.je-dr')?.value||0);const cr=parseFloat(row.querySelector('.je-cr')?.value||0);if(a&&(dr>0||cr>0))lines.push({account_code:a,description:desc,debit:dr,credit:cr});});const d=await api('acc_post_journal',{date:document.getElementById('je-date').value,description:document.getElementById('je-desc').value,source_type:document.getElementById('je-source').value,lines:JSON.stringify(lines)});if(d.success){alert2(d.data.message);document.getElementById('je-desc').value='';document.querySelectorAll('.je-dr,.je-cr').forEach(i=>i.value='');calcBal();}else alert2(d.data.message,'error');}

// === JOURNALS LIST ===
async function loadJournals(){const p=document.getElementById('jnl-period')?.value||'';const d=await api('acc_get_journals',{period:p});if(!d.success)return;const b=document.getElementById('jnl-body');if(!d.data.journals.length){b.innerHTML='<tr><td colspan="7" style="text-align:center;color:var(--text-muted);padding:40px">No journals'+(p?' for '+p:'')+'</td></tr>';return;}const icons={manual:'📝',opening:'📂',invoice:'🧾',receipt:'💰',payment:'💳',expense:'🧾',credit_note:'↩️'};b.innerHTML=d.data.journals.map(j=>`<tr><td style="font-family:monospace;font-weight:600">${j.journal_no}</td><td>${j.journal_date}</td><td>${j.description}</td><td>${icons[j.source_type]||'📝'} ${j.source_type}</td><td>${j.line_count}</td><td>${R(j.total_debit)}</td><td><button class="btn btn-sm btn-secondary" onclick="viewJnl(${j.id})">👁️</button> <button class="btn btn-sm btn-danger" onclick="delJnl(${j.id})">🗑️</button></td></tr>`).join('');}
async function viewJnl(id){const d=await api('acc_get_journal',{journal_id:id});if(!d.success)return;const j=d.data.journal,lines=d.data.lines;document.getElementById('jnlModalTitle').textContent=j.journal_no+' — '+j.journal_date;let h='<p style="margin-bottom:16px;color:var(--text-muted)">'+j.description+' <span style="font-size:11px">('+j.source_type+')</span></p>';h+='<table><thead><tr><th>Account</th><th>Name</th><th>Debit</th><th>Credit</th></tr></thead><tbody>';let tdr=0,tcr=0;lines.forEach(l=>{tdr+=parseFloat(l.debit);tcr+=parseFloat(l.credit);h+=`<tr><td style="font-family:monospace">${l.account_code}</td><td>${l.account_name||''}</td><td class="dr">${l.debit>0?R(l.debit):''}</td><td class="cr">${l.credit>0?R(l.credit):''}</td></tr>`;});h+=`<tr style="font-weight:700;border-top:2px solid var(--border)"><td colspan="2" style="text-align:right">TOTAL</td><td class="dr">${R(tdr)}</td><td class="cr">${R(tcr)}</td></tr></tbody></table>`;document.getElementById('jnlModalBody').innerHTML=h;document.getElementById('jnlModal').classList.add('show');}
async function delJnl(id){if(!confirm('Delete this journal? Cannot be undone.'))return;const d=await api('acc_delete_journal',{journal_id:id});if(d.success){alert2('Deleted');loadJournals();}else alert2(d.data.message,'error');}

// === TRIAL BALANCE ===
async function genTB(){const d=await api('acc_trial_balance',{as_at:document.getElementById('tb-date').value});if(!d.success)return;let h='<h4 style="margin-bottom:4px">DigitalBits (Pty) Ltd</h4><p style="color:var(--text-muted);margin-bottom:16px">Trial Balance as at '+d.data.as_at+'</p>';h+='<table><thead><tr><th>Code</th><th>Account</th><th>Debit</th><th>Credit</th></tr></thead><tbody>';let tdr=0,tcr=0;d.data.accounts.forEach(a=>{const bal=parseFloat(a.balance);const isdr=['asset','cogs','expense'].includes(a.account_type);const dr=(isdr&&bal>=0)||(!isdr&&bal<0)?Math.abs(bal):0;const cr=(isdr&&bal<0)||(!isdr&&bal>=0)?Math.abs(bal):0;tdr+=dr;tcr+=cr;h+=`<tr><td style="font-family:monospace">${a.code}</td><td>${a.name}</td><td class="dr">${dr>0?R(dr):''}</td><td class="cr">${cr>0?R(cr):''}</td></tr>`;});h+=`<tr style="font-weight:700;border-top:2px solid var(--border)"><td colspan="2" style="text-align:right">TOTAL</td><td class="dr">${R(tdr)}</td><td class="cr">${R(tcr)}</td></tr></tbody></table>`;h+=Math.abs(tdr-tcr)<0.01?'<div style="margin-top:16px;padding:12px;background:rgba(34,197,94,.15);border-radius:8px;text-align:center;color:#6ee7b7">✅ Books balanced</div>':'<div style="margin-top:16px;padding:12px;background:rgba(239,68,68,.15);border-radius:8px;text-align:center;color:#fca5a5">⚠️ Out by '+R(Math.abs(tdr-tcr))+'</div>';document.getElementById('tb-out').innerHTML=h;}

// === P&L ===
async function genPnL(){const d=await api('acc_pnl',{from:document.getElementById('pnl-from').value,to:document.getElementById('pnl-to').value});if(!d.success)return;let h='<h4>DigitalBits (Pty) Ltd</h4><p style="color:var(--text-muted);margin-bottom:16px">Income Statement: '+d.data.from+' to '+d.data.to+'</p>';let ti=0,tc=0,te=0;
h+='<h5 style="color:var(--green);margin:16px 0 8px">INCOME</h5><table><tbody>';d.data.income.forEach(a=>{ti+=parseFloat(a.amount);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right;color:var(--green)">${R(a.amount)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(34,197,94,.1)"><td colspan="2">Total Income</td><td style="text-align:right">${R(ti)}</td></tr></tbody></table>`;
h+='<h5 style="color:var(--red);margin:16px 0 8px">COST OF SALES</h5><table><tbody>';d.data.cogs.forEach(a=>{tc+=parseFloat(a.amount);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right;color:#f87171">${R(a.amount)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(239,68,68,.1)"><td colspan="2">Total Cost of Sales</td><td style="text-align:right">${R(tc)}</td></tr></tbody></table>`;
const gp=ti-tc;const gm=ti>0?((gp/ti)*100).toFixed(1):0;h+=`<div style="padding:16px;background:rgba(59,130,246,.1);border-radius:8px;margin:16px 0;display:flex;justify-content:space-between"><span style="font-weight:700;font-size:16px">GROSS PROFIT</span><span style="font-weight:700;font-size:16px;color:${gp>=0?'var(--green)':'var(--red)'}">${R(gp)} <span style="font-size:12px;color:var(--text-muted)">(${gm}%)</span></span></div>`;
h+='<h5 style="color:#f87171;margin:16px 0 8px">OPERATING EXPENSES</h5><table><tbody>';d.data.expenses.forEach(a=>{te+=parseFloat(a.amount);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right;color:#f87171">${R(a.amount)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(239,68,68,.1)"><td colspan="2">Total Expenses</td><td style="text-align:right">${R(te)}</td></tr></tbody></table>`;
const np=gp-te;h+=`<div style="padding:20px;background:${np>=0?'rgba(34,197,94,.15)':'rgba(239,68,68,.15)'};border-radius:8px;margin:16px 0;display:flex;justify-content:space-between;align-items:center"><span style="font-weight:800;font-size:18px">NET ${np>=0?'PROFIT':'LOSS'}</span><span style="font-weight:800;font-size:24px;color:${np>=0?'var(--green)':'var(--red)'}">${R(Math.abs(np))}</span></div>`;
document.getElementById('pnl-out').innerHTML=h;}

// === BALANCE SHEET ===
async function genBS(){const d=await api('acc_balance_sheet',{as_at:document.getElementById('bs-date').value});if(!d.success)return;let h='<h4>DigitalBits (Pty) Ltd</h4><p style="color:var(--text-muted);margin-bottom:16px">Balance Sheet as at '+d.data.as_at+'</p>';let ta=0,tl=0,teq=0;
h+='<h5 style="color:var(--blue);margin:16px 0 8px">ASSETS</h5><table><tbody>';d.data.assets.forEach(a=>{ta+=parseFloat(a.balance);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right">${R(a.balance)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(59,130,246,.1)"><td colspan="2">Total Assets</td><td style="text-align:right">${R(ta)}</td></tr></tbody></table>`;
h+='<h5 style="color:var(--yellow);margin:16px 0 8px">LIABILITIES</h5><table><tbody>';d.data.liabilities.forEach(a=>{tl+=parseFloat(a.balance);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right">${R(a.balance)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(251,191,36,.1)"><td colspan="2">Total Liabilities</td><td style="text-align:right">${R(tl)}</td></tr></tbody></table>`;
h+='<h5 style="color:#8b5cf6;margin:16px 0 8px">EQUITY</h5><table><tbody>';d.data.equity.forEach(a=>{teq+=parseFloat(a.balance);h+=`<tr><td style="font-family:monospace;width:80px">${a.code}</td><td>${a.name}</td><td style="text-align:right">${R(a.balance)}</td></tr>`;});h+=`<tr style="font-weight:700;background:rgba(139,92,246,.1)"><td colspan="2">Total Equity</td><td style="text-align:right">${R(teq)}</td></tr></tbody></table>`;
const leq=tl+teq;h+=`<div style="padding:16px;background:${Math.abs(ta-leq)<0.01?'rgba(34,197,94,.15)':'rgba(239,68,68,.15)'};border-radius:8px;margin:16px 0"><div style="display:flex;justify-content:space-between;font-weight:700"><span>Total Assets</span><span>${R(ta)}</span></div><div style="display:flex;justify-content:space-between;font-weight:700;margin-top:8px"><span>Total L + E</span><span>${R(leq)}</span></div><div style="text-align:center;margin-top:8px">${Math.abs(ta-leq)<0.01?'✅ Balanced':'⚠️ Out by '+R(Math.abs(ta-leq))}</div></div>`;
document.getElementById('bs-out').innerHTML=h;}

// === GENERAL LEDGER ===
async function genGL(){const d=await api('acc_ledger',{account_code:document.getElementById('gl-acc').value,from:document.getElementById('gl-from').value,to:document.getElementById('gl-to').value});if(!d.success){alert2(d.data.message,'error');return;}const a=d.data.account;let bal=parseFloat(d.data.opening_balance);let h=`<h4>${a.code} — ${a.name}</h4><p style="color:var(--text-muted);margin-bottom:16px">${d.data.from} to ${d.data.to}</p>`;h+='<table><thead><tr><th>Date</th><th>Journal</th><th>Description</th><th>Debit</th><th>Credit</th><th>Balance</th></tr></thead><tbody>';h+=`<tr style="font-weight:600;background:rgba(0,0,0,.2)"><td colspan="5">Opening Balance</td><td>${R(bal)}</td></tr>`;d.data.entries.forEach(e=>{bal+=parseFloat(e.debit)-parseFloat(e.credit);h+=`<tr><td>${e.journal_date}</td><td style="font-family:monospace">${e.journal_no}</td><td>${e.line_desc||e.journal_desc}</td><td class="dr">${e.debit>0?R(e.debit):''}</td><td class="cr">${e.credit>0?R(e.credit):''}</td><td style="font-weight:600">${R(bal)}</td></tr>`;});h+=`<tr style="font-weight:700;border-top:2px solid var(--border)"><td colspan="5">Closing Balance</td><td>${R(bal)}</td></tr></tbody></table>`;document.getElementById('gl-out').innerHTML=h;}

// === SETTINGS ===
async function loadSettings(){const d=await api('acc_get_settings');if(!d.success||!d.data.settings)return;const s=d.data.settings;['company_name','registration_no','tax_number','email','phone','province','address','city','postal_code','bank_name','bank_account','bank_branch','invoice_prefix'].forEach(f=>{const el=document.getElementById('s-'+f);if(el)el.value=s[f]||'';});}
async function saveSettings(){const data={};['company_name','registration_no','tax_number','email','phone','province','address','city','postal_code','bank_name','bank_account','bank_branch','invoice_prefix'].forEach(f=>{data[f]=document.getElementById('s-'+f)?.value||'';});const d=await api('acc_save_settings',data);if(d.success)alert2('Settings saved');else alert2(d.data.message,'error');}

// Auto-load COA on page load
document.addEventListener('DOMContentLoaded',()=>{loadCOA();});
</script>
</body></html>