*Copyrighted 2015-2016 by Michael Avila * *Distributed under the terms of the GNU General Public License * *This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * *****************************************************************/ session_start(); $background = "3"; $logFileName = "user"; $headerTitle = "USER LOG"; $refresh = "<meta http-equiv=\"refresh\" content=\"30\";>"; require_once "includes/header1.inc"; require_once "includes/header2.inc"; require_once "includes/common.inc"; echo "<br><br><center>This page will automatically refresh every 30 seconds</center>"; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petclinicsys`.`usersol`;"; $result = $mysqli->query($sql); $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("There are no Users Logged In"); redirect("sysadmin.php"); exit; } for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); echo "<br>" . $row[0] . " " . $row[1] . " " . $row[2]; } echo "<form method=\"post\" action=\"sysadmin.php\"><center><input type=\"submit\" value=\"Return to Sys Admin Menu\"></center></form>"; $display = "sysloggedin"; require_once "includes/footer.inc";
$doctordea = ''; $doctorstatus = 'A'; echo '<div class="center"><h2>Doctor Entry</h2></div>'; echo '<div id="formContainer">'; echo '<div id="formLeftSide"><br>'; echo '<div>Current list of Doctors</div><br>'; echo '<select name="doclist" size="5">'; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petcliniccorp`.`doctors`;"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Cannot access doctors table"); } else { $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("There are no Doctors in the database"); } else { while ($row = $result->fetch_row()) { echo '<option value="' . $row[0] . '">' . sprintf("%3s", $row[0]) . " " . $row[1] . '</option>'; } } } $mysqli->close(); echo '</select></div>'; echo '<div id="formRightSide"><br>'; echo '<form id="docform0" name="docform0" action="doctors1.php" method="post">'; echo '<table class="center" width="100%">'; echo '<tr><td>Enter the Doctor Number to be edited.</td></tr>'; echo '<tr><td><input type="text" name="editdocnum" size="5" maxlength="5"></td></tr>'; echo '<tr><td><input type="submit" value="Edit Requested Doctor"></td></tr></table></form><br>'; echo '<form id="docform1" name="docform1" action="doctors1.php" method="post">';
redirect("invmedbase.php"); exit; } if (isset($_POST['wherebought'])) { $wherebought = $_POST['wherebought']; } else { put_errormsg("A Vendor must be selected for where bought"); redirect("invmedbase.php"); exit; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $emplnumber = $_SESSION["employeenumber"]; echo $wherebought; $quesmark = strpos($wherebought, "?"); $vendorid = substr($wherebought, 0, $quesmark); $wherebought = substr($wherebought, $quesmark + 1); $sql = 'INSERT INTO `petclinicinv`.`invmedicine` (`meddesc`, `vendorid`, `wherebought`, `purdate`, `cartoncost`, `cartonspurch`, `containercarton`, '; $sql = $sql . '`itemscontainer`, `itemcost`, `containercost`, `itemreorderlevel`, `itemmarkup`, `containermarkup`, `itemsalesprice`, '; $sql = $sql . '`containersalesprice`, `taxable`, `status`, `changeid`) '; $sql = $sql . ' VALUES("' . $desc . '", ' . $vendorid . ', "' . $wherebought . '", ' . $purchdate . ', ' . $cartoncost . ', ' . $cartonspurch . ', ' . $contcarton . ', '; $sql = $sql . $itemcont . ', ' . $itemcost . ', ' . $contcost . ', ' . $itemreorder . ', ' . $itemmarkup . ', ' . $contmarkup . ', ' . $itemsales . ', '; $sql = $sql . $contsales . ', "' . $taxable . '", "A", ' . $emplnumber . ');'; if ($mysqli->query($sql) === TRUE) { } else { put_errormsg("Table invmedicine data insertion failed" . $mysqli->error); redirect("invmedbase.php"); exit(1); } $mysqli->close(); delete_errormsg(); redirect("invmedbase.php");
$visitserialarray = serialize($visitarray); setcookie("visitarray", $visitserialarray, time() + 1); if (strlen($date) != 8) { put_errormsg("The Date must be entered"); redirect("visitsnew1.php"); exit; } if ($save == "draft") { $filename = "draftPet" . $petid . ".txt"; $fh = fopen("./notes/" . $filename, "wbt"); fwrite($fh, $visitserialarray . "\n"); fclose($fh); if ($prefilename != "") { unlink("./notes/" . $prefilename); } put_errormsg("The Draft file has been created (" . $filename . ")"); redirect("visits.php"); exit; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $emplnumber = $_SESSION["employeenumber"]; $sql = "INSERT INTO `petclinic`.`visit` (`visitdate`, `petnumber`, `temp`, `weight`, `pulse`, `respiration`, `panting`, `caprefill`, `mucous`, `hydration`, "; $sql = $sql . "`clinicalstay`, `clinicaldischarge`, `changeid`) "; $sql = $sql . "VALUES (\"" . $date . "\", \"" . $petid . "\", \"" . $temp . "\", \"" . $weight . "\", \"" . $pulse . "\", \"" . $resp . "\", \"" . $pant . "\", \"" . $caprefill . "\", "; $sql = $sql . "\"" . $mucous . "\", \"" . $hydration . "\", \"" . $stay . "\", \"" . $discharge . "\", " . $emplnumber . ");"; if ($mysqli->query($sql) === TRUE) { $visitnumber = $mysqli->insert_id; } else { echo "Table visit data insertion failed" . $mysqli->error; exit(1); }
if (empty($_POST["procdesc"])) { put_errormsg("Procedure Description cannot be blank"); redirect("procmaint.php"); exit; } else { $procdesc = $_POST["procdesc"]; } if (empty($_POST["proctype"])) { put_errormsg("Procedure Type cannot be blank"); redirect("procmaint.php"); exit; } else { $proctype = $_POST["proctype"]; } if (empty($_POST["procstatus"])) { put_errormsg("Status cannot be blank"); redirect("procmaint.php"); exit; } else { $procstatus = $_POST["procstatus"]; } //if ($status <> "A") { //} $emplnumber = $_SESSION['employeenumber']; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); if ($proccode != "new") { $sql = "UPDATE procedures SET `petclinicproc`.`proccode` = \"" . $proccode . "\", `procdesc` = \"" . $procdesc . "\", `proctype` = \"" . $proctype . "\", `procstatus` = \"" . $procstatus . "\", "; $sql = $sql . "`changeid` = " . $emplnumber . " WHERE proccode = \"" . $proccode . "\";"; if ($mysqli->query($sql) === TRUE) { } else { echo "Table procedure data update failed" . $mysqli->error;
echo "</form></center>"; exit; } if ($u = "y") { $baserec = $_GET["baserec"]; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petclinicinv`.`invmedicine` WHERE `medid` = " . $baserec . ";"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Invalid medid"); redirect("invmedmenu.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Invalid medid"); redirect("invmedmenu.php"); exit; } $row = $result->fetch_row(); /* `medid` integer (5) NOT NULL AUTO_INCREMENT, `meddesc` varchar(32) NOT NULL, `vendorid` integer(11), `wherebought` varchar(50), `purdate` integer(8), `cartoncost` decimal(5,2), `cartonspurch` integer(3), `containercarton` integer(3) NOT NULL, `itemscontainer` integer(4) NOT NULL, `itemcost` decimal(5,2),
require_once "includes/footer.inc"; exit; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); if ($proccode != "new") { $sql = "SELECT proccode, procdesc, proctype, procstatus, changeid"; $sql = $sql . " FROM `petclinicproc`.`procedures` WHERE proccode = " . $proccode; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Invalid Procedure Code " . $proccode . " / " . $mysqli->error); redirect("procmaint.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Invalid Procedure Code"); redirect("procmaint.php"); exit; } delete_errormsg(); for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $proccode = $row[0]; $procdesc = $row[1]; $procbillcharge = $row[2]; $procstatus = $row[3]; $changeid = $row[4]; } } $errormsg = get_errormsg(); if ($proccode == "new") {
if (isset($_GET["pass"])) { $pass = $_GET["pass"]; } if ($pass == 2) { $background = "0"; require_once "includes/header1.inc"; require_once "includes/header2.inc"; echo "<center><form action=\"pwdreset2.php?pass=3\" method=\"post\"><table border=\"0\" width=\"60%\">"; echo "<tr><td>"; $question = mc_decrypt($question, ENCRYPTION_KEY); echo $question; echo "</td><td><input type=\"text\" name=\"answer\" size=\"40\" maxlength=\"40\"></td></tr>"; echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Submit Answer\"></td></tr>"; echo "</table></form></center>"; $display = "Pwdreset2"; require_once "includes/footer.inc"; exit; } if ($pass == 3) { $hashanswer = mc_decrypt($answer, ENCRYPTION_KEY); $answer = $_POST["answer"]; if ($answer != $hashanswer) { put_errormsg("Your answer is not correct"); redirect("pwdreset.php"); exit; } } delete_errormsg(); redirect("newpassword.php"); ?> ?
$coname = $_POST["coname"]; $address1 = $_POST["address1"]; $address2 = $_POST["address2"]; $city = $_POST["city"]; $state = $_POST["state"]; $zipcode = $_POST["zipcode"]; $telephone = $_POST["telephone"]; $fax = $_POST["fax"]; $logo = $_POST["logo"]; $license = $_POST["license"]; $statetax = $_POST["statetax"]; $mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $address1 = mc_encrypt($address1, ENCRYPTION_KEY); if (strlen($address2) > 0) { $address2 = mc_encrypt($address2, ENCRYPTION_KEY); } else { $address2 = ""; } $city = mc_encrypt($city, ENCRYPTION_KEY); $emplnumber = $_SESSION['employeenumber']; $sql = "UPDATE `petcliniccorp`.`company` SET `name` = \"" . $coname . "\", `address` = \"" . $address1 . "\", `address2` = \"" . $address2 . "\", `city` = \"" . $city . "\", `state` = \"" . $state . "\", `zipcode` = \"" . $zipcode; $sql = $sql . "\", `telephone` = \"" . $telephone . "\", `fax` = \"" . $fax . "\", `logo` = \"" . $logo . "\", `businesslic` = \"" . $license . "\", `statetax` = \"" . $statetax . "\", "; $sql = $sql . "changeid={$emplnumber};"; if ($mysqlic->query($sql) === TRUE) { } else { put_errormsg("Company update failed" . $mysqlic->error); redirect("criticalerror.php?m=corpinfo1.php&ec=0"); } $mysqlic->close(); delete_errormsg(); redirect("corpinfo.php");
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT `sk22` FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;"; $resultc = $mysqlic->query($sql); $row_cnt_c = $resultc->num_rows; $rowc = $resultc->fetch_row(); $sk22 = $rowc[0]; $mysqlic->close(); $result = $mysqli->query($sql1); if ($result == FALSE) { put_erormsg("There are no Pets (false)"); redirect("listings.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("There are no Pets (count)"); exit; } if ($sk22 == "Y") { echo "Clicking on the Pet Number will take you to a display to edit that Pet.<hr>"; } delete_errormsg(); while ($row = $result->fetch_row()) { $row1 = "Pet # "; if ($sk22 == "Y") { $row1 = $row1 . '<a href="petmaint.php?editpetnum="' . $row[0] . '">' . $row[0] . '</a>'; } else { $row1 = $row1 . $row[0] . " "; } $row1 = $row1 . ", Name is " . $row[1] . " "; $sql2 = "SELECT ";
echo $errormsg; echo "</center>"; exit; } if (!isset($_POST["client"])) { put_errormsg("You must enter a Client Number"); redirect("visitsnew.php"); exit; } else { $client = $_POST["client"]; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petclinic`.`clientpet` WHERE `clientnumber` = " . $client . ";"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("That Clients has no Pets"); redirect("visitsnew.php"); $mysqli->close(); exit; } echo "<br><br>"; if (isset($_POST["procdb"])) { $procdb = $_POST["procdb"]; } else { $procdb = "N"; } $row_cnt = $result->num_rows; for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $sql = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $row[1] . ";"; $result2 = $mysqli->query($sql);
} if (isset($_POST["docdea"])) { $docdea = $_POST["docdea"]; } else { $docdea = ""; } if (isset($_POST["doctorstatus"])) { $doctorstatus = $_POST["doctorstatus"]; } else { $doctorstatus = "A"; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); if ($docnumber != "new") { $sql = "UPDATE `petcliniccorp`.`doctors` SET `doctordesc` = '{$doctorinfo}', `doctorstatelic` = '{$docstatelic}', `doctordealic` = '{$docdea}', `doctorstatus` = '{$doctorstatus}' WHERE `doctorid` = '{$docnumber}';"; if ($mysqli->query($sql) === TRUE) { } else { put_errormessage("Table employee data update failed" . $mysqli->error); redirect("criticalerror.php?m=doctors2.php&ec=0"); exit(1); } } else { $sql = "INSERT INTO `petcliniccorp`.`doctors` (`doctordesc`, `doctorstatelic`, `doctordealic`, `doctorstatus`) VALUES ('{$doctorinfo}', '{$docstatelic}', '{$docdea}', '{$doctorstatus}');"; if ($mysqli->query($sql) === TRUE) { } else { put_errormsg("Table employee data insertion failed" . $mysqli->error); redirect("criticalerror.php?m=doctors2.php&ec=0"); exit(1); } } $mysqli->close(); delete_errormsg();
$headerTitle = "USER LOG"; require_once "includes/header1.inc"; require_once "includes/header2.inc"; require_once "includes/common.inc"; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $emplid = $_SESSION['employeenumber']; $sql = "SELECT emplnumber, lname, fname, address, address2, city, state, zipcode FROM `petcliniccorp`.`employee` WHERE emplnumber = " . $emplid; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("You are not listed. Internal error."); redirect("listings.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("You are not listed. Internal error."); redirect("listings.php"); exit; } echo "Clicking on your Employee Number will take you to a display to edit yoour information.<hr>"; delete_errormsg(); for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $address = mc_decrypt($row[3], ENCRYPTION_KEY); if ($row[4] != "") { $address2 = mc_decrypt($row[4], ENCRYPTION_KEY); } $row1 = "Employee # <a href=\"setupcmaint.php?editclientnum=" . $row[0] . "\">" . $row[0] . "</a> " . $row[2] . " " . $row[1] . " lives at " . $address; if ($row[4] != "") { $row1 = $row1 . ", " . $address2; }
if (!empty($_POST["pref2"])) { $pref2 = "bg." . $_POST["pref2"] . ".png"; } else { $pref2 = ""; } if (!empty($_POST["pref3"])) { $pref3 = "bg." . $_POST["pref3"] . ".png"; } else { $pref3 = ""; } if (!empty($_POST["pref4"])) { $pref4 = "bg." . $_POST["pref4"] . ".png"; } else { $pref4 = ""; } if (!empty($_POST["pref5"])) { $pref5 = "bg." . $_POST["pref5"] . ".png"; } else { $pref5 = ""; } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "UPDATE 'petcliniccorp`.`preferences' SET `pref1` = \"" . $pref1 . "\", `pref2` = \"" . $pref2 . "\", `pref3` = \"" . $pref3 . "\", `pref4` = \"" . $pref4 . "\", `pref5` = \"" . $pref5 . "\" WHERE `sequence` = 2"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Pref Seq 2 Update failed"); redirect("corpmenu.php"); exit; } $mysqli->close(); delete_errormsg(); redirect("corppref.php");
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT `sk21` FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;"; $resultc = $mysqlic->query($sql); $row_cnt_c = $resultc->num_rows; $rowc = $resultc->fetch_row(); $sk21 = $rowc[0]; $mysqlic->close(); $result = $mysqli->query($sql1); if ($result == FALSE) { put_errormsg("There are no Clients (false)"); header("Location:listings.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("There are no Clients (count)"); redirect("listings.php"); exit; } if ($sk21 == "Y") { echo "Clicking on the Client Number will take you to a display to edit that Client.<hr>"; } delete_errormsg(); for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $address = mc_decrypt($row[3], ENCRYPTION_KEY); if ($row[4] != "") { $address2 = mc_decrypt($row[4], ENCRYPTION_KEY); } else { $address2 = ""; }
put_errormsg("You have entered an incorrect Employee Number"); redirect("index1.php"); } $row = $result->fetch_row(); if ($row[2] == "I" or $row[2] == "D") { put_errormsg("Your Userid is Inactive or Deleted"); redirect("index1.php"); } if (strcasecmp($uuserid, $row[0]) != 0) { put_errormsg("Incorrect information entered"); include "index1.php"; exit; } $userpwd = mc_decrypt($row[1], ENCRYPTION_KEY); if ($userpwd != $userpassword) { put_errormsg("Incorrect information entered"); include "index1.php"; exit; } $ecc = $uuserid . $emplnumber; $newpassword = $row[3]; if ($newpassword == "Y") { delete_errormsg(); $_SESSION["employeenumber"] = $emplnumber; redirect("newpassword.php"); exit; } $sql = "SELECT * FROM `petcliniccorp`.`preferences` ORDER BY `sequence`"; $result = $mysqli->query($sql); $row_cnt = $result->num_rows; $row = $result->fetch_row();
$row1 = $row1 . $row[0] . " "; } $row1 = $row1 . ", Name is " . $row[1] . " which is a "; $species = substr($row[2], 0, 1); $sql2 = "SELECT `speciesdesc` FROM `petclinic`.`code_species` WHERE `speciescode` = \"" . $species . "\";"; $result = $mysqli->query($sql2); if ($result == TRUE) { } else { put_errormsg("Error getting species from code_species" . $mysqli->error); redirect("criticalerror.php?m=petlist.php&ec=0"); exit(1); } $rows = $result->fetch_row(); $row1 = $row1 . $rows[0] . " "; $sql2 = "SELECT breeddesc FROM `petclinic`.`code_breed` WHERE breedcode = \"" . $row[2] . "\";"; $result = $mysqli->query($sql2); if ($result == TRUE) { } else { put_errormsg("Error getting species from code_species" . $mysqli->error); redirect("criticalerror.php?m=petlist.php&ec=0"); exit(1); } $rows = $result->fetch_row(); $row1 = $row1 . $rows[0]; echo $row1; echo "<hr size=\"2px\" border=\"0\" NO SHADE align=\"center\" color=\"black\">"; } echo "<center><form action=\"listings.php\" method=\"post\"><input type=\"submit\" value=\"Return to Listings Menu\"></form></center>"; $mysqli->close(); $display = "clientlist:" . $emplnumber; require_once "includes/footer.inc";
*Copyrighted 2015-2016 by Michael Avila * *Distributed under the terms of the GNU General Public License * *This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * *****************************************************************/ session_start(); $logFileName = "user"; $headerTitle = "USER LOG"; require_once "includes/common.inc"; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT clientnumber, lname, fname, address, address2, city, state, zipcode, email FROM `petclinic`.`client` "; $sql = $sql . "WHERE `status` = \"A\" ORDER BY `lname`, `fname`"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("There are no Clients"); redirect("listings.php"); exit; } $row_cnt = $result->num_rows; delete_errormsg(); echo "<center><b><u><font size=\"+2\">Client List to Select Pet Owners</font></u></b></center><br><br>"; for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $address = mc_decrypt($row[3], ENCRYPTION_KEY); if ($row[4] != "") { $address2 = mc_decrypt($row[4], ENCRYPTION_KEY); } else { $address2 = ""; } $row1 = "Client # " . $row[0] . " " . $row[1] . ", " . $row[2] . " lives at " . $address . " ";
session_start(); $logFileName = "user"; $headerTitle = "USER LOG"; require_once "includes/common.inc"; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT status FROM `petclinicsys`.`logonallowed`;"; $errmsg = ' '; if ($result = $mysqli->query($sql)) { if (1 == $result->num_rows) { $row = $result->fetch_row(); if ($row[0] == "Y") { $sql = "UPDATE `petclinicsys`.`logonallowed` SET `status` = 'N'"; } else { $sql = "UPDATE `petclinicsys`.`logonallowed` SET `status` = 'Y'"; } if (!$mysqli->query($sql) === TRUE) { $errmsg = 'Failed to update logon status information: ' . $mysqli->error; put_errormsg($errmsg); } else { put_errormsg($errmsg); } } else { $errmsg = 'Query success, but no rows found?'; put_errormsg($errmsg); } } else { $errmsg = 'Could not query logon status information: ' . $mysqli->error; put_errormsg($errmsg); } $mysqli->close(); redirect("sysadmin.php");
PLEASE NOTE: Procedures are only saved if this is a Final Report. Procedures are not saved for a Draft Report. <br><br> Add Procedures from the left listbox to the right listbox that you have performed during this Visit <center><table width="50%"> <?php switch ($procdb) { case "V": include "includes/visitvproc.inc"; break; case "P": include "includes/visitpproc.inc"; break; case "N": break; default: put_errormsg("Internal error - Invalid Procedure DB Code"); redirect("criticalerror.php?m=visitsnew1.php&ec={$procdb}"); exit; break; } ?> </table> </div> <div id="save"> <?php if ($procdb == "V") { include "includes/visitvadmin.inc"; } if ($procdb == "P") { include "includes/visitpadmin.inc"; }
if ($result == FALSE) { put_errormsg("Invalid Message Number"); redirect("phonemsgs3.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Invalid Message Number"); redirect("phonemsgs3.php"); exit; } $row = $result->fetch_row(); $sql = "SELECT `lname`, `fname` FROM `petcliniccorp`.`employee` WHERE `emplnumber` = '" . $row[1] . "';"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Invalid Employee Number"); redirect("phonemsgs3.php"); exit; } $row_cnt = $result->num_rows; $rowe = $result->fetch_row(); echo $rowe[0] . ", " . $rowe[1]; ?> </td></tr> <tr><td><br>From: <?php echo $row[8]; ?> </td></tr> <tr><td><br>Telephone Number: <?php echo $row[9]; ?>
$vendorzipcode = $_POST["vendorzipcode"]; $vendortele = $_POST["vendortele"]; $vendorfax = $_POST["vendorfax"]; $vendoremail = $_POST["vendoremail"]; $vendoremail = mc_encrypt($vendoremail, ENCRYPTION_KEY); $vendorstatus = $_POST["vendorstatus"]; $emplnumber = $_SESSION['employeenumber']; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); if ($editvendornum != "new") { $sql = "UPDATE `petclinicinv`.`vendor` SET `vendorname` = \"" . $vendorname . "\", `vendorshortname` = \"" . $vendorshortname . "\", `vendorcontact` = \"" . $vendorcontact . "\", "; $sql = $sql . "`vendoraddress1` = \"" . $vendoraddress1 . "\", `vendoraddress2` = \"" . $vendoraddress2 . "\", `vendorcity` = \"" . $vendorcity . "\", `vendorstate` = \"" . $vendorstate . "\", `vendorzipcode` = \"" . $vendorzipcode . "\", "; $sql = $sql . "`vendortele` = \"" . $vendortele . "\", `vendorfax` = \"" . $vendorfax . "\", `vendoremail` = \"" . $vendoremail . "\", `vendorstatus` = \"" . $vendorstatus . "\" WHERE vendorid = \"" . $editvendornum . "\";"; if ($mysqli->query($sql) === TRUE) { } else { put_errormsg("Table vendor data update failed" . $mysqli->error); redirect("vendors.php"); exit(1); } } else { $sql = "INSERT INTO `petclinicinv`.`vendor` (`vendorname`, `vendorshortname`, `vendorcontact`, `vendoraddress1`, `vendoraddress2`, `vendorcity`, `vendorstate`, `vendorzipcode`, `vendortele`, `vendorfax`, `vendoremail`, `vendorstatus`)\n\t VALUES (\"{$vendorname}\", \"{$vendorshortname}\", \"{$vendorcontact}\", \"{$vendoraddress1}\", \"{$vendoraddress2}\", \"{$vendorcity}\", \"{$vendorstate}\", \"{$vendorzipcode}\", \"{$vendortele}\", \"{$vendorfax}\", \"{$vendoremail}\", \"{$vendorstatus}\");"; if ($mysqli->query($sql) === TRUE) { } else { put_errormsg("Table vendor data insertion failed" . $mysqli->error); redirect("vendors.php"); exit(1); } } $mysqli->close(); put_errormsg("Vendor Added/Modified"); unset($_SESSION["editvendornum"]); redirect("vendors.php");
*Distributed under the terms of the GNU General Public License * *This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * *****************************************************************/ session_start(); $logFileName = "user"; $headerTitle = "USER LOG"; require_once "includes/common.inc"; $emplnumber = $_SESSION['employeenumber']; $editempnum = $_SESSION["editempnum"]; $sk_yn = array_fill(1, 35, "N"); if (isset($_POST["sk"])) { if (!empty($_POST['sk'])) { // Loop to store and display values of individual checked checkbox. foreach ($_POST['sk'] as $selected) { $sk_yn[$selected] = "Y"; } } } $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "UPDATE `petcliniccorp`.`seckeys` SET `sk01` = \"{$sk_yn['1']}\", `sk02` = \"{$sk_yn['2']}\", `sk03` = \"{$sk_yn['3']}\", `sk04` = \"{$sk_yn['4']}\", `sk05` =\"{$sk_yn['5']}\", `sk06` = \"{$sk_yn['6']}\",\n\t\t\t\t\t`sk07` = \"{$sk_yn['7']}\", `sk08` = \"{$sk_yn['8']}\",\t`sk09` = \"{$sk_yn['9']}\",\t`sk10` = \"{$sk_yn['10']}\", `sk11` = \"{$sk_yn['11']}\",`sk12`= \"{$sk_yn['12']}\",\n\t\t\t\t\t`sk13` = \"{$sk_yn['13']}\", `sk14` = \"{$sk_yn['14']}\", `sk15` = \"{$sk_yn['15']}\", `sk16` = \"{$sk_yn['16']}\", `sk17` = \"{$sk_yn['17']}\",\n\t\t\t\t\t`sk18` = \"{$sk_yn['18']}\", `sk19` = \"{$sk_yn['19']}\", `sk20` = \"{$sk_yn['20']}\", `sk21` = \"{$sk_yn['21']}\",\t`sk22` = \"{$sk_yn['22']}\", `sk23` = \"{$sk_yn['23']}\",\n\t\t\t\t\t`sk24` = \"{$sk_yn['24']}\",\t`sk25` = \"{$sk_yn['25']}\", `sk26` = \"{$sk_yn['26']}\", `sk27` = \"{$sk_yn['27']}\", `sk28` = \"{$sk_yn['28']}\", `sk29` = \"{$sk_yn['29']}\",\n\t\t\t\t\t`sk30` = \"{$sk_yn['30']}\", `sk31` = \"{$sk_yn['31']}\", `sk32` = \"{$sk_yn['32']}\", `sk33` = \"{$sk_yn['33']}\", `sk34` = \"{$sk_yn['34']}\", `sk35` = \"{$sk_yn['35']}\"\n\t\t\t\t\tWHERE `emplnumber` = \"{$editempnum}\" AND `sequence` = 1"; if ($mysqli->query($sql) === TRUE) { } else { put_errormsg("Employee security data1 Update failed" . $mysqli->error); redirect("criticalerror.php?m=seckeys1.php&ec=0"); exit(1); } $mysqli->close(); delete_errormsg(); redirect("seckeys.php");
*****************************************************************/ session_start(); $logFileName = "user"; $headerTitle = "USER LOG"; require_once "includes/common.inc"; $value = "00"; if (!empty($_POST['menu'])) { foreach ($_POST['menu'] as $sKey => $sValue) { } $value = $sValue; } delete_errormsg(); switch ($value) { case "1": redirect("notavail.php"); exit; break; case "2": redirect("invmedbase.php?u=u"); exit; break; case "3": redirect("invmedbase.php"); exit; break; default: put_errormsg("You must make a selection"); redirect("invmedmenu.php"); exit; break; }
} } ?> <br><br><H1>Registration</H1> <br><br>Save this page to a PDF file and send to petclinic.email@gmail.com <br><br> <?php $mysqli = new mysqli('localhost', $user, mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petcliniccorp`.`company`;"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Cannot access petcliniccorp.company table"); } else { $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("The Company Information is missing"); } else { while ($row = $result->fetch_row()) { $coname = $row[0]; $address = mc_decrypt($row[1], ENCRYPTION_KEY); $city = mc_decrypt($row[3], ENCRYPTION_KEY); $state = $row[5]; $zipcode = $row[6]; $telephone = $row[9]; } } } $mysqli->close(); $errormsg = get_errormsg(); echo "<br><br>"; echo $coname . "<br>" . $address . "<br>" . $city . "<br>" . $state . "<br>" . $zipcode . "<br>" . $telephone . "<br><br>";
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT uuserid, pwdhint, hintans FROM employee WHERE `petcliniccorp`.`emplnumber` = \"" . $empnum . "\""; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Invalid Employee number"); redirect("pwdreset.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Invalid Employee number"); redirect("pwdreset.php"); exit; } $row = $result->fetch_row(); if ($row[0] != $userid) { put_errormsg("Invalid information"); redirect("pwdreset.php"); exit; } if (strlen($row[1]) == 0) { put_errormsg("You do not have a Password Reset Question"); redirect("pwdreset.php"); exit; } $_SESSION["Q"] = $row[1]; $_SESSION["A"] = $row[2]; $_SESSION["P"] = "2"; delete_errormsg(); $mysqli->close(); redirect("pwdreset2.php");
if ($result == FALSE) { put_errormsg("Pet Update failed; " . $mysqli->error); exit; } } if ($client1 != "") { $sql = "REPLACE INTO `petclinic`.`clientpet` VALUES (" . $client1 . "," . $editpetnum . ")"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("ClientPet Insert client1 failed; " . $mysqli->error); exit; } } if ($client2 != "") { $sql = "REPLACE INTO `petclinic`.`clientpet` VALUES (" . $client2 . "," . $editpetnum . ")"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("ClientPet Insert client2 failed; " . $mysqli->error); exit; } } $petpic = $_POST["petpic"]; if ($petpic == "Y") { delete_errormsg(); $_SESSION["petid"] = $editpetnum; exit; } $mysqli->close(); delete_errormsg(); $_SESSION['pet_data'] = array('petname' => $petname, 'pid' => $editpetnum); echo "petmaint.php";
<option value=""></option> <?php $breeds = array(); foreach ($speciesCodes as $key => $value) { // create an array for each code so we can 'group' the breeds by species. $breeds[$key] = array(); } $sql = "SELECT * FROM `petclinic`.`code_breed` ORDER BY `breeddesc`;"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Internal error for code_breed (1)"); redirect("mainmenu.php"); } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Internal error for code_breed (2)"); redirect("mainmenu.php"); exit; } while ($row = $result->fetch_row()) { $option = ''; if ($petbreed == $row[1]) { $option = '<option value="' . $row[1] . '" selected>' . $row[2] . '</option>'; } else { $option = '<option value="' . $row[1] . '">' . $row[2] . '</option>'; } $breeds[$row[0]][] = $option; } foreach ($breeds as $key => $value) { $speciesDesc = $speciesCodes[$key]; echo '<optgroup id="' . $key . '" label="----- ' . $speciesDesc . ' -----">';
echo "<center><font size=\"+2\"><b><u>Preferences</u></b></font>"; echo "<br>Application Default Settings</center><br>"; echo "<center><table width=\"55%\">"; echo "<tr><td align=\"right\"> Preload Defaults </td><td><select name=\"preload\" size=\"2\"><option value=\"Y\">Yes</option><option value=\"N\">No</option></td></tr>"; echo "<tr><td align=\"right\">Default State for Data Entry </td><td><select name=\"state\" size = \"5\">"; $mysqlis = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sqlstate = "SELECT * FROM `petclinic`.`code_state` ORDER BY `statedesc`"; $resultstate = $mysqlis->query($sqlstate); if ($resultstate == FALSE) { put_errormsg("Acquiring States Error"); redirect("corpmenu.php"); exit; } $row_cnt_state = $resultstate->num_rows; if ($row_cnt_state == 0) { put_errormsg("Acquiring States Error"); redirect("corpmenu.php"); exit; } for ($i = 0; $i < $row_cnt_state; $i++) { echo $i; $rowstate = $resultstate->fetch_row(); echo '<option value=".$rowstate[0]."'; if (strlen($state) > 0) { if ($rowstate[0] == $state) { echo " SELECTED "; } } echo " >" . $rowstate[1] . "</option>"; } echo "\"></select>";
echo "<p>Unable to save file.</p>"; exit; } // set proper permissions on the new file chmod(UPLOAD_DIR . $name, 0644); $petid = $_SESSION['petid']; $petid = "pet" . str_pad($petid, 5, "00000", STR_PAD_LEFT) . ".png"; chdir("./uploads"); rename($name, $petid); chdir(".."); require_once "password.php"; $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "USE petclinic;"; if ($mysqli->query($sql) === TRUE) { } else { echo "Error selecting to use petlinic" . $mysqli->error; exit(1); } $emplnumber = $_SESSION['employeenumber']; $editpetnum = $_POST["petid"]; $sql = "UPDATE pet SET `picture` = \"Y\" WHERE `petnumber` = " . $petid . ";"; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Pet Picture Upload Failed"); redirect("mainmenu.php"); exit; } $mysqli->close(); put_errormsg("Uploaded file saved as " . $petid); redirect("maintmenu.php"); }