if (empty($username) === true || empty($password) === true) { json_error(LANG_ADMIN_INVALID_PASSWORD); } else { if ($haccess->user_exist_checker($username, H_SYSTEM_ACCESS) === false) { json_error(LANG_ADMIN_INVALID_USERNAME); } else { if ($haccess->account_activation($username, H_SYSTEM_ACCESS) === false) { json_error(LANG_ADMIN_INVALID_ACTIVATION); } else { $login = $haccess->HezeLogin($username, $password, H_SYSTEM_ACCESS); if ($login === false) { json_error(LANG_ADMIN_ERROR); } else { $_SESSION[H_USER_SESSION] = $login; $haccess->UpdateLastLogin(date('Y-m-d'), $_SERVER['REMOTE_ADDR'], $haccess->UserID()); json_send(H_ADMIN); json_success('Logging in'); exit; } } } } } } elseif (get('do') == 'logout') { $haccess->log_out_access(H_LOGIN); } elseif (get('do') == 'delete') { $dfile = get('dfile'); if (get('userid') and $dfile == '') { $del = $haccess->Delete(get('userid'), '' . H_ADMIN . '&view=hsys_users&do=viewall&msg=delete'); } elseif (get('userid') and $dfile != '' and get('fdel') == '') { delete_files(UPLOAD_PATH . get('dfile'));
public function invoke_patients() { $active = isset($_GET['active']) ? $_GET['active'] : "1"; //SELECT ALL ////////////////////////////////// if (get('do') == 'viewall') { if (PAGINATION_TYPE == 'Normal') { $result = $this->patients_model->SelectAll(RECORD_PER_PAGE, $active); //Accept get url e.g (index.php?id=1&cat=2...) $paging = pagination($this->patients_model->CountRow(), RECORD_PER_PAGE, '' . H_ADMIN . '&view=patients&do=viewall&active=' . $active); } else { $result = $this->patients_model->SelectAll(NULL, $active); } include APP_FOLDER . '/views/admin/patients/View.php'; } //EXPORT //////////////////////////////////////////////////// if (get('do') == 'export') { $result = $this->patients_model->SelectAll(NULL, $active); include APP_FOLDER . '/views/admin/patients/Export.php'; } elseif (get('do') == 'export2') { $rows = $this->patients_model->SelectOne(get('id')); include APP_FOLDER . '/views/admin/patients/Export2.php'; } elseif (get('do') == 'autosearch') { $qstring = post('qstring'); if (strlen($qstring) > 0) { $autosearch = $this->patients_model->AutoSearch(trim($qstring), 10, 'first_name'); echo ' <div class=widget><ul class="list-group">'; foreach ($autosearch as $srow) { echo '<span class="searchheading"><a href="' . H_ADMIN . '&view=patients&id=' . $srow->id . '&do=details"><li class="list-group-item">' . $srow->first_name . ' ' . $srow->last_name . '</li></a> </span>'; } echo '</ul></div>'; } } elseif (get('do') == 'add') { include APP_FOLDER . '/views/admin/patients/Add.php'; } elseif (get('do') == 'addpro') { if ($_POST) { //form validation if (post('first_name') == '') { json_error('Pleas enter First Name!'); } elseif (post('last_name') == '') { json_error('Please enter Last Name!'); } elseif (post('phone') == '') { json_error('Please enter Phone!'); } elseif (post('email') == '') { json_error('Please enter Email!'); } elseif (post('source') == '') { json_error('Please select Source!'); } else { $this->patients_model->Insert(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes')); json_send('' . H_ADMIN . '&view=patients&do=viewall&msg=add'); json_success('Process Completed'); } } } elseif (get('do') == 'update') { $rows = $this->patients_model->SelectOne(get('id')); //check if patient have card $have_card = patient_have_card(get('id')); include APP_FOLDER . '/views/admin/patients/Update.php'; } elseif (get('do') == 'updatepro') { if ($_POST) { //form validation if (post('id') == '') { json_error('The field id cannot be empty!'); } elseif (post('first_name') == '') { json_error('Please enter First Name!'); } elseif (post('last_name') == '') { json_error('Please enter Last Name!'); } elseif (post('phone') == '') { json_error('Please enter Phone!'); } elseif (post('email') == '') { json_error('Please enter Email!'); } elseif (post('source') == '') { json_error('Please select Source!'); } else { $this->patients_model->Update(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes'), post('active'), post('id')); json_send('' . H_ADMIN . '&view=patients&id=' . post('id') . '&do=details&msg=update'); json_success('Process Completed'); } } } elseif (get('do') == 'details') { $rows = $this->patients_model->SelectOne(get('id')); //check if patient have card $have_card = patient_have_card(get('id')); include APP_FOLDER . '/views/admin/patients/Details.php'; } elseif (get('do') == 'truncate') { $this->patients_model->TruncateTable('' . H_ADMIN . '&view=patients&do=viewall&msg=truncate'); include APP_FOLDER . '/views/admin/patients/View.php'; } elseif (get('do') == 'delete') { $dfile = get('dfile'); if (get('id') and $dfile == '') { $del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete'); } elseif (get('id') and $dfile != '' and get('fdel') == '') { delete_files(UPLOAD_PATH . get('dfile')); delete_files(THUMB_PATH . get('dfile')); $del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete'); } elseif (get('id') and $dfile != '' and get('fdel') != '') { delete_files(UPLOAD_PATH . get('dfile')); delete_files(THUMB_PATH . get('dfile')); send_to('' . H_ADMIN . '&view=patients&id=' . get('id') . '&do=update&msg=delete'); } } }