class Audit {
  public static function log($action, $entity, $entityId) {
    $db = DB::connect();
    $db->prepare("
      INSERT INTO audit_trail
      (user_id, branch_id, action, entity_type, entity_id, ip_address, user_agent)
      VALUES (?,?,?,?,?,?,?)
    ")->execute([
      $_SESSION['user']['id'] ?? null,
      $_SESSION['user']['branch_id'] ?? null,
      $action,
      $entity,
      $entityId,
      $_SERVER['REMOTE_ADDR'],
      $_SERVER['HTTP_USER_AGENT']
    ]);
  }
}