<?php
require_once '../includes/connection.php';
require_once '../includes/session.php';
//confirm user has logged in
Confirm_admin_session();
//form Add Store submitted
if (isset($_POST['add_store'])) {
$storename = ucfirst(mysql_prep($_POST['store_name']));
$location = ucfirst(mysql_prep($_POST['location']));
$phone = mysql_prep($_POST['phone']);
$password = md5(mysql_prep($_POST['password']));
//form data
$form_data = array('store_name' => $storename, 'store_location' => $location, 'store_password' => $password, 'store_phone' => $phone);
//insert
dbRowInsert('tblstore', $form_data);
//redirect
redirect_to("store-add.php");
}
//
require_once 'includes/template-top.php';
?>
<!-- row -->
<div class="row">
<h1 class="title">Add Store</h1>
<script>
//validate phone number
function isNumeric(elem,helperMsg)
{
var NumPhone = document.addStoreForm.phone;
$table_name = "members";
mysql_connect("{$host}", "root", "") or die("cannot connect");
mysql_select_db("{$db_name}") or die("cannot select DB");
$upload_dir = 'image/';
$target_file = $upload_dir . basename($_FILES['fileToUpload']['name']);
$tmp_name = $_FILES["fileToUpload"]["tmp_name"];
$name = $_FILES["fileToUpload"]["name"];
move_uploaded_file($tmp_name, "{$upload_dir}/{$name}");
$username = $_POST['username'];
$pass = $_POST['password'];
$type = $_POST['type'];
$ic = $_POST['ic'];
$phonenumber = $_POST['phonenumber'];
$email = $_POST['email'];
$gender = $_POST['gender'];
$doctorname = $_POST['drname'];
$specility = $_POST['special'];
$picture = $target_file;
$password = sha1($pass);
$form_data = array('userId' => NULL, 'username' => $username, 'password' => $password, 'type' => $type, 'ic' => $ic, 'phoneNo' => $phonenumber, 'email' => $email, 'gender' => $gender, 'doctorName' => $doctorname, 'speciality' => $specility, 'picture' => $picture);
function dbRowInsert($table_name, $form_data)
{
$fields = array_keys($form_data);
$sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')";
$sqlresult = mysql_query($sql);
echo "<script type='text/javascript'>\n window.alert('New Profile successfully created!');\n window.location.href = 'main1.php';\n </script>";
return $sqlresult;
}
mysql_select_db("{$db_name}");
dbRowInsert('members', $form_data);
<?php
require_once 'includes/connection.php';
require_once 'includes/session.php';
confirm_logged_in();
//confirm whether the user logged in
//ADD
if (isset($_POST['add_todo_btn'])) {
//
$todo = mysql_prep($_POST['todo']);
$form_data = array('todo_item' => $todo);
dbRowInsert('todo_list', $form_data);
redirect_to("index.php?submitted=true");
} elseif (isset($_GET['done'])) {
$action = mysql_prep($_GET['done']);
$id = mysql_prep($_GET['id']);
if ($action == 1) {
//done
$form_data = array('todo_status' => 'Done');
} else {
//not done
$form_data = array('todo_status' => 'Not Done');
}
dbRowUpdate('todo_list', $form_data, " WHERE id = {$id} ");
redirect_to("index.php");
} elseif (isset($_GET['deleteid'])) {
$id = mysql_prep($_GET['deleteid']);
dbRowDelete('todo_list', " WHERE id = {$id} ");
redirect_to("index.php");
} elseif (isset($_POST['edit_btn'])) {
$id = mysql_prep($_POST['id']);
confirm_query($result);
while ($row = mysql_fetch_array($result)) {
$cart_id = $row['cart_id'];
$grocery_id = $row['grocery_id'];
$grocery_qty = $row['grocery_qty'];
$cart_qty = $row['cart_qty'];
$sales_cost = $row['grocery_cost'];
//decrease stock
$grocery_qty = $grocery_qty - $cart_qty;
$form_data = array('grocery_qty' => $grocery_qty);
dbRowUpdate('tblgrocery', $form_data, " WHERE grocery_id = {$grocery_id}");
//$cal_comm = round(( $sales_cost ( 3 /100 ) ) * $cart_qty);
//insert into sales
$form_data = array('grocery_id' => $grocery_id, 'sales_qty' => $cart_qty, 'ref_no' => $ref_no, 'email' => $session_cus_email, 'sales_cost' => $sales_cost);
//inser
dbRowInsert('tblsales', $form_data);
//delete from the tblcart
dbRowDelete('tblcart', " WHERE cart_id = {$cart_id}");
}
redirect_to("account.php");
}
//
require_once 'includes/template-top.php';
?>
<!-- row -->
<div class="row">
<h1 class="title">My Cart</h1>
<table id="table1">
<thead>
echo '<tr><td colspan="4">No Rows Returned</td></tr>';
} else {
while ($row = mysql_fetch_assoc($inresult)) {
$id = $row['userId'];
$drname = $row['doctorName'];
$drspecial = $row['speciality'];
$ppicture = $row['picture'];
}
}
$pname = $_POST['pname'];
$ic = $_POST['ic'];
$age = $_POST['age'];
$phonenumber = $_POST['phonenumber'];
$birthday = $_POST['birthday'];
$race = $_POST['race'];
$gender = $_POST['gender'];
$religion = $_POST['religion'];
$address = $_POST['address'];
$insurance = $_POST['insurance'];
$form_data = array('userId' => $id, 'patientId' => NULL, 'patientName' => $pname, 'patientPhoneNo' => $phonenumber, 'patientIc' => $ic, 'patientAddress' => $address, 'Dob' => $birthday, 'patientGender' => $gender, 'race' => $race, 'religion' => $religion, 'insurance' => $insurance, 'age' => $age);
function dbRowInsert($table_name, $form_data)
{
$fields = array_keys($form_data);
$sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')";
$sqlresult = mysql_query($sql);
echo "<script type='text/javascript'>\n window.alert('New Profile successfully created!');\n window.location.href = 'main1.php';\n </script>";
return $sqlresult;
}
mysql_select_db("{$db_name}");
dbRowInsert('patient', $form_data);
<?php
include 'functions.php';
include 'config.php';
include 'header.php';
if (isset($_POST['submit'])) {
$form_data = array('Name' => $_POST['cname'], 'Mobile' => $_POST['cmobile'], 'Landline' => $_POST['clandline'], 'Email' => $_POST['cemail'], 'bussinesscardimage_path' => $_POST['cbussi'], 'Key_contact' => $_POST['ckeycon'], 'Supplier_id' => $_POST['csupplier'], 'Position' => $_POST['cposition'], 'Skype' => $_POST['cskype'], 'Wechat' => $_POST['cwechat'], 'QQ' => $_POST['cqq'], 'WhatsApp' => $_POST['cwhats']);
dbRowInsert('contacts', $form_data);
header("Location: contacts.php");
}
?>
<style>
.ui-button-icon-primary{
top:0%;
}
</style>
<div id="main" role="main">
<div id="content">
<!-- widget grid -->
<section id="widget-grid" class="">
<!-- START ROW -->
<div class="row">
<!-- NEW COL START -->
$temp = explode(".", $_FILES["file1"]["name"]);
$newfilename = uniqid() . '.' . end($temp);
$extension = end($temp);
if (($_FILES["file1"]["type"] == "image/gif" || $_FILES["file1"]["type"] == "image/jpeg" || $_FILES["file1"]["type"] == "image/JPEG" || $_FILES["file1"]["type"] == "image/jpg" || $_FILES["file1"]["type"] == "application/pdf" || $_FILES["file1"]["type"] == "image/pjpeg" || $_FILES["file1"]["type"] == "image/x-png" || $_FILES["file1"]["type"] == "image/png") && $_FILES["file1"]["size"] < 8000000 && in_array($extension, $allowedExts)) {
if ($_FILES["file1"]["error"] > 0) {
$error_msg = "Return Code: " . $_FILES["file1"]["error"] . "<br>";
} else {
if (file_exists("../images/grocery/" . $newfilename)) {
$error_msg = $_FILES["file1"]["name"] . " already exists. ";
} else {
move_uploaded_file($_FILES["file1"]["tmp_name"], "../images/grocery/" . $newfilename);
$img_dir = "images/grocery/" . $newfilename;
//form data
$form_data = array('grocery_name' => $grocery_name, 'grocery_cost' => $grocery_cost, 'store_id' => $store_id, 'grocery_img' => $img_dir, 'grocery_qty' => $grocery_qty);
//insert
dbRowInsert('tblgrocery', $form_data);
redirect_to("add-grocery.php");
}
}
}
}
//
require_once 'includes/template-top.php';
?>
<!-- row -->
<div class="row">
<h1 class="title">Add Grocery <a href="groceries.php" class="btn" > » View All Groceries</a></h1>
<form action="add-grocery.php" class="form1" method="post" onSubmit="return alert('Grocery added successfully')" enctype="multipart/form-data">
<div class="lft" style="width:90%" >
<p><label>Grocery Name</label><br>
function addNewEmployer($data)
{
$status = 'fail';
//print_r(array_values($data));
try {
$form_data = array('user_name' => $_POST["formData"]['user_name'], 'mail_id' => $_POST["formData"]['mail_id'], 'contact' => $_POST["formData"]['contact'], 'alternate_contact' => $_POST["formData"]['alternate_contact'], 'website' => $_POST["formData"]['website']);
$tableName = "employer_personal_info";
$result = dbRowInsert($tableName, $form_data);
if ($result) {
$status = "ok";
}
} catch (Exception $ex) {
echo "<script>\n var msg = '<b>* Error Occured While Inserting New Employer ...</b>';\n showWarning(msg);\n </script>";
echo "fail";
}
echo $status;
}
//
//form registered submitted
if (isset($_POST['register_btn'])) {
$email = trim(mysql_prep($_POST['email']));
$usernames = ucfirst(trim(mysql_prep($_POST['names'])));
$phone = trim(mysql_prep($_POST['phone']));
$password = md5($_POST['password']);
//check whether email exist
$query = "SELECT * FROM tblcustomers WHERE email = '{$email}' LIMIT 1";
$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
$row = mysql_fetch_array($result);
if ($row <= 0) {
//form data
$form_data = array('cus_names' => $usernames, 'email' => $email, 'password' => $password, 'cus_phone' => $phone);
//register customers
dbRowInsert('tblcustomers', $form_data);
//set session
$_SESSION['customerNames'] = $usernames;
$_SESSION['customerEmail'] = $email;
//redirect
redirect_to("account.php");
} else {
//email exists
$error_email = 'Email Already Exist!';
}
}
//
//form login submitted
if (isset($_GET['login_btn'])) {
//form variables
$email = trim(mysql_prep($_GET['email']));
if (isset($_POST['val'])) {
$val_decode = json_decode($_POST['val'], true);
echo json_encode($val_decode);
//echo json_encode(json_decode($_POST['val']));
$data = $val_decode[0];
}
/* if ( isset ( $_POST['clause'] ) ) {
$clause_decode=json_decode($_POST['clause'],true);
//echo json_encode(json_decode($_POST['val']));
$clause = $clause_decode[0];
}*/
$op = $_POST['operation'];
echo $op;
if (strcmp($op, 'insert') == 0) {
echo " in insert";
$res = dbRowInsert($_POST['t_name'], $data, $con);
if (!$res) {
die("failed");
}
exit;
}
if (strcmp($op, 'update') == 0) {
$res = dbRowupdate($_POST['t_name'], $data, $_POST['clause'], $con);
if (!$res) {
die("failed");
}
exit;
}
if (strcmp($op, 'delete') == 0) {
echo "in delete";
$res = dbRowDelete($_POST['t_name'], $_POST['clause'], $con);
echo '<tr><td colspan="4">No Rows Returned</td></tr>';
} else {
while ($row = mysql_fetch_assoc($inresult)) {
$id = $row['userId'];
$drname = $row['doctorName'];
$drspecial = $row['speciality'];
$ppicture = $row['picture'];
}
}
$treatment = $_POST['treatment'];
$diagnosis = $_POST['diagnosis'];
$symptoms = $_POST['symptoms'];
$patientId = $_POST['patientid'];
$sql = "SELECT * FROM patient WHERE patientId={$patientId}";
$retrieve = mysql_query($sql);
$rowcount = mysql_num_rows($retrieve);
if ($rowcount == 0) {
echo "<script type='text/javascript'>\n window.alert('No data. Please enter a valid patient ID!');\n window.location.href = 'record.php';\n </script>";
}
$form_data = array('recordId' => NULL, 'patientId' => $patientId, 'userId' => $id, 'treatment' => $treatment, 'diagnosis' => $diagnosis, 'symptom' => $symptoms);
function dbRowInsert($table_name, $form_data)
{
$fields = array_keys($form_data);
$sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')";
return mysql_query($sql);
$sqlresult = mysql_query($sql);
return $sqlresult;
}
mysql_select_db("{$db_name}");
dbRowInsert('record', $form_data);
echo "<script type='text/javascript'>\n window.alert('New record successfully created!');\n window.location.href = 'view_record.php';\n </script>";
