<?php ob_start(); error_reporting(0); require 'database.php'; require 'varfilter.php'; require 'PHPMailer_v5.1/class.phpmailer.php'; if (isset($_POST['submit'])) { $email = unhack($_POST['email']); //Start Validating submitted Date if (empty($email)) { $ERROR = "Please Enter Your Email Address"; //Check for empty field } else { $client_check = mysql_query("SELECT username FROM client_login WHERE username='******'") or die(mysql_error()); //Check for existing user in registered table if (mysql_num_rows($client_check) == 0) { $ERROR = "You email is not found"; $ERROR1 = "You email is not found"; } else { $ftch = mysql_fetch_array($client_check); $newemail1 = $ftch[0]; } $doc_check = mysql_query("SELECT username FROM doctor_login WHERE username='******'") or die(mysql_error()); //Check for existing user in registered table if (mysql_num_rows($doc_check) == 0) { $ERROR = "You email is not found"; $ERROR2 = "You email is not found"; } else { $ftch = mysql_fetch_array($doc_check); $newemail2 = $ftch[0];
require 'headwithsearch.php'; require 'varfilter.php'; require 'database.php'; $username = $_SESSION['username']; $c = mysql_query("select COUNT(doctor_name) from mydocs where doctor_name='{$username}'") or die(mysql_error()); $counter = mysql_fetch_array($c); $count = 0; if ($counter[0] != 0) { $count = $counter[0]; } if (isset($_POST['upload'])) { $myfile = $_POST['myfile']; $imgname = unhack($_POST['name']); $email = unhack($_POST['email']); $imgdate = unhack($_POST['date']); $phone = unhack($_POST['phone']); $get_prev_id = mysql_query("select MAX(docs_id) from mydocs") or die(mysql_error() . " Prev id not fetched"); $docs_id = mysql_fetch_array($get_prev_id); $d_id = $docs_id[0]; //Properties of the uploaded file $name = $_FILES['myfile']['name']; $nam = isimg($name); $type = $_FILES['myfile']['type']; $siz = $_FILES['myfile']['size']; $size = imgsize($siz); $tmp_name = $_FILES['myfile']['tmp_name']; $error = $_FILES['myfile']['error']; //Validate must upload file and not empty receipt no and patient name if ($error > 0) { echo "<font color='red'><h3>Please Choose file first</h3></font>"; }
<?php ob_start(); session_start(); if (empty($_SESSION['cusername'])) { header('location:index.php'); } $cusernmae = $_SESSION['cusername']; require 'database.php'; require 'varfilter.php'; $page = $_REQUEST['page']; $page1 = unhack($page); $get = mysql_query("select img from mydocs where docs_id='{$page1}' and client_name='{$cusernmae}'"); $fimg = mysql_fetch_array($get); $rm = $fimg[0]; unlink($rm); chmod("mydocs/clients/{$cusernmae}/{$page1}", 0777); rmdir("mydocs/clients/{$cusernmae}/{$page1}"); mysql_query("delete from mydocs where docs_id='{$page1}' and client_name='{$cusernmae}' ") or die(mysql_error()); $c = mysql_query("select no_of_upload from client_login where username='******'") or die(mysql_error()); $counter = mysql_fetch_array($c); $counting = $counter[0]; $count = $counter[0] - 1; mysql_query("update client_login set no_of_upload='{$count}' where username='******'"); header('location: clienthome.php'); ?>
ob_start(); error_reporting(0); session_start(); if (empty($_SESSION['ausername'])) { header('location:index.php'); exit; } require 'headwithsearch.php'; require 'varfilter.php'; session_start(); $username = $_SESSION['ausername']; require 'database.php'; if (isset($_POST['srch'])) { $s = $_POST['srch_txt']; $srch_txt = unhack($s); //echo '<div class="row" style="padding:20px">'; if (!empty($srch_txt)) { $engine = mysql_query("select * from doctor_detail where name like'%" . $srch_txt . "%' OR email like'%" . $srch_txt . "%' OR phone like'%" . $srch_txt . "%'") or die(mysql_error() . " Searching Error line no 7 search.php"); ?> <div class="container"> <div class="hero-unit" style="margin:0px; padding:10px 0px; text-align:left"> <div class="span7"><?php echo $ic; ?> </div> <div class="span4 text-right"> <form method="post" action="adminsrch.php" class="" style=""> <input type="text" name="srch_txt" class="input-medium search-query"> <button type="submit" name="srch" class="btn btn-success">Search</button> </form>
header('location:index.php'); exit; } require 'headwithsearch.php'; require 'database.php'; require 'varfilter.php'; $username = $_SESSION['username']; $cusername = $_SESSION['cusername']; if (isset($_POST['chng'])) { $old = $_POST['oldpwd']; $new = $_POST['newpwd']; $re = $_POST['repwd']; //Using Unhack Var $oldp = unhack($old); $newp = unhack($new); $rep = unhack($re); if (!empty($oldp) && !empty($newp) && !empty($rep)) { if ($newp == $rep) { if (!empty($_SESSION['username'])) { $getpass = mysql_query("select password from doctor_login where password='******' AND username='******' ") or die(mysql_error()); if (mysql_num_rows($getpass) == 1) { mysql_query("update doctor_login set password='******' where username='******'") or die(mysql_error()); $echo = "Password Changed"; } else { $echo = "your Old password is incorrect"; } } if (!empty($_SESSION['ausername'])) { $getpass = mysql_query("select password from admin where password='******' AND name='{$username}' ") or die(mysql_error()); if (mysql_num_rows($getpass) == 1) { mysql_query("update admin set password='******' where name='{$username}'") or die(mysql_error());
$tmp_name = $_FILES['myfile']['tmp_name']; $error = $_FILES['myfile']['error']; $destination = "mydocs/clients/{$cusername}/{$page}"; //remove old file $get = mysql_query("select img from mydocs where docs_id='{$page}'"); $fimg = mysql_fetch_array($get); $rm = $fimg[0]; unlink($rm); move_uploaded_file($tmp_name, "{$destination}/" . $name); $saved = "{$destination}/" . $name; mysql_query("update mydocs set img='{$saved}' , img_name='{$fname}', details='{$details1}' , doc_date='{$date1}', client_phone='{$client_phone1}' where docs_id='{$page}' ") or die(mysql_error()); mysql_query("update client_login set no_of_upload='{$count}' where username='******' "); header('location: index.php'); } else { $fname = $_POST['fname']; $details1 = $_POST['details1']; $date1 = $_POST['date1']; $client_phone1 = unhack($_POST['client_phone1']); $ffname = unhack($fname); $ddetails1 = unhack($details1); $ddate1 = unhack($date1); mysql_query("update mydocs set img_name='{$ffname}', details='{$ddetails1}' , doc_date='{$ddate1}',client_phone='{$client_phone1}' where docs_id='{$page}' ") or die(mysql_error()); mysql_query("update client_login set no_of_upload='{$count}' where username='******' "); header('location: index.php'); } } ?> <!--</div> </div>-->
header('location:doctorhome.php'); } elseif (!empty($_SESSION['cusername'])) { header('location:clienthome.php'); } elseif (!empty($_SESSION['ausername'])) { header('location: adminhome.php'); } require 'database.php'; error_reporting(0); if (isset($_POST['login'])) { $name = $_POST['username']; $pass = $_POST['psswd']; if (empty($name) && empty($pass)) { $echo = "Please fill username and password"; } else { $username = unhack($name); $password = unhack($pass); $finddoc = mysql_query("select username,password,doc_id,con_id from doctor_login where username='******' AND password='******' ") or die(mysql_error()); if (mysql_num_rows($finddoc) == 1) { $m = mysql_fetch_row($finddoc); $iid = $m[2]; $_SESSION['username'] = $username; $cod = $m[3]; $_SESSION['con_id'] = $cod; $_SESSION['did'] = $iid; header('location: doctorhome.php'); } $findadmin = mysql_query("select name,password from admin where name='{$username}' AND password='******' ") or die(mysql_error()); if (mysql_num_rows($findadmin)) { $_SESSION['ausername'] = $username; header('location: adminhome.php'); } else {
<?php ob_start(); error_reporting(0); require 'database.php'; require 'varfilter.php'; if (isset($_POST['signup'])) { $name = unhack($_POST['name']); $email = unhack($_POST['email']); $phone = unhack($_POST['phone']); $pass1 = unhack($_POST['pass1']); $pass2 = unhack($_POST['pass2']); $sec_q = unhack($_POST['sec_q']); $sec_a = unhack($_POST['sec_a']); $ERROR = ""; //Start Validating submitted Date if (empty($name) && empty($email) && empty($phone) && empty($pass1) && empty($pass2) && empty($sec_q) && empty($sec_a)) { $ERROR = "Please fill all fields"; //Check for empty field } elseif (!is_numeric($phone)) { $ERROR = "This is no a valid phone number"; //Check for valid phone number } elseif (strlen($pass1) < 5) { $ERROR = "Password must be Greater then 5 character"; //Check password lenghth } elseif ($pass1 != $pass2) { $ERROR = "Password not matched"; //Match paassword } $check1 = mysql_query("select username from doctor_login where username='******'"); //Check for existing user in registered table
} else { } } mysql_query("INSERT INTO `mydocs` \r\n\t(`docs_id`, `img`, `current_folder`, `img_name`, `details`, `doc_date`, `doctor_name`, `client_name`, `client_phone`,`cod`,'cat')\r\n\t VALUES (NULL, '{$thumbnail}', '{$destination}', '{$imgname}', '{$email}', '{$imgdate}', '{$username}', '', '{$phone}','{$codx}','{$cat}')") or die(mysql_error() . "E22"); mysql_query("update doctor_login set no_of_upload='{$count}' where username='******' "); echo '<h3>Your file is successfully Uploaded To the Server im in else mode</h3>'; ///////////////////////EndSuperScript/////////////////////////////////// } } if (isset($_POST['ehr'])) { $myfile = $_POST['myfile']; $imgname = unhack($_POST['name']); $email = unhack($_POST['email']); $imgdate = unhack($_POST['date']); $phone = unhack($_POST['phone']); $cat = unhack($_POST['cat']); $imgdate = convertDate($imgdate); $get_prev_id = mysql_query("select MAX(docs_id) from mydocs") or die(mysql_error() . " Prev id not fetched"); $docs_id = mysql_fetch_array($get_prev_id); $d_id = $docs_id[0]; //Properties of the uploaded file $n = $_FILES['myfile']; $c = count($n); $thumbnail = 0; if (file_exists("mydocs/" . $username)) { $increement = $d_id + 1; date_default_timezone_get('asia/kolkata'); $date = date("Y-m-d"); mkdir("mydocs/{$username}/" . $increement); $destination = "mydocs/{$username}/{$increement}"; for ($i = 0; $i < $c; $i++) {
ob_start(); error_reporting(0); require 'database.php'; require 'varfilter.php'; require 'data_handler.php'; if (isset($_POST['signup'])) { $name = unhack($_POST['name']); $email = unhack($_POST['email']); $phone = unhack($_POST['phone']); $pass1 = unhack($_POST['pass1']); $pass2 = unhack($_POST['pass2']); $sec_q = unhack($_POST['sec_q']); $sec_a = unhack($_POST['sec_a']); $city = unhack($_POST['city']); $lastname = unhack($_POST['lname']); $gen = unhack($_POST['gen']); $ERROR = ""; //Start Validating submitted Date if (empty($name) && empty($email) && empty($phone) && empty($pass1) && empty($pass2) && empty($sec_q) && empty($sec_a)) { $ERROR = "Please fill all fields"; //Check for empty field } elseif (!is_numeric($phone)) { $ERROR = "This is no a valid phone number"; //Check for valid phone number } elseif (strlen($pass1) < 5) { $ERROR = "Password must be Greater then 5 character"; //Check password lenghth } elseif ($pass1 != $pass2) { $ERROR = "Password not matched"; //Match paassword }