<?php
function string_sanitize($string){
global $db_conx;
return mysqli_real_escape_string($db_conx, str_replace("'","",stripslashes(htmlentities(strip_tags($string)))));
}
function string_sanitize2($string){
global $db_conx;
return mysqli_real_escape_string($db_conx, str_replace(`'`,``,stripslashes(htmlentities(strip_tags($string)))));
}
function encryptedPassword($password){
return openssl_encrypt($password, "AES-128-ECB", SECRETKEY);
}
function decryptedPassword($password){
return openssl_decrypt($password, "AES-128-ECB", SECRETKEY);
}
function get_login($username,$password)
{
global $db_conx;
$encrypted = encryptedPassword($password);
//$sql = "select * from users where username = '".$username."' and password = '".$password."' and status = 1";
$sql = "select u.*, p.rname, cl.*
from users u
LEFT JOIN post_t p
ON u.post_id = p.rid
LEFT JOIN clinic_master cl
ON u.cid = cl.cid
where u.username = '".$username."' and u.password = '".$encrypted."' ";
//where u.username = '".$username."' and u.password = '".$encrypted."' and u.status = 1 and u.display = 1 and u.islogin = 0";
return $loginchk = mysqli_query($db_conx,$sql);
//return mysqli_num_rows($loginchk);
}
function generateRandomString($length = 15) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
function loggeduser(){
global $db_conx;
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$ip = $_SERVER['REMOTE_ADDR'];
$datetime = date('Y-m-d H:i:s');
//$browser = "test";
$logsession = $_SESSION['token'];
//echo $_SERVER['HTTP_USER_AGENT'];
$browser = $_SERVER['HTTP_USER_AGENT'];
$sql = "INSERT INTO `users_login_log` (`cid`, `userid`,`logindatetime`,`ipaddress`,`token`,`browsername`) VALUES ('".$cid."', '".$userid."','".$datetime."','".$ip."','".$logsession."','".$browser."' ) ";
$runquery = mysqli_query($db_conx,$sql);
}
function setIsLogin(){
global $db_conx;
$userid = $_SESSION['userid'];
$logsession = $_SESSION['token'];
$sql = "UPDATE `users` SET `islogin` = '1', `loginToken` = '".$logsession."' WHERE `userid` = '".(int)$userid."'";
$runquery = mysqli_query($db_conx,$sql);
}
function get_alias($name)
{
$alias = str_replace(array(':', '\\', '/','--', '-','_', '__', '*', ' ', '+', '!', '=', '(', ')',' & ',' &','&', ' & ', '&', '%', '"', ';'), '-', $name);
return $alias;
}
function string_texteditor($text)
{
global $db_conx;
return mysqli_real_escape_string($db_conx, str_replace("'","",$text));
}
function check_alias($table_name, $value)
{
global $db_conx;
$select = mysqli_query($db_conx, "SELECT alias FROM ".$table_name." WHERE alias = '".$value."'");
if(mysqli_num_rows($select) == 0)
{
return $value;
}
else
{
$new_value = $value.'2';
return check_alias($table_name, $new_value);
}
}
function is_admin_auth(){
global $db_conx;
if(!isset($_SESSION['username']) && !isset($_SESSION['password'])) return false;
$sql = "SELECT id FROM admin WHERE emailid = '".$_SESSION['username']."' AND password = '".$_SESSION['password']."'";
$result = mysqli_query($db_conx, $sql);
if($row = mysqli_fetch_assoc($result)) return true;
else return false;
}
function is_login(){
global $db_conx;
$logsession = $_SESSION['token'];
if(!isset($_SESSION['username']) && !isset($_SESSION['password'])) return false;
$sql = "SELECT userid FROM users WHERE username = '".$_SESSION['username']."' AND password = '".$_SESSION['encryptedPassword']."' AND islogin = '1' AND loginToken = '".$logsession."' ";
$result = mysqli_query($db_conx, $sql);
//exit;
if($row = mysqli_fetch_assoc($result)) return true;
else return false;
}
function get_logged_user(){
global $db_conx;
if(!isset($_SESSION['userid']) && !isset($_SESSION['password'])) return false;
$sql = "SELECT u.*, cl.* FROM users u
LEFT JOIN clinic_master cl
ON u.cid = cl.cid
WHERE u.userid = '".$_SESSION['userid']."' AND u.password = '".$_SESSION['encryptedPassword']."'";
$result = mysqli_query($db_conx, $sql);
return $row[] = mysqli_fetch_assoc($result);
}
/*function get_user($user_id){
global $db_conx;
if($user_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM user WHERE id = '".(int)$user_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}*/
function logOutuser(){
global $db_conx;
$userid = $_SESSION['userid'];
$datetime = date('Y-m-d H:i:s');
$logsession = $_SESSION['token'];
$sql = "UPDATE `users_login_log` SET logoutdatetime = '".$datetime."' WHERE `token` = '".$logsession."' AND `userid` = '".$userid."'";
$runquery = mysqli_query($db_conx,$sql);
//reset login
$sql1 = "UPDATE `users` SET `islogin` = '0', `loginToken` = NULL WHERE `userid` = '".(int)$userid."'";
$runquery = mysqli_query($db_conx,$sql1);
}
function get_all_user(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM user WHERE first_name != '' ");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function addRole($role,$status){
global $db_conx;
$userid = $_SESSION['userid'];
$sql = "INSERT INTO `post_t` (rname, status, enteredby, entereddatetime) VALUES ('$role', '$status', '$userid', CURRENT_TIMESTAMP)";
return $runquery = mysqli_query($db_conx, $sql);
}
function getallrolelist(){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `post_t` ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getrolebyid($id){
global $db_conx;
$ret = array();
$id = string_sanitize($id);
$sql = "SELECT * FROM `post_t` WHERE rid = ''";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_specific_data($table, $where, $order='', $limit=''){
global $db_conx;
$sql = "SELECT * FROM ".$table." WHERE ".$where." ".$order." ".$limit;
$result = mysqli_query($db_conx, $sql);
if(mysqli_num_rows($result) == 1){
return $ret = mysqli_fetch_assoc($result);
}else{
return '';
}
}
function edit_role_by_id($id_edit,$fullname_edit,$status_edit){
global $db_conx;
$id_edit = string_sanitize($id_edit);
$fullname_edit = string_sanitize($fullname_edit);
$status_edit = string_sanitize($status_edit);
$userid = string_sanitize($_SESSION['userid']);
$datetime = date('Y-m-d H:i:s');
$sql = "UPDATE `post_t` SET rname = '".$fullname_edit."', status = '".$status_edit."', updatedby = '".$userid."', updatedatetime = '".$datetime."' WHERE id = '".$id_edit."' ";
$runquery = mysqli_query($db_conx,$sql);
if($runquery === TRUE){
return 1;
}else{
return 0;
}
}
function getactiverolelist(){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `post_t` WHERE status = '1'";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_users(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM users WHERE userid != '' AND display = '1' AND admin is NULL ORDER BY userid DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_ups_credentials(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM ups_shipping_credentials WHERE ups_accesskey != '' ");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_authorize_credentials(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM authorize_setting WHERE api_login_key != '' ");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function is_customer_auth(){
global $db_conx;
if(!isset($_SESSION['globacom_customer']) && !isset($_SESSION['globacom_customer_password'])) return false;
$sql = "SELECT customer_id FROM customer WHERE username = '".$_SESSION['globacom_customer']."' AND password = '".$_SESSION['globacom_customer_password']."'";
$result = mysqli_query($db_conx, $sql);
if($row = mysqli_fetch_assoc($result)) return true;
else return false;
}
function add_category($category_name, $file_name, $sort_no = "0", $description){
global $db_conx;
if($category_name != ""){
$category_name = string_sanitize($category_name);
$category_name = strtolower($category_name);
//$alias = str_replace(' ', '-', $category_name);
$table_name = 'category';
$alias = get_alias($category_name);
$alias_final = check_alias($table_name, $alias);
$sort_no = string_sanitize($sort_no);
$description = string_texteditor($description);
$status = "1";
$url = $_SERVER['REQUEST_URI'];
//$sub_category = string_sanitize($sub_category);
$sql = "INSERT INTO category(category_name, alias, sort_no, category_image, date_added, description, status) VALUES ('".$category_name."', '".$alias_final."', '".(int)$sort_no."', '".$file_name."', now(), '".$description."', '".$status."')";
$insertproduct = mysqli_query($db_conx, $sql);
if ($insertproduct === TRUE)
{
return mysqli_insert_id($db_conx);
}
else
{
return false;
}
}
}
function add_home_slide( $file_name){
global $db_conx;
//if($file_name != ""){
//$category_name = string_sanitize($category_name);
//$category_name = strtolower($category_name);
//$alias = str_replace(' ', '-', $category_name);
$table_name = 'home_slider';
//$alias = get_alias($category_name);
//$alias_final = check_alias($table_name, $alias);
//$sort_no = string_sanitize($sort_no);
//$description = string_texteditor($description);
//$status = "1";
$url = $_SERVER['REQUEST_URI'];
//$sub_category = string_sanitize($sub_category);
$slide_sql = "INSERT INTO home_slider(image) VALUES ('".$file_name."')";
$insertproduct = mysqli_query($db_conx, $slide_sql);
if ($insertproduct === TRUE)
{
return mysqli_insert_id($db_conx);
}
else
{
return false;
}
//}
}
function edit_category($category_name, $sort_no = "0", $category_id, $file_name, $description){
global $db_conx;
if($category_name != "" && $category_id != ""){
$category_name = string_sanitize($category_name);
$category_name = strtolower($category_name);
$alias = get_alias($category_name);
$table_name = 'category';
$alias_final = check_alias($table_name, $alias);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $category_name);
$sort_no = string_sanitize($sort_no);
$description = string_texteditor($description);
//$sub_category = string_sanitize($sub_category);
$updatecategory = "UPDATE category SET category_name = '".$category_name."', alias = '".$alias_final."', sort_no = '".(int)$sort_no."', category_image = '".$file_name."', description = '".$description."' WHERE category_id = '".(int)$category_id."'";
if(mysqli_query($db_conx, $updatecategory))
{
return true;
}
else
{
return false;
}
}
}
function edit_home_slider($file_name, $slide_id){
global $db_conx;
//if($slide_id == ""){
$slide_id = string_sanitize($slide_id);
$table_name = 'home_slider';
//$alias_final = check_alias($table_name, $alias);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $category_name);
//$sort_no = string_sanitize($sort_no);
//$description = string_texteditor($description);
//$sub_category = string_sanitize($sub_category);
$updatehome_slider = "UPDATE home_slider SET image = '".$file_name."' WHERE slide_id = '".(int)$slide_id."'";
if(mysqli_query($db_conx, $updatehome_slider))
{
return true;
}
else
{
return false;
}
//}
}
function edit_advertise1($add_id, $file_name){
global $db_conx;
//if($slide_id == ""){
$add_id = string_sanitize($add_id);
$table_name = 'advertise1';
//$alias_final = check_alias($table_name, $alias);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $category_name);
//$sort_no = string_sanitize($sort_no);
//$description = string_texteditor($description);
//$sub_category = string_sanitize($sub_category);
$updateadd1 = "UPDATE advertise1 SET image = '".$file_name."' WHERE add_id = '".(int)$add_id."'";
if(mysqli_query($db_conx, $updateadd1))
{
return true;
}
else
{
return false;
}
//}
}
function edit_advertise2($add2_id, $file_name){
global $db_conx;
//if($slide_id == ""){
$add2_id = string_sanitize($add2_id);
$table_name = 'advertise2';
//$alias_final = check_alias($table_name, $alias);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $category_name);
//$sort_no = string_sanitize($sort_no);
//$description = string_texteditor($description);
//$sub_category = string_sanitize($sub_category);
$updateadd2 = "UPDATE advertise2 SET image1 = '".$file_name."' WHERE add2_id = '".(int)$add2_id."'";
if(mysqli_query($db_conx, $updateadd2))
{
return true;
}
else
{
return false;
}
//}
}
function add_subcategory($subcategory_name, $category_id, $sort_no = "0", $file_name, $description){
global $db_conx;
if($subcategory_name !== '' && $category_id !== ''){
$subcategory_name = string_sanitize($subcategory_name);
$subcategory_name = strtolower($subcategory_name);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $subcategory_name);
$alias = get_alias($subcategory_name);
$table_name = 'subcategory';
$alias_final = check_alias($table_name, $alias);
$sort_no = string_sanitize($sort_no);
$description = string_texteditor($description);
$status = "1";
$insertsubcategory =mysqli_query($db_conx, "INSERT INTO subcategory(subcategory_name, alias, category_id, sort_no, subcategory_image, date_added, description, status) VALUES ('".$subcategory_name."', '".$alias_final."', '".$category_id."', '".(int)$sort_no."', '".$file_name."', now(), '".$description."', '".$status."')");
if ($insertsubcategory === TRUE)
{
return mysqli_insert_id($db_conx);
}
else
{
return false;
}
}
}
function get_category($category_id){
global $db_conx;
if($category_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE category_id = '".(int)$category_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_categoryName($catid){
global $db_conx;
if($catid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE category_id = '".(int)$catid."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_subcategoryName($subcatid){
global $db_conx;
if($subcatid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM subcategory WHERE subcategory_id = '".(int)$subcatid."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_supersubcategoryName($supersubcatid){
global $db_conx;
if($supersubcatid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM supersubcategory WHERE supersubcategory_id = '".(int)$supersubcatid."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
/*
function get_all_category(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE category_name != '' ORDER BY sort_no");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
*/
function get_all_home_slider(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM home_slider");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_add1(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM advertise1");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_add2(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM advertise2");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_category_status(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE category_name != '' and status = '1' GROUP BY category_name");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_subcategory(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM subcategory WHERE subcategory_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_subcategory($catid){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM subcategory WHERE category_id = '".$catid."' GROUP BY subcategory_name");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_sub_category($category_name){
global $db_conx;
if($category_name != ""){
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE category_name = '".$category_name."' GROUP BY sub_category");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function edit_subcategory($subcategory_name, $sort_no = "0", $category_id, $subcategory_id, $file_name, $description)
{
global $db_conx;
if($subcategory_name != "" && $subcategory_id != "" && $category_id != ""){
$subcategory_name = string_sanitize($subcategory_name);
$subcategory_name = strtolower($subcategory_name);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $subcategory_name);
$alias = get_alias($subcategory_name);
$table_name = 'subcategory';
$alias_final = check_alias($table_name, $alias);
$sort_no = string_sanitize($sort_no);
$subcategory_id = string_sanitize($subcategory_id);
$category_id = string_sanitize($category_id);
$description = string_texteditor($description);
//$sub_category = string_sanitize($sub_category);
$query_result = mysqli_query($db_conx, "UPDATE subcategory SET subcategory_name = '".$subcategory_name."', category_id = '".$category_id."', sort_no = '".(int)$sort_no."', subcategory_image = '".$file_name."', alias = '".$alias_final."', description = '".$description."' WHERE subcategory_id = '".(int)$subcategory_id."'");
if(!$query_result){
return false;
}else{
return true;
}
}
}
function edit_supersubcategory($supersubcategory_name, $subcategory_id, $sort_no = "0", $category_id, $supersubcatid, $file_name, $description)
{
global $db_conx;
if($supersubcategory_name != "" && $category_id != "" && $supersubcatid != ""){
$supersubcategory_name = string_sanitize($supersubcategory_name);
$supersubcategory_name = strtolower($supersubcategory_name);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $supersubcategory_name);
$alias = get_alias($supersubcategory_name);
$table_name = 'supersubcategory';
$alias_final = check_alias($table_name, $alias);
$sort_no = string_sanitize($sort_no);
$subcategory_id = string_sanitize($subcategory_id);
$category_id = string_sanitize($category_id);
$supersubcatid = string_sanitize($supersubcatid);
$description = string_texteditor($description);
$query_result = mysqli_query($db_conx, "UPDATE supersubcategory SET supersubcategory_name = '".$supersubcategory_name."', alias = '".$alias_final."', category_id = '".$category_id."', subcategory_id = '".$subcategory_id."', sort_no = '".(int)$sort_no."', supersubcategory_image = '".$file_name."', description = '".$description."' WHERE supersubcategory_id = '".(int)$supersubcatid."'");
if(!$query_result){
return false;
}else{
return true;
}
}
}
/*
function getsubcategory($q){
global $db_conx;
if($q != ""){
$sql = "SELECT * FROM subcategory WHERE category_id = '".(int)$q."'";
$select = mysqli_query($db_conx,$sql);
echo "<select name=\"subcatagory_name\">";
while($row = mysqli_fetch_assoc($select))
{
echo "<option value=".$row['subcategory_id'].">" . $row['subcategory_name'] . "</option>";
}
echo "</select>";
}
}
*/
function add_supersubcategory($supersubcategory_name, $subcategory_id, $category_id, $sort_no = "0", $file_name, $description){
global $db_conx;
if($supersubcategory_name != "" && $category_id != "" && $subcategory_id !=""){
$supersubcategory_name = string_sanitize($supersubcategory_name);
$supersubcategory_name = strtolower($supersubcategory_name);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $supersubcategory_name);
$alias = get_alias($supersubcategory_name);
$table_name = 'supersubcategory';
$alias_final = check_alias($table_name, $alias);
$subcategory_id = string_sanitize($subcategory_id);
$category_id = string_sanitize($category_id);
$sort_no = string_sanitize($sort_no);
$description = string_texteditor($description);
$status = '1';
$sql = "INSERT INTO supersubcategory(supersubcategory_name, alias, category_id, subcategory_id, sort_no, supersubcategory_image, date_added, description, status) VALUES ('".$supersubcategory_name."', '".$alias_final."', '".$category_id."', '".$subcategory_id."', '".(int)$sort_no."', '".$file_name."', now(), '".$description."', '".$status."')";
//echo '<script type="text/javascript">alert('.$sql.');</script>';
mysqli_query($db_conx, $sql);
return mysqli_insert_id($db_conx);
}
}
function get_all_supersubcategory(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM supersubcategory WHERE supersubcategory_name != '' GROUP BY supersubcategory_name");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_company($company_name, $sort_no = ""){
global $db_conx;
if($company_name != ""){
$company_name = string_sanitize($company_name);
$sort_no = string_sanitize($sort_no);
if($sort_no == ""){
$get_last_sort = mysqli_fetch_assoc(mysqli_query($db_conx, "SELECT * FROM company ORDER BY sort_no DESC LIMIT 1"));
$sort_no = $get_last_sort['sort_no'] + 1;
}
mysqli_query($db_conx, "INSERT INTO company(company_name, sort_no, date_added) VALUES ('".$company_name."', '".(int)$sort_no."', now())");
return mysqli_insert_id($db_conx);
}
}
function edit_company($company_name, $sort_no, $company_id){
global $db_conx;
if($company_name != "" && $company_id != ""){
$company_name = string_sanitize($company_name);
$sort_no = string_sanitize($sort_no);
mysqli_query($db_conx, "UPDATE company SET company_name = '".$company_name."', sort_no = '".(int)$sort_no."' WHERE company_id = '".(int)$company_id."'");
}
}
function get_company($company_id){
global $db_conx;
if($company_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM company WHERE company_id = '".(int)$company_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_company(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM company WHERE company_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_recharge_plan($plan_name, $plan_description, $plan_amount, $date_start){
global $db_conx;
if($plan_name != "" && $plan_description != "" && $plan_amount != ""){
$plan_name = string_sanitize($plan_name);
$plan_description = string_sanitize($plan_description);
$plan_amount = string_sanitize($plan_amount);
mysqli_query($db_conx, "INSERT INTO recharge_plans(plan_name, plan_description, plan_amount, date_start, date_added) VALUES ('".$plan_name."', '".$plan_description."', '".(int)$plan_amount."', '".$date_start."', now())");
return mysqli_insert_id($db_conx);
}
}
function edit_recharge_plan($plan_name, $plan_description, $plan_amount, $plan_id, $date_start){
global $db_conx;
if($plan_name != "" && $plan_description != "" && $plan_amount != "" && $plan_id != ""){
$plan_name = string_sanitize($plan_name);
$plan_description = string_sanitize($plan_description);
$plan_amount = string_sanitize($plan_amount);
mysqli_query($db_conx, "UPDATE recharge_plans SET plan_name = '".$plan_name."', date_start = '".$date_start."', plan_description = '".$plan_description."', plan_amount = '".(int)$plan_amount."' WHERE id = '".(int)$plan_id."'");
}
}
function get_recharge_plan($plan_id){
global $db_conx;
if($plan_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM recharge_plans WHERE id = '".(int)$plan_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_recharge_plan(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM recharge_plans WHERE plan_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_coupon($coupon_name, $coupon_code, $coupon_type, $coupon_value, $free_shipping, $date_start, $date_end){
global $db_conx;
if($coupon_name != "" && $coupon_code != ""){
$coupon_name = string_sanitize($coupon_name);
$coupon_code = string_sanitize($coupon_code);
$coupon_type = string_sanitize($coupon_type);
$coupon_value = string_sanitize($coupon_value);
$date_start = date_sanitize($date_start);
$date_end = date_sanitize($date_end);
mysqli_query($db_conx, "INSERT INTO coupon(coupon_name, coupon_code, coupon_value, coupon_type, free_shipping, date_start, date_end, date_added) VALUES ('".$coupon_name."', '".$coupon_code."', '".$coupon_value."', '".$coupon_type."', '".$free_shipping."', '".$date_start."', '".$date_end."', now())");
return mysqli_insert_id($db_conx);
}
}
function edit_coupon($coupon_name, $coupon_code, $coupon_type, $coupon_value, $free_shipping, $date_start, $date_end, $coupon_id){
global $db_conx;
if($coupon_name != "" && $coupon_code != "" && $coupon_id != ""){
$coupon_name = string_sanitize($coupon_name);
$coupon_code = string_sanitize($coupon_code);
$coupon_type = string_sanitize($coupon_type);
$coupon_value = string_sanitize($coupon_value);
$date_start = date_sanitize($date_start);
$date_end = date_sanitize($date_end);
mysqli_query($db_conx, "UPDATE coupon SET coupon_name = '".$coupon_name."', coupon_code = '".$coupon_code."', coupon_value = '".$coupon_value."', coupon_type = '".$coupon_type."', date_start = '".$date_start."', date_end = '".$date_end."', free_shipping = '".$free_shipping."' WHERE coupon_id = '".(int)$coupon_id."'");
}
}
function get_coupon($coupon_id){
global $db_conx;
if($coupon_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM coupon WHERE coupon_id = '".(int)$coupon_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_coupon(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM coupon WHERE coupon_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_currency($title, $currency_code, $symbol_left, $symbol_right){
global $db_conx;
if($title != "" && $currency_code != "" && $symbol_left != "" && $symbol_right != ""){
$title = string_sanitize($title);
$currency_code = string_sanitize($currency_code);
$symbol_left = string_sanitize($symbol_left);
$symbol_right = string_sanitize($symbol_right);
mysqli_query($db_conx, "INSERT INTO currency(title, currency_code, symbol_right, symbol_left, date_added) VALUES ('".$title."', '".$currency_code."', '".$symbol_right."', '".$symbol_left."', now())");
return mysqli_insert_id($db_conx);
}
}
function edit_currency($title, $currency_code, $symbol_left, $symbol_right, $currency_id){
global $db_conx;
if($title != "" && $currency_code != "" && $symbol_left != "" && $symbol_right != "" && $currency_id != ""){
$title = string_sanitize($title);
$currency_code = string_sanitize($currency_code);
$symbol_left = string_sanitize($symbol_left);
$symbol_right = string_sanitize($symbol_right);
mysqli_query($db_conx, "UPDATE currency SET title = '".$title."', currency_code = '".$currency_code."', symbol_right = '".$symbol_right."', symbol_left = '".$symbol_left."' WHERE currency_id = '".(int)$currency_id."'");
}
}
function get_currency($currency_id){
global $db_conx;
if($currency_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM currency WHERE currency_id = '".(int)$currency_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_currency(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM currency WHERE title != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_customer($first_name, $last_name, $mobile_number, $email, $customer_id){
global $db_conx;
if($first_name != "" && $last_name != "" && $mobile_number != "" && $email != "" && $customer_id != ""){
$first_name = string_sanitize($first_name);
$last_name = string_sanitize($last_name);
$mobile_number = string_sanitize($mobile_number);
$email = string_sanitize($email);
mysqli_query($db_conx, "UPDATE customer SET first_name = '".$first_name."', last_name = '".$last_name."', mobile_number = '".$mobile_number."', email = '".$email."' WHERE customer_id = '".(int)$customer_id."'");
}
}
function get_customer($customer_id){
global $db_conx;
if($customer_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM customer WHERE customer_id = '".(int)$customer_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_logged_customer(){
global $db_conx;
if(!isset($_SESSION['globacom_customer']) && !isset($_SESSION['globacom_customer_password'])) return false;
$sql = "SELECT * FROM customer WHERE username = '".$_SESSION['globacom_customer']."' AND password = '".$_SESSION['globacom_customer_password']."'";
$result = mysqli_query($db_conx, $sql);
return $row[] = mysqli_fetch_assoc($result);
}
function get_all_customer(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM customer WHERE first_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_customer_address($customer_id, $address_1, $address_2, $city, $state, $country, $zip_code){
global $db_conx;
if($customer_id != "" && $address_1 != "" && $city != "" && $state != "" && $country != "" && $zip_code != ""){
$address_1 = string_sanitize($address_1);
$address_2 = string_sanitize($address_2);
$city = string_sanitize($city);
$state = string_sanitize($state);
$country = string_sanitize($country);
$zip_code = string_sanitize($zip_code);
mysqli_query($db_conx, "INSERT INTO customer_address(customer_id, address_1, address_2, city, state, country, zip_code) VALUES ('".(int)$customer_id."', '".$address_1."', '".$address_2."', '".$city."', '".$state."', '".$country."', '".(int)$zip_code."')");
}
}
function edit_customer_address($customer_id, $address_1, $address_2, $city, $state, $country, $zip_code){
global $db_conx;
if($customer_id != "" && $address_1 != "" && $city != "" && $state != "" && $country != "" && $zip_code != ""){
$address_1 = string_sanitize($address_1);
$address_2 = string_sanitize($address_2);
$city = string_sanitize($city);
$state = string_sanitize($state);
$country = string_sanitize($country);
$zip_code = string_sanitize($zip_code);
return $editaddress = mysqli_query($db_conx, "UPDATE customer_address SET address_1 = '".$address_1."', address_2 = '".$address_2."', city = '".$city."', state = '".$state."', country = '".$country."', zip_code = '".$zip_code."' WHERE customer_id = '".(int)$customer_id."'");
}
}
function cardsave($customer_id, $cardnumber, $cardtype, $expirydate, $cvv, $nameoncard){
global $db_conx;
if($customer_id != "" && $cardnumber != "" && $cardtype != "" && $expirydate != "" && $cvv != "" && $nameoncard != ""){
$cardnumber = string_sanitize($cardnumber);
$cardtype = string_sanitize($cardtype);
$expirydate = string_sanitize($expirydate);
$cvv = string_sanitize($cvv);
$nameoncard = string_sanitize($nameoncard);
$update = "UPDATE card_details SET card_type = '".$cardtype."', card_number = '".$cardnumber."', expiry_date = '".$expirydate."', cvv = '".$cvv."', name_on_card = '".$nameoncard."' WHERE customer_id = '".(int)$customer_id."'";
mysqli_query($db_conx, $update);
//mysqli_query($db_conx, "INSERT INTO card_details(customer_id, card_type, card_number, expiry_date, cvv, name_on_card) VALUES ('".(int)$customer_id."', '".$cardtype."', '".$cardnumber."', '".$expirydate."', '".$cvv."', '".$nameoncard."')");
}
}
function get_customer_address($customer_id){
global $db_conx;
if($customer_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM customer_address WHERE customer_id = '".(int)$customer_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_card_details($customer_id){
global $db_conx;
if($customer_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM card_details WHERE customer_id = '".(int)$customer_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function add_product($product_name, $product_description, $discription, $product_length, $product_max_weight, $product_price5,$product_price10, $product_price15, $product_price25, $product_price50, $product_price100, $product_price, $tax_id, $product_status, $category_id, $subcatagory_id, $supersubcatagory_id, $product_test, $product_width, $product_height, $bundle, $special_offer, $shipping_id = ""){
global $db_conx;
//echo "<script type=\"text/javascript\">alert('submit clicked');</script>";
if($product_name !== "" && $category_id !== "")
{
$product_name = string_sanitize($product_name);
$product_name = strtolower($product_name);
$product_test = string_sanitize($product_test);
$alias = get_alias($product_name);
$table_name = 'product';
$alias_final = check_alias($table_name, $alias);
$sql = "INSERT INTO product(product_name, product_description, discription,product_length, product_max_weight, product_price5, product_price25, product_price100, category_id, shipping_id, price, tax_id, status, date_added, sub_category_id, supersubcategory_id, alias, test, product_width, product_height, bundle, product_price10, product_price15, product_price50, special_offer) VALUES('".$product_name."', '".$product_description."', '".$discription."', '".$product_length."', '".$product_max_weight."', '".$product_price5."', '".$product_price25."', '".$product_price100."', '".$category_id."', '".$shipping_id."', '".$product_price."' , '".$tax_id."', '".(int)$product_status."', now(), '".$subcatagory_id."', '".$supersubcatagory_id."', '".$alias_final."', '".$product_test."', '".$product_width."', '".$product_height."', '".$bundle."', '".$product_price10."', '".$product_price15."', '".$product_price50."', '".$special_offer."')" ;
$insertproduct = mysqli_query($db_conx, $sql);
$inserted_product = mysqli_insert_id($db_conx);
$check_category_qty = mysqli_query($db_conx, "SELECT category_id FROM category WHERE category_id = '".(int)$category_id."' AND qty_type = ''");
if(mysqli_num_rows($check_category_qty) == 1){
$insert_qty_array = array();
if($product_price5 != 0){
array_push($insert_qty_array, 5);
}
if($product_price10 != 0){
array_push($insert_qty_array, 10);
}
if($product_price15 != 0){
array_push($insert_qty_array, 15);
}
if($product_price25 != 0){
array_push($insert_qty_array, 25);
}
if($product_price50 != 0){
array_push($insert_qty_array, 50);
}
if($product_price100 != 0){
array_push($insert_qty_array, 100);
}
$new_array_qty = implode(',',$insert_qty_array);
mysqli_query($db_conx, "UPDATE category SET qty_type = '".$new_array_qty."' WHERE category_id = '".(int)$category_id."'");
}
return $inserted_product;
}
else{
//echo "<script type=\"text/javascript\">alert('No data for submit');</script>";
return $error = 'No data for submit';
}
}
function edit_product($product_name, $product_description, $discription, $product_length, $product_max_weight, $product_price5, $product_price25, $product_price100, $price, $tax_id, $product_status, $product_id, $category_id, $subcatagory_id, $supersubcatagory_id, $product_test, $product_width, $product_height, $bundle, $product_price10, $product_price15, $product_price50, $special_offer){
global $db_conx;
if($product_name != "" && $price != "" && $product_id != ""){
$product_name = string_sanitize($product_name);
$product_name = strtolower($product_name);
//$product_test = string_sanitize($product_test);
//$alias = str_replace(array(':', '\\', '/','--','_', '__', '*', ' ', '+', '!', '=', '(', ')', '&', '%', '"'), '-', $product_name);
//$product_code = string_sanitize($product_code);
$alias = get_alias($product_name);
$table_name = 'product';
$alias_final = check_alias($table_name, $alias);
$price = string_sanitize($price);
$sql = "UPDATE product SET product_name = '".$product_name."', product_description = '".$product_description."', discription = '".$discription."', product_length = '".$product_length."',product_max_weight = '".$product_max_weight."', product_price5 = '".$product_price5."',product_price25 = '".$product_price25."', product_price100 = '".$product_price100."', category_id = '".(int)$category_id."', sub_category_id = '".(int)$subcatagory_id."', supersubcategory_id = '".(int)$supersubcatagory_id."', price = '".$price."', tax_id = '".(int)$tax_id."', status = '".(int)$product_status."', alias = '".$alias_final."', test = '".$product_test."', product_width = '".$product_width."', product_height = '".$product_height."', bundle = '".$bundle."', product_price10 = '".$product_price10."', product_price15 = '".$product_price15."', product_price50 = '".$product_price50."', special_offer = '".$special_offer."' WHERE product_id = '".(int)$product_id."'";
return $update = mysqli_query($db_conx, $sql);
/*if ($update === TRUE)
{
//echo "<script type=\"text/javascript\">alert('Product Updated');</script>";
return TRUE;
}
else
{
echo "<script type=\"text/javascript\">alert('Error');</script>";
}*/
}
}
function get_product($product_id){
global $db_conx;
if($product_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product WHERE product_id = '".(int)$product_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_product(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM product WHERE product_name != '' ORDER BY product_id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_all_blogposts(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM blog ORDER BY id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_last_quantity(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx,"SELECT * FROM product ORDER BY product_id DESC LIMIT 1 ");
$row = mysqli_fetch_assoc($select);
$ret = $row['quantity'];
return $ret;
}
function get_last_bundle(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx,"SELECT * FROM product ORDER BY product_id DESC LIMIT 1 ");
$row = mysqli_fetch_assoc($select);
$ret = $row['bundle'];
return $ret;
}
function get_product_image_cover($product_id){
global $db_conx;
$select = mysqli_query($db_conx, "SELECT image_name FROM product_image WHERE product_id = '".(int)$product_id."' AND image_name != '' AND cover = '1' ORDER BY product_id ASC LIMIT 1");
if(mysqli_num_rows($select)==0){
$select2 = mysqli_query($db_conx, "SELECT image_name FROM product_image WHERE product_id = '".(int)$product_id."' AND image_name != '' ORDER BY product_id ASC LIMIT 1");
$row2 = mysqli_fetch_assoc($select2);
return $row2['image_name'];
}elseif(mysqli_num_rows($select)==1){
$row = mysqli_fetch_assoc($select);
return $row['image_name'];
}else{
return 0;
}
}
function get_all_product_image($product_id){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM product_image WHERE product_id = '".(int)$product_id."' AND image_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_product_discount($product_id, $quantity, $price, $date_start, $date_end){
global $db_conx;
if($product_id != "" && $quantity != "" && $price != "" && $date_start != "" && $date_end != ""){
$quantity = string_sanitize($quantity);
$price = string_sanitize($price);
$date_start = date_sanitize($tax_id);
$date_end = date_sanitize($date_available);
mysqli_query($db_conx, "INSERT INTO product_discount(product_id, quantity, price, date_start, date_end, date_added) VALUES ('".(int)$product_id."', '".$quantity."', '".$price."', '".$date_start."', '".$date_end."', now())");
}
}
function edit_product_discount($product_id, $quantity, $price, $date_start, $date_end, $discount_id){
global $db_conx;
if($product_id != "" && $quantity != "" && $price != "" && $date_start != "" && $date_end != "" && $discount_id != ""){
$quantity = string_sanitize($quantity);
$price = string_sanitize($price);
$date_start = date_sanitize($tax_id);
$date_end = date_sanitize($date_available);
mysqli_query($db_conx, "UPDATE product_discount SET product_id = '".(int)$product_id."', quantity = '".$quantity."', price = '".$price."', date_start = '".$date_start."', date_end = '".$date_end."' WHERE discount_id = '".(int)$discount_id."'");
}
}
function get_product_discount($discount_id){
global $db_conx;
if($discount_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product_discount WHERE discount_id = '".(int)$discount_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_product_discount($product_id){
global $db_conx;
$ret = array();
if($product_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product_discount WHERE product_id = '".(int)$product_id."'");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function add_shipping($shipping_type, $shipping_rate){
global $db_conx;
if($shipping_type != "" && $shipping_rate != ""){
$shipping_type = string_sanitize($shipping_type);
$shipping_rate = string_sanitize($shipping_rate);
mysqli_query($db_conx, "INSERT INTO shipping(shipping_type, shipping_rate, date_added) VALUES ('".$shipping_type."', '".$shipping_rate."', now())");
}
}
function edit_shipping($shipping_type, $shipping_rate, $shipping_id){
global $db_conx;
if($shipping_type != "" && $shipping_rate != "" && $shipping_id != ""){
$shipping_type = string_sanitize($shipping_type);
$shipping_rate = string_sanitize($shipping_rate);
mysqli_query($db_conx, "UPDATE shipping SET shipping_type = '".$shipping_type."', shipping_rate = '".$shipping_rate."' WHERE shipping_id = '".(int)$shipping_id."'");
}
}
function get_shipping($shipping_id){
global $db_conx;
if($shipping_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM shipping WHERE shipping_id = '".(int)$shipping_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_shipping(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM shipping WHERE shipping_type != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_tax($tax_name, $tax_rate){
global $db_conx;
if($tax_name != "" && $tax_rate != ""){
$tax_name = string_sanitize($tax_name);
$tax_rate = string_sanitize($tax_rate);
mysqli_query($db_conx, "INSERT INTO tax(tax_name, tax_rate, date_added) VALUES ('".$tax_name."', '".$tax_rate."', now())");
return mysqli_insert_id($db_conx);
}
}
function edit_tax($tax_name, $tax_rate, $tax_id){
global $db_conx;
if($tax_name != "" && $tax_rate != "" && $tax_id != ""){
$tax_name = string_sanitize($tax_name);
$tax_rate = string_sanitize($tax_rate);
mysqli_query($db_conx, "UPDATE tax SET tax_name = '".$tax_name."', tax_rate = '".$tax_rate."' WHERE tax_id = '".(int)$tax_id."'");
}
}
function get_tax($tax_id){
global $db_conx;
if($tax_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM tax WHERE tax_id = '".(int)$tax_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_tax(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM tax WHERE tax_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_user($username, $password, $first_name, $last_name, $email, $user_group_id){
global $db_conx;
if($username != "" && $password != "" && $first_name != "" && $last_name != "" && $user_group_id != "" && $email != ""){
$username = string_sanitize($username);
$password = string_sanitize($password);
$first_name = string_sanitize($first_name);
$last_name = string_sanitize($last_name);
$email = string_sanitize($email);
mysqli_query($db_conx, "INSERT INTO user(username, password, first_name, last_name, user_group_id, email, date_added) VALUES ('".$username."', '".$password."', '".$first_name."', '".$last_name."', '".(int)$user_group_id."', '".$email."', now())");
}
}
function edit_user($first_name, $last_name, $email, $user_group_id, $user_id){
global $db_conx;
if($first_name != "" && $last_name != "" && $user_group_id != "" && $email != "" && $user_id != ""){
$first_name = string_sanitize($first_name);
$last_name = string_sanitize($last_name);
$email = string_sanitize($email);
mysqli_query($db_conx, "UPDATE user SET first_name = '".$first_name."', last_name = '".$last_name."', user_group_id = '".(int)$user_group_id."', email = '".$email."' WHERE id = '".(int)$user_id."'");
}
}
function edit_shipping_credentials($ups_accesskey, $ups_username, $ups_password, $ups_id){
global $db_conx;
if($ups_accesskey != "" && $ups_username != "" && $ups_password != "" && $ups_id != ""){
$ups_accesskey = string_sanitize($ups_accesskey);
$ups_username = string_sanitize($ups_username);
$ups_password = string_sanitize($ups_password);
mysqli_query($db_conx, "UPDATE ups_shipping_credentials SET ups_accesskey = '".$ups_accesskey."', ups_username = '".$ups_username."', ups_password = '".$ups_password."' WHERE ups_id = '".(int)$ups_id."'");
}
}
function edit_authorize_credentials($auth_apikey, $auth_transactionkey, $auth_id){
global $db_conx;
if($auth_apikey != "" && $auth_transactionkey != "" && $auth_id != ""){
$auth_apikey = string_sanitize($auth_apikey);
$auth_transactionkey = string_sanitize($auth_transactionkey);
$auth_id = string_sanitize($auth_id);
mysqli_query($db_conx, "UPDATE authorize_setting SET api_login_key = '".$auth_apikey."', transactionkey = '".$auth_transactionkey."' WHERE authorize_id = '".(int)$auth_id."'");
}
}
function add_user_group($group_name, $permission){
global $db_conx;
if($group_name != "" && $permission){
$group_name = string_sanitize($group_name);
$permission = string_sanitize($permission);
mysqli_query($db_conx, "INSERT INTO user_group(group_name, permission) VALUES ('".$group_name."', '".$permission."')");
}
}
function edit_user_group($group_name, $permission, $user_group_id){
global $db_conx;
if($group_name != "" && $permission != "" && $user_group_id != ""){
$group_name = string_sanitize($group_name);
$permission = string_sanitize($permission);
mysqli_query($db_conx, "UPDATE user_group SET group_name = '".$group_name."', permission = '".$permission."' WHERE user_group_id = '".(int)$user_group_id."'");
}
}
function get_user_group($user_group_id){
global $db_conx;
if($user_group_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM user_group WHERE user_group_id = '".(int)$user_group_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_user_group(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM user_group WHERE group_name != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_recharge_order($recharge_order_id){
global $db_conx;
if($recharge_order_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM recharge_order WHERE recharge_order_id = '".(int)$recharge_order_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_recharge_order(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM recharge_order WHERE transaction_id != 0 AND amount != 0 AND gtpay_tranx_status != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_product_order($product_order_id){
global $db_conx;
if($product_order_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product_order WHERE product_order_id = '".(int)$product_order_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_all_product_order(){
global $db_conx;
$ret = array();
//$select = mysqli_query($db_conx, "SELECT * FROM product_order WHERE transaction_id != '0' AND order_total != '0' AND gtpay_tranx_status != ''");
$select = mysqli_query($db_conx, "SELECT * FROM product_order WHERE order_total != '0'");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_product_order_detail($product_order_id){
global $db_conx;
if($product_order_id != ""){
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM product_order_detail WHERE product_order_id = '".(int)$product_order_id."'");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function get_product_order_history($product_order_id){
global $db_conx;
if($product_order_id != ""){
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM product_order_history WHERE product_order_id = '".(int)$product_order_id."'");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function add_order_status($order_status_id, $order_comment, $product_order_id){
global $db_conx;
if($order_status_id != "" && $product_order_id != ""){
$order_comment = string_sanitize($order_comment);
$order_status_date = date("Y-m-d h:i:s");
$order_status_mydate = get_mydate($order_status_date);
if($order_status_id == 3){
$get_product_id = mysqli_query($db_conx, "SELECT product_id, quantity FROM product_order_detail WHERE product_order_id = '".$product_order_id."' AND quantity != '0'");
while($row_product_id = mysqli_fetch_assoc($get_product_id))
{
$product_id = $row_product_id['product_id'];
$quantity = $row_product_id['quantity'];
mysqli_query($db_conx, "UPDATE product SET quantity = quantity - '".$quantity."' WHERE product_id = '".$product_id."'");
}
}
mysqli_query($db_conx, "UPDATE product_order SET order_status_id = '".(int)$order_status_id."' WHERE product_order_id = '".(int)$product_order_id."'");
mysqli_query($db_conx, "INSERT INTO product_order_history(product_order_id, comment, order_status_id, date_added) VALUES ('".(int)$product_order_id."', '".$order_comment."', '".(int)$order_status_id."', '".$order_status_date."')");
return $order_status_mydate;
}
}
function username_exists($username){
global $db_conx;
if($username != ""){
$sql = mysqli_query($db_conx, "SELECT customer_id FROM customer WHERE username = '".$username."'");
if(mysqli_num_rows($sql)>=1){
return true;
}else{
return false;
}
}
else
{
return true;
}
}
function email_exists($email){
global $db_conx;
if($email != ""){
$sql = mysqli_query($db_conx, "SELECT customer_id FROM customer WHERE email = '".$email."'");
if(mysqli_num_rows($sql)>=1){
return true;
}else{
return false;
}
}
else
{
return true;
}
}
function validateEmail($email){
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
return false;
}
else
{
return true;
}
}
/*function send_email($customer_id, $subject){
global $db_conx;
if($customer_id != ""){
$sql = mysqli_query($db_conx, "SELECT email, first_name FROM customer WHERE customer_id = '".(int)$customer_id."'");
$row = mysqli_fetch_assoc($sql);
$to = $row['email'];
$from = "info@globacom.com";
$subject = $subject;
$message = '<!DOCTYPE html>
<html>
<head><meta charset="UTF-8">
<title>Message</title>
</head>
<body style="margin:0px; font-family:Tahoma, Geneva, sans-serif;">
<div style="padding:10px; background:#333; font-size:24px; color:#CCC;">
<div style="padding:24px; font-size:17px;">
Hello '. $row['fist_name'] .',<br /><br />
</div>
</div>
</body>
</html>';
$headers = "From: Globacom\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
mail($to, $subject, $message, $headers);
}
}*/
function add_product_review($product_id, $customer_id, $review, $rating){
global $db_conx;
if($product_id != "" && $customer_id != "" && $review != "" && $rating != ""){
$review = string_sanitize($review);
mysqli_query($db_conx, "INSERT INTO product_review(product_id, customer_id, review, rating, date_added) VALUES ('".(int)$product_id."', '".(int)$customer_id."', '".$review."', '".(int)$rating."', now())");
}
}
function edit_product_review($review, $rating, $review_id){
global $db_conx;
if($review != "" && $rating != "" && $review_id != ""){
$review = string_sanitize($review);
mysqli_query($db_conx, "UPDATE product_review SET review = '".$review."', rating = '".(int)$rating."' WHERE product_review_id = '".(int)$review_id."'");
}
}
function get_all_product_review($product_id){
global $db_conx;
$ret = array();
if($product_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product_review WHERE product_id = '".(int)$product_id."' ORDER BY date_added DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function get_all_review(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM product_review");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_banned_ip($ip_address){
global $db_conx;
if($ip_address != ""){
$ip_address = string_sanitize($ip_address);
mysqli_query($db_conx, "INSERT INTO banned_ip(ip_address, date_added) VALUES ('".$ip_address."', now())");
}
}
function get_banned_ip(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM banned_ip");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function calculate_average_review($product_id){
global $db_conx;
if($product_id != ""){
$select_ratings = mysqli_query($db_conx, "SELECT SUM(rating) total_rating, COUNT(*) total_reviews FROM product_review WHERE product_id = '".(int)$product_id."'");
$get_ratings = mysqli_fetch_assoc($select_ratings);
$total_ratings = $get_ratings['total_rating'];
$total_reviews = $get_ratings['total_reviews'];
if($total_reviews != 0){
return $average = $total_ratings / $total_reviews;
}else{
return 0;
}
}
}
function track_product_view($product_id){
global $db_conx;
if($product_id != ""){
$robots = array(
'googlebot' => 'Googlebot',
'Googlebot-Image' => 'Googlebot Image',
'msnbot' => 'MSNBot',
'bingbot' => 'BingBot',
'slurp' => 'Inktomi Slurp',
'yahoo' => 'Yahoo',
'askjeeves' => 'AskJeeves',
'fastcrawler' => 'FastCrawler',
'infoseek' => 'InfoSeek Robot 1.0',
'lycos' => 'Lycos',
'facebookexternalhit' => 'facebook'
);
$ip_address = $_SERVER['REMOTE_ADDR'];
$agent = @$_SERVER['HTTP_USER_AGENT'];
$robot = '';
$referrer = @$_SERVER['HTTP_REFERER'];
$sql = mysqli_query($db_conx,"SELECT product_view_id FROM product_view WHERE ip_address = '".$ip_address."' AND date_added >= '".date('Y-m-d H:i:s', time()-24*60*60)."'");
if(mysqli_num_rows($sql)==1){
return false;
}
foreach($robots as $key => $val){
if (preg_match("|".preg_quote($key)."|i", $agent))
{
$robot = $val;
break;
}
}
mysqli_query($db_conx,"INSERT INTO product_view(
product_id,
ip_address,
agent,
robot,
referrer,
date_added
) VALUES (
'" .(int)$product_id. "',
'" .$ip_address. "',
'" .$agent. "',
'" .$robot. "',
'" .$referrer. "',
now()
)");
mysqli_query($db_conx, "UPDATE product SET viewed = viewed + 1 WHERE product_id = '" . (int)$product_id . "'");
}
}
function track_web_view(){
global $db_conx;
$robots = array(
'googlebot' => 'Googlebot',
'Googlebot-Image' => 'Googlebot Image',
'msnbot' => 'MSNBot',
'bingbot' => 'BingBot',
'slurp' => 'Inktomi Slurp',
'yahoo' => 'Yahoo',
'askjeeves' => 'AskJeeves',
'fastcrawler' => 'FastCrawler',
'infoseek' => 'InfoSeek Robot 1.0',
'lycos' => 'Lycos',
'facebookexternalhit' => 'facebook'
);
$ip_address = $_SERVER['REMOTE_ADDR'];
$agent = @$_SERVER['HTTP_USER_AGENT'];
$robot = '';
$referrer = @$_SERVER['HTTP_REFERER'];
$sql = mysqli_query($db_conx,"SELECT web_view_id FROM web_view WHERE ip_address = '".$ip_address."' AND date_added >= '".date('Y-m-d H:i:s', time()-24*60*60)."'");
if(mysqli_num_rows($sql)==1){
return false;
}
foreach ($robots as $key => $val){
if (preg_match("|".preg_quote($key)."|i", $agent)){
$robot = $val;
break;
}
}
mysqli_query($db_conx,"INSERT INTO web_view(
ip_address,
agent,
robot,
referrer,
date_added
) VALUES (
'" .$ip_address. "',
'" .$agent. "',
'" .$robot. "',
'" .$referrer. "',
now()
)");
}
function track_blog_view($blog_id){
global $db_conx;
if($blog_id != ""){
$robots = array(
'googlebot' => 'Googlebot',
'Googlebot-Image' => 'Googlebot Image',
'msnbot' => 'MSNBot',
'bingbot' => 'BingBot',
'slurp' => 'Inktomi Slurp',
'yahoo' => 'Yahoo',
'askjeeves' => 'AskJeeves',
'fastcrawler' => 'FastCrawler',
'infoseek' => 'InfoSeek Robot 1.0',
'lycos' => 'Lycos',
'facebookexternalhit' => 'facebook'
);
$ip_address = $_SERVER['REMOTE_ADDR'];
$agent = @$_SERVER['HTTP_USER_AGENT'];
$robot = '';
$referrer = @$_SERVER['HTTP_REFERER'];
$sql = mysqli_query($db_conx,"SELECT blog_id FROM blog_view WHERE ip_address = '".$ip_address."' AND date_added >= '".date('Y-m-d H:i:s', time()-24*60*60)."'");
if(mysqli_num_rows($sql)==1){
return false;
}
foreach($robots as $key => $val){
if (preg_match("|".preg_quote($key)."|i", $agent))
{
$robot = $val;
break;
}
}
$sqlblogview = "INSERT INTO blog_view(blog_id,ip_address,agent,robot,referrer,date_added) VALUES ('" .(int)$blog_id. "','" .$ip_address. "','" .$agent. "', '" .$robot. "', '" .$referrer. "', now()
)" ;
mysqli_query($db_conx,$sqlblogview);
mysqli_query($db_conx, "UPDATE blog SET viewed = viewed + 1 WHERE id = '" . (int)$blog_id . "'");
}
}
function get_total_visitors(){
global $db_conx;
$sql = mysqli_query($db_conx,"SELECT web_view_id FROM web_view WHERE ip_address != ''");
return mysqli_num_rows($sql);
}
function get_total_product_orders(){
global $db_conx;
$sql = mysqli_query($db_conx,"SELECT product_order_id FROM product_order WHERE transaction_id != '0' AND order_total != '0' AND customer_id != '0' AND gtpay_tranx_status != ''");
return mysqli_num_rows($sql);
}
function get_total_reviews(){
global $db_conx;
$sql = mysqli_query($db_conx,"SELECT product_review_id FROM product_review WHERE product_id != '0' AND customer_id != '0'");
return mysqli_num_rows($sql);
}
function get_total_customers(){
global $db_conx;
$sql = mysqli_query($db_conx,"SELECT customer_id FROM customer WHERE first_name != ''");
return mysqli_num_rows($sql);
}
function get_total_recharges(){
global $db_conx;
$sql = mysqli_query($db_conx,"SELECT recharge_order_id FROM recharge_order WHERE transaction_id != '0' AND amount != '0' AND customer_id != '0' AND gtpay_tranx_status != ''");
return mysqli_num_rows($sql);
}
function get_mydate($date_provided){
if($date_provided != ""){
return date('d M Y',strtotime($date_provided));
}
}
function removeqsvar($url, $varname){
list($urlpart, $qspart) = array_pad(explode('?', $url), 2, '');
parse_str($qspart, $qsvars);
unset($qsvars[$varname]);
$newqs = http_build_query($qsvars);
return $urlpart . '?' . $newqs;
}
function get_pagination($per_page_entry = 4, $total_entry){
$new_url = $_SERVER["PHP_SELF"];
$page_url = removeqsvar($new_url,"page");
$total_pages = ceil($total_entry/$per_page_entry);
if(isset($_GET["page"])){
$previous_page = string_sanitize($_GET["page"]) - 1;
$current_page = string_sanitize($_GET["page"]);
$next_page = string_sanitize($_GET["page"]) + 1;
}
else
{
$previous_page = 0;
$current_page = 1;
$next_page = 2;
}
if($total_pages>1){
$ret = "<ul>";
if($previous_page != 0){
$ret .= "<li><a href='".$page_url."&page=".$previous_page."'>Previous Page</a></li>";
}
for($i=1;$i<=$total_pages;$i++){
if($current_page==$i)
{
$ret .= "<li class='active'><a>".$i."</a></li>";
}
else
{
$ret .= "<li><a href='".$page_url."&page=".$i."'>".$i."</a></li>";
}
}
if($next_page <= $total_pages){
$ret .= "<li><a href='".$page_url."&page=".$next_page."'>Next Page</a></li>";
}
return $ret .= "</ul>";
}
}
function insertdata($data = array(), $table_name){
global $db_conx;
if(!empty($data)){
$fieldList = array();
$valueList = array();
foreach($data as $field => $value){
$fieldList[] = $field;
$valueList[] = "'".string_sanitize($value)."'";
}
$fields = implode(', ', $fieldList);
$values = implode(', ', $valueList);
mysqli_query($db_conx, "INSERT INTO ".$table_name." (".$fields.") VALUES (".$values.")");
}
}
function updatedata($data = array(), $table_name, $where){
global $db_conx;
if(!empty($data) && !empty($where)){
$editlist = array();
$wherelist = array();
foreach($data as $field => $value){
$value = "'".string_sanitize($value)."'";
$editlist[] = $field.' = '.$value;
}
$editlist = implode(', ', $editlist);
foreach($where as $where_field => $where_value){
$where_value = "'".string_sanitize($where_value)."'";
$wherelist[] = $where_field.' = '.$where_value;
}
$wherelist = implode(' AND ', $wherelist);
mysqli_query($db_conx, "UPDATE ".$table_name." SET ".$editlist." WHERE ".$wherelist);
}
}
function selectdata($table_name, $where){
global $db_conx;
$ret = array();
if(!empty($table_name) && !empty($where)){
$wherelist = array();
foreach($where as $where_field => $where_value){
$where_value = "'".string_sanitize($where_value)."'";
$wherelist[] = $where_field.' = '.$where_value;
}
$wherelist = implode(' AND ', $wherelist);
$select = mysqli_query($db_conx, "SELECT * FROM ".$table_name." WHERE ".$wherelist);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
elseif(!empty($table_name) && empty($where)){
$select = mysqli_query($db_conx, "SELECT * FROM ".$table_name);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
}
function deletedata($table_name, $where){
global $db_conx;
if(!empty($table_name) && !empty($where)){
$wherelist = array();
foreach($where as $where_field => $where_value){
$where_value = "'".string_sanitize($where_value)."'";
$wherelist[] = $where_field.' = '.$where_value;
}
$wherelist = implode(' AND ', $wherelist);
mysqli_query($db_conx, "UPDATE ".$table_name." SET status = '1' WHERE ".$wherelist);
}
}
function link_breadcrumbs($separator = ' » ', $home = 'Home'){
$path = array_filter(explode('/', parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH)));
$base = (@$_SERVER['HTTPS'] ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . '/';
$breadcrumbs = array("<a href=\"$base\">$home</a>");
$last = end((array_keys($path)));
foreach ($path AS $x => $crumb){
$title = ucwords(str_replace(array('.php', '_'), array('', ' '), $crumb));
if($x != $last){
$breadcrumbs[] = "<a href=\"$base$crumb\">$title</a>";
}
else{
$breadcrumbs[] = $title;
}
}
return implode($separator, $breadcrumbs);
}
function get_sha512_hash($string){
return hash("sha512",($string));
}
function gtpay_gateway_sha512_hash($transaction_id, $transaction_amount){
$hash_string = "D3D1D05AFE42AD50818167EAC73C109168A0F108F32645C8B59E897FA930DA44F9230910DAC9E20641823799A107A02068F7BC0F4CC41D2952E249552255710F";
$gtpay_tranx_noti_url = "http://jdlabs.in/online-recharge-orderconfirm.php";
return get_sha512_hash($transaction_id.$transaction_amount.$gtpay_tranx_noti_url.$hash_string);
}
function gtpay_gateway_sha512_hash2($transaction_id, $transaction_amount){
$hash_string = "D3D1D05AFE42AD50818167EAC73C109168A0F108F32645C8B59E897FA930DA44F9230910DAC9E20641823799A107A02068F7BC0F4CC41D2952E249552255710F";
$gtpay_tranx_noti_url = "http://jdlabs.in/product_orderconfirm.php";
return get_sha512_hash($transaction_id.$transaction_amount.$gtpay_tranx_noti_url.$hash_string);
}
//track_web_view();
function add_country_code($country, $country_code, $ip_address){
global $db_conx;
if($country != "" && $country_code != "" && $ip_address != ""){
$country = string_sanitize($country);
$country_code = string_sanitize($country_code);
$ip_address = string_sanitize($ip_address);
mysqli_query($db_conx, "INSERT INTO country_code(country, country_code, ip_address, date_added) VALUES ('".$country."', '".$country_code."', '".$ip_address."', now())");
}
}
function edit_country_code($country, $country_code, $ip_address, $country_code_id){
global $db_conx;
if($country != "" && $country_code != "" && $ip_address != "" && $country_code_id != ""){
$country = string_sanitize($country);
$country_code = string_sanitize($country_code);
$ip_address = string_sanitize($ip_address);
mysqli_query($db_conx, "UPDATE country_code SET country = '".$country."', country_code = '".$country_code."', ip_address = '".$ip_address."' WHERE id = '".(int)$country_code_id."'");
}
}
function get_all_country_code(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM country_code WHERE country != '' AND country_code != '' AND ip_address != ''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_product_image($catid){
global $db_conx;
if($catid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM product_image WHERE product_id = '".(int)$catid."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function get_customer_details($customer_id)
{
global $db_conx;
if($customer_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM customer WHERE customer_id = '".(int)$customer_id."'");
return $row[] = mysqli_fetch_assoc($select);
}
}
function update_customer($customer_id,$firstname,$lastname,$contactnumber,$email,$password)
{
global $db_conx;
$firstname = string_sanitize($firstname);
$lastname = string_sanitize($lastname);
$contactnumber = string_sanitize($contactnumber);
$email = string_sanitize($email);
$password = string_sanitize($password);
if($customer_id != "" && $firstname != "" && $lastname != "" && $contactnumber != "" && $email != "" && $password != "" )
{
return $update = mysqli_query($db_conx, "UPDATE customer SET first_name = '".$firstname."', last_name = '".$lastname."', mobile_number = '".$contactnumber."', email = '".$email."', password = '".$password."' WHERE customer_id = '".(int)$customer_id."'");
/*if ($update === TRUE) return true;
else false;*/
}
}
//for gernrate token
function get_alphanumeric(){return substr(md5(mt_rand().time()),0,20);}
function run_code()
{
global $db_conx;
$temp_token = get_alphanumeric();
$sql51 = "select token from customer WHERE token = '".$temp_token."'";
$result51 = mysqli_query($db_conx,$sql51);
if(mysqli_num_rows($result51) >= 1)
{
run_code();
}
else
{
return $temp_token;
}
}
function get_product_qty_type($product_sql = '', $product_id = ''){
global $db_conx;
$qty_array = array();
if($product_sql !== ''){
$selected_product_result = mysqli_query($db_conx, $product_sql);
$new_result = mysqli_fetch_assoc($selected_product_result);
$q1 = 0;
$q2 = 0;
$q3 = 0;
if($new_result['product_price5'] != 0){
$q1 = 5;
}
if($new_result['product_price10'] != 0 && $q1 == 0){
$q1 = 10;
}elseif($new_result['product_price10'] != 0 && $q1 != 0){
$q2 = 10;
}
if($new_result['product_price15'] != 0 && $q1 == 0){
$q1 = 15;
}elseif($new_result['product_price10'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 15;
}elseif($new_result['product_price10'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 15;
}
if($new_result['product_price25'] != 0 && $q1 == 0){
$q1 = 25;
}elseif($new_result['product_price25'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 25;
}elseif($new_result['product_price25'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 25;
}
if($new_result['product_price50'] != 0 && $q1 == 0){
$q1 = 50;
}elseif($new_result['product_price50'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 50;
}elseif($new_result['product_price50'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 50;
}
if($new_result['product_price100'] != 0 && $q1 == 0){
$q1 = 100;
}elseif($new_result['product_price100'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 100;
}elseif($new_result['product_price100'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 100;
}
$qty_array[] = $q1;
$qty_array[] = $q2;
$qty_array[] = $q3;
}else{
$product_sql = "SELECT * FROM product WHERE product_id = '".(int)$product_id."'";
$selected_product_result = mysqli_query($db_conx, $product_sql);
$new_result = mysqli_fetch_assoc($selected_product_result);
$q1 = 0;
$q2 = 0;
$q3 = 0;
if($new_result['product_price5'] != 0){
$q1 = 5;
}
if($new_result['product_price10'] != 0 && $q1 == 0){
$q1 = 10;
}elseif($new_result['product_price10'] != 0 && $q1 != 0){
$q2 = 10;
}
if($new_result['product_price15'] != 0 && $q1 == 0){
$q1 = 15;
}elseif($new_result['product_price10'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 15;
}elseif($new_result['product_price10'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 15;
}
if($new_result['product_price25'] != 0 && $q1 == 0){
$q1 = 25;
}elseif($new_result['product_price25'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 25;
}elseif($new_result['product_price25'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 25;
}
if($new_result['product_price50'] != 0 && $q1 == 0){
$q1 = 50;
}elseif($new_result['product_price50'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 50;
}elseif($new_result['product_price50'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 50;
}
if($new_result['product_price100'] != 0 && $q1 == 0){
$q1 = 100;
}elseif($new_result['product_price100'] != 0 && $q1 != 0 && $q2 == 0){
$q2 = 100;
}elseif($new_result['product_price100'] != 0 && $q1 != 0 && $q2 != 0){
$q3 = 100;
}
$qty_array[] = $q1;
$qty_array[] = $q2;
$qty_array[] = $q3;
}
return $qty_array;
}
/************************************************************************************************************************************** new code **************************/
//new data added by chirag
function normal_sanitize($string){
global $db_conx;
return mysqli_real_escape_string($db_conx, str_replace("'","",stripslashes(htmlentities(strip_tags($string)))));
}
function addadmin($fullname,$emailid,$password,$role,$status)
{
global $db_conx;
if ($fullname != "" && $emailid != "" && $password != "" && $role != "" && $status != ""){
$sql = "INSERT INTO admin(fullname, emailid, password, post_id, status, dateadded) VALUES ('".$fullname."', '".$emailid."', '".$password."', '".(int)$role."', '".(int)$status."', now())";
mysqli_query($db_conx, $sql);
return mysqli_insert_id($db_conx);
}
}
function get_all_admin(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM admin WHERE fullname != '' ORDER BY id");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function count_admin(){
global $db_conx;
return $select = mysqli_query($db_conx, "SELECT * FROM admin WHERE fullname != '' ORDER BY id");
}
/*function updateadmin($adminid,$fullname,$emailid,$password,$role,$status)
{
global $db_conx;
if ($adminid !="" && $fullname != "" && $emailid != "" && $password != "" && $role != "" && $status != "")
{
$sql = "UPDATE admin SET fullname = '".$fullname."', emailid = '".$emailid."', password = '".$password."', role = '".(int)$role."', status = '".(int)$status."' WHERE id = '".(int)$adminid."'";
$query_result = mysqli_query($db_conx, $sql);
if(!$query_result){
return false;
}else{
return true;
}
}
else { echo 'wrong';}
}*/
function get_all_category(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE categoryname != '' AND status !=''");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_brand($category_id, $brandname, $status, $file_name){
global $db_conx;
if($category_id != "" && $brandname != "" && $status != "" && $file_name != "" ){
$category_id = string_sanitize($category_id);
$brandname = string_sanitize($brandname);
$status = string_sanitize($status);
$file_name = string_texteditor($file_name);
//$status = "1";
//$url = $_SERVER['REQUEST_URI'];
//$sub_category = string_sanitize($sub_category);
$sql = "INSERT INTO brand(categoryid, brandname, image, status, dateadded) VALUES ('".(int)$category_id."', '".$brandname."', '".$file_name."', '".(int)$status."', now())";
$insertbrand = mysqli_query($db_conx, $sql);
if ($insertbrand === TRUE)
{
return mysqli_insert_id($db_conx);
}
else
{
return false;
}
}
}
function edit_brand($brandid, $category_id, $brandname, $status, $file_name){
global $db_conx;
if($brandid != "" && $category_id != "" && $brandname != "" && $status != "" && $file_name != "" ){
$brandid = string_sanitize($brandid);
$category_id = string_sanitize($category_id);
$brandname = string_sanitize($brandname);
$status = string_sanitize($status);
$file_name = string_texteditor($file_name);
//$status = "1";
//$url = $_SERVER['REQUEST_URI'];
//$sub_category = string_sanitize($sub_category);
//$sql = "INSERT INTO brand(categoryid, brandname, image, status, dateadded) VALUES ('".(int)$category_id."', '".$brandname."', '".$file_name."', '".(int)$status."', now())";
$sql = "UPDATE brand SET categoryid = '".(int)$category_id."', brandname = '".$brandname."', image = '".$file_name."', status = '".(int)$status."' WHERE id = '".(int)$brandid."'";
$updatebrand = mysqli_query($db_conx, $sql);
if ($updatebrand === TRUE)
{
//return mysqli_insert_id($db_conx);
return TRUE;
}
else
{
return false;
}
}
}
function get_all_brands(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM brand WHERE brandname != '' ORDER BY id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_category_name($category_id){
global $db_conx;
if($category_id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM category WHERE id = '".(int)$category_id."'");
return $row = mysqli_fetch_assoc($select);
}
}
function getallactivebrand()
{
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM brand WHERE brandname != '' AND status != '0' ORDER BY brandname");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function adduser($fullname,$lastname,$phone,$emailid,$password,$role,$status)
{
global $db_conx;
if ($fullname != "" && $lastname != "" && $phone != "" && $lastname != "" && $password != "" && $role != "" && $status != ""){
$sql = "INSERT INTO user(firstname, lastname, phone, emailid, password, post_id, status, dateadded) VALUES ('".$fullname."','".$lastname."','".$phone."', '".$emailid."', '".$password."', '".(int)$role."', '".(int)$status."', now())";
mysqli_query($db_conx, $sql);
return mysqli_insert_id($db_conx);
}
}
function get_all($table,$field,$filter){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM ".$table." WHERE id != '' ORDER BY ".$field." ".$filter." ");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_brandname($brandid){
global $db_conx;
if($brandid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM brand WHERE id = '".(int)$brandid."'");
return $row = mysqli_fetch_assoc($select);
}
}
function edituser($userid,$fullname,$lastname, $phone,$emailid,$role,$status)
{
global $db_conx;
if($userid != "" && $fullname != "" && $lastname != "" && $phone != "" && $emailid != "" && $status != "" && $role != "" ){
$userid = string_sanitize($userid);
$fullname = string_sanitize($fullname);
$lastname = string_sanitize($lastname);
$phone = string_sanitize($phone);
$emailid = string_sanitize($emailid);
$status = string_sanitize($status);
$role = string_sanitize($role);
$sql = "UPDATE user SET firstname = '".$fullname."', lastname= '".$lastname."', phone= '".$phone."', emailid = '".$emailid."', post_id = '".(int)$role."', status = '".(int)$status."' WHERE id = '".(int)$userid."'";
$updateuser = mysqli_query($db_conx, $sql);
if ($updateuser === TRUE)
{
return TRUE;
}
else
{
return false;
}
}
}
function get_user($userid){
global $db_conx;
if($userid != ""){
$select = mysqli_query($db_conx, "SELECT * FROM user WHERE id = '".(int)$userid."'");
return $row = mysqli_fetch_assoc($select);
}
}
function get_all_reviews(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM review WHERE id != '' ORDER BY id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_reviews($limit){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM review WHERE id != '' ORDER BY id DESC LIMIT ".$limit."");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function updatestatus($check, $approve){
global $db_conx;
$updateadd2 = "UPDATE review SET status = '".$approve."' WHERE id = '".(int)$check."'";
if(mysqli_query($db_conx, $updateadd2))
{
return true;
}
else
{
return false;
}
}
function update_status($table, $check, $approve){
global $db_conx;
$updateadd2 = "UPDATE ".$table." SET status = '".$approve."' WHERE id = '".(int)$check."'";
if(mysqli_query($db_conx, $updateadd2))
{
return true;
}
else
{
return false;
}
}
function get_all_replies(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM reply WHERE id != '' ORDER BY id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_replies($limit){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM reply WHERE id != '' ORDER BY id DESC LIMIT ".$limit."");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function count_all_admins(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM admin WHERE id != '' ORDER BY id DESC");
return $select;
}
function count_all_brands(){
global $db_conx;
$select = mysqli_query($db_conx, "SELECT * FROM brand WHERE id != '' ORDER BY id DESC");
return $select;
}
function count_all_users(){
global $db_conx;
$select = mysqli_query($db_conx, "SELECT * FROM user WHERE id != '' ORDER BY id DESC");
return $select;
}
function count_all_reviews(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM review WHERE id != '' ORDER BY id DESC");
return $select;
}
function count_all_replies(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM reply WHERE id != '' ORDER BY id DESC");
return $select;
}
function count_all_adds(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM adds WHERE id != '' ORDER BY id DESC");
return $select;
}
function addadd($addcode,$status,$title)
{
global $db_conx;
if ($addcode != "" && $status != "" && $title != ""){
$sql = "INSERT INTO adds(addcode, title, status, dateadded) VALUES ('".$addcode."', '".$title."', '".(int)$status."', now())";
mysqli_query($db_conx, $sql);
return mysqli_insert_id($db_conx);
}
}
function editadd($addid,$addcode,$status,$title)
{
global $db_conx;
$updateadd2 = "UPDATE adds SET title = '".$title."', status = '".$status."', addcode = '".$addcode."' WHERE id = '".(int)$addid."'";
if(mysqli_query($db_conx, $updateadd2))
{
return true;
}
else
{
return false;
}
}
function get_all_adds(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM adds WHERE id != '' ORDER BY id DESC");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function humanTiming($time)
{
$time = time() - $time; // to get the time since that moment
$time = ($time<1)? 1 : $time;
$tokens = array (
31536000 => 'year',
2592000 => 'month',
604800 => 'week',
86400 => 'day',
3600 => 'hour',
60 => 'minute',
1 => 'second'
);
foreach ($tokens as $unit => $text) {
if ($time < $unit) continue;
$numberOfUnits = floor($time / $unit);
return $numberOfUnits.' '.$text.(($numberOfUnits>1)?'s':'');
}
}
function get_review_row($id){
global $db_conx;
if ($id != ""){
$select = mysqli_query($db_conx, "SELECT * FROM review WHERE id = '".(int)$id."'");
return $row = mysqli_fetch_assoc($select);
}
}
function limit_description_sumeet($text, $words_limit)
{
$newtext = $text;
if(strlen($text)>$words_limit){
$stringCut = substr($text,0,$words_limit);
return $newtext = substr($stringCut,0,strrpos($stringCut,' ')).' ...';
}else{
return $newtext;
}
}
/*
function get_onefield($field,$table){
global $db_conx;
if ($field != "" && $table != ""){
$select = "";
}
}*/
function get_checkemail($email)
{
global $db_conx;
$sql = "select emailid from user where emailid = '".$email."'";
$chkemail = mysqli_query($db_conx,$sql);
return mysqli_num_rows($chkemail);
}
function add_customer($fullname, $lastname, $phone, $emailid, $password, $role){
global $db_conx;
if( $fullname != "" && $lastname !="" && $phone != "" && $emailid != "" && $password != "" ){
$fullname = string_sanitize($fullname);
$lastname = string_sanitize($lastname);
$phone = string_sanitize($phone);
$emailid = string_sanitize($emailid);
$password = string_sanitize($password);
$role = string_sanitize($role);
$ip_address = $_SERVER['REMOTE_ADDR'];
$status = "1";
$sql = "INSERT INTO user( firstname, lastname, phone, emailid, password, post_id, status, ipaddress, dateadded) VALUES ('".$fullname."', '".$lastname."', '".$phone."','".$emailid."', '".$password."', '".(int)$role."', '".(int)$status."', '".$ip_address."', now() )";
mysqli_query($db_conx,$sql);
$newcustmerid = mysqli_insert_id($db_conx);
/*$to = $emailid;
//$from = "info@Reviewitindia.com";
$from = "chirag.jdsofttech@gmail.com";
$subject = "Welcome To Reviewitindia";
$message = '<!DOCTYPE html>
<html>
<head><meta charset="UTF-8">
<title>Reviewitindia</title>
</head>
<body style="margin:0px; font-family:Tahoma, Geneva, sans-serif;">
<div style="padding:10px; font-size:24px;">
<div style="padding:24px; font-size:17px;">
Hello '. $fullname .',<br /><br />
Email ID : '.$emailid.'<br />
Kindly find your password: '.$password.'<br /><br />
Thanks<br />
</div>
</div>
</body>
</html>';
$headers = "From: Reviewitindia\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
//mail($to, $subject, $msg, $headers);
try {
$mail = new PHPMailer(true);
$mail->IsSMTP(); // Using SMTP.
$mail->Host = "mail.wordpressdevelopersinboston.com"; // SMTP server
$mail->CharSet = 'utf-8';
$mail->SMTPAuth = false; // Enables SMTP authentication.
$mail->IsSendmail(); // tell the class to use Sendmail
$mail->AddAddress($to);
$mail->From = $from;
$mail->FromName = 'Reviewitindia';
$mail->Subject = $subject;
$mail->MsgHTML($message);
$mail->IsHTML(true);
$mail->Send();
}
catch (phpmailerException $e) {
$e->errorMessage();
}
*/
return $newcustmerid;
}
else
{
return false;
}
}
function get_active_brands(){
global $db_conx;
$ret = array();
$select = mysqli_query($db_conx, "SELECT * FROM brand WHERE status = 1 ORDER BY brandname");
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function date_sanitize($date){
global $db_conx;
return mysqli_real_escape_string($db_conx, str_replace("'","",$date));
}
function getAge($then) {
$then = date('Ymd', strtotime($then));
$diff = date('Ymd') - $then;
return substr($diff, 0, -4);
}
function edit_customer_userside($id, $firstname, $lastname, $gender, $birthdate, $city, $state,$phone, $password, $file_name)
{
global $db_conx;
if( $id != "" && $firstname !="" && $lastname != "" && $gender != "" && $birthdate != "" && $city != ""&& $state != ""&& $phone != ""&& $password != ""&& $file_name != "" ){
$id = string_sanitize($id);
$firstname = string_sanitize($firstname);
$lastname = string_sanitize($lastname);
$gender = string_sanitize($gender);
$birthdate = string_sanitize($birthdate);
$city = string_sanitize($city);
$state = string_sanitize($state);
$phone = string_sanitize($phone);
$password = string_sanitize($password);
$file_name = string_sanitize($file_name);
$sql = "UPDATE user SET firstname = '".$firstname."', lastname= '".$lastname."', phone= '".$phone."', gender = '".$gender."', birthdate = '".$birthdate."', city = '".$city."', state = '".$state."', password = '".$password."', profileimage = '".$file_name."' WHERE id = '".(int)$id."'";
$updateuser = mysqli_query($db_conx, $sql);
if ($updateuser === TRUE)
{
return TRUE;
}
else
{
return false;
}
}
}
/* ----------------------------------------------------------------- */
/* -------------------27-03-2019 */
function get_roll_by_id($rollid){
global $db_conx;
$sql = "SELECT * FROM post_t WHERE rid = '$rollid'";
$select = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($select);
}
function display_gender(){
echo '<select class="form-control m-b" name="gender" id="gender">
<option value="male">Male</option>
<option value="female">Female</option>
<option value="other">Other</option>
</select>';
}
function save_new_patient($fname, $mname, $lname, $mobile1, $mobile2, $phone, $birthdate, $age, $gender, $address, $city, $status, $enteredby,$weight){
global $db_conx;
$createddate = date("Y-m-d H:i:s");
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient (cid, fname, mname, lname, mobile1, mobile2, phone, birthdate, age, gender, address, city, createddate, createdby, status, weight) VALUES ('".$cid."', '".$fname."', '".$mname."', '".$lname."', '".$mobile1."', '".$mobile2."', '".$phone."', '".$birthdate."', '".$age."', '".$gender."', '".$address."','".$city."', '".$createddate."', '".$enteredby."', '".$status."', '".$weight."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE)
{
$patientid = mysqli_insert_id($db_conx);
$activity ="New patient inserted. patientid : $patientid, Name : $fname $mname $lname Mobile1:".$mobile1.", mobile2:".$mobile2.", phone:".$phone.", birthdate:".$birthdate.", age:".$age.", gender:".$gender.", address:".$address.", city:".$city.", createddate:".$createddate.", createdby:".$enteredby.", status:".$status.", weight:".$weight;
$pagename ="patient_create.php";
activitylog($activity,$pagename);
return TRUE;
}
else
{
return false;
}
}
function getallpatients(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM patient where status = '1' AND cid = '".$cid."' ORDER BY pid DESC";
$select = mysqli_query($db_conx, $sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_patient_by_id($id){
global $db_conx;
$sql = "SELECT * FROM `patient` WHERE pid = '$id'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function ddmmyyyy($date){
return $newDate = date("d-m-Y", strtotime($date));
}
function yyyymmdd($date){
if(!empty($date)){
return $newDate = date("Y-m-d", strtotime($date));
}else{
return $date = NULL;
}
}
function dmyhis($date){
return $newDate = date("d-m-Y h:i:s a", strtotime($date));
}
function select_gender($gender){
$male = $female = $other = '';
if ($gender == 'male') {
$male = 'selected="selected"';
}elseif($gender == 'female'){
$female = 'selected="selected"';
}else{
$other = 'selected="selected"';
}
echo '<select class="form-control m-b" name="gender" id="gender">
<option value="male" '.$male.'>Male</option>
<option value="female" '.$female.'>Female</option>
<option value="other" '.$other.'>Other</option>
</select>';
}
function select_gender_readonly($gender){
echo '<input type="text" class="form-control" readonly="readonly" value="'.ucfirst($gender).'">';
}
function edit_patient($pid, $fname, $mname, $lname, $mobile1, $mobile2, $phone, $birthdate, $age, $gender, $address, $city, $status, $updatedby, $weight){
global $db_conx;
$cid = $_SESSION['cid'];
$userid = $_SESSION['userid'];
$updateddate = date("Y-m-d H:i:s");
$sql = "UPDATE patient SET fname = '".$fname."', mname= '".$mname."', lname= '".$lname."', mobile1= '".$mobile1."', mobile2= '".$mobile2."', phone= '".$phone."', gender = '".$gender."', birthdate = '".$birthdate."', age = '".$age."',city = '".$city."', address = '".$address."', status = '".$status."', modifiedby = '".$updatedby."', modifieddate = '".$updateddate."', weight = '".$weight."' WHERE pid = '".(int)$pid."'";
$updateuser = mysqli_query($db_conx, $sql);
if ($updateuser === TRUE){
$activity ="Patient Edited. patientid : $pid, Name : $fname $mname $lname Mobile1:".$mobile1.", mobile2:".$mobile2.", phone:".$phone.", birthdate:".$birthdate.", age:".$age.", gender:".$gender.", address:".$address.", city:".$city.", updatedate:".$updateddate.", updatedby:".$userid.", status:".$status.", weight:".$weight;
$pagename ="patient_edit.php";
activitylog($activity,$pagename);
return TRUE;}
else{return false;}
}
function sqlformatDate($str){
$classes=explode("-",$str);
return $date = $classes[2]."-".$classes[1]."-".$classes[0];
}
function todaysserialnumber(){
global $db_conx;
$currentdate = date('Y-m-d');
$rowcount = 0;
$j = 1;
$cid = $_SESSION['cid'];
$sql = "SELECT id FROM case_t WHERE casedate = '$currentdate' AND status = '1' AND cid = '".$cid."' ";
if ($result=mysqli_query($db_conx,$sql))
{
$rowcount = mysqli_num_rows($result);
return $rowcount + $j;
}
}
function approxcasenumber(){
global $db_conx;
$month = date('n');
$year = date('y');
$rowcount = 0;
$j = 1;
$cid = $_SESSION['cid'];
$sql = "SELECT id FROM case_t WHERE year = '$year' AND month = '$month' AND status = '1' AND cid = '".$cid."' ";
if ($result=mysqli_query($db_conx,$sql))
{
$rowcount = mysqli_num_rows($result);
return $rowcount + $j;
}
}
function chacknewoldcasestatus($pid,$dt){
date('d-m-Y',strtotime("-6 months"));
}
function caseinsert($pid,$userid,$singlecaseno,$month,$year,$casedate,$status,$casestatus,$fee,$drcr,$casenote,$weight,$ageinyears,$perfactage,$payment){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$cid = $_SESSION['cid'];
$sql = "INSERT INTO case_t (cid, singlecaseno, month, year, casedate, originalcasedate, userid, pid, status, casestatus, fee, drcr, notes, weight, ageinyears, perfactage, paymentmode) VALUES ('".$cid."', '".(int)$singlecaseno."', '".(int)$month."', '".(int)$year."', '".$casedate."', '".$originalcasedate."', '".(int)$userid."', '".(int)$pid."', '".(int)$status."', '".$casestatus."', '".(int)$fee."', '".$drcr."', '".$casenote."', '".$weight."', '".$ageinyears."', '".$perfactage."', '".$payment."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$pagename = "case_create.php";
$caseid = mysqli_insert_id($db_conx);
/*$symptom = getcasesymptomsidlist($caseid);
$symptomslist = print_r($symptom, TRUE);
$diagnosis = getcasediagnosisidlist($caseid);
$diagnosislist = print_r($diagnosis, TRUE);
$prescription = getcaseprescriptionlist($caseid);
$prescriptionlist = print_r($prescription, TRUE);
$report = getcasereportlist($caseid);
$reportlist = print_r($report, TRUE);*/
$details = "caseid: ".$caseid." paymentMode: ".$payment." fee:".$fee." New/old: ".$casestatus." drcr:".$drcr." notes:".$casenote." casecreateby:".$userid." casecreatedatetime:".$originalcasedate;
$activity = "Case created : ".$details;
activitylog($activity,$pagename);
return TRUE;
}
else{return false;}
}
function dateserialnumber($casedt){
global $db_conx;
//$currentdate = date('Y-m-d');
$rowcount = 0;
$j = 1;
$cid = $_SESSION['cid'];
$sql = "SELECT id FROM case_t WHERE casedate = '$casedt' AND status = '1' AND cid = '".$cid."' ";
if ($result=mysqli_query($db_conx,$sql))
{
$rowcount = mysqli_num_rows($result);
return $rowcount + $j;
}
}
function approxcasenumberbydate($casedt){
global $db_conx;
//$casedt = date_format($casedt, 'd-n-y');
//$newDate = date("y-n-d", strtotime($casedt));
$classes=explode("-",$casedt);
$month1 = $classes[1];
$year1 = $classes[0];
if (strlen($month1) == '2' ) {
$month = substr($month1,-1);
}
if (strlen($year1) == '4') {
$year = substr($year1,2);
}
$rowcount = 0;
$j = 1;
$cid = $_SESSION['cid'];
$sql = "SELECT id FROM case_t WHERE year = '$year' AND month = '$month' AND status = '1' AND cid = '".$cid."' ";
if ($result=mysqli_query($db_conx,$sql))
{
$rowcount = mysqli_num_rows($result);
return $rowcount + $j;
}
}
function edit_fee_by_id($feeid_edit,$casetype,$editfee){
global $db_conx;
$userid = $_SESSION['userid'];
$updatedatetime = date("Y-m-d H:i:s");
$sql = "UPDATE casefee SET feename = '$casetype', fee ='$editfee', updatedby = '$userid', updateddatetime = '$updatedatetime' WHERE fid = '$feeid_edit' ";
//exit();
$updateuser = mysqli_query($db_conx, $sql);
if ($updateuser === TRUE){
// log
$cid = $_SESSION['cid'];
$clinicname = $_SESSION['clinicname'];
$activity ="Fee Updated. Clinic ID : $cid, UserId : $userid Clinic Name : $clinicname, feeid = $feeid_edit casetype : $casetype fee: $editfee. ";
$pagename ="fee.php";
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function edit_user_by_id($userid,$fname,$mname,$lname,$phone1,$phone2,$phone3,$role,$uname,$password){
global $db_conx;
$userid = $_SESSION['userid'];
$updatedatetime = date("Y-m-d H:i:s");
$sql = "UPDATE casefee SET feename = '$casetype', fee ='$editfee', status = '$status', updatedby = '$userid', updateddatetime = '$updatedatetime' WHERE fid = '$feeid_edit' ";
//exit();
$updateuser = mysqli_query($db_conx, $sql);
if ($updateuser === TRUE){return 1;}
else{return false;}
}
function activitylog($activity,$pagename){
global $db_conx;
$userid = @$_SESSION['userid'];
$cid = @$_SESSION['cid'];
$activitytime = date("Y-m-d H:i:s");
$sql = "INSERT INTO user_activity_log (cid, userid, activitytime, activity, pagename) VALUES ('".$cid."','".(int)$userid."', '".$activitytime."', '".$activity."', '".$pagename."')";
$loguser = mysqli_query($db_conx, $sql);
//if($loguser === TRUE){echo "success";}else{echo "error";}
//write log to file
/*$txt = "Userid: ".$userid. " activitytime: ".$activitytime." activity: ".$activity." pagename: ".$pagename;
$myfile = file_put_contents('activitylog.txt', $txt.PHP_EOL , FILE_APPEND | LOCK_EX); */
}
function get_complainbyid($id){
global $db_conx;
$sql = "SELECT * FROM patient_symptoms WHERE cpid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function add_complain($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_symptoms (cid, shortname, description, priority, status, createdby, createddate) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_complainbyid($complainid);
$pagename = "patient_complain.php";
$details = "Patient complain/symptoms added for clinic id:".$cid.", Shortname: ".$add_complain.", Description: ".$description.", priority:".$priority.", userid: ".$userid.", datetime: ".$originalcasedate;
$activity = "Insert New patient complain. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function edit_complain($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE patient_symptoms SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE cpid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_complainbyid($edit_complain_id);
$pagename = "patient_complain.php";
$details = " Symptoms ID: $edit_complain_id , shortname: $add_complain , description: $description , priority: $priority";
$activity = "Updated patient complain for clinic id: $cid. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function getTableData($tablename,$fieldname,$condition){
global $db_conx;
$sql = "SELECT $fieldname FROM $tablename WHERE $condition";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row["$fieldname"];
}
function get_departmentbyid($id){
global $db_conx;
$sql = "SELECT * FROM rights_t WHERE rid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function add_department($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "INSERT INTO rights_t (departmentname, description, priority, status, createdby, createddate) VALUES ('".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
$complaindetails = get_departmentbyid($complainid);
$pagename = "rights.php";
$details = print_r($complaindetails, TRUE);
$activity = "Insert New department rights. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function showAll_department(){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `rights_t` WHERE display = '1' order by rid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_rights($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "UPDATE rights_t SET departmentname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE rid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complaindetails = get_departmentbyid($edit_complain_id);
$pagename = "rights.php";
$details = print_r($complaindetails, TRUE);
$activity = "Updated department rights. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function get_rolebyid($id){
global $db_conx;
$sql = "SELECT * FROM post_t WHERE rid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function add_role($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "INSERT INTO post_t (rname, description, priority, status, createdby, createddate) VALUES ('".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
$complaindetails = get_rolebyid($complainid);
$pagename = "role.php";
$details = print_r($complaindetails, TRUE);
$activity = "Insert a new post or role. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function showAll_roles(){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `post_t` WHERE display = '1' order by rid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
/*function get_rolebyid($id){
global $db_conx;
$sql = "SELECT * FROM rights_t WHERE rid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}*/
function edit_role($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "UPDATE post_t SET rname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE rid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complaindetails = get_rolebyid($edit_complain_id);
$pagename = "role.php";
$details = print_r($complaindetails, TRUE);
$activity = "Updated Role. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function getAll_department(){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `rights_t` WHERE display = '1' AND status = '1' order by priority ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_users_active_departments($user){
global $db_conx;
$ret = array();
$sql = "SELECT rid FROM `user_rights` WHERE userid = '".$user."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row['rid'];
}
return $ret;
}
function searchForId($search_value, $array, $id_path) {
// Iterating over main array
foreach ($array as $key1 => $val1) {
$temp_path = $id_path;
// Adding current key to search path
array_push($temp_path, $key1);
// Check if this value is an array
// with atleast one element
if(is_array($val1) and count($val1)) {
// Iterating over the nested array
foreach ($val1 as $key2 => $val2) {
if($val2 == $search_value) {
// Adding current key to search path
array_push($temp_path, $key2);
return join(",", $temp_path);
}
}
}
elseif($val1 == $search_value) {
return join(",", $temp_path);
}
}
return null;
}
function get_rollname_by_rid($rollid){
global $db_conx;
$sql = "SELECT rname FROM post_t WHERE rid = '$rollid'";
$select = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($select);
return $row['rname'];
}
function uploadimage($imagename){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "UPDATE users SET userimage = '".$imagename."' WHERE userid = '".(int)$userid."'";
$updatequery = mysqli_query($db_conx, $sql);
$_SESSION['userimage'] = $imagename;
$activity ="Update user Image : ".$imagename;
$pagename ="profile.php";
activitylog($activity,$pagename);
//if($updatequery === true){echo '1'; }else{echo 'error';}
}
/*function getuserbyid($userid){
global $db_conx;
$sql = "SELECT * FROM users WHERE userid = '".$userid."' ";
$loginchk = mysqli_query($db_conx,$sql);
return $row[] = mysqli_fetch_assoc($loginchk);
}*/
function getuserbyid($customer_id){
global $db_conx;
$sql = "select * from users where userid = '".(int)$customer_id."'";
$select = mysqli_query($db_conx,$sql);
return $row[] = mysqli_fetch_assoc($select);
}
function getcasedetailsbycaseid($caseidid){
global $db_conx;
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM case_t WHERE id = '".(int)$caseidid."' ";
$select = mysqli_query($db_conx,$sql);
return $row[] = mysqli_fetch_assoc($select);
}
function getallsymptoms(){
global $db_conx;
$cid = $_SESSION['cid'];
$ret = array();
$sql = "SELECT * FROM `patient_symptoms` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
/*function removecasesymptoms($caseid){
global $db_conx;
$sql = "DELETE FROM case_symptoms WHERE caseid='".(int)$caseid."' ";
mysqli_query($db_conx, $sql);
}
function addsymptoms($caseid, $symptoms){
global $db_conx;
$userid = string_sanitize($_SESSION['userid']);
if(!empty($symptoms)){
removecasesymptoms($caseid);
$symptoms = explode (",", $symptoms);
foreach ($symptoms as $symptom) {
$updatedatetime = date("Y-m-d H:i:s");
$sql = "INSERT INTO case_symptoms (caseid, cpid, userid , createdate) VALUES ('".$caseid."', '".$symptom."', '".$userid."','".$updatedatetime."')";
$insertpatient = mysqli_query($db_conx, $sql);
}
}
}
function getcasesymptoms($caseid){
global $db_conx;
$sql = "SELECT * FROM `case_symptoms` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getcasesymptomsidlist($caseid){
global $db_conx;
$sql = "SELECT cpid FROM `case_symptoms` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row['cpid'];
}
return $ret;
}
function getcasediagnosisidlist($caseid){
global $db_conx;
$sql = "SELECT dpid FROM `case_diagnosis` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row['dpid'];
}
return $ret;
}
function getcaseprescriptionlist($caseid){
global $db_conx;
$sql = "SELECT ppid FROM `case_prescription` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row['ppid'];
}
return $ret;
}
function getcasereportlist($caseid){
global $db_conx;
$sql = "SELECT rpid FROM `case_report` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row['rpid'];
}
return $ret;
}*/
/*function countcasesymptoms($caseid){
global $db_conx;
$sql = "SELECT COUNT(cpid) AS casesymptoms FROM `case_symptoms` WHERE caseid = '".$caseid."' ";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row['casesymptoms'];
}*/
function getalldiagnosis(){
global $db_conx;
$cid = $_SESSION['cid'];
$ret = array();
$sql = "SELECT * FROM `patient_diagnosis` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
/*function removecasediagnosis($caseid){
global $db_conx;
$sql = "DELETE FROM case_diagnosis WHERE caseid='".(int)$caseid."' ";
mysqli_query($db_conx, $sql);
}*/
/*function adddiagnosis($caseid, $symptoms){
global $db_conx;
$userid = string_sanitize($_SESSION['userid']);
if(!empty($symptoms)){
removecasediagnosis($caseid);
$symptoms = explode (",", $symptoms);
foreach ($symptoms as $symptom) {
$updatedatetime = date("Y-m-d H:i:s");
$sql = "INSERT INTO case_diagnosis (caseid, dpid, userid , createdate) VALUES ('".$caseid."', '".$symptom."', '".$userid."','".$updatedatetime."')";
$insertpatient = mysqli_query($db_conx, $sql);
}
}
}
function getcasediagnosis($caseid){
global $db_conx;
$sql = "SELECT * FROM `case_diagnosis` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function countcasediagnosis($caseid){
global $db_conx;
$sql = "SELECT COUNT(dpid) AS casesymptoms FROM `case_diagnosis` WHERE caseid = '".$caseid."' ";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row['casesymptoms'];
}*/
function getallprescription(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_prescription` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
/*function removecaseprescription($caseid){
global $db_conx;
$sql = "DELETE FROM case_prescription WHERE caseid='".(int)$caseid."' ";
mysqli_query($db_conx, $sql);
}
function addprescription($caseid, $symptoms){
global $db_conx;
$userid = string_sanitize($_SESSION['userid']);
if(!empty($symptoms)){
removecaseprescription($caseid);
$symptoms = explode (",", $symptoms);
foreach ($symptoms as $symptom) {
$updatedatetime = date("Y-m-d H:i:s");
$sql = "INSERT INTO case_prescription (caseid, ppid, userid , createdate) VALUES ('".$caseid."', '".$symptom."', '".$userid."','".$updatedatetime."')";
$insertpatient = mysqli_query($db_conx, $sql);
}
}
}
function getcaseprescription($caseid){
global $db_conx;
$sql = "SELECT * FROM `case_prescription` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function countcaseprescription($caseid){
global $db_conx;
$sql = "SELECT COUNT(ppid) AS casesymptoms FROM `case_prescription` WHERE caseid = '".$caseid."' ";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row['casesymptoms'];
}
function get_diagnosisbyid($id){
global $db_conx;
$sql = "SELECT * FROM patient_diagnosis WHERE dpid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}*/
function showAll_diagnosis(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_diagnosis` WHERE display = '1' AND cid = '".$cid."' order by dpid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_diagnosis($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$sql = "UPDATE patient_diagnosis SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE dpid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_diagnosisbyid($edit_complain_id);
$pagename = "patient_diagnosis.php";
$details = "Diagnosis id:".$edit_complain_id.", shortname:".$add_complain.", description:".$description. ", priority:".$priority.", status:".$status;
$activity = "Updated patient diagnosis. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function get_prescriptionbyid($id){
global $db_conx;
$sql = "SELECT * FROM patient_prescription WHERE ppid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function showAll_prescription(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_prescription` WHERE display = '1' AND cid = '".$cid."' order by ppid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_prescription($edit_complain_id,$add_complain,$description,$priority,$status,$power,$company){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE patient_prescription SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."', power = '".$power."',company = '".$company."' WHERE ppid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_prescriptionbyid($edit_complain_id);
$pagename = "patient_prescription.php";
$details = "ID : ".$edit_complain_id.", shortname: ".$add_complain.", description:".$description.", priority:".$priority.", status:".$status.", Power:".$power.", Company:".$company;
$activity = "Updated patient prescription. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function get_reportbyid($id){
global $db_conx;
$sql = "SELECT * FROM patient_report WHERE rpid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function showAll_report(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_report` WHERE display = '1' AND cid = '".$cid."' order by rpid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_report($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE patient_report SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE rpid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_reportbyid($edit_complain_id);
$pagename = "patient_report.php";
$details = "Id:".$edit_complain_id.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Updated patient report. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function showAll_do(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_do` WHERE display = '1' AND cid = '".$cid."' order by did desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function edit_do($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE patient_do SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE did = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_reportbyid($edit_complain_id);
$pagename = "dos.php";
$details = "Id:".$edit_complain_id.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Updated patient to do list. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function add_diagnosis($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_diagnosis (cid, shortname, description, priority, status, createdby, createddate) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_diagnosisbyid($complainid);
$pagename = "patient_diagnosis.php";
$details = "shortname :".$add_complain.", description:".$description.", priority:".$priority.", status:".$status ;
$activity = "Insert patient diagnosis. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function add_prescription($add_complain,$description,$priority,$status,$power,$company){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_prescription (cid, shortname, description, priority, status, createdby, createddate, power, company) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."', '".$power."', '".$company."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_prescriptionbyid($complainid);
$pagename = "patient_prescription.php";
$details = "id:".$complainid.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status." , power:" .$power.", company:".$company;
$activity = "Insert patient prescription. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function add_report($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_report (cid, shortname, description, priority, status, createdby, createddate) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_reportbyid($complainid);
$pagename = "patient_report.php";
$details = "id:".$complainid.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Insert patient report. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function update_case($caseid,$casefee,$drcr,$casenote,$symptomsarray,$diagnosisarray,$reportarray,$caseprescriptionnotes,$weight,$paymentmode,$dos,$dont,$nextdays,$nextdate)
{
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
if($caseid != "" && $casefee != "" && $drcr != "")
{
$update = mysqli_query($db_conx, "UPDATE case_t SET fee = '".$casefee."', drcr = '".$drcr."', notes = '".$casenote."', caseprescriptionnotes = '".$caseprescriptionnotes."', modifiedby = '".$userid."', modifieddatetime = '".$updatedatetime."', symptoms = '".$symptomsarray."', diagnosis = '".$diagnosisarray."', report = '".$reportarray."', weight= '".$weight."', paymentmode = '".$paymentmode."', do = '".$dos."', dont = '".$dont."', daycome = '".$nextdays."', datecome = '".$nextdate."' WHERE id = '".(int)$caseid."'");
if ($update === TRUE){
$pagename = "case_view.php";
/*$symptom = getcasesymptomsidlist($caseid);
$symptomslist = print_r($symptom, TRUE);
$diagnosis = getcasediagnosisidlist($caseid);
$diagnosislist = print_r($diagnosis, TRUE);
$prescription = getcaseprescriptionlist($caseid);
$prescriptionlist = print_r($prescription, TRUE);
$report = getcasereportlist($caseid);
$reportlist = print_r($report, TRUE);*/
$details = "caseid: ".$caseid." fee:".$casefee." drcr:".$drcr." notes:".$casenote." modifiedby:".$userid." modifieddatetime:".$updatedatetime. " symptoms:".$symptomsarray." Diagnosis: ".$diagnosisarray." Reports : ".$reportarray. " caseprescriptionnotes = ".$caseprescriptionnotes.", paymentmode = ".$paymentmode." Do:".$dos." Dont:".$dont." Come after days:".$nextdays." NextDate:".$nextdate;
$activity = "Save Updated case Details are : ".$details;
activitylog($activity,$pagename);
return true;
}
else false;
}
}
function add_do($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_do (cid, shortname, description, priority, status, createdby) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_reportbyid($complainid);
$pagename = "dos.php";
$details = "id:".$complainid.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Insert DO list. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function update_case_close($caseid,$casefee,$drcr,$casenote,$symptomsarray,$diagnosisarray,$reportarray,$caseprescriptionnotes, $weight, $paymentmode,$dos,$dont,$nextdays,$nextdate)
{
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
if($caseid != "" && $casefee != "" && $drcr != "")
{
$update = mysqli_query($db_conx, "UPDATE case_t SET fee = '".$casefee."', drcr = '".$drcr."', notes = '".$casenote."', caseprescriptionnotes = '".$caseprescriptionnotes."', modifiedby = '".$userid."', modifieddatetime = '".$updatedatetime."', caseclose = '1', symptoms = '".$symptomsarray."', diagnosis = '".$diagnosisarray."', report = '".$reportarray."', weight = '".$weight."', paymentmode = '".$paymentmode."', do = '".$dos."', dont = '".$dont."', daycome = '".$nextdays."', datecome = '".$nextdate."' WHERE id = '".(int)$caseid."'");
if ($update === TRUE){
$pagename = "case_view.php";
/*$symptom = getcasesymptomsidlist($caseid);
$symptomslist = print_r($symptom, TRUE);
$diagnosis = getcasediagnosisidlist($caseid);
$diagnosislist = print_r($diagnosis, TRUE);
$prescription = getcaseprescriptionlist($caseid);
$prescriptionlist = print_r($prescription, TRUE);
$report = getcasereportlist($caseid);
$reportlist = print_r($report, TRUE);*/
$details = "caseid: ".$caseid." fee:".$casefee." drcr:".$drcr." notes:".$casenote." modifiedby:".$userid." modifieddatetime:".$updatedatetime. " symptoms:".$symptomsarray." Diagnosis: ".$diagnosisarray." Reports : ".$reportarray. " caseprescriptionnotes = ".$caseprescriptionnotes.", paymentmode = ".$paymentmode." Do:".$dos." Dont:".$dont." Come after days:".$nextdays." NextDate:".$nextdate;
$activity = "Closed and Updated case Details are : ".$details;
activitylog($activity,$pagename);
return true;
}
else false;
}
}
function getallreport(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_report` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getalldo(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_do` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
/*function removecasereport($caseid){
global $db_conx;
$sql = "DELETE FROM case_report WHERE caseid='".(int)$caseid."' ";
mysqli_query($db_conx, $sql);
}
function addreport($caseid, $symptoms){
global $db_conx;
$userid = string_sanitize($_SESSION['userid']);
if(!empty($symptoms)){
removecasereport($caseid);
$symptoms = explode (",", $symptoms);
foreach ($symptoms as $symptom) {
$updatedatetime = date("Y-m-d H:i:s");
$sql = "INSERT INTO case_report (caseid, rpid, userid , createdate) VALUES ('".$caseid."', '".$symptom."', '".$userid."','".$updatedatetime."')";
$insertpatient = mysqli_query($db_conx, $sql);
}
}
}
function getcasereport($caseid){
global $db_conx;
$sql = "SELECT * FROM `case_report` WHERE caseid = '".$caseid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function countcasereport($caseid){
global $db_conx;
$sql = "SELECT COUNT(rpid) AS casesymptoms FROM `case_report` WHERE caseid = '".$caseid."' ";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row['casesymptoms'];
}*/
function countpatientcasedetailsall($pid,$caseid){
global $db_conx;
$sql = "SELECT COUNT(id) AS caseid FROM `case_t` WHERE pid = '".$pid."' AND id != '".$caseid."' AND status = 1 ";
$result = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_assoc($result);
return $row['caseid'];
}
function getpatientcasedetailsall($pid,$caseid){
global $db_conx;
$sql="SELECT * FROM case_t WHERE pid = '".$pid."' AND id != '".$caseid."' AND status = 1 order by id DESC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getloginlogdata(){
global $db_conx; $cid = $_SESSION['cid'];
$sql="SELECT u.*, users.userid, users.username
FROM users_login_log u
INNER JOIN users ON u.userid = users.userid
WHERE u.cid = $cid
order by id DESC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getactivitylogdata(){
global $db_conx; $cid = $_SESSION['cid'];
$sql="SELECT user_activity_log.*, users.userid, users.username
FROM user_activity_log
INNER JOIN users ON user_activity_log.userid = users.userid
WHERE user_activity_log.cid = $cid
order by id DESC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function showAll_medicinetimetable(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `medicine_time` WHERE display = '1' AND cid = '".$cid."' order by mid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function get_timetablebyid($id){
global $db_conx;
$sql = "SELECT * FROM medicine_time WHERE mid = '".(int)$id."'";
$result = mysqli_query($db_conx, $sql);
return $row = mysqli_fetch_assoc($result);
}
function add_timetable($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO medicine_time (cid, shortname, description, priority, status, createdby, createddate) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."', '".$originalcasedate."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_timetablebyid($complainid);
$pagename = "medicine_time.php";
$details = "ID:".$complainid.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Insert New medicine timetable. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function edit_timetable($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE medicine_time SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE mid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_timetablebyid($edit_complain_id);
$pagename = "medicine_time.php";
$details = "Id:".$edit_complain_id.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Updated timetable. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function database_backup(){
global $db_conx;
$tables = array();
$sql = "SHOW TABLES";
$result = mysqli_query($db_conx, $sql);
while ($row = mysqli_fetch_row($result)) {
$tables[] = $row[0];
}
$sqlScript = "";
foreach ($tables as $table) {
// Prepare SQLscript for creating table structure
$query = "SHOW CREATE TABLE $table";
$result = mysqli_query($db_conx, $query);
$row = mysqli_fetch_row($result);
$sqlScript .= "\n\n" . $row[1] . ";\n\n";
$query = "SELECT * FROM $table";
$result = mysqli_query($db_conx, $query);
$columnCount = mysqli_num_fields($result);
// Prepare SQLscript for dumping data for each table
for ($i = 0; $i < $columnCount; $i ++) {
while ($row = mysqli_fetch_row($result)) {
$sqlScript .= "INSERT INTO $table VALUES(";
for ($j = 0; $j < $columnCount; $j ++) {
$row[$j] = $row[$j];
if (isset($row[$j])) {
$sqlScript .= '"' . $row[$j] . '"';
} else {
$sqlScript .= '""';
}
if ($j < ($columnCount - 1)) {
$sqlScript .= ',';
}
}
$sqlScript .= ");\n";
}
}
$sqlScript .= "\n";
}
if(!empty($sqlScript))
{
$datetime = date('d-m-Y').'-'.rand();
$backup_file_name = 'G://Backup/logout-backup_clinic_' . $datetime . '.sql';
//$backup_file_name = $storagepath . $datetime . '.sql';
$fileHandler = fopen($backup_file_name, 'w+');
$number_of_lines = fwrite($fileHandler, $sqlScript);
fclose($fileHandler);
}
}
function gettimetablelist(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `medicine_time` WHERE display = '1' AND status = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getallitemsfront(){
global $db_conx; $cid = $_SESSION['cid'];
$ret = array();
$sql = "SELECT * FROM `medicine_time` WHERE display = '1' AND status = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
//$ret[] = $row;
echo '<option value="'.$row["mid"].'">'.$row["shortname"].'</option>';
}
//return $ret;
}
function getallprescriptionfront(){
global $db_conx;
$ret = array(); $cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_prescription` WHERE display = '1' AND status = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
//$ret[] = $row;
$power = '';
$company = '';
if($row['power'] != ''){$power = ' - '.$row['power'];}
if($row['company'] != ''){$company = ' - '.$row['company'];}
$itemname = $row['shortname'].$power.$company;
echo '<option value="'.$row["ppid"].'">'.$itemname.'</option>';
}
}
function countcaseprescription($caseid){
global $db_conx;
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `case_prescription` WHERE caseid = '".$caseid."' AND display = '1' ";
$result = mysqli_query($db_conx, $sql);
return mysqli_num_rows($result);
//$row = mysqli_fetch_assoc($result);
//return $row['casesymptoms'];
}
function displaycaseprescription($caseid){
global $db_conx;
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `case_prescription` WHERE caseid = '".$caseid."' AND display = '1' ";
$select = mysqli_query($db_conx, $sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getprescriptionbyid($id){
global $db_conx;
$ret = array();
$sql = "SELECT * FROM `patient_prescription` WHERE display = '1' AND ppid = '".$id."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function addClinicMaster($clinicname,$doctorName,$lname,$phone1,$phone2,$phone3,$emailid,$password1,$addStaff,$address,$degree)
{
global $db_conx;
$ip_address = $_SERVER['REMOTE_ADDR'];
$updatedatetime = date("Y-m-d H:i:s");
$todaysdate = date('Y-m-d');
$expiredate = date("Y-m-d", strtotime('+30 days'));
$planid = 1;
$encrypted = encryptedPassword($password1);
$sql = "INSERT INTO clinic_master(clinicname, doctorname, doctorlastname, mobilenumber1, mobilenumber2, landline, emailid, password, staffqty, address, created_at, ipaddress, degree, planid, planstartdate, planenddate) VALUES ('".$clinicname."','".$doctorName."','".$lname."', '".$phone1."', '".$phone2."', '".$phone3."', '".$emailid."', '".$encrypted."', '".$addStaff."', '".$address."', '".$updatedatetime."', '".$ip_address."', '".$degree."', '".$planid."','".$todaysdate."', '".$expiredate."' )";
$query = mysqli_query($db_conx, $sql);
if($query == true){
//insert table data
$cid = mysqli_insert_id($db_conx);
//create user for admin
$post_id = 1; // set as admin role
$adminUser = 1;
$sqlUserInsert = "INSERT INTO `users` (cid, fname, lname, mobile1, mobile2, phone, post_id, username, password, createddate, adminUser) VALUES ('".$cid."', '".$doctorName."','".$lname."', '".$phone1."', '".$phone2."', '".$phone3."', '".$post_id."', '".$emailid."', '".$encrypted."', '".$updatedatetime."', '".$adminUser."')";
$query = mysqli_query($db_conx, $sqlUserInsert);
$userid = mysqli_insert_id($db_conx);
//set all rights for admin
for ($i=1; $i <= 5; $i++) {
$sql3 = "INSERT INTO `user_rights` (rid, userid, updatedby, updatedtime) VALUES ('".$i."', '".$userid."', '".$userid."', '".$updatedatetime."') ";
$query = mysqli_query($db_conx, $sql3);
}
//end all rights for admin
//create fee
$sqlfee1 = "INSERT INTO casefee (cid, feename, fee, createdby, createddatetime) VALUES ('".$cid."','New','400','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlfee1);
$sqlfee2 = "INSERT INTO casefee (cid, feename, fee, createdby, createddatetime) VALUES ('".$cid."','Old','200','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlfee2);
//end fee
//create Patient Symptoms
$sqlps1 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Cephalalgia (Headache)', 'While this sounds serious, it’s actually just referring to a headache. This is a common condition that causes pain and discomfort in the head or neck, and most people have at least one a year.', '1', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps1);
$sqlps2 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Fever', 'Common Symptoms.', '2', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps2);
$sqlps3 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Cold', 'Common Symptoms.', '3', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps3);
$sqlps4 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Cough', 'Common Symptoms.', '4' '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps4);
$sqlps5 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Itching', 'Common Symptoms.', '5', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps5);
$sqlps6 = "INSERT INTO patient_symptoms (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'BodyPain', 'Common Symptoms.', '6', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlps6);
//end symptoms
//create Diagnosis
$sqld1 = "INSERT INTO patient_diagnosis (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'HyperTension', 'While this sounds serious, it’s actually just referring to a headache. This is a common condition that causes pain and discomfort in the head or neck, and most people have at least one a year.', '1', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqld1);
$sqld2 = "INSERT INTO patient_diagnosis (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Diabetes', 'Example common diagnosis', '2', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqld2);
$sqld3 = "INSERT INTO patient_diagnosis (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Anemia', 'Example common diagnosis', '3', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqld3);
$sqld4 = "INSERT INTO patient_diagnosis (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'UTI', 'Example common diagnosis', '4', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqld4);
//end Diagnosis
//create patient_prescription
$sqlpp1 = "INSERT INTO patient_prescription (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'PCM', 'Example common diagnosis', '1', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpp1);
$sqlpp2 = "INSERT INTO patient_prescription (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Diclofenec', 'Example common diagnosis', '2', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpp2);
$sqlpp3 = "INSERT INTO patient_prescription (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Amoxyclabe', 'Example common diagnosis', '3', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpp3);
$sqlpp4 = "INSERT INTO patient_prescription (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Metrodinazole', 'Example common diagnosis', '4', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpp4);
$sqlpp5 = "INSERT INTO patient_prescription (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'ORS', 'Example common diagnosis', '5', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpp5);
//end Diagnosis
//patient_report create
$sqlpr1 = "INSERT INTO patient_report (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'CBC', 'Example common Report', '1', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpr1);
$sqlpr2 = "INSERT INTO patient_report (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Urine', 'Example common Report', '2', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpr2);
$sqlpr3 = "INSERT INTO patient_report (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'MP', 'Example common Report', '3', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpr3);
$sqlpr4 = "INSERT INTO patient_report (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'Vidal', 'Example common Report', '4', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpr4);
$sqlpr5 = "INSERT INTO patient_report (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."', 'HBA1C', 'Example common Report', '5', '".$userid."','".$updatedatetime."' )";
$query = mysqli_query($db_conx, $sqlpr5);
//end patient_report
// medicine time table insert
$sqlt1 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','0.5 morning','half in morning only','10','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt1);
$sqlt2 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','0.5 morning 0.5 noon','half in morning and noon time','9','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt2);
$sqlt3 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','0.5 morning 0.5 noon 0.5 night','half in morning and noon and night time','8','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt3);
$sqlt4 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','1 morning','One in morning only','7','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt4);
$sqlt5 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','1 morning','One in morning only','6','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt5);
$sqlt6 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','1 morning 1 noon','One in morning only','5','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt6);
$sqlt7 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','1 morning 1 noon 1 night','One in morning and noon and night time','4','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt7);
$sqlt8 = "INSERT INTO medicine_time (cid, shortname, description, priority, createdby, createddate) VALUES ('".$cid."','2 morning','Two in morning only','3','".$userid."','".$updatedatetime."')";
$query = mysqli_query($db_conx, $sqlt8);
//end medicine timtable
//end data
// log
// $activity ="New Clinic inserted. Clinic ID : $cid, UserId : $userid Clinic Name : $clinicname, Doctor = $doctorName $lname Emailid : $emailid Mobile: $phone1 staff:$addStaff address:$address degree:$degree. Set as admin and set all rights. ";
// $pagename ="register.php";
// activitylog($activity,$pagename);
//send email to current user
global $server_address;
$email = $emailid;
$subject = "Welcome to OPD management system";
$html="";
$html.="Hello ".$doctorName." ".$lname.",";
$html.="<br>You are successfully registered your clinic ".$clinicname.".";
$html.="<br>Your login username: ".$emailid;
$html.="<br>Your login password: ".$password1;
$html.="<br>You can login <a href='".$server_address."'> $server_address</a>";
$html.="<br>You are set as ADMIN and all rights. Now you can add staff like doctor, nurse, receptionist, compunder and many more..";
//send_email($email, $subject, $html);
return true;
} else{
return false;
}
}
function getAllUsersForClinic(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM users WHERE userid != '' AND display = '1' AND cid = '".$cid."' AND admin is NULL ORDER BY userid DESC";
$select = mysqli_query($db_conx, $sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getFeeList(){
global $db_conx; $cid = $_SESSION['cid'];
$ret = array();
$sql = "SELECT * FROM `casefee` WHERE cid = '".$cid."' ";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function countUser(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM users WHERE userid != '' AND display = '1' AND cid = '".$cid."' AND admin is NULL ORDER BY userid DESC";
$select = mysqli_query($db_conx, $sql);
return mysqli_num_rows($select);
}
function showAll_complain(){
global $db_conx;
$cid = $_SESSION['cid'];
$ret = array();
$sql = "SELECT * FROM `patient_symptoms` WHERE display = '1' AND cid = '".$cid."' order by cpid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function passwordReset($emailid){
global $db_conx; global $server_address;
$extra = generateRandomString($length = 15);
$sql = "UPDATE users SET extra = '".$extra."' WHERE username = '".$emailid."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//set email send code
$table = 'users';
$where = " username = '".$emailid."'";
$userdata = get_specific_data($table, $where);
$emailid = $userdata['username'];
$fname = $userdata['fname'];
$lname = $userdata['lname'];
$extra = $userdata['extra'];
$cid = $userdata['cid'];
$_SESSION['cid'] = $cid;
$_SESSION['userid'] = $userdata['userid'];
$ip = $_SERVER['REMOTE_ADDR'];
$table = 'clinic_master';
$where = " cid = '".$cid."'";
$clinicdata = get_specific_data($table, $where);
$clinicname = $clinicdata['clinicname'];
$clinicemail = $clinicdata['emailid'];
$html = '';
$subject = "Password Reset for user ".$fname." ".$lname." for ".$clinicname;
$link = $server_address."/resetPassword.php?resetpassword=".$extra;
$html.="Hello ".$fname." ".$lname.",<br>";
$html.="<p>Your password reset link is bellow.</p>";
$html.="<p><b><a href='".$link."'>Click Here</a></b> for reset password. It will open a new page and you can reset the password.</p>";
send_email($emailid, $subject, $html);
//echo $html;
//inform admin about this activity
$adminlog = "";
if($userdata['adminUser'] == '0'){
$subject_admin = $clinicname." : password reset for user:".$fname." ".$lname;
$html_admin = "<p>Hello Admin, Your user ".$fname." ".$lname." with username/emailid: ".$emailid." set password reset. you can also reset password with this <b><a href='".$link."'>LINK</a></b></p>. <br><p>Thank you</p>";
send_email($clinicemail, $subject_admin, $html_admin);
$adminlog = " THis USER is Not admin, Clinicname:$clinicname ";
}
// log
$activity ="Password reset. emailid:$emailid clinicemail:$clinicemail, FullName: $fname $lname cid:$cid Link:$link ".$adminlog." IP Address:".$ip;
$pagename ="forget_password.php";
activitylog($activity,$pagename);
}
}
function send_email($to, $subject, $html){
$header = "From:hello@chiragwebshotsing.com \r\n";
$header .= "Cc:hello@chiragwebshotsing.com \r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html\r\n";
$retval = mail ($to,$subject,$html,$header);
if( $retval == true ) {
//echo "Message sent successfully...";
return true;
}else {
//echo "Message could not be sent...";
return false;
}
}
function showAll_dont(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_dont` WHERE display = '1' AND cid = '".$cid."' order by dnid desc";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function add_dont($add_complain,$description,$priority,$status){
global $db_conx;
$originalcasedate = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "INSERT INTO patient_dont (cid, shortname, description, priority, status, createdby) VALUES ('".$cid."', '".$add_complain."', '".$description."', '".(int)$priority."', '".(int)$status."', '".(int)$userid."')";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
$complainid = mysqli_insert_id($db_conx);
//$complaindetails = get_reportbyid($complainid);
$pagename = "donts.php";
$details = "id:".$complainid.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Insert DONT do list. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function edit_dont($edit_complain_id,$add_complain,$description,$priority,$status){
global $db_conx;
$updatedatetime = date("Y-m-d H:i:s");
$userid = $_SESSION['userid'];
$cid = $_SESSION['cid'];
$sql = "UPDATE patient_dont SET shortname = '".$add_complain."', description ='".$description."', priority = '".(int)$priority."', status = '".(int)$status."', updatedby = '".(int)$userid."', updateddate = '".$updatedatetime."' WHERE dnid = '".(int)$edit_complain_id."' ";
$insertpatient = mysqli_query($db_conx, $sql);
if ($insertpatient === TRUE){
//$complaindetails = get_reportbyid($edit_complain_id);
$pagename = "donts.php";
$details = "Id:".$edit_complain_id.", shortname:".$add_complain.", description:".$description.", priority:".$priority.", status:".$status;
$activity = "Updated patient dont do list. Details are : ".$details;
activitylog($activity,$pagename);
return 1;}
else{return false;}
}
function getalldont(){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `patient_dont` WHERE display = '1' AND cid = '".$cid."' order by priority ASC";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
function getSelectedDataList($tablename,$columnname,$search){
global $db_conx;
$ret = array();
$cid = $_SESSION['cid'];
$sql = "SELECT * FROM `$tablename` WHERE $columnname IN ($search) AND cid = '".$cid."'";
$select = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_assoc($select)){
$ret[] = $row;
}
return $ret;
}
?>