core.php

1. <?php
2. session_start();
3.  
4. //var_dump($_SESSION);
5.  
6.  
7. class Core {
8.  
9. private static $config_file = "conf.ini";
10.  
11.  
12. //var $db_conf;
13.  
14. private static $link = null;
15.  
16. /**
17. *
18. * @param type $file
19. */
20. public static function getDBConfig() {
21. $conf = parse_ini_file(Core::$config_file);
22. return $conf;
23. //die(var_dump($conf) );
24. //exit;
25. //$db_conf = array();
26. //$this->db_conf = $conf;
27. }
28.  
29. public static function connectDB() {
30. $conf = Core::getDBConfig();
31. //$link = mysql_connect($conf["host"], $conf["user"], $conf["password"]) or die("Could not connect: " . mysql_error());
32. /*$link = mysql_connect (MYSQL_HOST,
33. MYSQL_BENUTZER,
34. MYSQL_KENNWORT,
35. MYSQL_DATENBANK);*/
36. //Core::$link = new mysqli(MYSQL_HOST, MYSQL_BENUTZER, MYSQL_KENNWORT, MYSQL_DATENBANK);
37. Core::$link = new mysqli($conf["host"], $conf["user"], $conf["password"], $conf["name"]);
38. //mysql_set_charset('utf8', $link);
39. /* check connection */
40. if (mysqli_connect_errno()) {
41. printf("Connect failed: %s\n", mysqli_connect_error());
42. exit();
43. }
44. if (!Core::$link->set_charset("utf8")) {
45. printf("Error loading character set utf8: %s\n", Core::$link->error);
46. } else {
47. //printf("Current character set: %s\n", Core::$link->character_set_name());
48. }
49.  
50. // select our database
51.  
52. // select our database
53. //mysql_select_db(MYSQL_DATENBANK) or die(mysql_error());
54. Core::$link->select_db($conf["name"]);
55. }
56.  
57. public static function closeDB() {
58. //mysql_close();
59. Core::$link->close();
60. }
61.  
62. /**
63. * Adds a patient into db-table 'patients'.
64. * @param array $patient [surname, prename, birthday, telephone, description]
65. */
66. public static function addStaff(array $staff) {
67. $sql = "INSERT INTO staff (surname, prename, birthday, telephone, description_text) " .
68. " VALUES ('" . $staff['surname'] . "', '" . $staff['prename'] . "', '" . $staff['birthday'] . "', '" . $staff['telephone'] . "', '" . $staff['description_text'] . "')";
69. //echo $sql;
70. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
71. $result = Core::$link->query($sql);
72.  
73. if (!$result) {
74. return 'Error: ' . mysqli_error(Core::$link);
75. }
76. //while ($myrow = mysql_fetch_array($result)) {
77. //}
78. //mysql_free_result($result);
79. //$result->close();
80. return true;
81. }
82.  
83. /**
84. * Adds a patient into db-table 'patients'.
85. * @param array $patient [surname, prename, birthday, telephone, description]
86. */
87. public static function addPatient(array $patient) {
88. $sql = "INSERT INTO patients (surname, prename, birthday, telephone, description_text, town, zipcode, street) " .
89. " VALUES ('" . $patient['surname'] . "', '" . $patient['prename'] . "', '" . $patient['birthday'] . "', '" . $patient['telephone'] . "', '" . $patient['description_text'] . "', '" . $patient['town'] . "', '" . $patient['zipcode'] . "' ,'" . $patient['street'] . "')";
90. //echo $sql;
91. //r$esult = mysql_query($sql) or die("Invalid query: " . mysql_error());
92. $result = Core::$link->query($sql);
93.  
94. if (!$result) {
95. return 'Error: ' . mysqli_error(Core::$link);
96. }
97. //while ($myrow = mysql_fetch_array($result)) {
98. //}
99. //mysql_free_result($result);
100. //$result->close();
101. return true;
102. }
103.  
104. /**
105. * Deletes a patient from database.
106. * Caution: No valid-checking.
107. *
108. * @param type $id_patient
109. */
110. public static function removePatient($id_patient) {
111. $sql = "DELETE FROM patients WHERE id_patient=" . $id_patient;
112. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
113. $result = Core::$link->query($sql);
114.  
115. if (!$result) {
116. return 'Error: ' . mysqli_error(Core::$link);
117. }
118. //mysql_free_result($result);
119. //$result->close();
120. return true;
121. }
122.  
123. /**
124. * Deletes a staff from database.
125. * Caution: No valid-checking.
126. *
127. * @param type $id_patient
128. */
129. public static function removeStaff($id_staff) {
130. $sql = "DELETE FROM staff WHERE id_staff = " . intval($id_staff). ";";
131. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
132. $result = Core::$link->query($sql);
133.  
134. if (!$result) {
135. return 'Error: ' . mysqli_error(Core::$link);
136. }
137. //mysql_free_result($result);
138. //$result->close();
139. //echo "staff: ".$id_staff;
140. return true;
141. }
142.  
143.  
144. public static function removeStaffWorkingTime($id_staff_workingtime) {
145. $sql = "DELETE FROM staff_workingtimes WHERE id_staff_workingtime=" . $id_staff_workingtime;
146. //echo $sql;
147. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
148. $result = Core::$link->query($sql);
149.  
150. if (!$result) {
151. return 'Error: ' . mysqli_error(Core::$link);
152. }
153. //mysql_free_result($result);
154. //$result->close();
155. //echo "staff: ".$id_staff;
156. return true;
157. }
158.  
159. /**
160. * Updates a patient from database.
161. * Caution: No valid-checking.
162. *
163. * @param array $patient
164. */
165. public static function updatePatient(array $patient) {
166. $update_fields = "";
167. //if(isset($patient['surname']) && $pat
168.  
169. $sql = "UPDATE patients SET " .
170. "surname='" . $patient['surname'] . "', " .
171. "prename='" . $patient['prename'] . "', " .
172. "birthday='" . $patient['birthday'] . "', " .
173. "telephone='" . $patient['telephone'] . "', " .
174. "description_text='" . $patient['description_text'] . "', " .
175. "town='" . $patient['town'] . "', " .
176. "zipcode='" . $patient['zipcode'] . "', " .
177. "street='" . $patient['street'] . "' " .
178. "WHERE id_patient=" . $patient['id_patient'];
179. //echo $sql;
180. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
181. $result = Core::$link->query($sql);
182.  
183. if (!$result) {
184. return 'Error: ' . mysqli_error(Core::$link);
185. }
186. //mysql_free_result($result);
187. return true;
188. }
189.  
190.  
191. /**
192. * Updates a staff from database.
193. * Caution: No valid-checking.
194. *
195. * @param array $patient
196. */
197. public static function updateStaff(array $staff) {
198. $update_fields = "";
199. //if(isset($patient['surname']) && $pat
200.  
201. $sql = "UPDATE staff SET " .
202. "surname='" . $staff['surname'] . "', " .
203. "prename='" . $staff['prename'] . "', " .
204. "birthday='" . $staff['birthday'] . "', " .
205. "telephone='" . $staff['telephone'] . "', " .
206. "description_text='" . $staff['description_text'] . "', " .
207. "is_present='".$staff['active']. "' ".
208. "WHERE id_staff=" . $staff['id_staff'];
209. //echo $sql;
210. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
211. $result = Core::$link->query($sql);
212.  
213. if (!$result) {
214. return 'Error: ' . mysqli_error(Core::$link);
215. }
216. //mysql_free_result($result);
217. return true;
218. }
219.  
220. public static function updateStaffActiveCheck($id_staff, $checked){
221.  
222. $sql = "UPDATE staff SET ".
223. "is_present='".$checked."' ".
224. "WHERE id_staff=".$id_staff;
225. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
226. $result = Core::$link->query($sql);
227.  
228. if (!$result) {
229. return 'Error: ' . mysqli_error(Core::$link);
230. }
231. //mysql_free_result($result);
232. return true;
233. }
234.  
235. public static function updatePatientTreatmentCheck($id_patient_treatment, $checked){
236. $sql = "UPDATE patients_treatments SET ".
237. "is_present='".$checked."' ".
238. "WHERE id_patient_treatment=".$id_patient_treatment;
239. //echo $sql;
240. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
241. $result = Core::$link->query($sql);
242.  
243. if (!$result) {
244. return 'Error: ' . mysqli_error(Core::$link);
245. }
246. //mysql_free_result($result);
247. return true;
248. }
249.  
250. public static function getStaffList() { //wieder umgestellt - ohne session
251. if ($_SESSION['name'] =="Olaf") {$sql = "SELECT * FROM staff where surname = 'Olaf'";}
252. if ($_SESSION['name'] =="Patrick") {$sql = "SELECT * FROM staff where surname = 'Patrick'";}
253. if ($_SESSION['name'] =="Susanne") {$sql = "SELECT * FROM staff where surname = 'Susanne'";}
254. if ($_SESSION['name'] =="Steffi") {$sql = "SELECT * FROM staff where surname = 'Steffi'";}
255. if ($_SESSION['name'] =="Kira") {$sql = "SELECT * FROM staff where surname = 'Kira'";}
256. if ($_SESSION['name'] =="Claudia") {$sql = "SELECT * FROM staff where surname = 'Claudia'";}
257. if ($_SESSION['name'] =="Fango") {$sql = "SELECT * FROM staff where surname = 'Fango'";}
258. if ($_SESSION['name'] =="Philip") {$sql = "SELECT * FROM staff where surname = 'Philip'";}
259. if ($_SESSION['name'] =="Jennifer") {$sql = "SELECT * FROM staff where surname = 'Jennifer'";}
260. if ($_SESSION['name'] =="Tamara") {$sql = "SELECT * FROM staff where surname = 'Tamara'";}
261. if ($_SESSION['name'] =="Arndt") {$sql = "SELECT * FROM staff where surname = 'Arndt'";}
262. if ($_SESSION['name'] =="Miriam") {$sql = "SELECT * FROM staff where surname = 'Miriam'";}
263. if ($_SESSION['name'] =="Lea") {$sql = "SELECT * FROM staff where surname = 'Lea'";}
264. if ($_SESSION['name'] =="Alena") {$sql = "SELECT * FROM staff where surname = 'Alena'";}
265. if ($_SESSION['name'] =="Theresa") {$sql = "SELECT * FROM staff where surname = 'Theresa'";}
266. if ($_SESSION['name'] =="Inga") {$sql = "SELECT * FROM staff where surname = 'Inga'";}
267. if ($_SESSION['name'] =="Julia") {$sql = "SELECT * FROM staff where surname = 'Julia'";}
268. if ($_SESSION['name'] =="Piet") {$sql = "SELECT * FROM staff where surname = 'Piet'";}
269. if ($_SESSION['name'] =="admin") {$sql = "SELECT * FROM staff";}
270. $sql = "SELECT * FROM staff";
271.  
272. $result = Core::$link->query($sql);
273.  
274. if (!$result) {
275. return 'Error: ' . mysqli_error(Core::$link);
276. }
277.  
278. $return = array();
279. while ($myrow = mysqli_fetch_assoc($result)) {
280. if ($myrow['birthday'] !== '0000-00-00') {
281. $myrow['birthday'] = date("d.m.Y", strtotime($myrow['birthday']));
282. } else {
283. $myrow['birthday'] = '';
284. }
285. $return[] = $myrow;
286. }
287.  
288. //mysql_free_result($result);
289. //$result->close();
290. return $return;
291. }
292.  
293. public static function getStaff($id_staff) {
294. $sql = "SELECT * FROM staff WHERE id_staff=" . $id_staff;
295. //$result = mysql_query($sql);
296. $result = Core::$link->query($sql);
297.  
298. if (!$result) {
299. return 'Error: ' . mysqli_error(Core::$link);
300. }
301. $return = mysqli_fetch_assoc($result);
302. if ($return['birthday'] !== '0000-00-00') {
303. $return['birthday'] = date("d.m.Y", strtotime($return['birthday']));
304. } else {
305. $return['birthday'] = '';
306. }
307. //mysql_free_result($result);
308. //$result->close();
309. return $return;
310. }
311.  
312.  
313. public static function getPatients() {
314. // $patient = array();
315. // $patient['id_patient'] = 64;
316. // $patient['surname'] = 'testiwow';
317. // $patient['prename'] = 'warum denn nur';
318. // updatePatientAction($patient);
319. // echo "warum test";
320. $sql = "SELECT * FROM patients ORDER BY surname ASC";
321. //$result = mysql_query($sql);
322.  
323. $result = Core::$link->query($sql);
324.  
325. if (!$result) {
326. return 'Error: ' . mysqli_error(Core::$link);
327. }
328.  
329. $return = array();
330. while ($myrow = mysqli_fetch_assoc($result)) {
331. if ($myrow['birthday'] !== '0000-00-00') {
332. $myrow['birthday'] = date("d.m.Y", strtotime($myrow['birthday']));
333. } else {
334. $myrow['birthday'] = '';
335. }
336. $return[] = $myrow;
337. }
338.  
339. //mysql_free_result($result);
340. //$result->close();
341. return $return;
342. }
343.  
344. public static function getTreatmentDate($date, $id_staff = null){
345. //$date = "2014-03-19";
346. //echo $date;
347. //$sql = "SELECT * FROM patients_treatments WHERE date(treatment_date)='". $date. "' ORDER BY treatment_date ASC";
348.  
349. // original
350. if(isset($id_staff)){
351. $sql = "SELECT pt.*, p.surname, p.prename, t.shortcut, t.color, t.is_multiple_patients FROM patients_treatments pt LEFT JOIN patients p ON pt.id_patient=p.id_patient LEFT JOIN treatments t ON pt.id_treatment=t.id_treatment WHERE date(pt.treatment_date)='". $date. "' AND pt.id_staff=".$id_staff." ORDER BY treatment_date DESC";
352. }
353. else{
354. $sql = "SELECT pt.*, p.surname, p.prename, t.shortcut, t.color, t.is_multiple_patients FROM patients_treatments pt LEFT JOIN patients p ON pt.id_patient=p.id_patient LEFT JOIN treatments t ON pt.id_treatment=t.id_treatment WHERE date(pt.treatment_date)='". $date. "' ORDER BY treatment_date DESC";
355. }
356.  
357. //echo $sql;
358. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());;
359. $result = Core::$link->query($sql);
360.  
361. if (!$result) {
362. return 'Error: ' . mysqli_error(Core::$link);
363. }
364.  
365. $return = array();
366. while($myrow = mysqli_fetch_assoc($result)){
367. //echo $myrow['id_patient_treatment']."\n";
368. //$myrow['treatment_date'] = date
369. $myrow['treatment_date'] = date("d.m.Y H:i", strtotime($myrow['treatment_date']));
370. $myrow['treatment_time_end'] = date("H:i", strtotime($myrow['treatment_time_end']));
371. $return[] = $myrow;
372. }
373.  
374. //mysql_free_result($result);
375. //$result->close();
376. //echo var_dump($return);
377. return $return;
378. }
379.  
380. public static function getTreatmentDates($id_patient){
381. $sql = "SELECT * FROM patients_treatments WHERE id_patient=". $id_patient. " ORDER BY treatment_date DESC";
382. //$result = mysql_query($sql);
383.  
384. $result = Core::$link->query($sql);
385.  
386. if (!$result) {
387. return 'Error: ' . mysqli_error(Core::$link);
388. }
389.  
390. $return = array();
391. while($myrow = mysqli_fetch_assoc($result)){
392. //$myrow['treatment_date'] = date
393. $myrow['treatment_date'] = date("d.m.Y H:i", strtotime($myrow['treatment_date']));
394. $myrow['treatment_time_end'] = date("H:i", strtotime($myrow['treatment_time_end']));
395. $return[] = $myrow;
396. }
397.  
398. //mysql_free_result($result);
399. //$result->close();
400. return $return;
401. }
402.  
403. public static function getTreatmentDatesByStaff($id_staff){
404. $sql = "SELECT * FROM patients_treatments WHERE id_staff=". $id_staff. " ORDER BY treatment_date ASC";
405. //$result = mysql_query($sql);
406.  
407. $result = Core::$link->query($sql);
408.  
409. if (!$result) {
410. return 'Error: ' . mysqli_error(Core::$link);
411. }
412.  
413. $return = array();
414. while($myrow = mysqli_fetch_assoc($result)){
415. //$myrow['treatment_date'] = date
416. $myrow['treatment_date'] = date("d.m.Y H:i", strtotime($myrow['treatment_date']));
417. $myrow['treatment_time_end'] = date("H:i", strtotime($myrow['treatment_time_end']));
418. $return[] = $myrow;
419. }
420.  
421. //mysql_free_result($result);
422. //$result->close();
423. return $return;
424. }
425.  
426. public static function getPatientTreatment($id_patient_treatment){
427. $sql = "SELECT * FROM patients_treatments WHERE id_patient_treatment=". $id_patient_treatment. " ORDER BY treatment_date ASC";
428. //$result = mysql_query($sql);
429. $result = Core::$link->query($sql);
430.  
431. if (!$result) {
432. return 'Error: ' . mysqli_error(Core::$link);
433. }
434. $return = mysqli_fetch_assoc($result);
435. //$myrow['treatment_date'] = date
436. $return['treatment_date'] = date("d.m.Y H:i", strtotime($return['treatment_date']));
437. $return['treatment_time_end'] = date("H:i", strtotime($return['treatment_time_end']));
438. //$return[] = $myrow;
439.  
440.  
441. //mysql_free_result($result);
442. //$result->close();
443. return $return;
444. }
445.  
446. public static function getWorkingTimes($id_staff, $date){
447. $sql = "";
448. if(isset($id_staff)){
449. $sql = "SELECT * FROM staff_workingtimes WHERE id_staff=".$id_staff;
450. if(isset($date) && $date !== ""){
451. //$sql .= " AND date(beginning_time) >='".$date."' AND date(end_time) <='".$date."'";
452. $sql .= " AND date(beginning_time) <='".$date."' AND date(end_time) >='".$date."'";
453. }
454. }
455. else{
456. $sql = "SELECT * FROM staff_workingtimes";
457. if(isset($date) && $date !== ""){
458. $sql .= " WHERE date(beginning_time) <='".$date."' AND date(end_time) >='".$date."'";
459. }
460. }
461. //return $sql;
462. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
463. $result = Core::$link->query($sql);
464.  
465. if (!$result) {
466. return 'Error: ' . mysqli_error(Core::$link);
467. }
468. $return = array();
469. while($myrow = mysqli_fetch_assoc($result)){
470. //echo $myrow['id_staff'];
471. //echo $myrow['id_patient_treatment']."\n";
472. //$myrow['treatment_date'] = date
473. $myrow['beginning_time'] = date("d.m.Y H:i", strtotime($myrow['beginning_time']));
474. $myrow['end_time'] = date("d.m.Y H:i", strtotime($myrow['end_time']));
475. $return[] = $myrow;
476. }
477.  
478. //mysql_free_result($result);
479. //$result->close();
480. return $return;
481. }
482.  
483. public static function getPatient($id_patient) {
484. $sql = "SELECT * FROM patients WHERE id_patient=" . $id_patient;
485. //$result = mysql_query($sql);
486. $result = Core::$link->query($sql);
487.  
488. if (!$result) {
489. return 'Error: ' . mysqli_error(Core::$link);
490. }
491. $return = mysqli_fetch_assoc($result);
492. if ($return['birthday'] !== '0000-00-00') {
493. $return['birthday'] = date("d.m.Y", strtotime($return['birthday']));
494. } else {
495. $return['birthday'] = '';
496. }
497. //mysql_free_result($result);
498. //$result->close();
499. return $return;
500. }
501.  
502. public static function checkOverlappingTreatmentDates($id_staff, $treatment_date, $treatment_time_end){
503. // (t1 < t1_a && t1_a < t2) || (t1 < t2_a && t2_a < t2)
504. //SELECT * FROM patients_treatments WHERE id_staff=1 AND treatment_date LIKE '%2014-03-20%' AND ((treatment_date <= '2014-03-20 11:05' AND '11:05' < treatment_time_end) OR (treatment_date < '2014-03-20 11:25' AND '11:25' <= treatment_time_end));
505. $tdate = explode(' ', $treatment_date);
506. //$sql = "SELECT COUNT(id_patient_treatment) FROM patients_treatments WHERE id_staff=".$id_staff." AND (treatment_date >= '".$treatment_date."' AND treatment_time_end='".$tdate[1]."') OR (treatment_date ";
507. $sql = "SELECT COUNT(id_patient_treatment) FROM patients_treatments WHERE id_staff=".$id_staff." AND treatment_date LIKE '%".$tdate[0]."%' AND ((treatment_date <= '".$treatment_date."' AND '".$tdate[1]."' < treatment_time_end) OR (treatment_date < '".$tdate[0]." ".$treatment_time_end."' AND '".$treatment_time_end."' <= treatment_time_end) OR ('".$treatment_date."' <= treatment_date AND treatment_time_end <= '".$treatment_time_end."'))";
508. //echo $sql;
509. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
510. $result = Core::$link->query($sql);
511.  
512. if (!$result) {
513. return 'Error: ' . mysqli_error(Core::$link);
514. }
515. $row = mysqli_fetch_assoc($result);
516. //mysql_free_result($result);
517. //$result->close();
518. if($row['COUNT(id_patient_treatment)']){
519. return false;
520. }
521. return true;
522. }
523.  
524. public static function isHitExactlyTreatmentDate($id_staff, $treatment_date, $treatment_time_end){
525. $tdate = explode(' ', $treatment_date);
526.  
527. //$sql = "SELECT COUNT(pt.id_patient_treatment) FROM patients_treatments pt LEFT JOIN treatments t ON pt.id_treatment=t.id_treatment WHERE pt.id_staff=".$id_staff." AND t.is_multiple_patients='true' AND pt.treatment_date LIKE '%".$tdate[0]."%' AND ((treatment_date = '".$treatment_date."' AND '".$tdate[1]."' = treatment_time_end) OR (treatment_date = '".$tdate[0]." ".$treatment_time_end."' AND '".$treatment_time_end."' = treatment_time_end) OR ('".$treatment_date."' = treatment_date AND treatment_time_end = '".$treatment_time_end."'))";
528. $sql = "SELECT COUNT(pt.id_patient_treatment) FROM patients_treatments pt LEFT JOIN treatments t ON pt.id_treatment=t.id_treatment WHERE pt.id_staff=".$id_staff." AND t.is_multiple_patients='true' AND pt.treatment_date = '".$tdate[0]." ".$tdate[1]."' AND pt.treatment_time_end='".$treatment_time_end."'";
529. //return $sql;
530. $result = Core::$link->query($sql);
531.  
532. if (!$result) {
533. return 'Error: ' . mysqli_error(Core::$link);
534. }
535. $row = mysqli_fetch_assoc($result);
536. //mysql_free_result($result);
537. //$result->close();
538. //return $row['COUNT(pt.id_patient_treatment)'];
539. if($row['COUNT(pt.id_patient_treatment)']){
540. return true;
541. }
542. return false;
543. }
544.  
545.  
546. public static function isOnHoliday($id_staff, $treatment_date, $treatment_time_end){
547. $tdate = explode(' ', $treatment_date);
548.  
549. $sql = "SELECT COUNT(id_staff_workingtime) FROM staff_workingtimes WHERE id_staff=".$id_staff." AND matter='HOLIDAY' AND date(beginning_time)<='".$tdate[0]."' AND date(end_time)>='".$tdate[0]."'";
550.  
551. $result = Core::$link->query($sql);
552.  
553. if (!$result) {
554. return 'Error: ' . mysqli_error(Core::$link);
555. }
556. $row = mysqli_fetch_assoc($result);
557. //return $sql;
558. //mysql_free_result($result);
559. //$result->close();
560. if($row['COUNT(id_staff_workingtime)']){
561. return true;
562. }
563.  
564. return false;
565.  
566. }
567. public static function insertTreatmentDate($id_patient, $id_staff, $id_treatment, $treatment_date, $treatment_time_end, $description) {
568. $sql = "INSERT INTO patients_treatments (id_patient, id_staff, id_treatment, treatment_date, treatment_time_end, description) " .
569. "VALUES ('" . $id_patient . "', '" . $id_staff . "', '" . $id_treatment . "', '" . $treatment_date . "', '" . $treatment_time_end . "', '". $description."')";
570. //echo $sql;
571. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
572.  
573. $result = Core::$link->query($sql);
574.  
575. if (!$result) {
576. return 'Error: ' . mysqli_error(Core::$link);
577. }
578.  
579. //mysql_free_result($result);
580. //$result->close();
581. return true;
582. }
583.  
584. public static function insertWorkingTime($id_staff, $beginning_time, $end_time, $matter){
585. $sql = "INSERT INTO staff_workingtimes (id_staff, beginning_time, end_time, matter) ".
586. "VALUES ('".$id_staff."', '". $beginning_time. "', '".$end_time."', '".$matter."')";
587. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
588. $result = Core::$link->query($sql);
589.  
590. if (!$result) {
591. return 'Error: ' . mysqli_error(Core::$link);
592. }
593. //mysql_free_result($result);
594. //$result->close();
595. return true;
596. }
597.  
598. public static function removeTreatmentDate($id_patient_treatment) {
599. $sql = "DELETE FROM patients_treatments WHERE id_patient_treatment=" . $id_patient_treatment;
600. //echo $sql;
601. //$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
602. $result = Core::$link->query($sql);
603.  
604. if (!$result) {
605. return 'Error: ' . mysqli_error(Core::$link);
606. }
607. //mysql_free_result($result);
608. //$result->close();
609. }
610.  
611. public static function getTreatments(){
612. $sql = "SELECT * FROM treatments";
613. //$result = mysql_query($sql);
614. $result = Core::$link->query($sql);
615.  
616. if (!$result) {
617. return 'Error: ' . mysqli_error(Core::$link);
618. }
619. $return = array();
620. while($myrow = mysqli_fetch_assoc($result)){
621. //$myrow['treatment_time_end'] = "what";//date("H:i", strtotime($myrow['treatment_time_end'])). "what";
622. $return[] = $myrow;
623. }
624.  
625. //mysql_free_result($result);
626. //$result->close();
627. return $return;
628. }
629.  
630. public static function getTreatment($id_treatment) {
631. $sql = "SELECT * FROM treatments WHERE id_treatment=" . $id_treatment;
632. //$result = mysql_query($sql);
633. //echo $sql;
634. $result = Core::$link->query($sql);
635.  
636. // if (!$result) {
637. // return 'Error: ' . mysqli_error(Core::$link);
638. // }
639. $return = mysqli_fetch_assoc($result);
640. //mysql_free_result($result);
641. //$result->close();
642. return $return;
643. }
644. }
645. ?>