<?php require "globals.php5"; define(PG_SIZE, 50); require "cookies.php5"; $mesg = ''; if ($UUID && $ACCESS >= 200) { try { // do stuff $db = db_career(); if ($_POST['submit'] && $_POST['extype']) { // extype C (300+) masters 1/0, E exyear1, D (400+) exyear2, L exlist (=lid) // filename (optional) $filename = stripslashes(trim(str_replace('"', "'", $_POST['filename']))); if (empty($filename)) { $filename = 'export-' . time() . '.csv'; } if (strpos($filename, '.') === false) { $filename .= '.csv'; } // trivial check $extype = $_POST['extype']; if ($extype === 'C' && $ACCESS >= 300) { // customers raw data dump $sql = 'select `uid`, `email`, `firstname`, `lastname`, `mrmsdr`, `phone`, `fax`, `title`, `company`, `addr1`, `addr2`, `city`, `state`, `zip`, `acct`, `master_acct`, `subaccts`, `exp_date`, `status`, `subscription`, `specs`, `tc_agreed` from clients'; if ($_POST['masters']) { $sql .= ' where `master_acct` = 1'; } $res = $db->query($sql); if ($res && $res->num_rows) { header('Content-type: text/plain');
list($docid) = $result->fetch_row(); $redir = "showdocpc.php?lid=0&pos=0&id={$docid}"; } else { $redir = "results.php?id=0"; } if ($verboz) { $_SESSION['verboz'] = $verboz; } // lid 0 verbose descr $okmesg = "{$totres} results found. One monent, please. You will be redirected <a href='{$redir}'>here</a>."; } catch (Exception $e) { $mesg = 'Search failed: ' . $e->getMessage() . ' (' . $e->getCode() . ')<br>'; } } if (!isset($resdb)) { $resdb = db_career(); } $style = new OperPage('Advanced Search', $UUID, 'residents', 'ressearch', $redir ? "2; URL={$redir}" : ''); ///// JavaScriplet below $scrip = <<<TryMe var subwind; function showregions() { \tsubwind = window.open("regions.php", \t\t\t"regions","menubar=0,toolbar=0,width=450,resizable=0,location=0,height=400,scrollbars=yes"); \tsetTimeout("subwind.focus()",60); } TryMe; $scrip2 = "<script language=\"JavaScript\" type=\"text/JavaScript\"><!--\n" . $scrip . "// -->\n</script>\n<script type=\"text/javascript\" src=\"calendarDateInput.js\"></script>\n"; $style->Output($scrip2);
function __construct($na, $de = NULL, $act = 0, $sha = 0, $nuid = 0) { // name, year, desc, [account, shared - for customers] global $UUID; global $ACCESS; if (!$nuid || $ACCESS != 500) { $nuid = $UUID; } $this->name = substr(addslashes(trim($na)), 0, 50); if (strlen($this->name) == 50) { $this->name[49] = '-'; } // to prevent unfinished escapes $this->desc = substr(addslashes(trim($de)), 0, 255); if (strlen($this->desc) == 255) { $this->desc[254] = '-'; } // to prevent unfinished escapes $db = db_career(); $newlid = 10; $result = $db->query("select listid from custlistdesc where listid between 10 and 127 and uid = {$nuid}"); if (!$result) { throw new Exception('Can not insert new list', __LINE__); } for ($i = $newlid; $i < 128 && $result->num_rows; $i++) { list($lid) = $result->fetch_row(); if ($i != $lid) { $newlid = $i; break; } } $result->free(); $this->id = $newlid; if ($this->id < 10) { $this->id = 10; } // 1-10 are reserved if ($this->id > 127) { throw new Exception('Maximum number of 127 lists reached', __LINE__); } $this->shared = $sha; $this->acct = $act; $result = $db->query("insert into custlistdesc values ({$nuid},{$this->id},2005,'{$this->desc}','{$this->name}',{$act},{$sha},NULL)"); if (!$result) { throw new Exception('Can not insert new list', __LINE__); } $this->cdb = $db; }
<?php require "globals.php5"; require "cookies.php5"; $referrer = $_SERVER['HTTP_REFERER']; $noteid = $_SESSION['delete_note']; $qstr = $_SESSION['delete_note_str']; $yr = $_SESSION['delete_note_yr']; if ($UUID && $noteid) { try { $db = $yr == 2005 ? db_notes() : db_career(); $sql = $ACCESS != 500 ? sprintf("delete from notes where note_id = '%s' and uid = %d", $noteid, $UUID) : sprintf("delete from notes where note_id = '%s'", $noteid); $result = $db->query($sql); } catch (Exception $e) { // $mesg = 'Error found: '.$e->getMessage().' ('.$e->getCode().')'; // NOTHING, REALLY } } if (strpos($referrer, '?') === false) { $referrer .= '?' . $qstr; } unset($_SESSION['delete_note']); header("Location: {$referrer}");
function SearchRes($year, $wher, $joins = '') { // searches residents, returns number of rows. Throws exceptions. // year parameter is deprecated global $UUID; if (empty($wher)) { throw new Exception('Search: Required parameters are missing', __LINE__); } $resdb = db_career(); $resdb->query("delete from custlistsus where owneruid = {$UUID} and listid=0"); $result = $resdb->query("insert into custlistsus select {$UUID},ph_id,0 from physicians {$joins} where {$wher}"); if (!$result) { throw new Exception(DEBUG ? "Problem with query: {$wher}" : 'Program Error', __LINE__); } return $resdb->affected_rows; }