if (empty($username) === true || empty($password) === true) {
json_error(LANG_ADMIN_INVALID_PASSWORD);
} else {
if ($haccess->user_exist_checker($username, H_SYSTEM_ACCESS) === false) {
json_error(LANG_ADMIN_INVALID_USERNAME);
} else {
if ($haccess->account_activation($username, H_SYSTEM_ACCESS) === false) {
json_error(LANG_ADMIN_INVALID_ACTIVATION);
} else {
$login = $haccess->HezeLogin($username, $password, H_SYSTEM_ACCESS);
if ($login === false) {
json_error(LANG_ADMIN_ERROR);
} else {
$_SESSION[H_USER_SESSION] = $login;
$haccess->UpdateLastLogin(date('Y-m-d'), $_SERVER['REMOTE_ADDR'], $haccess->UserID());
json_send(H_ADMIN);
json_success('Logging in');
exit;
}
}
}
}
}
} elseif (get('do') == 'logout') {
$haccess->log_out_access(H_LOGIN);
} elseif (get('do') == 'delete') {
$dfile = get('dfile');
if (get('userid') and $dfile == '') {
$del = $haccess->Delete(get('userid'), '' . H_ADMIN . '&view=hsys_users&do=viewall&msg=delete');
} elseif (get('userid') and $dfile != '' and get('fdel') == '') {
delete_files(UPLOAD_PATH . get('dfile'));
public function invoke_patients()
{
$active = isset($_GET['active']) ? $_GET['active'] : "1";
//SELECT ALL //////////////////////////////////
if (get('do') == 'viewall') {
if (PAGINATION_TYPE == 'Normal') {
$result = $this->patients_model->SelectAll(RECORD_PER_PAGE, $active);
//Accept get url e.g (index.php?id=1&cat=2...)
$paging = pagination($this->patients_model->CountRow(), RECORD_PER_PAGE, '' . H_ADMIN . '&view=patients&do=viewall&active=' . $active);
} else {
$result = $this->patients_model->SelectAll(NULL, $active);
}
include APP_FOLDER . '/views/admin/patients/View.php';
}
//EXPORT ////////////////////////////////////////////////////
if (get('do') == 'export') {
$result = $this->patients_model->SelectAll(NULL, $active);
include APP_FOLDER . '/views/admin/patients/Export.php';
} elseif (get('do') == 'export2') {
$rows = $this->patients_model->SelectOne(get('id'));
include APP_FOLDER . '/views/admin/patients/Export2.php';
} elseif (get('do') == 'autosearch') {
$qstring = post('qstring');
if (strlen($qstring) > 0) {
$autosearch = $this->patients_model->AutoSearch(trim($qstring), 10, 'first_name');
echo ' <div class=widget><ul class="list-group">';
foreach ($autosearch as $srow) {
echo '<span class="searchheading"><a href="' . H_ADMIN . '&view=patients&id=' . $srow->id . '&do=details"><li class="list-group-item">' . $srow->first_name . ' ' . $srow->last_name . '</li></a>
</span>';
}
echo '</ul></div>';
}
} elseif (get('do') == 'add') {
include APP_FOLDER . '/views/admin/patients/Add.php';
} elseif (get('do') == 'addpro') {
if ($_POST) {
//form validation
if (post('first_name') == '') {
json_error('Pleas enter First Name!');
} elseif (post('last_name') == '') {
json_error('Please enter Last Name!');
} elseif (post('phone') == '') {
json_error('Please enter Phone!');
} elseif (post('email') == '') {
json_error('Please enter Email!');
} elseif (post('source') == '') {
json_error('Please select Source!');
} else {
$this->patients_model->Insert(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes'));
json_send('' . H_ADMIN . '&view=patients&do=viewall&msg=add');
json_success('Process Completed');
}
}
} elseif (get('do') == 'update') {
$rows = $this->patients_model->SelectOne(get('id'));
//check if patient have card
$have_card = patient_have_card(get('id'));
include APP_FOLDER . '/views/admin/patients/Update.php';
} elseif (get('do') == 'updatepro') {
if ($_POST) {
//form validation
if (post('id') == '') {
json_error('The field id cannot be empty!');
} elseif (post('first_name') == '') {
json_error('Please enter First Name!');
} elseif (post('last_name') == '') {
json_error('Please enter Last Name!');
} elseif (post('phone') == '') {
json_error('Please enter Phone!');
} elseif (post('email') == '') {
json_error('Please enter Email!');
} elseif (post('source') == '') {
json_error('Please select Source!');
} else {
$this->patients_model->Update(post('first_name'), post('last_name'), post('phone'), post('email'), post('source'), post('notes'), post('active'), post('id'));
json_send('' . H_ADMIN . '&view=patients&id=' . post('id') . '&do=details&msg=update');
json_success('Process Completed');
}
}
} elseif (get('do') == 'details') {
$rows = $this->patients_model->SelectOne(get('id'));
//check if patient have card
$have_card = patient_have_card(get('id'));
include APP_FOLDER . '/views/admin/patients/Details.php';
} elseif (get('do') == 'truncate') {
$this->patients_model->TruncateTable('' . H_ADMIN . '&view=patients&do=viewall&msg=truncate');
include APP_FOLDER . '/views/admin/patients/View.php';
} elseif (get('do') == 'delete') {
$dfile = get('dfile');
if (get('id') and $dfile == '') {
$del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete');
} elseif (get('id') and $dfile != '' and get('fdel') == '') {
delete_files(UPLOAD_PATH . get('dfile'));
delete_files(THUMB_PATH . get('dfile'));
$del = $this->patients_model->Delete(get('id'), '' . H_ADMIN . '&view=patients&do=viewall&msg=delete');
} elseif (get('id') and $dfile != '' and get('fdel') != '') {
delete_files(UPLOAD_PATH . get('dfile'));
delete_files(THUMB_PATH . get('dfile'));
send_to('' . H_ADMIN . '&view=patients&id=' . get('id') . '&do=update&msg=delete');
}
}
}
