Пример #1
0
<?php

ob_start();
error_reporting(0);
require 'database.php';
require 'varfilter.php';
require 'PHPMailer_v5.1/class.phpmailer.php';
if (isset($_POST['submit'])) {
    $email = unhack($_POST['email']);
    //Start Validating submitted Date
    if (empty($email)) {
        $ERROR = "Please Enter Your Email Address";
        //Check for empty field
    } else {
        $client_check = mysql_query("SELECT username FROM client_login WHERE username='******'") or die(mysql_error());
        //Check for existing user in registered table
        if (mysql_num_rows($client_check) == 0) {
            $ERROR = "You email is not found";
            $ERROR1 = "You email is not found";
        } else {
            $ftch = mysql_fetch_array($client_check);
            $newemail1 = $ftch[0];
        }
        $doc_check = mysql_query("SELECT username FROM doctor_login WHERE username='******'") or die(mysql_error());
        //Check for existing user in registered table
        if (mysql_num_rows($doc_check) == 0) {
            $ERROR = "You email is not found";
            $ERROR2 = "You email is not found";
        } else {
            $ftch = mysql_fetch_array($doc_check);
            $newemail2 = $ftch[0];
Пример #2
0
require 'headwithsearch.php';
require 'varfilter.php';
require 'database.php';
$username = $_SESSION['username'];
$c = mysql_query("select COUNT(doctor_name) from mydocs where doctor_name='{$username}'") or die(mysql_error());
$counter = mysql_fetch_array($c);
$count = 0;
if ($counter[0] != 0) {
    $count = $counter[0];
}
if (isset($_POST['upload'])) {
    $myfile = $_POST['myfile'];
    $imgname = unhack($_POST['name']);
    $email = unhack($_POST['email']);
    $imgdate = unhack($_POST['date']);
    $phone = unhack($_POST['phone']);
    $get_prev_id = mysql_query("select MAX(docs_id) from mydocs") or die(mysql_error() . " Prev id not fetched");
    $docs_id = mysql_fetch_array($get_prev_id);
    $d_id = $docs_id[0];
    //Properties of the uploaded file
    $name = $_FILES['myfile']['name'];
    $nam = isimg($name);
    $type = $_FILES['myfile']['type'];
    $siz = $_FILES['myfile']['size'];
    $size = imgsize($siz);
    $tmp_name = $_FILES['myfile']['tmp_name'];
    $error = $_FILES['myfile']['error'];
    //Validate must upload file and not empty receipt no and patient name
    if ($error > 0) {
        echo "<font color='red'><h3>Please Choose file first</h3></font>";
    }
Пример #3
0
<?php

ob_start();
session_start();
if (empty($_SESSION['cusername'])) {
    header('location:index.php');
}
$cusernmae = $_SESSION['cusername'];
require 'database.php';
require 'varfilter.php';
$page = $_REQUEST['page'];
$page1 = unhack($page);
$get = mysql_query("select img from mydocs where docs_id='{$page1}' and client_name='{$cusernmae}'");
$fimg = mysql_fetch_array($get);
$rm = $fimg[0];
unlink($rm);
chmod("mydocs/clients/{$cusernmae}/{$page1}", 0777);
rmdir("mydocs/clients/{$cusernmae}/{$page1}");
mysql_query("delete from mydocs where docs_id='{$page1}' and client_name='{$cusernmae}' ") or die(mysql_error());
$c = mysql_query("select no_of_upload from client_login where username='******'") or die(mysql_error());
$counter = mysql_fetch_array($c);
$counting = $counter[0];
$count = $counter[0] - 1;
mysql_query("update client_login set no_of_upload='{$count}' where username='******'");
header('location: clienthome.php');
?>

Пример #4
0
ob_start();
error_reporting(0);
session_start();
if (empty($_SESSION['ausername'])) {
    header('location:index.php');
    exit;
}
require 'headwithsearch.php';
require 'varfilter.php';
session_start();
$username = $_SESSION['ausername'];
require 'database.php';
if (isset($_POST['srch'])) {
    $s = $_POST['srch_txt'];
    $srch_txt = unhack($s);
    //echo '<div class="row" style="padding:20px">';
    if (!empty($srch_txt)) {
        $engine = mysql_query("select * from doctor_detail where name like'%" . $srch_txt . "%' OR email like'%" . $srch_txt . "%' OR phone like'%" . $srch_txt . "%'") or die(mysql_error() . " Searching Error line no 7 search.php");
        ?>
<div class="container">
	<div class="hero-unit" style="margin:0px; padding:10px 0px; text-align:left">
    	<div class="span7"><?php 
        echo $ic;
        ?>
</div>
        	<div class="span4 text-right">
                <form method="post" action="adminsrch.php" class="" style="">
                        <input type="text" name="srch_txt" class="input-medium search-query">
                        <button type="submit" name="srch" class="btn btn-success">Search</button>
                  </form>
Пример #5
0
    header('location:index.php');
    exit;
}
require 'headwithsearch.php';
require 'database.php';
require 'varfilter.php';
$username = $_SESSION['username'];
$cusername = $_SESSION['cusername'];
if (isset($_POST['chng'])) {
    $old = $_POST['oldpwd'];
    $new = $_POST['newpwd'];
    $re = $_POST['repwd'];
    //Using Unhack Var
    $oldp = unhack($old);
    $newp = unhack($new);
    $rep = unhack($re);
    if (!empty($oldp) && !empty($newp) && !empty($rep)) {
        if ($newp == $rep) {
            if (!empty($_SESSION['username'])) {
                $getpass = mysql_query("select password from doctor_login where password='******' AND username='******' ") or die(mysql_error());
                if (mysql_num_rows($getpass) == 1) {
                    mysql_query("update doctor_login set password='******' where username='******'") or die(mysql_error());
                    $echo = "Password  Changed";
                } else {
                    $echo = "your Old password is incorrect";
                }
            }
            if (!empty($_SESSION['ausername'])) {
                $getpass = mysql_query("select password from admin where password='******' AND name='{$username}' ") or die(mysql_error());
                if (mysql_num_rows($getpass) == 1) {
                    mysql_query("update admin set password='******' where name='{$username}'") or die(mysql_error());
Пример #6
0
        $tmp_name = $_FILES['myfile']['tmp_name'];
        $error = $_FILES['myfile']['error'];
        $destination = "mydocs/clients/{$cusername}/{$page}";
        //remove old file
        $get = mysql_query("select img from mydocs where docs_id='{$page}'");
        $fimg = mysql_fetch_array($get);
        $rm = $fimg[0];
        unlink($rm);
        move_uploaded_file($tmp_name, "{$destination}/" . $name);
        $saved = "{$destination}/" . $name;
        mysql_query("update mydocs set img='{$saved}' , img_name='{$fname}', details='{$details1}' , doc_date='{$date1}', client_phone='{$client_phone1}' where docs_id='{$page}' ") or die(mysql_error());
        mysql_query("update client_login set no_of_upload='{$count}' where username='******' ");
        header('location: index.php');
    } else {
        $fname = $_POST['fname'];
        $details1 = $_POST['details1'];
        $date1 = $_POST['date1'];
        $client_phone1 = unhack($_POST['client_phone1']);
        $ffname = unhack($fname);
        $ddetails1 = unhack($details1);
        $ddate1 = unhack($date1);
        mysql_query("update mydocs set  img_name='{$ffname}', details='{$ddetails1}' , doc_date='{$ddate1}',client_phone='{$client_phone1}' where docs_id='{$page}' ") or die(mysql_error());
        mysql_query("update client_login set no_of_upload='{$count}' where username='******' ");
        header('location: index.php');
    }
}
?>
	<!--</div>
    </div>-->

Пример #7
0
    header('location:doctorhome.php');
} elseif (!empty($_SESSION['cusername'])) {
    header('location:clienthome.php');
} elseif (!empty($_SESSION['ausername'])) {
    header('location: adminhome.php');
}
require 'database.php';
error_reporting(0);
if (isset($_POST['login'])) {
    $name = $_POST['username'];
    $pass = $_POST['psswd'];
    if (empty($name) && empty($pass)) {
        $echo = "Please fill username and password";
    } else {
        $username = unhack($name);
        $password = unhack($pass);
        $finddoc = mysql_query("select username,password,doc_id,con_id from doctor_login where username='******' AND password='******' ") or die(mysql_error());
        if (mysql_num_rows($finddoc) == 1) {
            $m = mysql_fetch_row($finddoc);
            $iid = $m[2];
            $_SESSION['username'] = $username;
            $cod = $m[3];
            $_SESSION['con_id'] = $cod;
            $_SESSION['did'] = $iid;
            header('location: doctorhome.php');
        }
        $findadmin = mysql_query("select name,password from admin where name='{$username}' AND password='******' ") or die(mysql_error());
        if (mysql_num_rows($findadmin)) {
            $_SESSION['ausername'] = $username;
            header('location: adminhome.php');
        } else {
Пример #8
0
<?php

ob_start();
error_reporting(0);
require 'database.php';
require 'varfilter.php';
if (isset($_POST['signup'])) {
    $name = unhack($_POST['name']);
    $email = unhack($_POST['email']);
    $phone = unhack($_POST['phone']);
    $pass1 = unhack($_POST['pass1']);
    $pass2 = unhack($_POST['pass2']);
    $sec_q = unhack($_POST['sec_q']);
    $sec_a = unhack($_POST['sec_a']);
    $ERROR = "";
    //Start Validating submitted Date
    if (empty($name) && empty($email) && empty($phone) && empty($pass1) && empty($pass2) && empty($sec_q) && empty($sec_a)) {
        $ERROR = "Please fill all fields";
        //Check for empty field
    } elseif (!is_numeric($phone)) {
        $ERROR = "This is no a valid phone number";
        //Check for valid phone number
    } elseif (strlen($pass1) < 5) {
        $ERROR = "Password must be Greater then 5 character";
        //Check password lenghth
    } elseif ($pass1 != $pass2) {
        $ERROR = "Password not matched";
        //Match paassword
    }
    $check1 = mysql_query("select username from doctor_login where username='******'");
    //Check for existing user in registered table
Пример #9
0
            } else {
            }
        }
        mysql_query("INSERT INTO `mydocs` \r\n\t(`docs_id`, `img`, `current_folder`, `img_name`, `details`, `doc_date`, `doctor_name`, `client_name`, `client_phone`,`cod`,'cat')\r\n\t VALUES (NULL, '{$thumbnail}', '{$destination}', '{$imgname}', '{$email}', '{$imgdate}', '{$username}', '', '{$phone}','{$codx}','{$cat}')") or die(mysql_error() . "E22");
        mysql_query("update doctor_login set no_of_upload='{$count}' where username='******' ");
        echo '<h3>Your file is successfully Uploaded To the Server im in else mode</h3>';
        ///////////////////////EndSuperScript///////////////////////////////////
    }
}
if (isset($_POST['ehr'])) {
    $myfile = $_POST['myfile'];
    $imgname = unhack($_POST['name']);
    $email = unhack($_POST['email']);
    $imgdate = unhack($_POST['date']);
    $phone = unhack($_POST['phone']);
    $cat = unhack($_POST['cat']);
    $imgdate = convertDate($imgdate);
    $get_prev_id = mysql_query("select MAX(docs_id) from mydocs") or die(mysql_error() . " Prev id not fetched");
    $docs_id = mysql_fetch_array($get_prev_id);
    $d_id = $docs_id[0];
    //Properties of the uploaded file
    $n = $_FILES['myfile'];
    $c = count($n);
    $thumbnail = 0;
    if (file_exists("mydocs/" . $username)) {
        $increement = $d_id + 1;
        date_default_timezone_get('asia/kolkata');
        $date = date("Y-m-d");
        mkdir("mydocs/{$username}/" . $increement);
        $destination = "mydocs/{$username}/{$increement}";
        for ($i = 0; $i < $c; $i++) {
Пример #10
0
ob_start();
error_reporting(0);
require 'database.php';
require 'varfilter.php';
require 'data_handler.php';
if (isset($_POST['signup'])) {
    $name = unhack($_POST['name']);
    $email = unhack($_POST['email']);
    $phone = unhack($_POST['phone']);
    $pass1 = unhack($_POST['pass1']);
    $pass2 = unhack($_POST['pass2']);
    $sec_q = unhack($_POST['sec_q']);
    $sec_a = unhack($_POST['sec_a']);
    $city = unhack($_POST['city']);
    $lastname = unhack($_POST['lname']);
    $gen = unhack($_POST['gen']);
    $ERROR = "";
    //Start Validating submitted Date
    if (empty($name) && empty($email) && empty($phone) && empty($pass1) && empty($pass2) && empty($sec_q) && empty($sec_a)) {
        $ERROR = "Please fill all fields";
        //Check for empty field
    } elseif (!is_numeric($phone)) {
        $ERROR = "This is no a valid phone number";
        //Check for valid phone number
    } elseif (strlen($pass1) < 5) {
        $ERROR = "Password must be Greater then 5 character";
        //Check password lenghth
    } elseif ($pass1 != $pass2) {
        $ERROR = "Password not matched";
        //Match paassword
    }