function displayContent($authorise, $filterValue) { $strContent = '<h3>List Postoffice</h3>'; $userName = $_SESSION['userName']; if ($authorise == "GMO") { $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat, district.name as dname,\n\t\t\tpostoffice.pincode as pincode FROM postoffice\n\t\t\tLEFT JOIN district on postoffice.districtid=district.districtid\n\t\t\tLEFT JOIN gmo on postoffice.districtid='" . $districtid . "'\n\t\t\tWHERE postofficeid != '1' ") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat,\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname, postoffice.pincode as pincode FROM postoffice\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict on postoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tgmo on postoffice.districtid='" . $districtid . "'\n\t\t\t\t\t\t\t\t\t\t\tWHERE postofficeid != '1' "; } else { if ($authorise == "DAO") { $resultDao = mysql_query("SELECT districtid FROM dao where username='******' ") or die(mysql_error()); $rowDao = mysql_fetch_array($resultDao); $districtid = $rowDao['districtid']; $result = mysql_query("SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat, district.name as dname,\n\t\t\tpostoffice.pincode as pincode FROM postoffice\n\t\t\tLEFT JOIN district on postoffice.districtid=district.districtid\n\t\t\tLEFT JOIN dao on postoffice.districtid='" . $districtid . "'\n\t\t\tWHERE postofficeid != '1' ") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat,\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname,\tpostoffice.pincode as pincode FROM postoffice\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict on postoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdao on postoffice.districtid='" . $districtid . "'\n\t\t\t\t\t\t\t\t\t\t\tWHERE postofficeid != '1'"; } else { if ($authorise == "ADMIN") { if ($filterValue == "" || $filterValue == "All Districts") { $result = mysql_query("SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat, district.name as dname,\n\t\t\t\tpostoffice.pincode as pincode\tFROM postoffice\n\t\t\t\tLEFT JOIN district on postoffice.districtid=district.districtid WHERE\n\t\t\t\t\t\t\t\t\t\tpostofficeid != '1' ") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat,\n\t\t\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname,postoffice.pincode as pincode\n\t\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\t\tpostoffice\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\t\tdistrict on postoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE \tpostofficeid != '1' "; } else { $result = mysql_query("SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat, district.name as dname,\n\t\t\t\tpostoffice.pincode as pincode\tFROM postoffice\n\t\t\t\tLEFT JOIN district on postoffice.districtid=district.districtid\n\t\t\t\tWHERE postoffice.districtid='" . $filterValue . "' and postofficeid != '1'") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), postoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\t\t\tpostoffice.longitude as plog, postoffice.latitude as plat,\n\t\t\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname,postoffice.pincode as pincode\n\t\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\t\tpostoffice\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\t\tdistrict on postoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t\t\t\tpostoffice.districtid='" . $filterValue . "' and postofficeid != '1' "; } } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"> <tr> <th class="tdBorder">Name</th> <th class="tdBorder">Longitude</th> <th class="tdBorder">Latitude</th> <th class="tdBorder">District</th> <th class="tdBorder">Pincode</th> <th class="tdBorder">View</th> <th class="tdBorder">Edit</th> </tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['poname'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['poname'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['plog'] . '</td> <td class="tdContent">' . $row['plat'] . '</td> <td class="tdContent">' . $row['dname'] . '</td> <td class="tdContentImg">' . $row['pincode'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t\t<a href=\"./addpostoffice.php?poViewId=" . $row['postofficeid'] . "\">\n\t\t\t\t\t\t<img class=\"editButton\" src=\"../images/view.gif\" alt=\"View\" />\n\t\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./addpostoffice.php?poid=" . $row['postofficeid'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/edit.gif\" alt=\"Edit\" />\n\t\t\t\t</a></td>\n\t\t\t</tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise, $val) { $userName = $_SESSION['userName']; $strContent = '<h3>List Bulk Case Report</h3>'; $choice = 0; $result = null; switch ($val) { case "1": if (isset($_GET['Datestart'])) { $startdate = getDateToDb($_GET['Datestart']); $enddate = getDateToDb($_GET['Dateclose']); } else { $arrDate = strtEndDateMonthDiff(); $startdate = $arrDate[0]; $enddate = $arrDate[1]; } $filterVal = "createdon between '" . $startdate . "' and '" . $enddate . "' "; $choice = 1; $strContent .= '<h4>Case Reported between ' . getDateFromDb($startdate) . ' and ' . getDateFromDb($enddate) . '</h4>'; break; case "2": $disease = $_GET['cmpDiseaseList']; $filterVal = "bulkcase.diseaseid='" . $disease . "' "; $choice = 2; $resultDis = mysql_query("SELECT name FROM disease where \n\t\t\t\tdiseaseid='" . $disease . "' ") or die(mysql_error()); $row = mysql_fetch_array($resultDis); $strContent .= '<h4>Case Report of ' . $row['name'] . '</h4>'; break; case "3": $district = $_GET['cmpDistrictList']; $filterVal = "bulkcase.districtid='" . $district . "' "; $choice = 3; $resultDist = mysql_query("SELECT name FROM district where \n\t\t\t\tdistrictid='" . $district . "' ") or die(mysql_error()); $row = mysql_fetch_array($resultDist); $strContent .= '<h4>Case Report of ' . $row['name'] . '</h4>'; break; default: $arrDate = strtEndDateMonthDiff(); $startdate = $arrDate[0]; $enddate = $arrDate[1]; $filterVal = " reportedon between '" . $startdate . "' and '" . $enddate . "' "; $choice = 1; $strContent .= '<h4>Case Reported between ' . $startdate . ' and ' . $enddate . '</h4>'; break; } if ($authorise == "GMO") { $userName = $_SESSION['userName']; $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid \n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid \n\t\t\tLEFT JOIN gmo on bulkcase.districtid=gmo.districtid \n\t\t\tWHERE gmo.districtid='" . $districtid . "' and " . $filterVal . " ") or die(mysql_error()); $paginationQuery = "SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid \n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid \n\t\t\tWHERE bulkcase.districtid='" . $districtid . "' and " . $filterVal; } else { if ($authorise == "DAO") { $resultDao = mysql_query("SELECT districtid FROM dao where username='******' "); $rowDao = mysql_fetch_array($resultDao); $districtid = $rowDao['districtid']; $result = mysql_query("SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid\n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid \n\t\t\tWHERE bulkcase.districtid='" . $districtid . "' and " . $filterVal . "") or die(mysql_error()); $paginationQuery = "SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid\n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid \n\t\t\tWHERE bulkcase.districtid='" . $districtid . "' and " . $filterVal; } else { if ($authorise == "ADMIN") { $result = mysql_query("SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid\n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid\n\t\t\tWHERE 1=1 and " . $filterVal . " ") or die(mysql_error()); $paginationQuery = "SELECT bulkcaseid, disease.name as diseasename, district.name as \n\t\t\tdistname, reportedcase, fatalcase, createdon\n\t\t\tFROM bulkcase \n\t\t\tLEFT JOIN disease on bulkcase.diseaseid=disease.diseaseid\n\t\t\tLEFT JOIN district on bulkcase.districtid=district.districtid\n\t\t\tWHERE 1=1 and " . $filterVal; } else { } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $listData = listCaseReport($authorise, $intResultNum, $result); $strContent .= $listData; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($UserType) { $strContent = '<h3>Pending DAOs</h3>'; if ($UserType == "GMO") { $userName = $_SESSION['userName']; $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT user.username, usertype, user.status \n\t\t\tFROM user\n\t\t\tLEFT JOIN dao on user.username = dao.username \n\t\t\twhere user.status='Pending' and dao.districtid='" . $districtid . "' ") or die(mysql_error()); $paginationQuery = "SELECT user.username, usertype, user.status \n\t\t\t\t\t\t\t\t\t\t\tFROM user\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN dao on user.username = dao.username \n\t\t\t\t\t\t\t\t\t\t\t\twhere user.status='Pending' and dao.districtid='" . $districtid . "' "; } else { } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"><tr>'; $strContent .= '<th class="tdBorder">UserName</th>'; $strContent .= '<th class="tdBorder">UserType</th>'; $strContent .= '<th class="tdBorder">Status</th>'; $strContent .= '<th class="tdBorder">View</th>'; $strContent .= '<th class="tdBorder">Delete</th></tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['username'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['username'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['usertype'] . '</td>'; $strContent .= '<td class="tdContent">' . $row['status'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"viewuser.php?daoApp=" . $row['username'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/viewuser.gif\" alt=\"View\" />\n\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"#\" \n\t\t\t\t\tonclick=\"javascript:deleteUser(this,'" . $row['username'] . "');return false;\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/deleteuser.gif\" alt=\"Delete\" />\n\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise) { $strContent = '<h3>List Pending Postoffice</h3>'; $userName = $_SESSION['userName']; if ($authorise == "GMO") { $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode FROM newpostoffice\n\t\t\tLEFT JOIN district on newpostoffice.districtid=district.districtid\n\t\t\tLEFT JOIN gmo on newpostoffice.districtid='" . $districtid . "'\n\t\t\tWHERE newpostoffice.districtid='" . $districtid . "' ") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode\n\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\tnewpostoffice\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict on newpostoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tgmo on newpostoffice.districtid='" . $districtid . "'\n\t\t\t\t\t\t\t\t\t\t\tWHERE newpostoffice.districtid='" . $districtid . "' "; } else { if ($authorise == "DAO") { $resultDao = mysql_query("SELECT districtid FROM dao where username='******' ") or die(mysql_error()); $rowDao = mysql_fetch_array($resultDao); $districtid = $rowDao['districtid']; $result = mysql_query("SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode FROM newpostoffice\n\t\t\tLEFT JOIN district on newpostoffice.districtid=district.districtid\n\t\t\tLEFT JOIN dao on newpostoffice.districtid='" . $districtid . "'\n\t\t\tWHERE newpostoffice.districtid='" . $districtid . "'") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode\n\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\tnewpostoffice\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict on newpostoffice.districtid=district.districtid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdao on newpostoffice.districtid='" . $districtid . "'\n\t\t\t\t\t\t\t\t\t\t\tWHERE newpostoffice.districtid='" . $districtid . "'"; } else { if ($authorise == "ADMIN") { $result = mysql_query("SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\t\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode FROM newpostoffice\n\t\t\tLEFT JOIN district on newpostoffice.districtid=district.districtid ") or die(mysql_error()); $paginationQuery = "SELECT DISTINCT(postofficeid), newpostoffice.name as poname,\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict.name as dname, newpostoffice.pincode as pincode\n\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\tnewpostoffice\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tdistrict on newpostoffice.districtid=district.districtid"; } else { } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"> <tr> <th class="tdBorder">Name</th> <th class="tdBorder">District</th> <th class="tdBorder">Pincode</th> <th class="tdBorder">Edit</th> <th class="tdBorder">Delete</th> </tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['poname'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['poname'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['dname'] . '</td> <td class="tdContent">' . $row['pincode'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./addpostoffice.php?newpoid=" . $row['postofficeid'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/edit.gif\" alt=\"Edit\" />\n\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"#\"\n\t\t\t\t\tonclick=\"javascript:deleteUser(this,'" . $row['postofficeid'] . "');return false;\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/delete.gif\" alt=\"Delete\" />\n\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise) { $strContent = '<h3>List Hospital</h3>'; $userName = $_SESSION['userName']; if ($authorise == "GMO") { $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT hospital.hospitalid, hospital.username, name,\n\t\t\temailid, hospitalphno1, hospitalphno2,mobilenumber, registerno FROM hospital\n\t\t\tLEFT JOIN\n\t\t\tuser on hospital.username=user.username\n\t\t\tWHERE user.status='Approved' AND\thospital.districtid='" . $districtid . "' ") or die(mysql_error()); $paginationQuery = "SELECT hospital.hospitalid, hospital.username, name,\n\t\t\t\t\t\t\t\t\t\t\temailid, hospitalphno1, hospitalphno2,mobilenumber, registerno\n\t\t\t\t\t\t\t\t\t\t\tFROM hospital\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tuser on hospital.username=user.username\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE user.status='Approved' AND\thospital.districtid='" . $districtid . "'"; } else { if ($authorise == "DAO") { $resultDmo = mysql_query("SELECT districtid FROM dao where username='******' ") or die(mysql_error()); $rowDmo = mysql_fetch_array($resultDmo); $districtid = $rowDmo['districtid']; $result = mysql_query("SELECT hospital.hospitalid, hospital.username, name,\n\t\t\temailid, hospitalphno1, hospitalphno2, mobilenumber, registerno FROM hospital\n\t\t\tLEFT JOIN\n\t\t\tuser on hospital.username=user.username\n\t\t\tWHERE user.status='Approved' AND\thospital.districtid='" . $districtid . "' ") or die(mysql_error()); $paginationQuery = "SELECT hospital.hospitalid, hospital.username, name,\n\t\t\t\t\t\t\t\t\temailid, hospitalphno1, hospitalphno2, mobilenumber, registerno FROM hospital\n\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\tuser on hospital.username=user.username\n\t\t\t\t\t\t\t\t\tWHERE user.status='Approved' AND\thospital.districtid='" . $districtid . "'"; } else { if ($authorise == "ADMIN") { $result = mysql_query("SELECT hospital.hospitalid, hospital.username, name,\n\t\t\temailid, hospitalphno1, hospitalphno2,mobilenumber, registerno FROM hospital\n\t\t\tLEFT JOIN\n\t\t\tuser on hospital.username=user.username\n\t\t\tWHERE user.status='Approved' ") or die(mysql_error()); $paginationQuery = "SELECT hospital.hospitalid, hospital.username, name,\n\t\t\t\t\t\t\t\t\t\t\temailid, hospitalphno1, hospitalphno2,mobilenumber, registerno\n\t\t\t\t\t\t\t\t\t\t\tFROM hospital\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t\t\tuser on hospital.username=user.username\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE user.status='Approved' "; } else { } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"> <tr> <th class="tdBorder">UserName</th> <th class="tdBorder">Name</th> <th class="tdBorder">Phonenumber1</th> <th class="tdBorder">Mobilenumber</th> <th class="tdBorder">RegisterNo</th> <th class="tdBorder">View</th> <th class="tdBorder">Edit</th> <th class="tdBorder">Delete</th> </tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['username'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['username'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['name'] . '</td> <td class="tdContent">' . $row['hospitalphno1'] . '</td> <td class="tdContent">' . $row['mobilenumber'] . '</td> <td class="tdContent">' . $row['registerno'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t\t<a href=\"./addhospital.php?hospitalViewId=" . $row['hospitalid'] . "\">\n\t\t\t\t\t\t<img class=\"editButton\" src=\"../images/viewuser.gif\" alt=\"View\" />\n\t\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./addhospital.php?hospitalid=" . $row['hospitalid'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/edituser.gif\" alt=\"Edit\" />\n\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"#\"\n\t\t\t\t\tonclick=\"javascript:deleteUser(this,'" . $row['username'] . "');return false;\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/deleteuser.gif\" alt=\"Delete\" />\n\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise) { $userName = $_SESSION['userName']; if ($authorise == "ADMIN") { $result = mysql_query("SELECT gmo.username, gmoid, user.status, name, designation,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\temailid, officephno1, officephno2, mobilenumber\n\t\t\t\t\t\t\t\t\t\t\t\t\t FROM gmo\n\t\t\t\t\t\t\t\t\t\t\t\t\t LEFT JOIN user on gmo.username = user.username\n\t\t\t\t\t\t\t\t\t\t\t\t\t where user.status='Approved' ") or die(mysql_error()); $paginationQuery = "SELECT gmo.username, gmoid, user.status, name, designation,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\temailid, officephno1, officephno2, mobilenumber\n\t\t\t\t\t\t\t\t\t\t\t\t\t FROM gmo\n\t\t\t\t\t\t\t\t\t\t\t\t\t LEFT JOIN user on gmo.username = user.username\n\t\t\t\t\t\t\t\t\t\t\t\t\t where user.status='Approved'"; } $strContent = '<h3>List GMO</h3>'; $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"> <tr> <th class="tdBorder">UserName</th> <th class="tdBorder">Name</th> <th class="tdBorder">Designation</th> <th class="tdBorder">Phone number</th> <th class="tdBorder">Mobilenumber</th> <th class="tdBorder">View</th> <th class="tdBorder">Edit</th> <th class="tdBorder">Delete</th> </tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['username'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['username'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['name'] . '</td> <td class="tdContent">' . $row['designation'] . '</td> <td class="tdContent">' . $row['officephno1'] . '</td> <td class="tdContent">' . $row['mobilenumber'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t\t<a href=\"./addgmo.php?gmoViewId=" . $row['gmoid'] . "\">\n\t\t\t\t\t\t<img class=\"editButton\" src=\"../images/viewuser.gif\" alt=\"View\" />\n\t\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./addgmo.php?gmoid=" . $row['gmoid'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/edituser.gif\" alt=\"Edit\" />\n\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"#\"\n\t\t\t\t\tonclick=\"javascript:deleteUser(this,'" . $row['username'] . "');return false;\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/deleteuser.gif\" alt=\"Delete\" />\n\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function showContent($authorise, $selectedText, $option) { $strContent = ""; $choice = 0; $dte1 = ""; $dte2 = ""; $curDate = ""; $event = ""; switch ($option) { case "1": $year = $_GET['MYear']; $dte1 = $year . "-" . $selectedText . "-" . "01"; $dte2 = $year . "-" . $selectedText . "-" . "31"; $filterval = "eventtime between '" . $dte1 . "' and '" . $dte2 . "' "; $choice = 1; break; case "2": $curDate = date("d.m.Y"); $arrDate = explode(".", $curDate); $dte1 = $selectedText . "-01-01"; $dte2 = $selectedText . "-12-31"; $filterval = "eventtime between '" . $dte1 . "' and '" . $dte2 . "' "; $choice = 2; break; case "3": if (isset($_GET['Datestart'])) { $startdate = getDateToDb($_GET['Datestart']); $enddate = getDateToDb($_GET['Dateclose']); } else { $arrDate = strtEndDateMonthDiff(); $startdate = $arrDate[0]; $enddate = $arrDate[1]; } $filterval = "eventtime between '" . $startdate . "' and '" . $enddate . "' "; $choice = 3; break; case "4": $filterval = "event like '%" . $selectedText . "' "; $choice = 4; break; default: break; } $result = mysql_query("select * from eventlog where 1=1 and " . $filterval . " ") or die(mysql_error()); $paginationQuery = "select * from eventlog where 1=1 and " . $filterval; $intCount = mysql_num_rows($result); if ($intCount > 0) { if ($choice == 1) { echo '<h4>Report on ' . getMonth($selectedText) . ' ' . $_GET['MYear'] . '</h4><br>'; } else { if ($choice == 2) { echo '<h4>Report For The Year ' . $selectedText . '</h4><br>'; } else { if ($choice == 3) { if (isset($_GET['Datestart'])) { echo '<h4>Report on ' . $_GET['Datestart'] . ' and ' . $_GET['Dateclose'] . '</h4><br>'; } else { echo '<h4>Report on ' . getDateFromDb($startdate) . ' and ' . getDateFromDb($enddate) . '</h4><br>'; } } else { echo '<h4>Report on ' . $selectedText . '</h4><br>'; } } } /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intCount); $listData = listEvent($authorise, $intCount, $result); $strContent .= $listData; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } echo $strContent; }
function displayContent($authorise, $val) { $userName = $_SESSION['userName']; $strContent = '<h3>List Case Report</h3>'; $choice = 0; $result = null; switch ($val) { case "1": if (isset($_GET['Datestart'])) { $startdate = getDateToDb($_GET['Datestart']); $enddate = getDateToDb($_GET['Dateclose']); } else { $arrDate = strtEndDateMonthDiff(); $startdate = $arrDate[0]; $enddate = $arrDate[1]; } $filterVal = "reportedon between '" . $startdate . "' and '" . $enddate . "' "; $choice = 1; $strContent .= '<h4>Case Reported between ' . getDateFromDb($startdate) . ' and ' . getDateFromDb($enddate) . '</h4>'; break; case "2": $disease = $_GET['cmpDiseaseList']; $filterVal = "casereport.diseaseid='" . $disease . "' "; $choice = 2; $resultDis = mysql_query("SELECT name FROM disease where \n\t\t\t\tdiseaseid='" . $disease . "' ") or die(mysql_error()); $row = mysql_fetch_array($resultDis); $strContent .= '<h4>Case Report of ' . $row['name'] . '</h4>'; break; case "3": $district = $_GET['cmpDistrictList']; $filterVal = "casereport.districtid='" . $district . "' "; $choice = 3; $resultDist = mysql_query("SELECT name FROM district where \n\t\t\t\tdistrictid='" . $district . "' ") or die(mysql_error()); $row = mysql_fetch_array($resultDist); $strContent .= '<h4>Case Report of ' . $row['name'] . '</h4>'; break; case "4": $age = explode("-", $_GET['cmpAgeList']); $agest = $age[0]; $ageend = $age[1]; $filterVal = "age between '" . $agest . "' and '" . $ageend . "' "; $choice = 4; $strContent .= '<h4>Case Reported on age, between ' . $agest . ' and ' . $ageend . '</h4>'; break; case "5": $hospital = $_GET['cmpHospitalList']; $filterVal = "casereport.hospitalid='" . $hospital . "' "; $choice = 5; $resultHos = mysql_query("SELECT name FROM hospital where \n\t\t\t\thospitalid='" . $hospital . "' ") or die(mysql_error()); $row = mysql_fetch_array($resultHos); $strContent .= '<h4>Case Report of ' . $row['name'] . '</h4>'; break; default: $arrDate = strtEndDateMonthDiff(); $startdate = $arrDate[0]; $enddate = $arrDate[1]; $filterVal = " reportedon between '" . $startdate . "' and '" . $enddate . "' "; $choice = 1; $strContent .= '<h4>Case Reported between ' . $startdate . ' and ' . $enddate . '</h4>'; break; } if ($authorise == "GMO") { $resultGmo = mysql_query("SELECT districtid FROM gmo where username='******' ") or die(mysql_error()); $rowGmo = mysql_fetch_array($resultGmo); $districtid = $rowGmo['districtid']; $result = mysql_query("SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\tWHERE casereport.districtid='" . $districtid . "' and " . $filterVal . "") or die(mysql_error()); $paginationQuery = "SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\t\t\t\t\t\t\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\t\t\t\t\t\t\t\t\tWHERE casereport.districtid='" . $districtid . "' and " . $filterVal; } else { if ($authorise == "DAO") { $resultDao = mysql_query("SELECT districtid FROM dao where username='******' "); $rowDao = mysql_fetch_array($resultDao); $districtid = $rowDao['districtid']; $result = mysql_query("SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\tWHERE casereport.districtid='" . $districtid . "' and " . $filterVal . "") or die(mysql_error()); $paginationQuery = "SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\t\t\t\t\t\t\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\t\t\t\t\t\t\t\t\tWHERE casereport.districtid='" . $districtid . "' and " . $filterVal; } else { if ($authorise == "HOSPITAL") { $resultHos = mysql_query("SELECT hospitalid FROM hospital where username='******' "); $rowHos = mysql_fetch_array($resultHos); $hosId = $rowHos['hospitalid']; $result = mysql_query("SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\tdisease.name as dname,hospital.name as hname, casedate FROM casereport \n\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\tWHERE casereport.hospitalid='" . $hosId . "' and " . $filterVal . " ") or die(mysql_error()); $paginationQuery = "SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\tdisease.name as dname,hospital.name as hname, casedate FROM casereport \n\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\tWHERE casereport.hospitalid='" . $hosId . "' and " . $filterVal; } else { if ($authorise == "ADMIN") { $result = mysql_query("SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\tWHERE " . $filterVal . " ") or die(mysql_error()); $paginationQuery = "SELECT casereportid, casereport.name as pname, age, sex, \n\t\t\t\t\t\t\t\t\t\t\tdisease.name as dname, hospital.name as hname, casedate FROM casereport \n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN hospital on casereport.hospitalid=hospital.hospitalid\n\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN disease on casereport.diseaseid=disease.diseaseid \n\t\t\t\t\t\t\t\t\t\t\tWHERE " . $filterVal; } else { } } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $listData = listCaseReport($authorise, $intResultNum, $result); $strContent .= $listData; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise, $filterValue) { $strContent = '<h3>List Users</h3>'; if ($filterValue == "All users") { $result = mysql_query("SELECT * FROM user where status='Approved' and usertype !='ADMIN' ") or die(mysql_error()); $paginationQuery = "SELECT * FROM user where status='Approved' and usertype !='ADMIN' "; } else { if ($filterValue == "GMO") { $result = mysql_query("SELECT * FROM user where status='Approved' and usertype='GMO' ") or die(mysql_error()); $paginationQuery = "SELECT * FROM user where status='Approved' and usertype='GMO' "; } else { if ($filterValue == "DAO") { $result = mysql_query("SELECT * FROM user where status='Approved' and usertype='DAO' ") or die(mysql_error()); $paginationQuery = "SELECT * FROM user where status='Approved' and usertype='DAO' "; } else { if ($filterValue == "Hospitals") { $result = mysql_query("SELECT * FROM user where status='Approved' and usertype='HOSPITAL' ") or die(mysql_error()); $paginationQuery = "SELECT * FROM user where status='Approved' and usertype='HOSPITAL' "; } else { $result = mysql_query("SELECT * FROM user where status='Approved' and usertype !='ADMIN' ") or die(mysql_error()); $paginationQuery = "SELECT * FROM user where status='Approved' and usertype !='ADMIN' "; } } } } $intResultNum = mysql_num_rows($result); if ($intResultNum > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNum); $strContent .= '<table class="listContentTab" id="tblList"><tr>'; $strContent .= '<th class="tdBorder">UserName</th>'; $strContent .= '<th class="tdBorder">User Type</th>'; $strContent .= '<th class="tdBorder">Last Login</th>'; $strContent .= '<th class="tdBorder">View</th>'; $strContent .= '<th class="tdBorder">Delete</th></tr>'; $color = ""; while ($row = mysql_fetch_array($result)) { if ($color == 0) { $strContent .= '<tr><td class="tdContent">' . $row['username'] . '</td>'; $color = 1; } else { $strContent .= '<tr class="listTrColor"><td class="tdContent">' . $row['username'] . '</td>'; $color = 0; } $strContent .= '<td class="tdContent">' . $row['usertype'] . '</td>'; $strContent .= '<td class="tdContentImg">' . $row['lastlogin'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./viewuser.php?userView=" . $row['username'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/viewuser.gif\" alt=\"View\" />\n\t\t\t\t</a></td>"; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"#\"\n\t\t\t\t\tonclick=\"javascript:deleteUser(this,'" . $row['username'] . "');return false;\">\n\t\t\t\t<img class=\"editButton\" src=\"../images/deleteuser.gif\" alt=\"Delete\" />\n\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }
function displayContent($authorise) { $strContent = ''; $resultDisease = mysql_query("SELECT * FROM disease ") or die(mysql_error()); $paginationQuery = "SELECT * FROM disease "; $intResultNumDisease = mysql_num_rows($resultDisease); if ($intResultNumDisease > 0) { /* function for pagination */ list($result, $classObj, $dispyListInfo) = classPagination($paginationQuery, $intResultNumDisease); $strContent .= '<table class="listContentTab" id="tblList"> <colgroup> <col width="75px;"> <col width="250px;"> <col width="30px;"> <col width="30px;"> </colgroup><tr>'; $strContent .= '<th class="tdBorder">Disease Name</th>'; $strContent .= '<th class="tdBorder">Description</th>'; $strContent .= '<th class="tdBorder">View</th>'; $strContent .= '<th class="tdBorder">Edit</th></tr>'; $color = ""; while ($arrRowDisease = mysql_fetch_array($result)) { $strContent .= '<tr'; if ($color == 0) { $strContent .= '>'; $color = 1; } else { $strContent .= ' class="listTrColor">'; $color = 0; } $strContent .= '<td class="tdContent">' . $arrRowDisease['name'] . '</td>'; $strContent .= '<td class="tdContent">' . $arrRowDisease['description'] . '</td>'; $strContent .= "<td class=\"tdContentImg\">\n\t\t\t\t<a href=\"./adddisease.php?intDiseaseViewId=" . $arrRowDisease['diseaseid'] . "\">\n\t\t\t\t\t<img class=\"editButton\" src=\"../images/view.gif\" alt=\"View\" />\n\t\t\t\t</a></td>\n\t\t\t\t<td class=\"tdContentImg\">\n\t\t\t\t\t<a href=\"./adddisease.php?intDiseaseId=" . $arrRowDisease['diseaseid'] . "\">\n\t\t\t\t\t\t<img class=\"editButton\" src=\"../images/edit.gif\" alt=\"Edit\" />\n\t\t\t\t\t</a></td></tr>"; } $strContent .= '</table>'; $strContent .= '<br /><br />'; $strContent .= $dispyListInfo . '<br />'; $strContent .= $classObj->navigationBar(); } else { $strContent .= "No data is stored in the database or you are not authorised to view this data"; } return $strContent; }