public function Delete($id, $redirect_to)
{
//$bind = array(":id" =>$id);
//HDB::hus()->Hdelete("patients","id=:id",$bind);
$sql = " active =:active WHERE id = :id ";
$data = array(':active' => 0, ':id' => $id);
HDB::hus()->Hupdate('patients', $sql, $data);
send_to($redirect_to);
}
function reply(string $text)
{
$myNick = core(Client::class)->user()->nickname();
$senderNick = core(InboundMessage::class)->nickname();
$targets = core(InboundMessage::class)->targets();
$targets = array_map(function ($target) use($myNick, $senderNick) {
return $target === $myNick ? $senderNick : $target;
}, $targets);
send_to($targets, $text);
}
/**
* a function to take an array of IDs and delete them
*/
function event_delete($ids)
{
global $dbcon;
if (is_array($ids)) {
foreach ($ids as $id) {
$q = "delete from moduserdata where id={$id}";
#die($q);
$dbcon->execute($q) or die($dbcon->errorMsg());
}
$qs = array('msg' => urlencode('Selected items deleted.'));
}
send_to($_SERVER['PHP_SELF'], $qs);
}
public function welcome(JoinSystemMessage $message)
{
send_to($message->targets(), "welcome {$message->nickname()}");
}
public function log_out_access($url)
{
if ($this->logged_in_user() === true) {
unset($_SESSION[H_USER_SESSION]);
session_destroy();
send_to($url);
exit;
}
}
<?php
session_start();
// define variables and set to empty values
$user_email = "";
$output = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$user_email = test_input($_POST["email"]);
if (!filter_var($user_email, FILTER_VALIDATE_EMAIL)) {
$output = "Invalid email format";
} else {
$sent = send_to($user_email);
if ($sent) {
$output = "A password was sent to " . $user_email;
} else {
$output = $user_email . " was not found in our system";
}
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function send_to($email)
{
include 'db-credentials.php';
$conn = new mysqli($servername, $username, $password, $dbname) or die("Unable to connect");
$sql = "SELECT * FROM Account WHERE email = '{$email}'";
header("Content-type: application/msexcel");
header("Content-Disposition: attachment; filename={$filename2}");
header("Pragma: no-cache");
header("Expires: 0");
print $excel;
} elseif ($etype == 'printer') {
print '<title>' . H_TITLE . '</title>
<script type="text/javascript">
window.onload = function () {
window.print();
}
</script>
';
print $excel;
} elseif ($etype == 'EMAIL') {
//PHPMailer Object
require_once $_SERVER['DOCUMENT_ROOT'] . "/printrxcard/vendor/autoload.php";
$mail = new PHPMailer();
$email = urldecode($_REQUEST['email']);
$full_name = "";
$mail->From = "*****@*****.**";
$mail->FromName = "Global Reach Health";
$mail->addAddress($email, $full_name);
$mail->isHTML(true);
$mail->Subject = H_TITLE;
$mail->Body = $excel;
$mail->send();
send_to('' . H_ADMIN . '&view=patients&do=viewall&msg=emaillist');
} elseif ($etype == 'PDF') {
HezecomPDF($excel, $pdf_output);
}
} elseif (get('do') == 'updatepwd') {
if (post('button')) {
if (post('password') == '') {
$errors[] = 'Your password cannot be empty';
} elseif ($haccess->current_password(post('oldpassword'), H_SYSTEM_ACCESS, 'userid', $haccess->UserID()) === false) {
$errors[] = 'Your old password is not correct!';
} elseif (post('password') != '' and strlen(post('password')) < 5) {
$errors[] = 'Your password must be atleast 5 characters';
} elseif (strlen(post('password')) > 30) {
$errors[] = 'Your password cannot be more than 30 characters long';
} elseif (post('password') != post('password2')) {
$errors[] = 'Your passwords are not the same.';
} elseif (empty($errors) === true) {
$password = hezecom_crypt(post('password'));
$haccess->UpdatePassword($password, date('Y-m-d'), post('userid'));
send_to('' . H_ADMIN . '&view=hsys_users2&do=details&msg=update');
}
}
include 'libraries/views/admin/ChangePwd2.php';
} elseif (get('do') == 'details') {
$rows = $haccess->SelectOne($haccess->UserID());
include 'libraries/views/admin/Details2.php';
}
} elseif (get('do') == 'autosearch') {
$qstring = post('qstring');
if (strlen($qstring) > 0) {
$autosearch = $haccess->AutoSearch(trim($qstring), 10, 'name');
echo ' <div class="widget"><ul class="list-group">';
foreach ($autosearch as $srow) {
echo '<span class="searchheading">
<a href="' . H_ADMIN . '&view=hsys_users&userid=' . $srow->userid . '&do=details"><li class="list-group-item">' . $srow->name . '</li></a>
public function invoke_patients()
{
$active = isset($_GET['active']) ? $_GET['active'] : "1";
//SELECT ALL //////////////////////////////////
if (get('do') == 'viewall') {
if (PAGINATION_TYPE == 'Normal') {
$result = $this->patients_model->SelectAll(RECORD_PER_PAGE, $active);
//Accept get url e.g (index.php?id=1&cat=2...)
$paging = pagination($this->patients_model->CountRow(), RECORD_PER_PAGE, '' . H_ADMIN . '&view=patients&do=viewall&active=' . $active);
} else {
$result = $this->patients_model->SelectAll(NULL, $active);
}
include APP_FOLDER . '/views/admin/patients/View.php';
}
//EXPORT ////////////////////////////////////////////////////
if (get('do') == 'export') {
$result = $this->patients_model->SelectAll(NULL, $active);
include APP_FOLDER . '/views/admin/patients/Export.php';
} elseif (get('do') == 'export2') {
$rows = $this->patients_model->SelectOne(get('id'));
include APP_FOLDER . '/views/admin/patients/Export2.php';
} elseif (get('do') == 'autosearch') {
$qstring = post('qstring');
if (strlen($qstring) > 0) {
$autosearch = $this->patients_model->AutoSearch(trim($qstring), 10, 'first_name');
echo ' <div class=widget><ul class="list-group">';
foreach ($autosearch as $srow) {
echo '<span class="searchheading"><a href="' . H_ADMIN . '&view=patients&id=' . $srow->id . '&do=details"><li class="list-group-item">' . $srow->first_name . ' ' . $srow->last_name . '</li></a>
</span>';
}
echo '</ul></div>';
}
} elseif (get('do') == 'add') {
include APP_FOLDER . '/views/admin/patients/Add.php';
} elseif (get('do') == 'addpro') {
if ($_POST) {
//form validation
if (post('first_name') == '') {
json_error('Pleas enter First Name!');
} elseif (post('last_name') == '') {
json_error('Please enter Last Name!');
} elseif (post('phone') == '') {
json_error('Please enter Phone!');
} elseif (post('email') == '') {
json_error('Please enter Email!');
} elseif (post('source') == '') {
json_error('Please select Source!');
} else {
$this->patients_model->Insert(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes'));
json_send('' . H_ADMIN . '&view=patients&do=viewall&msg=add');
json_success('Process Completed');
}
}
} elseif (get('do') == 'update') {
$rows = $this->patients_model->SelectOne(get('id'));
//check if patient have card
$have_card = patient_have_card(get('id'));
include APP_FOLDER . '/views/admin/patients/Update.php';
} elseif (get('do') == 'updatepro') {
if ($_POST) {
//form validation
if (post('id') == '') {
json_error('The field id cannot be empty!');
} elseif (post('first_name') == '') {
json_error('Please enter First Name!');
} elseif (post('last_name') == '') {
json_error('Please enter Last Name!');
} elseif (post('phone') == '') {
json_error('Please enter Phone!');
} elseif (post('email') == '') {
json_error('Please enter Email!');
} elseif (post('source') == '') {
json_error('Please select Source!');
} else {
$this->patients_model->Update(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes'), post('active'), post('id'));
json_send('' . H_ADMIN . '&view=patients&id=' . post('id') . '&do=details&msg=update');
json_success('Process Completed');
}
}
} elseif (get('do') == 'details') {
$rows = $this->patients_model->SelectOne(get('id'));
//check if patient have card
$have_card = patient_have_card(get('id'));
include APP_FOLDER . '/views/admin/patients/Details.php';
} elseif (get('do') == 'truncate') {
$this->patients_model->TruncateTable('' . H_ADMIN . '&view=patients&do=viewall&msg=truncate');
include APP_FOLDER . '/views/admin/patients/View.php';
} elseif (get('do') == 'delete') {
$dfile = get('dfile');
if (get('id') and $dfile == '') {
$del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete');
} elseif (get('id') and $dfile != '' and get('fdel') == '') {
delete_files(UPLOAD_PATH . get('dfile'));
delete_files(THUMB_PATH . get('dfile'));
$del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete');
} elseif (get('id') and $dfile != '' and get('fdel') != '') {
delete_files(UPLOAD_PATH . get('dfile'));
delete_files(THUMB_PATH . get('dfile'));
send_to('' . H_ADMIN . '&view=patients&id=' . get('id') . '&do=update&msg=delete');
}
}
}
public function setupAuthorizedSession(User $user)
{
//session_name( $user->username );
session_start();
if (isset($this->message)) {
$_SESSION['flash'] = $this->message;
}
$_SESSION['username'] = $user->username;
$_SESSION['is_logged_in'] = 1 == $user->isAuthenticated ? true : false;
//session_write_close();
if ($_REQUEST['redirect']) {
send_to($_REQUEST['redirect']);
}
}
public function Delete($id, $redirect_to)
{
$bind = array(":id" => $id);
HDB::hus()->Hdelete("cards", "id=:id", $bind);
send_to($redirect_to);
}
echo H_ADMIN;
?>
" ><i class="fa fa-dashboard"></i> Dashboard</a></li>
<li><a href="#">Tables</a></li>-->
</ol>
</section>
<!-- Main content -->
<section class="content">
<?php
$haccess->logged_in_protect(H_LOGIN);
if (get('view')) {
include APP_FOLDER . '/controllers/admin/main.php';
include 'libraries/controllers/system_users.php';
} else {
send_to('index.php?pg=admin&view=patients&do=viewall&active=1');
?>
<?php
}
?>
<!-- /DESIGN AREA -->
</section><!-- /.content -->
</div><!-- /.content-wrapper -->
<!-- <footer class="main-footer">
<div class="pull-right hidden-xs">
Pro Edition <b>v</b> 3.0
</div>
<strong>© <?php
echo date('Y');
