SHARE
TWEET

Untitled

a guest Jun 11th, 2019 168 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. header('Access-Control-Allow-Origin: *');
  3. header('Content-Type: application/json');
  4. $servername = "localhost";
  5. $username = "root";
  6. $password = "";
  7. $dbname = "emu";
  8. $emu = "true";
  9.  
  10. // Create connection
  11. $conn = new mysqli($servername, $username, $password, $dbname);
  12. // Check connection
  13. if ($conn->connect_error) {
  14.     die("Connection failed: " . $conn->connect_error);
  15. }
  16. if(isset($_POST["login"])){
  17.     $username = $_POST["username"];
  18.     $password = $_POST["password"];
  19.     $sql = "SELECT * FROM staffs WHERE username='$username' AND password='$password'";
  20.     $result = $conn->query($sql);
  21.  
  22.     if ($result->num_rows > 0) {
  23.         $row = $result->fetch_assoc();
  24.         $token = rand(10000,100000);
  25.        
  26.         $staffid = $row["id"];
  27.         $updatesql = "UPDATE staffs SET token='$token' WHERE id='$staffid'";
  28.  
  29.         if ($conn->query($updatesql) === TRUE) {
  30.                     $row["token"] = $token;
  31.                     $row["status"] = "Succesful";
  32.                     $row["status_message"] = "Succesful logged in";
  33.                     $data[] = $row;
  34.         } else {
  35.             echo "Error updating record: " . $conn->error;
  36.         }
  37.     } else {
  38.         $row["status"] = "Fail";
  39.         $row["status_message"] = "Fail";
  40.         $data[] = $row;
  41.     }
  42.     echo json_encode($row);
  43. }
  44.  
  45. if(isset($_GET["stafflist"])){
  46.  
  47.     $token = $_GET["stafflist"];
  48.     $sql = "SELECT * FROM staffs";
  49.     $result = $conn->query($sql);
  50.     if ($result->num_rows > 0) {
  51.             // output data of each row
  52.         while($row = $result->fetch_assoc()) {
  53.             if($row["type"] != 0){
  54.                 $row["personaltype"] = 'Staff';
  55.                 $data[] = $row;
  56.             }  
  57.         }
  58.     } else {
  59.        
  60.     }
  61.     $sql = "SELECT * FROM staff_patients";
  62.     $result = $conn->query($sql);
  63.     if ($result->num_rows > 0) {
  64.             // output data of each row
  65.         while($row = $result->fetch_assoc()) {
  66.  
  67.             $ids = $row["identification_number"];      
  68.             $sqlx = "SELECT * FROM patients WHERE identification_number = '$ids' ORDER BY dates DESC limit 1";
  69.             $resultx = $conn->query($sqlx);
  70.  
  71.             if ($resultx->num_rows > 0) {
  72.                 // output data of each row
  73.                 while($rowx = $resultx->fetch_assoc()) {
  74.                    
  75.        
  76.      /*  $service_url = 'http://localhost:3000/api/Trader/'.$ids;
  77.        $curl = curl_init($service_url);
  78.        curl_setopt($curl, CURLOPT_RETURNTRANSFER, false);
  79.        $curl_response = curl_exec($curl);
  80.        $data = json_decode($curl_response, true);
  81.  
  82.     if(isset($data['tradeId'])){
  83.                    
  84.     }else{
  85.        
  86.     }
  87.  
  88.        curl_close($curl); */
  89.  
  90. $rowx["personaltype"] = 'Patient';
  91.                     $data[] = $rowx;
  92.                 }
  93.             } else {
  94.                
  95.             }
  96.         }
  97.     } else {
  98.        
  99.     }
  100.     echo json_encode($data);
  101.    
  102. }
  103.  
  104. if(isset($_GET["staffinfo"])){
  105.     $id = $_GET["staffinfo"];
  106.     $sql = "SELECT * FROM staffs WHERE id ='$id'";
  107.     $result = $conn->query($sql);
  108.     if ($result->num_rows > 0) {         
  109.         $row = $result->fetch_assoc();
  110.         $data[] = $row;
  111.     } else {
  112.         echo "0 results";
  113.     }
  114.     $json = json_encode($data);
  115.     $json = str_replace("[","", $json);
  116.     $json = str_replace("]","", $json);
  117.     echo $json;
  118. }
  119.  
  120. if(isset($_POST["updatestaff"])){
  121.     $id = $_POST["updatestaff"];
  122.     $fn = $_POST["firstname"];
  123.     $ln = $_POST["lastname"];
  124.     $type = $_POST["position"];
  125.     $sql = "UPDATE staffs SET firstname='$fn', lastname='$ln' ,type='$type'     WHERE id='$id'";
  126.  
  127.     if ($conn->query($sql) === TRUE) {
  128.         echo '{"status":"Successful"}';
  129.     } else {
  130.         echo '{"status":"Fail"}';
  131.         echo "Error updating record: " . $conn->error;
  132.     }
  133. }
  134.  
  135.  
  136. if(isset($_GET["checktoken"])){
  137.     $token = $_GET["checktoken"];
  138.     $sql = "SELECT * FROM staffs WHERE token='$token'";
  139.     $result = $conn->query($sql);
  140.  
  141.     if ($result->num_rows > 0) {
  142.         $row = $result->fetch_assoc();
  143.         $data = $row;
  144.     } else {
  145.         $row["expired"] = 'True';
  146.         $data = $row;
  147.     }
  148.     echo json_encode($data);
  149. }
  150.  
  151. if(isset($_GET["patientlist"])){
  152.     $staffid = $_GET["patientlist"];
  153.     $sql = "SELECT * FROM staff_patients WHERE staffid='$staffid'";
  154.     $result = $conn->query($sql);
  155.  
  156.     if ($result->num_rows > 0) {
  157.         // output data of each row
  158.         while($row = $result->fetch_assoc()) {
  159.             $patientid = $row["identification_number"];
  160.             $sqlpatient = "SELECT * FROM patients WHERE identification_number ='$patientid' ORDER by dates DESC LIMIT 1 ";
  161.             $resultpatient = $conn->query($sqlpatient);
  162.  
  163.             if ($resultpatient->num_rows > 0) {
  164.                
  165.                 while($patientrow = $resultpatient->fetch_assoc()) {
  166.                     $data[] = $patientrow;
  167.                 }
  168.             } else {
  169.                 echo "0 results";
  170.             }
  171.         }
  172.     } else {
  173.         echo "0 results";
  174.     }
  175.     echo json_encode($data);
  176. }
  177.  
  178. if(isset($_GET["patientinfo"])){
  179.     //Build staff info
  180.     echo $id ;
  181.     $id = $_GET["patientinfo"];
  182.     $sql = "SELECT * FROM patients WHERE identification_number='$id' ORDER by dates DESC LIMIT 1";
  183.     $result = $conn->query($sql);
  184.  
  185.     if ($result->num_rows > 0) {
  186.         // output data of each row
  187.         $row = $result->fetch_assoc();
  188.         echo '[{"patientinfo":';
  189.         echo '[';
  190.         echo json_encode($row);
  191.         echo  '],';
  192.     } else {
  193.        
  194.        
  195.     }
  196.    
  197.     $sql = "SELECT * FROM medical_records WHERE identification_number ='$id'";
  198.     $result = $conn->query($sql);
  199.  
  200.     if ($result->num_rows > 0) {
  201.         // output data of each row
  202.         echo ' "medical_records":[';
  203.         $totalrow = $result->num_rows;
  204.         $chasingrow = 1;
  205.         while($row = $result->fetch_assoc()) {
  206.             echo json_encode($row);
  207.             if($totalrow > $chasingrow){
  208.                 echo ',';
  209.                 $chasingrow++;
  210.             }
  211.            
  212.         }
  213.     echo ']}]';
  214.     } else {
  215.         echo '"medical_records":[]}]';
  216.     }
  217.    
  218.  
  219. }
  220.  
  221. if(isset($_POST["updatepatient"])){
  222.     $patientid = $_POST["updatepatient"];
  223.     $firstname = $_POST["firstname"];
  224.     $lastname = $_POST["lastname"];
  225.     $alive = $_POST["status"];
  226.     $datetime =  date("Y-m-d H:i:s");
  227. $sql = "INSERT INTO patients (firstname, lastname, identification_number, dates, alive)
  228. VALUES ('$firstname', '$lastname', '$patientid', '$datetime', '$alive')";
  229.  
  230. if ($conn->query($sql) === TRUE) {
  231.         echo '{"status":"Sucessfull"}';
  232. } else {
  233.      echo '{"status":"Fail '.$conn->error.'"}';
  234. }
  235.  
  236. }
  237.  
  238. if(isset($_POST["updatemedicalrecord"])){
  239.     $patientid = $_POST["updatemedicalrecord"];
  240.     $patientrecord = $_POST["updatesss"];
  241.     $datetime =  date("Y-m-d H:i:s");
  242.     $sql = "INSERT INTO medical_records (identification_number, record, recorddate)
  243.     VALUES ('$patientid', '$patientrecord', '$datetime')";
  244.  
  245.     if ($conn->query($sql) === TRUE) {
  246.         echo '{"status":"Succesful"}';
  247.     } else {
  248.        echo '{"status":"Fail '.$conn->error.'"}';
  249.     }
  250. }
  251. if(isset($_POST["assignpatient"])){
  252.    
  253.     $pid = $_POST["assignpatient"];
  254.     $sid = $_POST["staff"];
  255.     $sql = "DELETE FROM staff_patients WHERE identification_number='$pid'";
  256.  
  257.     if ($conn->query($sql) === TRUE) {
  258.        
  259.         $sql = "INSERT INTO staff_patients (identification_number, staffid)
  260.         VALUES ('$pid', '$sid')";
  261.  
  262.         if ($conn->query($sql) === TRUE) {
  263.             echo '{"status":"successfull"}';
  264.         } else {
  265.             echo "Error: " . $sql . "<br>" . $conn->error;
  266.         }
  267.        
  268.     }
  269. }
  270.  
  271. if(isset($_POST["addnewstaff"])){
  272.     $fn = $_POST["lastname"];
  273.     $ln = $_POST["firstname"];
  274.     $ps = $_POST["addnewstaff"];
  275.     $un = $_POST["username"];
  276.     $pos = $_POST["password"];
  277.     $sql = "INSERT INTO staffs (firstname, lastname, type, username, password)
  278.     VALUES ('$fn', '$ln', '$ps', '$un', '$pos')";
  279.  
  280.     if ($conn->query($sql) === TRUE) {
  281.         echo '{"status":"successfull"}';
  282.     } else {
  283.         echo "Error: " . $sql . "<br>" . $conn->error;
  284.     }
  285.  
  286. }
  287.  
  288. if(isset($_POST["addnewpatient"])){
  289.     $fn = $_POST["lastname"];
  290.     $ln = $_POST["firstname"];
  291.     $address = $_POST["address"];
  292.     $sex = $_POST["gender"];
  293.     $age = $_POST["age"];
  294.     $ids = 'P'.rand(1000,10000);
  295.     $curdate = date("Y-m-d H:i:s")
  296.     $sql = "INSERT INTO patients (firstname, lastname, identification_number, age, address, gender)
  297.     VALUES ('$fn', '$ln', '$ids', '$age', '$address', '$sex')";
  298.  
  299.     if ($conn->query($sql) === TRUE) {
  300.         echo '{"status":"successfull"}';
  301.  
  302.  
  303.     } else {
  304.         echo "Error: " . $sql . "<br>" . $conn->error;
  305.     }
  306.  
  307. }
  308.  
  309.  
  310. $conn->close();
  311. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top