Esempio n. 1
0
*Copyrighted 2015-2016 by Michael Avila                          *
*Distributed under the terms of the GNU General Public License   *
*This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
*****************************************************************/
session_start();
$background = "3";
$logFileName = "user";
$headerTitle = "USER LOG";
$refresh = "<meta http-equiv=\"refresh\" content=\"30\";>";
require_once "includes/header1.inc";
require_once "includes/header2.inc";
require_once "includes/common.inc";
echo "<br><br><center>This page will automatically refresh every 30 seconds</center>";
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petclinicsys`.`usersol`;";
$result = $mysqli->query($sql);
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("There are no Users Logged In");
    redirect("sysadmin.php");
    exit;
}
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    echo "<br>" . $row[0] . " " . $row[1] . " " . $row[2];
}
echo "<form method=\"post\" action=\"sysadmin.php\"><center><input type=\"submit\" value=\"Return to Sys Admin Menu\"></center></form>";
$display = "sysloggedin";
require_once "includes/footer.inc";
Esempio n. 2
0
$doctordea = '';
$doctorstatus = 'A';
echo '<div class="center"><h2>Doctor Entry</h2></div>';
echo '<div id="formContainer">';
echo '<div id="formLeftSide"><br>';
echo '<div>Current list of Doctors</div><br>';
echo '<select name="doclist" size="5">';
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petcliniccorp`.`doctors`;";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Cannot access doctors table");
} else {
    $row_cnt = $result->num_rows;
    if ($row_cnt == 0) {
        put_errormsg("There are no Doctors in the database");
    } else {
        while ($row = $result->fetch_row()) {
            echo '<option value="' . $row[0] . '">' . sprintf("%3s", $row[0]) . " " . $row[1] . '</option>';
        }
    }
}
$mysqli->close();
echo '</select></div>';
echo '<div id="formRightSide"><br>';
echo '<form id="docform0" name="docform0" action="doctors1.php" method="post">';
echo '<table class="center" width="100%">';
echo '<tr><td>Enter the Doctor Number to be edited.</td></tr>';
echo '<tr><td><input type="text" name="editdocnum" size="5" maxlength="5"></td></tr>';
echo '<tr><td><input type="submit" value="Edit Requested Doctor"></td></tr></table></form><br>';
echo '<form id="docform1" name="docform1" action="doctors1.php" method="post">';
Esempio n. 3
0
    redirect("invmedbase.php");
    exit;
}
if (isset($_POST['wherebought'])) {
    $wherebought = $_POST['wherebought'];
} else {
    put_errormsg("A Vendor must be selected for where bought");
    redirect("invmedbase.php");
    exit;
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$emplnumber = $_SESSION["employeenumber"];
echo $wherebought;
$quesmark = strpos($wherebought, "?");
$vendorid = substr($wherebought, 0, $quesmark);
$wherebought = substr($wherebought, $quesmark + 1);
$sql = 'INSERT INTO `petclinicinv`.`invmedicine` (`meddesc`, `vendorid`, `wherebought`, `purdate`, `cartoncost`,  `cartonspurch`, `containercarton`, ';
$sql = $sql . '`itemscontainer`, `itemcost`, `containercost`, `itemreorderlevel`, `itemmarkup`, `containermarkup`, `itemsalesprice`, ';
$sql = $sql . '`containersalesprice`, `taxable`, `status`, `changeid`) ';
$sql = $sql . ' VALUES("' . $desc . '", ' . $vendorid . ', "' . $wherebought . '", ' . $purchdate . ', ' . $cartoncost . ', ' . $cartonspurch . ', ' . $contcarton . ', ';
$sql = $sql . $itemcont . ', ' . $itemcost . ', ' . $contcost . ', ' . $itemreorder . ', ' . $itemmarkup . ', ' . $contmarkup . ', ' . $itemsales . ', ';
$sql = $sql . $contsales . ', "' . $taxable . '", "A", ' . $emplnumber . ');';
if ($mysqli->query($sql) === TRUE) {
} else {
    put_errormsg("Table invmedicine data insertion failed" . $mysqli->error);
    redirect("invmedbase.php");
    exit(1);
}
$mysqli->close();
delete_errormsg();
redirect("invmedbase.php");
Esempio n. 4
0
$visitserialarray = serialize($visitarray);
setcookie("visitarray", $visitserialarray, time() + 1);
if (strlen($date) != 8) {
    put_errormsg("The Date must be entered");
    redirect("visitsnew1.php");
    exit;
}
if ($save == "draft") {
    $filename = "draftPet" . $petid . ".txt";
    $fh = fopen("./notes/" . $filename, "wbt");
    fwrite($fh, $visitserialarray . "\n");
    fclose($fh);
    if ($prefilename != "") {
        unlink("./notes/" . $prefilename);
    }
    put_errormsg("The Draft file has been created (" . $filename . ")");
    redirect("visits.php");
    exit;
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$emplnumber = $_SESSION["employeenumber"];
$sql = "INSERT INTO `petclinic`.`visit` (`visitdate`, `petnumber`, `temp`, `weight`, `pulse`, `respiration`, `panting`, `caprefill`, `mucous`, `hydration`, ";
$sql = $sql . "`clinicalstay`, `clinicaldischarge`, `changeid`) ";
$sql = $sql . "VALUES (\"" . $date . "\", \"" . $petid . "\", \"" . $temp . "\", \"" . $weight . "\", \"" . $pulse . "\", \"" . $resp . "\", \"" . $pant . "\", \"" . $caprefill . "\", ";
$sql = $sql . "\"" . $mucous . "\", \"" . $hydration . "\", \"" . $stay . "\", \"" . $discharge . "\", " . $emplnumber . ");";
if ($mysqli->query($sql) === TRUE) {
    $visitnumber = $mysqli->insert_id;
} else {
    echo "Table visit data insertion failed" . $mysqli->error;
    exit(1);
}
Esempio n. 5
0
if (empty($_POST["procdesc"])) {
    put_errormsg("Procedure Description cannot be blank");
    redirect("procmaint.php");
    exit;
} else {
    $procdesc = $_POST["procdesc"];
}
if (empty($_POST["proctype"])) {
    put_errormsg("Procedure Type cannot be blank");
    redirect("procmaint.php");
    exit;
} else {
    $proctype = $_POST["proctype"];
}
if (empty($_POST["procstatus"])) {
    put_errormsg("Status cannot be blank");
    redirect("procmaint.php");
    exit;
} else {
    $procstatus = $_POST["procstatus"];
}
//if ($status <> "A") {
//}
$emplnumber = $_SESSION['employeenumber'];
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
if ($proccode != "new") {
    $sql = "UPDATE procedures SET `petclinicproc`.`proccode` = \"" . $proccode . "\", `procdesc` = \"" . $procdesc . "\", `proctype` = \"" . $proctype . "\", `procstatus` = \"" . $procstatus . "\", ";
    $sql = $sql . "`changeid` = " . $emplnumber . " WHERE proccode = \"" . $proccode . "\";";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        echo "Table procedure data update failed" . $mysqli->error;
Esempio n. 6
0
    echo "</form></center>";
    exit;
}
if ($u = "y") {
    $baserec = $_GET["baserec"];
    $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
    $sql = "SELECT * FROM `petclinicinv`.`invmedicine` WHERE `medid` = " . $baserec . ";";
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("Invalid medid");
        redirect("invmedmenu.php");
        exit;
    }
    $row_cnt = $result->num_rows;
    if ($row_cnt == 0) {
        put_errormsg("Invalid medid");
        redirect("invmedmenu.php");
        exit;
    }
    $row = $result->fetch_row();
    /*
    	`medid` integer (5) NOT NULL AUTO_INCREMENT,
    	`meddesc` varchar(32) NOT NULL,
       `vendorid` integer(11),
    	`wherebought` varchar(50),
    	`purdate` integer(8),
    	`cartoncost` decimal(5,2),
    	`cartonspurch` integer(3),
    	`containercarton` integer(3) NOT NULL,
    	`itemscontainer` integer(4) NOT NULL,
    	`itemcost` decimal(5,2),
Esempio n. 7
0
    require_once "includes/footer.inc";
    exit;
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
if ($proccode != "new") {
    $sql = "SELECT proccode, procdesc, proctype, procstatus, changeid";
    $sql = $sql . " FROM `petclinicproc`.`procedures` WHERE proccode = " . $proccode;
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("Invalid Procedure Code " . $proccode . " / " . $mysqli->error);
        redirect("procmaint.php");
        exit;
    }
    $row_cnt = $result->num_rows;
    if ($row_cnt == 0) {
        put_errormsg("Invalid Procedure Code");
        redirect("procmaint.php");
        exit;
    }
    delete_errormsg();
    for ($i = 0; $i < $row_cnt; $i++) {
        $row = $result->fetch_row();
        $proccode = $row[0];
        $procdesc = $row[1];
        $procbillcharge = $row[2];
        $procstatus = $row[3];
        $changeid = $row[4];
    }
}
$errormsg = get_errormsg();
if ($proccode == "new") {
Esempio n. 8
0
if (isset($_GET["pass"])) {
    $pass = $_GET["pass"];
}
if ($pass == 2) {
    $background = "0";
    require_once "includes/header1.inc";
    require_once "includes/header2.inc";
    echo "<center><form action=\"pwdreset2.php?pass=3\" method=\"post\"><table border=\"0\" width=\"60%\">";
    echo "<tr><td>";
    $question = mc_decrypt($question, ENCRYPTION_KEY);
    echo $question;
    echo "</td><td><input type=\"text\" name=\"answer\" size=\"40\" maxlength=\"40\"></td></tr>";
    echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Submit Answer\"></td></tr>";
    echo "</table></form></center>";
    $display = "Pwdreset2";
    require_once "includes/footer.inc";
    exit;
}
if ($pass == 3) {
    $hashanswer = mc_decrypt($answer, ENCRYPTION_KEY);
    $answer = $_POST["answer"];
    if ($answer != $hashanswer) {
        put_errormsg("Your answer is not correct");
        redirect("pwdreset.php");
        exit;
    }
}
delete_errormsg();
redirect("newpassword.php");
?>
?
Esempio n. 9
0
$coname = $_POST["coname"];
$address1 = $_POST["address1"];
$address2 = $_POST["address2"];
$city = $_POST["city"];
$state = $_POST["state"];
$zipcode = $_POST["zipcode"];
$telephone = $_POST["telephone"];
$fax = $_POST["fax"];
$logo = $_POST["logo"];
$license = $_POST["license"];
$statetax = $_POST["statetax"];
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$address1 = mc_encrypt($address1, ENCRYPTION_KEY);
if (strlen($address2) > 0) {
    $address2 = mc_encrypt($address2, ENCRYPTION_KEY);
} else {
    $address2 = "";
}
$city = mc_encrypt($city, ENCRYPTION_KEY);
$emplnumber = $_SESSION['employeenumber'];
$sql = "UPDATE `petcliniccorp`.`company` SET `name` = \"" . $coname . "\", `address` = \"" . $address1 . "\", `address2` = \"" . $address2 . "\", `city` = \"" . $city . "\", `state` = \"" . $state . "\", `zipcode` = \"" . $zipcode;
$sql = $sql . "\", `telephone` = \"" . $telephone . "\", `fax` = \"" . $fax . "\", `logo` = \"" . $logo . "\", `businesslic` = \"" . $license . "\", `statetax` = \"" . $statetax . "\", ";
$sql = $sql . "changeid={$emplnumber};";
if ($mysqlic->query($sql) === TRUE) {
} else {
    put_errormsg("Company update failed" . $mysqlic->error);
    redirect("criticalerror.php?m=corpinfo1.php&ec=0");
}
$mysqlic->close();
delete_errormsg();
redirect("corpinfo.php");
Esempio n. 10
0
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT `sk22` FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;";
$resultc = $mysqlic->query($sql);
$row_cnt_c = $resultc->num_rows;
$rowc = $resultc->fetch_row();
$sk22 = $rowc[0];
$mysqlic->close();
$result = $mysqli->query($sql1);
if ($result == FALSE) {
    put_erormsg("There are no Pets (false)");
    redirect("listings.php");
    exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("There are no Pets (count)");
    exit;
}
if ($sk22 == "Y") {
    echo "Clicking on the Pet Number will take you to a display to edit that Pet.<hr>";
}
delete_errormsg();
while ($row = $result->fetch_row()) {
    $row1 = "Pet # ";
    if ($sk22 == "Y") {
        $row1 = $row1 . '<a href="petmaint.php?editpetnum="' . $row[0] . '">' . $row[0] . '</a>';
    } else {
        $row1 = $row1 . $row[0] . " ";
    }
    $row1 = $row1 . ", Name is " . $row[1] . " ";
    $sql2 = "SELECT ";
Esempio n. 11
0
    echo $errormsg;
    echo "</center>";
    exit;
}
if (!isset($_POST["client"])) {
    put_errormsg("You must enter a Client Number");
    redirect("visitsnew.php");
    exit;
} else {
    $client = $_POST["client"];
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petclinic`.`clientpet` WHERE `clientnumber` = " . $client . ";";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("That Clients has no Pets");
    redirect("visitsnew.php");
    $mysqli->close();
    exit;
}
echo "<br><br>";
if (isset($_POST["procdb"])) {
    $procdb = $_POST["procdb"];
} else {
    $procdb = "N";
}
$row_cnt = $result->num_rows;
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    $sql = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $row[1] . ";";
    $result2 = $mysqli->query($sql);
Esempio n. 12
0
}
if (isset($_POST["docdea"])) {
    $docdea = $_POST["docdea"];
} else {
    $docdea = "";
}
if (isset($_POST["doctorstatus"])) {
    $doctorstatus = $_POST["doctorstatus"];
} else {
    $doctorstatus = "A";
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
if ($docnumber != "new") {
    $sql = "UPDATE `petcliniccorp`.`doctors` SET `doctordesc` = '{$doctorinfo}', `doctorstatelic` = '{$docstatelic}', `doctordealic` = '{$docdea}', `doctorstatus` = '{$doctorstatus}' WHERE `doctorid` = '{$docnumber}';";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        put_errormessage("Table employee data update failed" . $mysqli->error);
        redirect("criticalerror.php?m=doctors2.php&ec=0");
        exit(1);
    }
} else {
    $sql = "INSERT INTO `petcliniccorp`.`doctors` (`doctordesc`, `doctorstatelic`, `doctordealic`, `doctorstatus`) VALUES ('{$doctorinfo}', '{$docstatelic}', '{$docdea}', '{$doctorstatus}');";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        put_errormsg("Table employee data insertion failed" . $mysqli->error);
        redirect("criticalerror.php?m=doctors2.php&ec=0");
        exit(1);
    }
}
$mysqli->close();
delete_errormsg();
Esempio n. 13
0
$headerTitle = "USER LOG";
require_once "includes/header1.inc";
require_once "includes/header2.inc";
require_once "includes/common.inc";
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$emplid = $_SESSION['employeenumber'];
$sql = "SELECT emplnumber, lname, fname, address, address2, city, state, zipcode FROM `petcliniccorp`.`employee` WHERE emplnumber = " . $emplid;
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("You are not listed. Internal error.");
    redirect("listings.php");
    exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("You are not listed. Internal error.");
    redirect("listings.php");
    exit;
}
echo "Clicking on your Employee Number will take you to a display to edit yoour information.<hr>";
delete_errormsg();
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    $address = mc_decrypt($row[3], ENCRYPTION_KEY);
    if ($row[4] != "") {
        $address2 = mc_decrypt($row[4], ENCRYPTION_KEY);
    }
    $row1 = "Employee # <a href=\"setupcmaint.php?editclientnum=" . $row[0] . "\">" . $row[0] . "</a> " . $row[2] . " " . $row[1] . " lives at " . $address;
    if ($row[4] != "") {
        $row1 = $row1 . ", " . $address2;
    }
Esempio n. 14
0
if (!empty($_POST["pref2"])) {
    $pref2 = "bg." . $_POST["pref2"] . ".png";
} else {
    $pref2 = "";
}
if (!empty($_POST["pref3"])) {
    $pref3 = "bg." . $_POST["pref3"] . ".png";
} else {
    $pref3 = "";
}
if (!empty($_POST["pref4"])) {
    $pref4 = "bg." . $_POST["pref4"] . ".png";
} else {
    $pref4 = "";
}
if (!empty($_POST["pref5"])) {
    $pref5 = "bg." . $_POST["pref5"] . ".png";
} else {
    $pref5 = "";
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "UPDATE 'petcliniccorp`.`preferences' SET `pref1` = \"" . $pref1 . "\", `pref2` = \"" . $pref2 . "\", `pref3` = \"" . $pref3 . "\", `pref4` = \"" . $pref4 . "\", `pref5` = \"" . $pref5 . "\" WHERE `sequence` = 2";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Pref Seq 2 Update failed");
    redirect("corpmenu.php");
    exit;
}
$mysqli->close();
delete_errormsg();
redirect("corppref.php");
Esempio n. 15
0
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT `sk21` FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;";
$resultc = $mysqlic->query($sql);
$row_cnt_c = $resultc->num_rows;
$rowc = $resultc->fetch_row();
$sk21 = $rowc[0];
$mysqlic->close();
$result = $mysqli->query($sql1);
if ($result == FALSE) {
    put_errormsg("There are no Clients (false)");
    header("Location:listings.php");
    exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("There are no Clients (count)");
    redirect("listings.php");
    exit;
}
if ($sk21 == "Y") {
    echo "Clicking on the Client Number will take you to a display to edit that Client.<hr>";
}
delete_errormsg();
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    $address = mc_decrypt($row[3], ENCRYPTION_KEY);
    if ($row[4] != "") {
        $address2 = mc_decrypt($row[4], ENCRYPTION_KEY);
    } else {
        $address2 = "";
    }
Esempio n. 16
0
    put_errormsg("You have entered an incorrect Employee Number");
    redirect("index1.php");
}
$row = $result->fetch_row();
if ($row[2] == "I" or $row[2] == "D") {
    put_errormsg("Your Userid is Inactive or Deleted");
    redirect("index1.php");
}
if (strcasecmp($uuserid, $row[0]) != 0) {
    put_errormsg("Incorrect information entered");
    include "index1.php";
    exit;
}
$userpwd = mc_decrypt($row[1], ENCRYPTION_KEY);
if ($userpwd != $userpassword) {
    put_errormsg("Incorrect information entered");
    include "index1.php";
    exit;
}
$ecc = $uuserid . $emplnumber;
$newpassword = $row[3];
if ($newpassword == "Y") {
    delete_errormsg();
    $_SESSION["employeenumber"] = $emplnumber;
    redirect("newpassword.php");
    exit;
}
$sql = "SELECT * FROM `petcliniccorp`.`preferences` ORDER BY `sequence`";
$result = $mysqli->query($sql);
$row_cnt = $result->num_rows;
$row = $result->fetch_row();
Esempio n. 17
0
        $row1 = $row1 . $row[0] . " ";
    }
    $row1 = $row1 . ", Name is " . $row[1] . " which is a ";
    $species = substr($row[2], 0, 1);
    $sql2 = "SELECT `speciesdesc` FROM `petclinic`.`code_species` WHERE `speciescode` = \"" . $species . "\";";
    $result = $mysqli->query($sql2);
    if ($result == TRUE) {
    } else {
        put_errormsg("Error getting species from code_species" . $mysqli->error);
        redirect("criticalerror.php?m=petlist.php&ec=0");
        exit(1);
    }
    $rows = $result->fetch_row();
    $row1 = $row1 . $rows[0] . " ";
    $sql2 = "SELECT breeddesc FROM `petclinic`.`code_breed` WHERE breedcode = \"" . $row[2] . "\";";
    $result = $mysqli->query($sql2);
    if ($result == TRUE) {
    } else {
        put_errormsg("Error getting species from code_species" . $mysqli->error);
        redirect("criticalerror.php?m=petlist.php&ec=0");
        exit(1);
    }
    $rows = $result->fetch_row();
    $row1 = $row1 . $rows[0];
    echo $row1;
    echo "<hr size=\"2px\" border=\"0\" NO SHADE align=\"center\" color=\"black\">";
}
echo "<center><form action=\"listings.php\" method=\"post\"><input type=\"submit\" value=\"Return to Listings Menu\"></form></center>";
$mysqli->close();
$display = "clientlist:" . $emplnumber;
require_once "includes/footer.inc";
Esempio n. 18
0
*Copyrighted 2015-2016 by Michael Avila                          *
*Distributed under the terms of the GNU General Public License   *
*This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
*****************************************************************/
session_start();
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/common.inc";
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT clientnumber, lname, fname, address, address2, city, state, zipcode, email FROM `petclinic`.`client` ";
$sql = $sql . "WHERE `status` = \"A\" ORDER BY `lname`, `fname`";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("There are no Clients");
    redirect("listings.php");
    exit;
}
$row_cnt = $result->num_rows;
delete_errormsg();
echo "<center><b><u><font size=\"+2\">Client List to Select Pet Owners</font></u></b></center><br><br>";
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    $address = mc_decrypt($row[3], ENCRYPTION_KEY);
    if ($row[4] != "") {
        $address2 = mc_decrypt($row[4], ENCRYPTION_KEY);
    } else {
        $address2 = "";
    }
    $row1 = "Client # " . $row[0] . " " . $row[1] . ", " . $row[2] . " lives at " . $address . " ";
Esempio n. 19
0
session_start();
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/common.inc";
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT status FROM `petclinicsys`.`logonallowed`;";
$errmsg = ' ';
if ($result = $mysqli->query($sql)) {
    if (1 == $result->num_rows) {
        $row = $result->fetch_row();
        if ($row[0] == "Y") {
            $sql = "UPDATE `petclinicsys`.`logonallowed` SET `status` = 'N'";
        } else {
            $sql = "UPDATE `petclinicsys`.`logonallowed` SET `status` = 'Y'";
        }
        if (!$mysqli->query($sql) === TRUE) {
            $errmsg = 'Failed to update logon status information: ' . $mysqli->error;
            put_errormsg($errmsg);
        } else {
            put_errormsg($errmsg);
        }
    } else {
        $errmsg = 'Query success, but no rows found?';
        put_errormsg($errmsg);
    }
} else {
    $errmsg = 'Could not query logon status information: ' . $mysqli->error;
    put_errormsg($errmsg);
}
$mysqli->close();
redirect("sysadmin.php");
Esempio n. 20
0
PLEASE NOTE: Procedures are only saved if this is a Final Report. Procedures are not saved for a Draft Report.
<br><br>
Add Procedures from the left listbox to the right listbox that you have performed during this Visit
<center><table width="50%">
<?php 
switch ($procdb) {
    case "V":
        include "includes/visitvproc.inc";
        break;
    case "P":
        include "includes/visitpproc.inc";
        break;
    case "N":
        break;
    default:
        put_errormsg("Internal error - Invalid Procedure DB Code");
        redirect("criticalerror.php?m=visitsnew1.php&ec={$procdb}");
        exit;
        break;
}
?>
</table>
</div>
<div id="save">
<?php 
if ($procdb == "V") {
    include "includes/visitvadmin.inc";
}
if ($procdb == "P") {
    include "includes/visitpadmin.inc";
}
Esempio n. 21
0
if ($result == FALSE) {
    put_errormsg("Invalid Message Number");
    redirect("phonemsgs3.php");
    exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("Invalid Message Number");
    redirect("phonemsgs3.php");
    exit;
}
$row = $result->fetch_row();
$sql = "SELECT `lname`, `fname` FROM `petcliniccorp`.`employee` WHERE `emplnumber` = '" . $row[1] . "';";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Invalid Employee Number");
    redirect("phonemsgs3.php");
    exit;
}
$row_cnt = $result->num_rows;
$rowe = $result->fetch_row();
echo $rowe[0] . ", " . $rowe[1];
?>
</td></tr>
<tr><td><br>From: <?php 
echo $row[8];
?>
</td></tr>
<tr><td><br>Telephone Number: <?php 
echo $row[9];
?>
Esempio n. 22
0
$vendorzipcode = $_POST["vendorzipcode"];
$vendortele = $_POST["vendortele"];
$vendorfax = $_POST["vendorfax"];
$vendoremail = $_POST["vendoremail"];
$vendoremail = mc_encrypt($vendoremail, ENCRYPTION_KEY);
$vendorstatus = $_POST["vendorstatus"];
$emplnumber = $_SESSION['employeenumber'];
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
if ($editvendornum != "new") {
    $sql = "UPDATE `petclinicinv`.`vendor` SET `vendorname` = \"" . $vendorname . "\", `vendorshortname` = \"" . $vendorshortname . "\", `vendorcontact` = \"" . $vendorcontact . "\", ";
    $sql = $sql . "`vendoraddress1` = \"" . $vendoraddress1 . "\", `vendoraddress2` = \"" . $vendoraddress2 . "\", `vendorcity` = \"" . $vendorcity . "\", `vendorstate` = \"" . $vendorstate . "\", `vendorzipcode` = \"" . $vendorzipcode . "\", ";
    $sql = $sql . "`vendortele` = \"" . $vendortele . "\", `vendorfax` = \"" . $vendorfax . "\", `vendoremail` = \"" . $vendoremail . "\", `vendorstatus` = \"" . $vendorstatus . "\" WHERE vendorid = \"" . $editvendornum . "\";";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        put_errormsg("Table vendor data update failed" . $mysqli->error);
        redirect("vendors.php");
        exit(1);
    }
} else {
    $sql = "INSERT INTO `petclinicinv`.`vendor` (`vendorname`, `vendorshortname`, `vendorcontact`, `vendoraddress1`, `vendoraddress2`, `vendorcity`, `vendorstate`, `vendorzipcode`, `vendortele`, `vendorfax`, `vendoremail`, `vendorstatus`)\n\t   VALUES (\"{$vendorname}\", \"{$vendorshortname}\", \"{$vendorcontact}\", \"{$vendoraddress1}\", \"{$vendoraddress2}\", \"{$vendorcity}\", \"{$vendorstate}\", \"{$vendorzipcode}\", \"{$vendortele}\", \"{$vendorfax}\", \"{$vendoremail}\", \"{$vendorstatus}\");";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        put_errormsg("Table vendor data insertion failed" . $mysqli->error);
        redirect("vendors.php");
        exit(1);
    }
}
$mysqli->close();
put_errormsg("Vendor Added/Modified");
unset($_SESSION["editvendornum"]);
redirect("vendors.php");
Esempio n. 23
0
*Distributed under the terms of the GNU General Public License   *
*This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
*****************************************************************/
session_start();
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/common.inc";
$emplnumber = $_SESSION['employeenumber'];
$editempnum = $_SESSION["editempnum"];
$sk_yn = array_fill(1, 35, "N");
if (isset($_POST["sk"])) {
    if (!empty($_POST['sk'])) {
        // Loop to store and display values of individual checked checkbox.
        foreach ($_POST['sk'] as $selected) {
            $sk_yn[$selected] = "Y";
        }
    }
}
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "UPDATE `petcliniccorp`.`seckeys` SET `sk01` = \"{$sk_yn['1']}\", `sk02` = \"{$sk_yn['2']}\", `sk03` = \"{$sk_yn['3']}\", `sk04` = \"{$sk_yn['4']}\", `sk05` =\"{$sk_yn['5']}\", `sk06` = \"{$sk_yn['6']}\",\n\t\t\t\t\t`sk07` = \"{$sk_yn['7']}\", `sk08` = \"{$sk_yn['8']}\",\t`sk09` = \"{$sk_yn['9']}\",\t`sk10` = \"{$sk_yn['10']}\", `sk11` = \"{$sk_yn['11']}\",`sk12`= \"{$sk_yn['12']}\",\n\t\t\t\t\t`sk13` = \"{$sk_yn['13']}\", `sk14` = \"{$sk_yn['14']}\", `sk15` = \"{$sk_yn['15']}\", `sk16` = \"{$sk_yn['16']}\", `sk17` = \"{$sk_yn['17']}\",\n\t\t\t\t\t`sk18` = \"{$sk_yn['18']}\", `sk19` = \"{$sk_yn['19']}\", `sk20` = \"{$sk_yn['20']}\", `sk21` = \"{$sk_yn['21']}\",\t`sk22` = \"{$sk_yn['22']}\", `sk23` = \"{$sk_yn['23']}\",\n\t\t\t\t\t`sk24` = \"{$sk_yn['24']}\",\t`sk25` = \"{$sk_yn['25']}\", `sk26` = \"{$sk_yn['26']}\", `sk27` = \"{$sk_yn['27']}\", `sk28` = \"{$sk_yn['28']}\", `sk29` = \"{$sk_yn['29']}\",\n\t\t\t\t\t`sk30` = \"{$sk_yn['30']}\", `sk31` = \"{$sk_yn['31']}\", `sk32` = \"{$sk_yn['32']}\", `sk33` = \"{$sk_yn['33']}\", `sk34` = \"{$sk_yn['34']}\", `sk35` = \"{$sk_yn['35']}\"\n\t\t\t\t\tWHERE `emplnumber` = \"{$editempnum}\" AND `sequence` = 1";
if ($mysqli->query($sql) === TRUE) {
} else {
    put_errormsg("Employee security data1 Update failed" . $mysqli->error);
    redirect("criticalerror.php?m=seckeys1.php&ec=0");
    exit(1);
}
$mysqli->close();
delete_errormsg();
redirect("seckeys.php");
Esempio n. 24
0
*****************************************************************/
session_start();
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/common.inc";
$value = "00";
if (!empty($_POST['menu'])) {
    foreach ($_POST['menu'] as $sKey => $sValue) {
    }
    $value = $sValue;
}
delete_errormsg();
switch ($value) {
    case "1":
        redirect("notavail.php");
        exit;
        break;
    case "2":
        redirect("invmedbase.php?u=u");
        exit;
        break;
    case "3":
        redirect("invmedbase.php");
        exit;
        break;
    default:
        put_errormsg("You must make a selection");
        redirect("invmedmenu.php");
        exit;
        break;
}
Esempio n. 25
0
    }
}
?>
<br><br><H1>Registration</H1>
<br><br>Save this page to a PDF file and send to petclinic.email@gmail.com
<br><br>
<?php 
$mysqli = new mysqli('localhost', $user, mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petcliniccorp`.`company`;";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Cannot access petcliniccorp.company table");
} else {
    $row_cnt = $result->num_rows;
    if ($row_cnt == 0) {
        put_errormsg("The Company Information is missing");
    } else {
        while ($row = $result->fetch_row()) {
            $coname = $row[0];
            $address = mc_decrypt($row[1], ENCRYPTION_KEY);
            $city = mc_decrypt($row[3], ENCRYPTION_KEY);
            $state = $row[5];
            $zipcode = $row[6];
            $telephone = $row[9];
        }
    }
}
$mysqli->close();
$errormsg = get_errormsg();
echo "<br><br>";
echo $coname . "<br>" . $address . "<br>" . $city . "<br>" . $state . "<br>" . $zipcode . "<br>" . $telephone . "<br><br>";
Esempio n. 26
0
$mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT uuserid, pwdhint, hintans FROM employee WHERE `petcliniccorp`.`emplnumber` = \"" . $empnum . "\"";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Invalid Employee number");
    redirect("pwdreset.php");
    exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("Invalid Employee number");
    redirect("pwdreset.php");
    exit;
}
$row = $result->fetch_row();
if ($row[0] != $userid) {
    put_errormsg("Invalid information");
    redirect("pwdreset.php");
    exit;
}
if (strlen($row[1]) == 0) {
    put_errormsg("You do not have a Password Reset Question");
    redirect("pwdreset.php");
    exit;
}
$_SESSION["Q"] = $row[1];
$_SESSION["A"] = $row[2];
$_SESSION["P"] = "2";
delete_errormsg();
$mysqli->close();
redirect("pwdreset2.php");
Esempio n. 27
0
    if ($result == FALSE) {
        put_errormsg("Pet Update failed; " . $mysqli->error);
        exit;
    }
}
if ($client1 != "") {
    $sql = "REPLACE INTO `petclinic`.`clientpet` VALUES (" . $client1 . "," . $editpetnum . ")";
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("ClientPet Insert client1 failed; " . $mysqli->error);
        exit;
    }
}
if ($client2 != "") {
    $sql = "REPLACE INTO `petclinic`.`clientpet` VALUES (" . $client2 . "," . $editpetnum . ")";
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("ClientPet Insert client2 failed; " . $mysqli->error);
        exit;
    }
}
$petpic = $_POST["petpic"];
if ($petpic == "Y") {
    delete_errormsg();
    $_SESSION["petid"] = $editpetnum;
    exit;
}
$mysqli->close();
delete_errormsg();
$_SESSION['pet_data'] = array('petname' => $petname, 'pid' => $editpetnum);
echo "petmaint.php";
Esempio n. 28
0
             <option value=""></option>
          <?php 
$breeds = array();
foreach ($speciesCodes as $key => $value) {
    // create an array for each code so we can 'group' the breeds by species.
    $breeds[$key] = array();
}
$sql = "SELECT * FROM `petclinic`.`code_breed` ORDER BY `breeddesc`;";
$result = $mysqli->query($sql);
if ($result == FALSE) {
    put_errormsg("Internal error for code_breed (1)");
    redirect("mainmenu.php");
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("Internal error for code_breed (2)");
    redirect("mainmenu.php");
    exit;
}
while ($row = $result->fetch_row()) {
    $option = '';
    if ($petbreed == $row[1]) {
        $option = '<option value="' . $row[1] . '" selected>' . $row[2] . '</option>';
    } else {
        $option = '<option value="' . $row[1] . '">' . $row[2] . '</option>';
    }
    $breeds[$row[0]][] = $option;
}
foreach ($breeds as $key => $value) {
    $speciesDesc = $speciesCodes[$key];
    echo '<optgroup id="' . $key . '" label="----- ' . $speciesDesc . ' -----">';
Esempio n. 29
0
echo "<center><font size=\"+2\"><b><u>Preferences</u></b></font>";
echo "<br>Application Default Settings</center><br>";
echo "<center><table width=\"55%\">";
echo "<tr><td align=\"right\"> Preload Defaults </td><td><select name=\"preload\" size=\"2\"><option value=\"Y\">Yes</option><option value=\"N\">No</option></td></tr>";
echo "<tr><td align=\"right\">Default State for Data Entry </td><td><select name=\"state\" size = \"5\">";
$mysqlis = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sqlstate = "SELECT * FROM `petclinic`.`code_state` ORDER BY `statedesc`";
$resultstate = $mysqlis->query($sqlstate);
if ($resultstate == FALSE) {
    put_errormsg("Acquiring States Error");
    redirect("corpmenu.php");
    exit;
}
$row_cnt_state = $resultstate->num_rows;
if ($row_cnt_state == 0) {
    put_errormsg("Acquiring States Error");
    redirect("corpmenu.php");
    exit;
}
for ($i = 0; $i < $row_cnt_state; $i++) {
    echo $i;
    $rowstate = $resultstate->fetch_row();
    echo '<option value=".$rowstate[0]."';
    if (strlen($state) > 0) {
        if ($rowstate[0] == $state) {
            echo " SELECTED ";
        }
    }
    echo " >" . $rowstate[1] . "</option>";
}
echo "\"></select>";
Esempio n. 30
0
        echo "<p>Unable to save file.</p>";
        exit;
    }
    // set proper permissions on the new file
    chmod(UPLOAD_DIR . $name, 0644);
    $petid = $_SESSION['petid'];
    $petid = "pet" . str_pad($petid, 5, "00000", STR_PAD_LEFT) . ".png";
    chdir("./uploads");
    rename($name, $petid);
    chdir("..");
    require_once "password.php";
    $mysqli = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
    $sql = "USE petclinic;";
    if ($mysqli->query($sql) === TRUE) {
    } else {
        echo "Error selecting to use petlinic" . $mysqli->error;
        exit(1);
    }
    $emplnumber = $_SESSION['employeenumber'];
    $editpetnum = $_POST["petid"];
    $sql = "UPDATE pet SET `picture` = \"Y\" WHERE `petnumber` = " . $petid . ";";
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("Pet Picture Upload Failed");
        redirect("mainmenu.php");
        exit;
    }
    $mysqli->close();
    put_errormsg("Uploaded file saved as " . $petid);
    redirect("maintmenu.php");
}