API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 11th, 2019
315
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.62 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. header('Access-Control-Allow-Origin: *');
  3. header('Content-Type: application/json');
  4. $servername = "localhost";
  5. $username = "root";
  6. $password = "";
  7. $dbname = "emu";
  8. $emu = "true";
  9.  
  10. // Create connection
  11. $conn = new mysqli($servername, $username, $password, $dbname);
  12. // Check connection
  13. if ($conn->connect_error) {
  14. die("Connection failed: " . $conn->connect_error);
  15. }
  16. if(isset($_POST["login"])){
  17. $username = $_POST["username"];
  18. $password = $_POST["password"];
  19. $sql = "SELECT * FROM staffs WHERE username='$username' AND password='$password'";
  20. $result = $conn->query($sql);
  21.  
  22. if ($result->num_rows > 0) {
  23. $row = $result->fetch_assoc();
  24. $token = rand(10000,100000);
  25.  
  26. $staffid = $row["id"];
  27. $updatesql = "UPDATE staffs SET token='$token' WHERE id='$staffid'";
  28.  
  29. if ($conn->query($updatesql) === TRUE) {
  30. $row["token"] = $token;
  31. $row["status"] = "Succesful";
  32. $row["status_message"] = "Succesful logged in";
  33. $data[] = $row;
  34. } else {
  35. echo "Error updating record: " . $conn->error;
  36. }
  37. } else {
  38. $row["status"] = "Fail";
  39. $row["status_message"] = "Fail";
  40. $data[] = $row;
  41. }
  42. echo json_encode($row);
  43. }
  44.  
  45. if(isset($_GET["stafflist"])){
  46.  
  47. $token = $_GET["stafflist"];
  48. $sql = "SELECT * FROM staffs";
  49. $result = $conn->query($sql);
  50. if ($result->num_rows > 0) {
  51. // output data of each row
  52. while($row = $result->fetch_assoc()) {
  53. if($row["type"] != 0){
  54. $row["personaltype"] = 'Staff';
  55. $data[] = $row;
  56. }
  57. }
  58. } else {
  59.  
  60. }
  61. $sql = "SELECT * FROM staff_patients";
  62. $result = $conn->query($sql);
  63. if ($result->num_rows > 0) {
  64. // output data of each row
  65. while($row = $result->fetch_assoc()) {
  66.  
  67. $ids = $row["identification_number"];
  68. $sqlx = "SELECT * FROM patients WHERE identification_number = '$ids' ORDER BY dates DESC limit 1";
  69. $resultx = $conn->query($sqlx);
  70.  
  71. if ($resultx->num_rows > 0) {
  72. // output data of each row
  73. while($rowx = $resultx->fetch_assoc()) {
  74.  
  75.  
  76. /* $service_url = 'http://localhost:3000/api/Trader/'.$ids;
  77. $curl = curl_init($service_url);
  78. curl_setopt($curl, CURLOPT_RETURNTRANSFER, false);
  79. $curl_response = curl_exec($curl);
  80. $data = json_decode($curl_response, true);
  81.  
  82. if(isset($data['tradeId'])){
  83.  
  84. }else{
  85.  
  86. }
  87.  
  88. curl_close($curl); */
  89.  
  90. $rowx["personaltype"] = 'Patient';
  91. $data[] = $rowx;
  92. }
  93. } else {
  94.  
  95. }
  96. }
  97. } else {
  98.  
  99. }
  100. echo json_encode($data);
  101.  
  102. }
  103.  
  104. if(isset($_GET["staffinfo"])){
  105. $id = $_GET["staffinfo"];
  106. $sql = "SELECT * FROM staffs WHERE id ='$id'";
  107. $result = $conn->query($sql);
  108. if ($result->num_rows > 0) {
  109. $row = $result->fetch_assoc();
  110. $data[] = $row;
  111. } else {
  112. echo "0 results";
  113. }
  114. $json = json_encode($data);
  115. $json = str_replace("[","", $json);
  116. $json = str_replace("]","", $json);
  117. echo $json;
  118. }
  119.  
  120. if(isset($_POST["updatestaff"])){
  121. $id = $_POST["updatestaff"];
  122. $fn = $_POST["firstname"];
  123. $ln = $_POST["lastname"];
  124. $type = $_POST["position"];
  125. $sql = "UPDATE staffs SET firstname='$fn', lastname='$ln' ,type='$type' WHERE id='$id'";
  126.  
  127. if ($conn->query($sql) === TRUE) {
  128. echo '{"status":"Successful"}';
  129. } else {
  130. echo '{"status":"Fail"}';
  131. echo "Error updating record: " . $conn->error;
  132. }
  133. }
  134.  
  135.  
  136. if(isset($_GET["checktoken"])){
  137. $token = $_GET["checktoken"];
  138. $sql = "SELECT * FROM staffs WHERE token='$token'";
  139. $result = $conn->query($sql);
  140.  
  141. if ($result->num_rows > 0) {
  142. $row = $result->fetch_assoc();
  143. $data = $row;
  144. } else {
  145. $row["expired"] = 'True';
  146. $data = $row;
  147. }
  148. echo json_encode($data);
  149. }
  150.  
  151. if(isset($_GET["patientlist"])){
  152. $staffid = $_GET["patientlist"];
  153. $sql = "SELECT * FROM staff_patients WHERE staffid='$staffid'";
  154. $result = $conn->query($sql);
  155.  
  156. if ($result->num_rows > 0) {
  157. // output data of each row
  158. while($row = $result->fetch_assoc()) {
  159. $patientid = $row["identification_number"];
  160. $sqlpatient = "SELECT * FROM patients WHERE identification_number ='$patientid' ORDER by dates DESC LIMIT 1 ";
  161. $resultpatient = $conn->query($sqlpatient);
  162.  
  163. if ($resultpatient->num_rows > 0) {
  164.  
  165. while($patientrow = $resultpatient->fetch_assoc()) {
  166. $data[] = $patientrow;
  167. }
  168. } else {
  169. echo "0 results";
  170. }
  171. }
  172. } else {
  173. echo "0 results";
  174. }
  175. echo json_encode($data);
  176. }
  177.  
  178. if(isset($_GET["patientinfo"])){
  179. //Build staff info
  180. echo $id ;
  181. $id = $_GET["patientinfo"];
  182. $sql = "SELECT * FROM patients WHERE identification_number='$id' ORDER by dates DESC LIMIT 1";
  183. $result = $conn->query($sql);
  184.  
  185. if ($result->num_rows > 0) {
  186. // output data of each row
  187. $row = $result->fetch_assoc();
  188. echo '[{"patientinfo":';
  189. echo '[';
  190. echo json_encode($row);
  191. echo '],';
  192. } else {
  193.  
  194.  
  195. }
  196.  
  197. $sql = "SELECT * FROM medical_records WHERE identification_number ='$id'";
  198. $result = $conn->query($sql);
  199.  
  200. if ($result->num_rows > 0) {
  201. // output data of each row
  202. echo ' "medical_records":[';
  203. $totalrow = $result->num_rows;
  204. $chasingrow = 1;
  205. while($row = $result->fetch_assoc()) {
  206. echo json_encode($row);
  207. if($totalrow > $chasingrow){
  208. echo ',';
  209. $chasingrow++;
  210. }
  211.  
  212. }
  213. echo ']}]';
  214. } else {
  215. echo '"medical_records":[]}]';
  216. }
  217.  
  218.  
  219. }
  220.  
  221. if(isset($_POST["updatepatient"])){
  222. $patientid = $_POST["updatepatient"];
  223. $firstname = $_POST["firstname"];
  224. $lastname = $_POST["lastname"];
  225. $alive = $_POST["status"];
  226. $datetime = date("Y-m-d H:i:s");
  227. $sql = "INSERT INTO patients (firstname, lastname, identification_number, dates, alive)
  228. VALUES ('$firstname', '$lastname', '$patientid', '$datetime', '$alive')";
  229.  
  230. if ($conn->query($sql) === TRUE) {
  231. echo '{"status":"Sucessfull"}';
  232. } else {
  233. echo '{"status":"Fail '.$conn->error.'"}';
  234. }
  235.  
  236. }
  237.  
  238. if(isset($_POST["updatemedicalrecord"])){
  239. $patientid = $_POST["updatemedicalrecord"];
  240. $patientrecord = $_POST["updatesss"];
  241. $datetime = date("Y-m-d H:i:s");
  242. $sql = "INSERT INTO medical_records (identification_number, record, recorddate)
  243. VALUES ('$patientid', '$patientrecord', '$datetime')";
  244.  
  245. if ($conn->query($sql) === TRUE) {
  246. echo '{"status":"Succesful"}';
  247. } else {
  248. echo '{"status":"Fail '.$conn->error.'"}';
  249. }
  250. }
  251. if(isset($_POST["assignpatient"])){
  252.  
  253. $pid = $_POST["assignpatient"];
  254. $sid = $_POST["staff"];
  255. $sql = "DELETE FROM staff_patients WHERE identification_number='$pid'";
  256.  
  257. if ($conn->query($sql) === TRUE) {
  258.  
  259. $sql = "INSERT INTO staff_patients (identification_number, staffid)
  260. VALUES ('$pid', '$sid')";
  261.  
  262. if ($conn->query($sql) === TRUE) {
  263. echo '{"status":"successfull"}';
  264. } else {
  265. echo "Error: " . $sql . "<br>" . $conn->error;
  266. }
  267.  
  268. }
  269. }
  270.  
  271. if(isset($_POST["addnewstaff"])){
  272. $fn = $_POST["lastname"];
  273. $ln = $_POST["firstname"];
  274. $ps = $_POST["addnewstaff"];
  275. $un = $_POST["username"];
  276. $pos = $_POST["password"];
  277. $sql = "INSERT INTO staffs (firstname, lastname, type, username, password)
  278. VALUES ('$fn', '$ln', '$ps', '$un', '$pos')";
  279.  
  280. if ($conn->query($sql) === TRUE) {
  281. echo '{"status":"successfull"}';
  282. } else {
  283. echo "Error: " . $sql . "<br>" . $conn->error;
  284. }
  285.  
  286. }
  287.  
  288. if(isset($_POST["addnewpatient"])){
  289. $fn = $_POST["lastname"];
  290. $ln = $_POST["firstname"];
  291. $address = $_POST["address"];
  292. $sex = $_POST["gender"];
  293. $age = $_POST["age"];
  294. $ids = 'P'.rand(1000,10000);
  295. $curdate = date("Y-m-d H:i:s")
  296. $sql = "INSERT INTO patients (firstname, lastname, identification_number, age, address, gender)
  297. VALUES ('$fn', '$ln', '$ids', '$age', '$address', '$sex')";
  298.  
  299. if ($conn->query($sql) === TRUE) {
  300. echo '{"status":"successfull"}';
  301.  
  302.  
  303. } else {
  304. echo "Error: " . $sql . "<br>" . $conn->error;
  305. }
  306.  
  307. }
  308.  
  309.  
  310. $conn->close();
  311. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!