function addData($name, $id)
{
$flag = "";
$caseId = "";
$username = "";
$des = "";
$description = "";
$caseid = "";
$name = "";
$age = "";
$sex = "";
$address1 = "";
$address2 = "";
$pincode = "";
$disease = "";
$fatal = "";
$district = "";
$reportedon = "";
$diedon = "";
$date = "";
$createdon = "";
$newpostoffice = "";
$caseDate = "";
$username = "";
$usertype = "";
if ($id == 'add') {
$username = trim($_SESSION['userName']);
$usertype = trim($_SESSION['userType']);
$hospitalid = trim($_POST['cmbHospital']);
$name = trim($_POST['txtName']);
$age = trim($_POST['txtAge']);
$sex = trim($_POST['rdoSex']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$pincode = trim($_POST['txtPincode']);
$disease = trim($_POST['cmbDisease']);
$fatal = trim($_POST['cmbFatal']);
$district = trim($_POST['cmbDistrict']);
$reportedon = trim($_POST['txtReportedOn']);
$createdon = date("d/m/Y");
$date = trim($_POST['txtCaseDate']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($hospitalid)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($age)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($disease)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($district)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if ($_POST['cmbPostOffice'] == 1 && $_POST['cmbNearPostOffice'] != "select") {
$postofficeid = trim($_POST['cmbNearPostOffice']);
} else {
$postofficeid = trim($_POST['cmbPostOffice']);
}
if ($_POST['txtDiedOn'] == "") {
$diedon = "";
} else {
$diedon = trim($_POST['txtDiedOn']);
if (!isValidDate($diedon)) {
$flag = 'phpValidError';
}
$diedon = getDateToDb($diedon);
}
if (isInvalidNumber($postofficeid)) {
$flag = 'phpValidError';
}
if (!isValidDate($date)) {
$flag = 'phpValidError';
}
if (!isValidDate($reportedon)) {
$flag = 'phpValidError';
}
$result = mysql_query("select * from casereport where name='" . $name . "' and age='" . $age . "'\n\t\t\t\tand sex='" . $sex . "' and fatal='" . $fatal . "' and casedate='" . getDateToDb($date) . "'\n\t\t\t\tand reportedon='" . getDateToDb($reportedon) . "'\t") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into casereport\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tage,\n\t\t\t\t\t\t\t\t\tsex,\n\t\t\t\t\t\t\t\t\taddress1,\n\t\t\t\t\t\t\t\t\taddress2,\n\t\t\t\t\t\t\t\t\tdiseaseid,\n\t\t\t\t\t\t\t\t\tfatal,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\thospitalid,\n\t\t\t\t\t\t\t\t\tpostofficeid,\n\t\t\t\t\t\t\t\t\treportedon,\n\t\t\t\t\t\t\t\t\tdiedon,\n\t\t\t\t\t\t\t\t\tcasedate,\n\t\t\t\t\t\t\t\t\tcreatedon\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($username) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($age) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($sex) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($disease) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($fatal) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($hospitalid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($postofficeid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($diedon) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($date)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($createdon)) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error());
if ($_POST['cmbPostOffice'] == 1) {
$newpostoffice = $_POST['txtNewPostOffice'];
if (strlen($newpostoffice) < 3) {
$flag = 'phpValidError';
}
if (isInvalidName($newpostoffice)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into newpostoffice\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\t\t\tpincode\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($newpostoffice) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "'\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t ") or die(mysql_error());
}
}
$username = $_SESSION['userName'];
$description = "New Case Report on patient " . $name . " is added";
insertEventData('Add_Case_Report', "New_Case_Reported", $username, $description);
$flag = 'true';
}
}
} else {
$hospitalid = $_POST['cmbHospital'];
$postofficeid = $_POST['cmbPostOffice'];
$name = trim($_POST['txtName']);
$age = trim($_POST['txtAge']);
$sex = trim($_POST['rdoSex']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$pincode = trim($_POST['txtPincode']);
$disease = trim($_POST['cmbDisease']);
$fatal = trim($_POST['cmbFatal']);
$district = trim($_POST['cmbDistrict']);
$reportedon = trim($_POST['txtReportedOn']);
$caseId = trim($_POST['txtCaseId']);
$date = trim($_POST['txtCaseDate']);
if (trim($_POST['txtDiedOn']) == "") {
$diedon = "";
} else {
$diedon = trim($_POST['txtDiedOn']);
if (!isValidDate($diedon)) {
$flag = 'phpValidError';
}
$diedon = getDateToDb($diedon);
}
if (!isValidDate($reportedon)) {
$flag = 'phpValidError';
}
if (!isValidDate($date)) {
$flag = 'phpValidError';
}
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($hospitalid)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($age)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($disease)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($district)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($caseId)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update casereport\n\t\t\t\t\tset name='" . preventInj($name) . "',\n\t\t\t\t\t\tage='" . preventInj($age) . "',\n\t\t\t\t\t\tsex='" . preventInj($sex) . "',\n\t\t\t\t\t\taddress1='" . preventInj($address1) . "',\n\t\t\t\t\t\taddress2='" . preventInj($address2) . "',\n\t\t\t\t\t\tpincode='" . preventInj($pincode) . "',\n\t\t\t\t\t\tdiseaseid='" . preventInj($disease) . "',\n\t\t\t\t\t\tdistrictid='" . preventInj($district) . "',\n\t\t\t\t\t\thospitalid='" . preventInj($hospitalid) . "',\n\t\t\t\t\t\tpostofficeid='" . preventInj($postofficeid) . "',\n\t\t\t\t\t\treportedon='" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\tdiedon='" . preventInj($diedon) . "',\n\t\t\t\t\t\tcasedate='" . preventInj(getDateToDb($date)) . "'\n\t\t\t\t\twhere casereportid='" . preventInj($caseId) . "' ") or die(mysql_error());
mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Case Report with id " . $caseId . " is updated";
insertEventData('Update_Case_Report', "Case_Report_Updated", $username, $description);
$flag = 'success';
}
}
return $flag;
}
function addBulkCaseDetails($strId)
{
$blnFlag = "";
$username = $_SESSION['userName'];
$intDistrictId = trim($_POST['cmpDistrict']);
$intDiseaseId = trim($_POST['cmpDisease']);
$intReportedNo = trim($_POST['txtReportedNo']);
$intFatalNo = trim($_POST['txtFatalNo']);
if (isStringNull($intDistrictId)) {
$blnFlag = 'phpValidError';
}
if (isStringNull($intDiseaseId)) {
$blnFlag = 'phpValidError';
}
if (isInvalidNumber($intDistrictId)) {
$blnFlag = 'phpValidError';
}
if (isInvalidNumber($intDiseaseId)) {
$blnFlag = 'phpValidError';
}
if (isStringNull($intReportedNo)) {
$blnFlag = 'phpValidError';
}
if (isInvalidNumber($intReportedNo)) {
$blnFlag = 'phpValidError';
}
if (isInvalidNumber($intFatalNo)) {
$blnFlag = 'phpValidError';
}
if ($strId == 'add') {
$createdon = date("Y-m-d");
if ($blnFlag == 'phpValidError') {
} else {
mysql_query("insert into bulkcase\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\tdiseaseid,\n\t\t\t\t\t\t\t\treportedcase,\n\t\t\t\t\t\t\t\tfatalcase,\n\t\t\t\t\t\t\t\tcreatedon,\n\t\t\t\t\t\t\t\tusername\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t'" . preventInj($intDistrictId) . "',\n\t\t\t\t\t\t\t\t'" . preventInj($intDiseaseId) . "',\n\t\t\t\t\t\t\t\t'" . preventInj($intReportedNo) . "',\n\t\t\t\t\t\t\t\t'" . preventInj($intFatalNo) . "',\n\t\t\t\t\t\t\t\t'" . $createdon . "',\n\t\t\t\t\t\t\t\t'" . preventInj($username) . "'\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\t") or die(mysql_error());
$blnFlag = 'true';
$description = "";
insertEventData("Add_Bulk_Case_Report", "New_Bulk_Case_Reported", $username, $description);
}
} else {
if ($strId == 'edit') {
$intBulkCaseId = $_POST['txtBulkCaseId'];
if (isInvalidNumber($intBulkCaseId)) {
$blnFlag = 'phpValidError';
}
if ($blnFlag == 'phpValidError') {
} else {
mysql_query("UPDATE bulkcase SET\n\t\t\t\t\t\t\t\t\t\tdistrictid='" . preventInj($intDistrictId) . "',\n\t\t\t\t\t\t\t\t\t\tdiseaseid='" . preventInj($intDiseaseId) . "',\n\t\t\t\t\t\t\t\t\t\treportedcase='" . preventInj($intReportedNo) . "',\n\t\t\t\t\t\t\t\t\t\tfatalcase='" . preventInj($intFatalNo) . "'\n\t\t\t\t\t\t\t\tWHERE bulkcaseid='" . $intBulkCaseId . "' ") or die(mysql_error());
$description = "Bulk case report with id " . $intBulkCaseId . " is updated";
insertEventData("Update_Bulk_Case_Report ", "Bulk_Case_Report_Updated", $username, $description);
$blnFlag = 'success';
}
} else {
}
}
return $blnFlag;
}
function addData()
{
$gmoId = "";
$name = "";
$designation = null;
$address1 = null;
$address2 = null;
$phone1 = null;
$email = "";
$phone2 = null;
$mobile = null;
$user = '******';
$pass = '******';
$flag1 = null;
if (isset($_GET['add'])) {
$name = $_GET['name'];
$designation = $_GET['designation'];
$address1 = $_GET['address1'];
$address2 = $_GET['address2'];
$email = $_GET['email'];
$phone1 = $_GET['phonenumber1'];
$phone2 = $_GET['phonenumber2'];
$mobile = $_GET['mobilenumber'];
$user = $_GET['username'];
$pass = $_GET['password'];
$resultdist = mysql_query("select districtid from district where name='" . $_GET['district'] . "' ") or die(mysql_error());
$rowdist = mysql_fetch_array($resultdist);
$districtid = $rowdist['districtid'];
if (strlen($name) < 1) {
$flag1 = 'phpValidError';
}
if (isInvalidName($name)) {
$flag1 = 'phpValidError';
}
if (strlen($designation) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($designation)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag1 = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag1 = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag1 = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag1 = 'phpValidError';
}
}
if (isInvalidNumber($districtid)) {
$flag1 = 'phpValidError';
}
if (isStringNull($districtid)) {
$flag1 = 'phpValidError';
}
if (strlen($phone1) < 7) {
$flag1 = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag1 = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag1 = 'phpValidError';
}
if (strlen($user) < 5) {
$flag1 = 'phpValidError';
}
if (strlen($user) > 25) {
$flag1 = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag1 = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag1 = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag1 = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag1 = 'phpValidError';
}
$result = mysql_query("select * from gmo where name='" . $name . "' and officeaddress1='" . $address1 . "' and\n\t\t\t\tofficeaddress2='" . $address2 . "' and officephno1='" . $phone1 . "' and officephno2='" . $phone2 . "'\n\t\t\t\tand mobilenumber='" . $mobile . "' and emailid='" . $email . "' and designation='" . $designation . "'\n\t\t\t\tand districtid='" . $districtid . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 1;
} else {
if ($flag1 == 'phpValidError') {
} else {
$result1 = mysql_query("select * from user where username='******' ") or die(mysql_error());
$intUnameExists = mysql_num_rows($result1);
if ($intUnameExists > 0) {
$flag = 2;
} else {
$flag = 3;
mysql_query("insert into user\n\t\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\t\tuserpasswd,\n\t\t\t\t\t\t\t\t\t\t\t\tstatus,\n\t\t\t\t\t\t\t\t\t\t\t\tusertype\n\n\t\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\tpassword('" . preventInj($pass) . "'),\n\t\t\t\t\t\t\t\t\t\t\t\t\t'Pending',\n\t\t\t\t\t\t\t\t\t\t\t\t\t'GMO'\n\n\t\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t\t ") or die(mysql_error());
mysql_query("insert into gmo\n\t\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\t\t\t\tdesignation,\n\t\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\t\temailid,\n\t\t\t\t\t\t\t\t\t\t\t\tofficeaddress1,\n\t\t\t\t\t\t\t\t\t\t\t\tofficeaddress2,\n\t\t\t\t\t\t\t\t\t\t\t\tofficephno1,\n\t\t\t\t\t\t\t\t\t\t\t\tofficephno2,\n\t\t\t\t\t\t\t\t\t\t\t\tmobilenumber,\n\t\t\t\t\t\t\t\t\t\t\t\tstatus,\n\t\t\t\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\t\t\t\tstateid\n\n\t\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($name)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($designation)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($user)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($email)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($address1)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($address2)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($phone1)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($phone2)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($mobile)) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'Pending',\n\t\t\t\t\t\t\t\t\t\t\t\t'" . trim($districtid) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t'01'\n\n\t\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t") or die(mysql_error());
$description = "New gmo with username " . $user . " is registered";
insertEventData("Registration", "Registered new gmo", 'GMO', $description);
}
}
}
}
return $flag;
}
function addData($uname, $id, $poId, $newPoId)
{
$flag = "";
$name = "";
$distId = "";
$latitude = "";
$longitude = "";
$pincode = "";
if ($id == 'add') {
$name = trim($_POST['txtName']);
$distId = trim($_POST['cboDistrict']);
$latitude = trim($_POST['txtLatitude']);
$longitude = trim($_POST['txtLongitude']);
$pincode = trim($_POST['txtPincode']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($distId)) {
$flag = 'phpValidError';
}
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
if (isStringNull($latitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($latitude)) {
$flag = 'phpValidError';
}
if (isStringNull($longitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($longitude)) {
$flag = 'phpValidError';
}
$result = mysql_query("SELECT * FROM postoffice WHERE name='" . $name . "'\n\t\t\tAND districtid='" . $distId . "' AND pincode='" . $pincode . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into postoffice\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tlatitude,\n\t\t\t\t\t\t\t\t\tlongitude\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($distId) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($latitude) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($longitude) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
$flag = 'true';
$usertype = $_SESSION['userType'];
$username = $_SESSION['userName'];
$description = "Post office name " . trim($name) . " is added";
insertEventData('Add_Post_Office', "Add_new_Postoffice", $username, $description);
}
}
} else {
if ($id == 'edit') {
$postOfficeId = $poId;
$name = trim($_POST['txtName']);
$distId = trim($_POST['cboDistrict']);
$latitude = trim($_POST['txtLatitude']);
$longitude = trim($_POST['txtLongitude']);
$pincode = trim($_POST['txtPincode']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($distId)) {
$flag = 'phpValidError';
}
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
if (isStringNull($latitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($latitude)) {
$flag = 'phpValidError';
}
if (isStringNull($longitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($longitude)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($postOfficeId)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("UPDATE postoffice SET\n\t\t\t\t\t\t\t\t\tname ='" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\tdistrictid='" . preventInj($distId) . "',\n\t\t\t\t\t\t\t\t\tpincode='" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\tlatitude='" . preventInj($latitude) . "',\n\t\t\t\t\t\t\t\t\tlongitude='" . preventInj($longitude) . "'\n\t\t\t\t\t\t\t\tWHERE postofficeid='" . $postOfficeId . "' ") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Postoffice name " . $name . " is updated";
insertEventData('Update_Post_Office', "Update_Post_Office_Details", $username, $description);
$flag = 'success';
}
} else {
if ($id == 'editNew') {
$newpostOfficeId = $newPoId;
$name = trim($_POST['txtName']);
$distId = trim($_POST['cboDistrict']);
$latitude = trim($_POST['txtLatitude']);
$longitude = trim($_POST['txtLongitude']);
$pincode = trim($_POST['txtPincode']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($distId)) {
$flag = 'phpValidError';
}
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
if (isStringNull($latitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($latitude)) {
$flag = 'phpValidError';
}
if (isStringNull($longitude)) {
$flag = 'phpValidError';
}
if (isInvalidFloat($longitude)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($newpostOfficeId)) {
$flag = 'phpValidError';
}
$result = mysql_query("SELECT * FROM postoffice WHERE name='" . $name . "'\n\t\t\tAND districtid='" . $distId . "' AND pincode='" . $pincode . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into postoffice\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tlatitude,\n\t\t\t\t\t\t\t\t\tlongitude\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($distId) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($latitude) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($longitude) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
mysql_query("DELETE FROM newpostoffice WHERE postofficeid='" . $newpostOfficeId . "' ") or die(mysql_error());
$flag = 'newAdd';
$username = $_SESSION['userName'];
$description = "Post office name " . trim($name) . " is deleted from pending list and new postoffice added";
insertEventData('Add_Post_Office', "Add_Pending_Post_office", $username, $description);
}
}
} else {
}
}
}
return $flag;
}
function addData()
{
$hospitalName = "";
$address1 = null;
$address2 = null;
$phone1 = null;
$email = "";
$phone2 = null;
$regno = null;
$mobile = null;
$user = null;
$pass = null;
$district = null;
$flag = 7;
$flag1 = null;
$intnameExists = 0;
if (isset($_GET['add'])) {
$name = $_GET['hname'];
$address1 = $_GET['address1'];
$address2 = $_GET['address2'];
$email = $_GET['email'];
$phone1 = $_GET['phonenumber1'];
$phone2 = $_GET['phonenumber2'];
$regno = $_GET['regno'];
$mobile = $_GET['mobilenumber'];
$user = $_GET['username'];
$pass = preventInj($_GET['password']);
$pincode = $_GET['pincode'];
$district = $_GET['district'];
$resultdist = mysql_query("select districtid from district where name='" . $_GET['district'] . "' ") or die(mysql_error());
$rowdist = mysql_fetch_array($resultdist);
$districtid = $rowdist['districtid'];
if (strlen($name) < 1) {
$flag1 = 'phpValidError';
}
if (isInvalidName($name)) {
$flag1 = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag1 = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag1 = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag1 = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag1 = 'phpValidError';
}
}
if (isInvalidNumber($districtid)) {
$flag1 = 'phpValidError';
}
if (isStringNull($districtid)) {
$flag1 = 'phpValidError';
}
if (strlen($phone1) < 7) {
$flag1 = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag1 = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag1 = 'phpValidError';
}
if (isInvalidPhoneNo($phone2)) {
$flag1 = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag1 = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag1 = 'phpValidError';
}
}
if (isInvalidName($regno)) {
$flag1 = 'phpValidError';
}
if (strlen($user) < 5) {
$flag1 = 'phpValidError';
}
if (strlen($user) > 25) {
$flag1 = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag1 = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag1 = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag1 = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag1 = 'phpValidError';
}
$result = mysql_query("select * from hospital where name='" . $name . "' and hospitaladdress1='" . $address1 . "' and hospitaladdress2='" . $address2 . "' and hospitalphno1='" . $phone1 . "' and hospitalphno2='" . $phone2 . "'\n\t\t\tand mobilenumber='" . $mobile . "' and emailid='" . $email . "' and registerno='" . $regno . "' and \n\t\t\tdistrictid='" . $districtid . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 1;
} else {
if ($flag1 == 'phpValidError') {
} else {
$result1 = mysql_query("select * from user where username='******' ") or die(mysql_error());
$intUnameExists = mysql_num_rows($result1);
if ($intUnameExists > 0) {
$flag = 2;
} else {
mysql_query("insert into user\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\tuserpasswd,\n\t\t\t\t\t\t\t\t\t\t\tstatus,\n\t\t\t\t\t\t\t\t\t\t\tusertype\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t\t\t\tpassword('" . $pass . "'),\n\t\t\t\t\t\t\t\t\t\t\t\t'Pending',\n\t\t\t\t\t\t\t\t\t\t\t\t'HOSPITAL'\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t ");
mysql_query("insert into hospital\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\temailid,\n\t\t\t\t\t\t\t\t\t\t\thospitaladdress1,\n\t\t\t\t\t\t\t\t\t\t\thospitaladdress2,\n\t\t\t\t\t\t\t\t\t\t\thospitalphno1,\n\t\t\t\t\t\t\t\t\t\t\thospitalphno2,\n\t\t\t\t\t\t\t\t\t\t\tmobilenumber,\n\t\t\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\t\t\tstateid,\n\t\t\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\t\t\tregisterno,\n\t\t\t\t\t\t\t\t\t\t\tstatus\n\t\t\t\t\t\t\t\t\t\t) \n\t\t\t\t\t\t\t\t\t\tvalues \n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($name)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($user)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($email)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($address1)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($address2)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($phone1)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($phone2)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($mobile)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($districtid)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'01',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($pincode)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj(trim($regno)) . "',\n\t\t\t\t\t\t\t\t\t\t\t'Pending'\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t");
$flag = 3;
$description = "New hospital with name " . $name . " is registered";
insertEventData("Registration", "Registered new hospital", $user, $description);
}
}
}
}
return $flag;
}
function checkLogin()
{
$username = preventInj($_POST["txtUserName"]);
$password = preventInj($_POST["txtPassword"]);
//Fetching records from table "users" and checking authentication
$result = mysql_query("select * from user where username='******'\n\t\t\t\t\t\t\t\t\t\t\t\t and userpasswd=password('" . $password . "') and status='Approved' ");
$row = mysql_fetch_array($result);
if ($row['usertype'] == 'ADMIN') {
//Setting session variable
$_SESSION['userName'] = preventInj($_POST["txtUserName"]);
$_SESSION['userType'] = 'ADMIN';
$flag = 'true';
insertEventData('Login', 'Login_Admin', $_POST["txtUserName"], "Success");
header('Location:main.php');
} else {
if ($row['usertype'] == 'GMO') {
//Setting session variable
$_SESSION['userName'] = preventInj($_POST["txtUserName"]);
$_SESSION['userType'] = 'GMO';
$flag = 'true';
insertEventData('Login', 'Login_GMO', $_POST["txtUserName"], "Success");
header('Location:main.php');
} else {
if ($row['usertype'] == 'DAO') {
//Setting session variable
$_SESSION['userName'] = preventInj($_POST["txtUserName"]);
$_SESSION['userType'] = 'DAO';
$flag = 'true';
insertEventData('Login', 'Login_DAO', $_POST["txtUserName"], "Success");
header('Location:main.php');
} else {
if ($row['usertype'] == 'HOSPITAL') {
//Setting session variable
$_SESSION['userName'] = preventInj($_POST["txtUserName"]);
$_SESSION['userType'] = 'HOSPITAL';
$flag = 'true';
insertEventData('Login', 'Login_Hospital', $_POST["txtUserName"], "Success");
header('Location:main.php');
} else {
$flag = 'false';
$des = 'username = '******'Login_Failure', 'Login_Failure', $_POST["txtUserName"], $des);
}
}
}
}
return $flag;
}
function addData($uname, $id)
{
$daoId = 0;
$name = "";
$designation = null;
$address1 = null;
$address2 = null;
$phone1 = null;
$email = "";
$phone2 = null;
$mobile = null;
$user = "";
$pass = "";
$districtid = "";
$flag = "";
if ($id == 'add') {
$name = trim($_POST['txtName']);
$designation = trim($_POST['txtDesignation']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$email = trim($_POST['txtEmail']);
$districtid = trim($_POST['cmpDistrict']);
$phone1 = trim($_POST['txtPhone1']);
$mobile = trim($_POST['txtMobile']);
$user = trim($_POST['txtUserName']);
$pass = trim($_POST['txtPassword']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($designation) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($designation)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag = 'phpValidError';
}
}
if (isInvalidNumber($districtid)) {
$flag = 'phpValidError';
}
if (strlen($phone1) < 7) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag = 'phpValidError';
}
if (strlen($user) < 5) {
$flag = 'phpValidError';
}
if (strlen($user) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag = 'phpValidError';
}
$result = mysql_query("select * from dao where name='" . $name . "' and address1='" . $address1 . "'\n\t\t\tand address2='" . $address2 . "' and phonenumber='" . $phone1 . "' and mobilenumber='" . $mobile . "'\n\t\t\tand emailid='" . $email . "' and designation='" . $designation . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
$result1 = mysql_query("select * from user where username='******' ") or die(mysql_error());
$intUnameExists = mysql_num_rows($result1);
if ($intUnameExists > 0) {
$flag = 'fail';
} else {
mysql_query("insert into user\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\tuserpasswd,\n\t\t\t\t\t\t\t\t\tstatus,\n\t\t\t\t\t\t\t\t\tusertype,\n\t\t\t\t\t\t\t\t\tlastlogin\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t\tpassword('" . preventInj($pass) . "'),\n\t\t\t\t\t\t\t\t\t\t'Approved',\n\t\t\t\t\t\t\t\t\t\t'DAO',\n\t\t\t\t\t\t\t\t\t\tnow()\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t ") or die(mysql_error());
mysql_query("insert into dao\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tdesignation,\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\taddress1,\n\t\t\t\t\t\t\t\t\taddress2,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\tstateid,\n\t\t\t\t\t\t\t\t\temailid,\n\t\t\t\t\t\t\t\t\tphonenumber,\n\t\t\t\t\t\t\t\t\tmobilenumber,\n\t\t\t\t\t\t\t\t\tstatus\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($designation) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($districtid) . "',\n\t\t\t\t\t\t\t\t\t'01',\n\t\t\t\t\t\t\t\t\t'" . preventInj($email) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($phone1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($mobile) . "',\n\t\t\t\t\t\t\t\t\t'Approved'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
$flag = 'true';
$username = $_SESSION['userName'];
$description = "New dao with username " . $user . " is added";
insertEventData('Add_Dao', "Add_new_dao", $username, $description);
}
}
}
} else {
if ($_SESSION['userType'] == "DAO" && $_POST['txtPassword'] != NULL) {
$pass = trim($_POST['txtPassword']);
$user = trim($_POST['txtUserName']);
if (strlen($user) < 5) {
$flag = 'phpValidError';
}
if (strlen($user) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update user\n\t\t\t\t\t\t\t\t\tset userpasswd='" . preventInj($pass) . "',\n\t\t\t\t\t\t\t\t\t\t\tlastlogin=now()\n\t\t\t\t\t\t\t\t\twhere username='******' ") or die(mysql_error());
}
}
$name = trim($_POST['txtName']);
$designation = trim($_POST['txtDesignation']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$email = trim($_POST['txtEmail']);
$districtid = trim($_POST['cmpDistrict']);
$phone1 = trim($_POST['txtPhone1']);
$mobile = trim($_POST['txtMobile']);
$daoId = trim($_POST['daoId']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($designation) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($designation)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag = 'phpValidError';
}
}
if (isInvalidNumber($districtid)) {
$flag = 'phpValidError';
}
if (strlen($phone1) < 7) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($daoId)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update dao\n\t\t\t\t\t\t\t\tset name='" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t\tdesignation='" . preventInj($designation) . "',\n\t\t\t\t\t\t\t\t\t\taddress1='" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t\taddress2='" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t\tphonenumber='" . preventInj($phone1) . "',\n\t\t\t\t\t\t\t\t\t\tdistrictid='" . preventInj($districtid) . "',\n\t\t\t\t\t\t\t\t\t\tmobilenumber='" . preventInj($mobile) . "',\n\t\t\t\t\t\t\t\t\t\temailid='" . preventInj($email) . "'\n\t\t\t\t\t\t\t\twhere daoid='" . $daoId . "' ") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Dao with id " . $des . " is updated";
insertEventData('Update_Dao', "Dao_Details_Updated", $username, $description);
$flag = 'success';
}
}
return $flag;
}
function addData($uname, $id)
{
$hospitalId = "";
$name = "";
$address1 = null;
$address2 = null;
$phone1 = null;
$email = "";
$phone2 = null;
$regno = null;
$mobile = null;
$user = null;
$pass = null;
$flag = "";
if ($id == 'add') {
$name = trim($_POST['txtHospitalName']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$email = trim($_POST['txtEmail']);
$phone1 = trim($_POST['txtPhone1']);
$phone2 = trim($_POST['txtPhone2']);
$regno = trim($_POST['txtRegNo']);
$mobile = trim($_POST['txtMobile']);
$user = trim($_POST['txtUserName']);
$pass = trim($_POST['txtPassword']);
$pincode = trim($_POST['txtPincode']);
$districtid = trim($_POST['cmpDistrict']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag = 'phpValidError';
}
}
if (isInvalidNumber($districtid)) {
$flag = 'phpValidError';
}
if (strlen($phone1) < 7) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone2)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if (isInvalidName($regno)) {
$flag = 'phpValidError';
}
if (strlen($user) < 5) {
$flag = 'phpValidError';
}
if (strlen($user) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag = 'phpValidError';
}
$result = mysql_query("select * from hospital where name='" . $name . "' and\n\t\t\thospitaladdress1='" . $address1 . "' and hospitaladdress2='" . $address2 . "'\n\t\t\tand hospitalphno1='" . $phone1 . "' and hospitalphno2='" . $phone2 . "'\n\t\t\tand mobilenumber='" . $mobile . "' and emailid='" . $email . "' and registerno='" . $regno . "'\n\t\t\tand districtid='" . $districtid . "' ") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
$result1 = mysql_query("select * from user where username='******' ") or die(mysql_error());
$intUnameExists = mysql_num_rows($result1);
if ($intUnameExists > 0) {
$flag = 'fail';
} else {
mysql_query("insert into user\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\tuserpasswd,\n\t\t\t\t\t\t\t\t\t\t\tstatus,\n\t\t\t\t\t\t\t\t\t\t\tusertype,\n\t\t\t\t\t\t\t\t\t\t\tlastlogin\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t\t\tpassword('" . preventInj($pass) . "'),\n\t\t\t\t\t\t\t\t\t\t\t'Approved',\n\t\t\t\t\t\t\t\t\t\t\t'HOSPITAL',\n\t\t\t\t\t\t\t\t\t\t\tnow()\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t ") or die(mysql_error());
mysql_query("insert into hospital\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\temailid,\n\t\t\t\t\t\t\t\t\thospitaladdress1,\n\t\t\t\t\t\t\t\t\thospitaladdress2,\n\t\t\t\t\t\t\t\t\thospitalphno1,\n\t\t\t\t\t\t\t\t\thospitalphno2,\n\t\t\t\t\t\t\t\t\tmobilenumber,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\tstateid,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tregisterno,\n\t\t\t\t\t\t\t\t\tstatus\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($user) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($email) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($phone1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($phone2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($mobile) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($districtid) . "',\n\t\t\t\t\t\t\t\t\t'01',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($regno) . "',\n\t\t\t\t\t\t\t\t\t'Approved'\n\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
$flag = 'true';
$description = "New hospital with name " . $name . " is added";
insertEventData('Add_Hospital', "Add new hospital", $user, $description);
}
}
}
} else {
$name = trim($_POST['txtHospitalName']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$email = trim($_POST['txtEmail']);
$phone1 = trim($_POST['txtPhone1']);
$phone2 = trim($_POST['txtPhone2']);
$regno = trim($_POST['txtRegNo']);
$mobile = trim($_POST['txtMobile']);
$pincode = trim($_POST['txtPincode']);
$districtid = trim($_POST['cmpDistrict']);
$hospitalId = trim($_POST['hospitalId']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (strlen($email) > 0) {
if (isInvalidEmail($email)) {
$flag = 'phpValidError';
}
}
if (strlen($phone1) < 7) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone1)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($phone2)) {
$flag = 'phpValidError';
}
if (isInvalidPhoneNo($mobile)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if (isInvalidName($regno)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($districtid)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($hospitalId)) {
$flag = 'phpValidError';
}
if ($_SESSION['userType'] == "HOSPITAL" && $_POST['txtPassword'] != NULL) {
$pass = trim($_POST['txtPassword']);
$user = trim($_POST['txtUserName']);
if (strlen($user) < 5) {
$flag = 'phpValidError';
}
if (strlen($user) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z][a-zA-Z0-9]{4,24}$', $user)) {
$flag = 'phpValidError';
}
if (strlen($pass) < 5) {
$flag = 'phpValidError';
}
if (strlen($pass) > 25) {
$flag = 'phpValidError';
}
if (!ereg('^[a-zA-Z]', $pass)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update user\n\t\t\t\t\t\t\t\t\tset userpasswd='" . preventInj($pass) . "',\n\t\t\t\t\t\t\t\t\t\t\tlastlogin=now()\n\t\t\t\t\t\t\t\t\twhere username='******' ") or die(mysql_error());
}
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update hospital\n\t\t\t\t\t\t\t\tset name='" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t\temailid='" . preventInj($email) . "',\n\t\t\t\t\t\t\t\t\t\thospitaladdress1='" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t\thospitaladdress2='" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t\thospitalphno1='" . preventInj($phone1) . "',\n\t\t\t\t\t\t\t\t\t\thospitalphno2='" . preventInj($phone2) . "',\n\t\t\t\t\t\t\t\t\t\tmobilenumber='" . preventInj($mobile) . "',\n\t\t\t\t\t\t\t\t\t\tpincode='" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t\tregisterno='" . preventInj($regno) . "',\n\t\t\t\t\t\t\t\t\t\tdistrictid='" . preventInj($districtid) . "'\n\t\t\t\t\t\t\t\twhere hospitalid='" . preventInj($hospitalId) . "' ") or die(mysql_error());
$flag = 'success';
$username = $_SESSION['userName'];
$description = "Hospital with id " . $hospitalId . " is updated";
insertEventData('Update_Hospital', "Update_Hospital_Details", $username, $description);
}
}
return $flag;
}
function addDiseaseDetails($strUserName, $strId)
{
$blnFlag = "";
$strDiseaseName = "";
$strDescription = "";
$intDiseaseId = "";
$strSymptoms = "";
$strPrecautions = "";
$strMedication = "";
$strSpecialAdvice = "";
$strSelectImageName = "";
$strSelectImageName = trim($_POST['strselectImage']);
$strDiseaseName = trim($_POST['txtDiseaseName']);
$strDescription = trim($_POST['txtAreaDescription']);
$strSymptoms = $_POST['txtAreaSymptoms'];
$strPrecautions = $_POST['txtAreaPrecautions'];
$strMedication = $_POST['txtAreaMedication'];
$strSpecialAdvice = $_POST['txtAreaSpecialAdvice'];
if (strlen($strDiseaseName) < 1) {
$blnFlag = 'phpValidError';
}
if (isInvalidName($strDiseaseName)) {
$blnFlag = 'phpValidError';
}
if (strlen($strDescription) < 1) {
$blnFlag = 'phpValidError';
}
// if(isInvalidName($strDescription))
// $blnFlag ='phpValidError';
if (strlen($strSymptoms) < 1) {
$blnFlag = 'phpValidError';
}
// if(isInvalidName($strSymptoms))
// $blnFlag ='phpValidError';
if (strlen($strPrecautions) < 1) {
$blnFlag = 'phpValidError';
}
// if(isInvalidName($strPrecautions))
// $blnFlag ='phpValidError';
if (strlen($strMedication) < 1) {
$blnFlag = 'phpValidError';
}
// if(isInvalidName($strMedication))
// $blnFlag ='phpValidError';
if (strlen($strSpecialAdvice) < 1) {
$blnFlag = 'phpValidError';
}
// if(isInvalidName($strSpecialAdvice))
// $blnFlag ='phpValidError';
if ($strId == 'add') {
$resultDisease = mysql_query("SELECT * FROM disease WHERE name='" . $strDiseaseName . "' ") or die(mysql_error());
$intDiseaseNameExists = mysql_num_rows($resultDisease);
if ($intDiseaseNameExists > 0) {
$blnFlag = 'false';
} else {
if ($blnFlag == 'phpValidError') {
} else {
mysql_query("insert into disease\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tdescription,\n\t\t\t\t\t\t\t\t\tsymptoms,\n\t\t\t\t\t\t\t\t\tprecaution,\n\t\t\t\t\t\t\t\t\tmedication,\n\t\t\t\t\t\t\t\t\tspecialadvice,\n\t\t\t\t\t\t\t\t\timagename\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($strDiseaseName) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strDescription) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strSymptoms) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strPrecautions) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strMedication) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strSpecialAdvice) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($strSelectImageName) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
$blnFlag = 'true';
$username = $_SESSION['userName'];
$usertype = $_SESSION['userType'];
$description = "Disease name " . trim($strDiseaseName) . " is added";
insertEventData($usertype, "Add new disease", $username, $description);
}
}
} else {
if ($strId == 'edit') {
$intDiseaseId = $_POST['txtDiseaseId'];
if (isInvalidNumber($intDiseaseId)) {
$blnFlag = 'phpValidError';
}
if ($blnFlag == 'phpValidError') {
} else {
mysql_query("UPDATE disease SET\n\t\t\t\t\t\t\t\t\tname ='" . preventInj($strDiseaseName) . "',\n\t\t\t\t\t\t\t\t\tdescription='" . preventInj($strDescription) . "',\n\t\t\t\t\t\t\t\t\tsymptoms='" . preventInj($strSymptoms) . "',\n\t\t\t\t\t\t\t\t\tprecaution='" . preventInj($strPrecautions) . "',\n\t\t\t\t\t\t\t\t\tmedication='" . preventInj($strMedication) . "',\n\t\t\t\t\t\t\t\t\tspecialadvice='" . preventInj($strSpecialAdvice) . "',\n\t\t\t\t\t\t\t\t\timagename='" . preventInj($strSelectImageName) . "'\n\t\t\t\t\t\t\t\tWHERE diseaseid='" . $intDiseaseId . "' ") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Disease name " . $strDiseaseName . " is updated";
insertEventData('Update_Disease', "Update_Disease_Details", $username, $description);
$blnFlag = 'success';
}
}
}
return $blnFlag;
}
function fileReadCSV($fileName)
{
$pincode = "";
$diedon = "";
$strcontent = "";
$strReason = "";
$distId = "";
$disId = "";
$hosId = "";
$postId = "";
$strcontent .= '<table>
<tr>
<td>';
$handle = "";
$createdOn = "";
$strValue = "";
$diedon = "";
$userName = $_SESSION['userName'];
$createdOn = date("d/m/Y");
$handle = fopen("{$fileName}", "r");
while (($data = fgetcsv($handle, 1000, "\t")) !== FALSE) {
if (strlen($data[0]) > 1) {
if ($data[11] == "" || $data[11] == " " || $data[11] == NULL || strlen($data[11]) == 0) {
$data[11] = $data[11];
} else {
$data[11] = getDateToDb($data[11]);
}
mysql_query("insert into dummycasereport\n\t\t\t(\n\t\t\t\tname,\n\t\t\t\tage,\n\t\t\t\tsex,\n\t\t\t\taddress1,\n\t\t\t\taddress2,\n\t\t\t\tdistrictname,\n\t\t\t\tpostofficename,\n\t\t\t\tpincode,\n\t\t\t\thospitalname,\n\t\t\t\tdiseasename,\n\t\t\t\tfatal,\n\t\t\t\tdiedon,\n\t\t\t\tcasedate,\n\t\t\t\treportedon,\n\t\t\t\tusername,\n\t\t\t\tcreatedon\n\t\t\t)\n\t\t\tvalues\n\t\t\t(\n\t\t\t\t'" . trim(preventInj($data[0])) . "',\n\t\t\t\t'" . trim(preventInj($data[1])) . "',\n\t\t\t\t'" . trim(preventInj($data[2])) . "',\n\t\t\t\t'" . trim(preventInj($data[3])) . "',\n\t\t\t\t'" . trim(preventInj($data[4])) . "',\n\t\t\t\t'" . trim(preventInj($data[5])) . "',\n\t\t\t\t'" . trim(preventInj($data[6])) . "',\n\t\t\t\t'" . trim(preventInj($data[7])) . "',\n\t\t\t\t'" . trim(preventInj($data[8])) . "',\n\t\t\t\t'" . trim(preventInj($data[9])) . "',\n\t\t\t\t'" . trim(preventInj($data[10])) . "',\n\t\t\t\t'" . trim(preventInj($data[11])) . "',\n\t\t\t\t'" . trim(preventInj(getDateToDb($data[12]))) . "',\n\t\t\t\t'" . trim(preventInj(getDateToDb($data[13]))) . "',\n\t\t\t\t'" . trim(preventInj($userName)) . "',\n\t\t\t\t'" . trim(preventInj(getDateToDb($createdOn))) . "'\n\t\t\t)\n\t\t\t") or die(mysql_error());
}
}
//$strcontent.="Inserting of dummy case report finished...wait <br />";
fclose($handle);
$result = mysql_query("SELECT dummycasereport.name as name, age, sex, address1, address2,\n\t\t\tdistrict.districtid as districtid, postofficeid, dummycasereport.pincode as pincode,\n\t\t\thospitalid, diseaseid, fatal, reportedon, diedon, casedate, dummycasereport.username,\n\t\t\tcreatedon, casereportid\n\t\tFROM\n\t\t\tdummycasereport\n\t\tLEFT JOIN\n\t\t\tdistrict on dummycasereport.districtname = district.name\n\t\tLEFT JOIN\n\t\t\tdisease on dummycasereport.diseasename = disease.name\n\t\tLEFT JOIN\n\t\t\tpostoffice on dummycasereport.postofficename = postoffice.name\n\t\tLEFT JOIN\n\t\t\thospital on dummycasereport.hospitalname = hospital.name\n\t\tWHERE district.districtid is NOT NULL AND diseaseid is NOT NULL AND\n\t\t\tpostofficeid is NOT NULL AND hospitalid is NOT NULL") or die(mysql_error());
$intResultNum = mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
//check the same result is reported earlier
$resultExist = mysql_query("SELECT * from casereport where name='" . $row['name'] . "'\n\t\t\tand age='" . $row['age'] . "'\n\t\t\tand sex='" . $row['sex'] . "'\n\t\t\tand fatal='" . $row['fatal'] . "'\n\t\t\tand address1='" . $row['address1'] . "'\n\t\t\tand address2='" . $row['address2'] . "'\n\t\t\tand districtid='" . $row['districtid'] . "'\n\t\t\tand postofficeid='" . $row['postofficeid'] . "'\n\t\t\tand pincode='" . $row['pincode'] . "'\n\t\t\tand hospitalid='" . $row['hospitalid'] . "'\n\t\t\tand diseaseid='" . $row['diseaseid'] . "'\n\t\t\tand fatal='" . $row['fatal'] . "'\n\t\t\tand reportedon='" . $row['reportedon'] . "'\n\t\t\tand diedon=\t'" . $row['diedon'] . "'\n\t\t\tand casedate='" . $row['casedate'] . "'\n\t\t") or die(mysql_error());
$intnameExists = mysql_num_rows($resultExist);
if ($intnameExists > 0) {
//case alreay reported
} else {
mysql_query("insert into casereport\n\t\t\t(\n\t\t\t\tname,\n\t\t\t\tage,\n\t\t\t\tsex,\n\t\t\t\taddress1,\n\t\t\t\taddress2,\n\t\t\t\tdistrictid,\n\t\t\t\tpostofficeid,\n\t\t\t\tpincode,\n\t\t\t\thospitalid,\n\t\t\t\tdiseaseid,\n\t\t\t\tfatal,\n\t\t\t\tdiedon,\n\t\t\t\tcasedate,\n\t\t\t\treportedon,\n\t\t\t\tusername,\n\t\t\t\tcreatedon\n\t\t\t)\n\t\t\tvalues\n\t\t\t(\n\t\t\t\t'" . $row['name'] . "',\n\t\t\t\t'" . $row['age'] . "',\n\t\t\t\t'" . $row['sex'] . "',\n\t\t\t\t'" . $row['address1'] . "',\n\t\t\t\t'" . $row['address2'] . "',\n\t\t\t\t'" . $row['districtid'] . "',\n\t\t\t\t'" . $row['postofficeid'] . "',\n\t\t\t\t'" . $row['pincode'] . "',\n\t\t\t\t'" . $row['hospitalid'] . "',\n\t\t\t\t'" . $row['diseaseid'] . "',\n\t\t\t\t'" . $row['fatal'] . "',\n\t\t\t\t'" . $row['diedon'] . "',\n\t\t\t\t'" . $row['casedate'] . "',\n\t\t\t\t'" . $row['reportedon'] . "',\n\t\t\t\t'" . $row['username'] . "',\n\t\t\t\t'" . $row['createdon'] . "'\n\t\t\t)\n\t\t\t") or die(mysql_error());
$resultMax = mysql_query("SELECT MAX(casereportid) as maxId from casereport") or die(mysql_error());
$rowMax = mysql_fetch_array($resultMax);
$maxId = $rowMax['maxId'];
mysql_query("UPDATE casereport SET diedon = NULL WHERE diedon='0000-00-00'\n\t\t\t\t\t\tand casereportid='" . $maxId . "' ") or die(mysql_error());
mysql_query("UPDATE casereport SET pincode = NULL WHERE pincode=0\n\t\t\t\t\t\tand casereportid='" . $maxId . "' ") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Cases Imported by " . $username . " is loaded into the database";
insertEventData('Import_Case', "Case_Imported", $username, $description);
}
mysql_query("delete from dummycasereport where casereportid='" . $row['casereportid'] . "' ") or die(mysql_error());
}
//$strcontent.="Valid datas are inserted to a case report table <br />";
$result = mysql_query("SELECT * FROM dummycasereport") or die(mysql_error());
$intResultNum = mysql_num_rows($result);
if ($intResultNum > 0) {
while ($row = mysql_fetch_array($result)) {
$resultCheck = mysql_query("SELECT dummycasereport.name as name, age, sex, address1,\n\t\t\t\taddress2, district.districtid as districtid, postofficeid, dummycasereport.pincode\n\t\t\t\tas pincode, hospitalid, diseaseid, fatal, reportedon, diedon, casedate,\n\t\t\t\tdummycasereport.username, createdon, casereportid\n\t\t\tFROM\n\t\t\t\tdummycasereport\n\t\t\tLEFT JOIN\n\t\t\t\tdistrict on dummycasereport.districtname = district.name\n\t\t\tLEFT JOIN\n\t\t\t\tdisease on dummycasereport.diseasename = disease.name\n\t\t\tLEFT JOIN\n\t\t\t\tpostoffice on dummycasereport.postofficename = postoffice.name\n\t\t\tLEFT JOIN\n\t\t\t\thospital on dummycasereport.hospitalname = hospital.name\n\t\t\tWHERE casereportid='" . $row['casereportid'] . "' ") or die(mysql_error());
$rowCheck = mysql_fetch_array($resultCheck);
$distId = $rowCheck['districtid'];
$disId = $rowCheck['diseaseid'];
$hosId = $rowCheck['hospitalid'];
$postId = $rowCheck['postofficeid'];
$strReason = "Reason to Reject: ";
if ($distId == NULL) {
$strReason .= "Check the district name\tis same as in the database. ";
}
if ($disId == NULL) {
$strReason .= "Check the disease name\tis same as in the database. ";
}
if ($hosId == NULL) {
$strReason .= "Check the hospital name\tis same as in the database. ";
}
if ($postId == NULL) {
$strReason .= "Check the postoffice name is same as in the database. ";
}
if ($row['diedon'] == "" || $row['diedon'] == " " || $row['diedon'] == NULL) {
$diedon = NULL;
} else {
$diedon = getDateFromDb($row['diedon']);
}
if ($diedon == '00/00/0000') {
$diedon = NULL;
}
$strValue .= $row['name'];
$strValue .= "\t";
$strValue .= $row['age'];
$strValue .= "\t";
$strValue .= $row['sex'];
$strValue .= "\t";
$strValue .= $row['address1'];
$strValue .= "\t";
$strValue .= $row['address2'];
$strValue .= "\t";
$strValue .= $row['districtname'];
$strValue .= "\t";
$strValue .= $row['postofficename'];
$strValue .= "\t";
$strValue .= $pincode;
$strValue .= "\t";
$strValue .= $row['hospitalname'];
$strValue .= "\t";
$strValue .= $row['diseasename'];
$strValue .= "\t";
$strValue .= $row['fatal'];
$strValue .= "\t";
$strValue .= $diedon;
$strValue .= "\t";
$strValue .= getDateFromDb($row['casedate']);
$strValue .= "\t";
$strValue .= getDateFromDb($row['reportedon']);
$strValue .= "\t";
$strValue .= $strReason;
$strValue .= "\n";
$strReason = "";
}
$intResultNum = $intResultNum * 2;
$intResultNum = $intResultNum + 1;
$strcontent .= '</td>
</tr>
<tr>
</td>';
$strcontent .= '<form>';
$strcontent .= '<textarea READONLY class="displayBack" rows="' . $intResultNum . '" cols="100">';
$strcontent .= $strValue;
$strcontent .= '</textarea>';
$strcontent .= '</form>';
$strcontent .= '</td>
</tr>
<tr>
<td>';
$strcontent .= "Invalid datas are given back for manual insertion <br />";
$strcontent .= 'Copy the above contents and insert the contents manually through "Add Case Report" link or modify the contents and try again.<span class="impMessage">You must remove the "Reason to Reject:" from the page before re-import the file</span>';
$strcontent .= '</td>
</tr>
<tr>
<td>';
}
mysql_query("delete from dummycasereport") or die(mysql_error());
$strcontent .= 'Valid contents are uploaded successfully';
$strcontent .= '</td>
</tr>
</table>';
return $strcontent;
}