PK
<?php
include "include/session.php";
include "include/configure.php";
if(isset($_POST['submit']) && $_POST['submit']=="Submit"){
if(isset($_POST['action']) && $_POST['action']=="add"){
$imageName = $_FILES["doctorImage"]["name"];
if(!empty($imageName)) {
if(isset($_POST['preImageName']) && $_POST['preImageName']!="" )
@unlink("../images/".$_POST['preImageName']);
$strDtMix = @date("d").substr((string)microtime(), 2, 8);
$uploadfile = $strDtMix.".".pathinfo($imageName, PATHINFO_EXTENSION);
move_uploaded_file($_FILES['doctorImage']['tmp_name'], "../images/".$uploadfile);
}
mysql_query("INSERT INTO doctors (designation,department_id,firstName,lastName,gender,speciality,degrees,experience,training,facebookURL,twitterURL,googlePlusURL,doctorImage,work_days) VALUES ('".mysql_real_escape_string($_POST['designation'])."','".mysql_real_escape_string($_POST['department_id'])."','".mysql_real_escape_string($_POST['firstName'])."','".mysql_real_escape_string($_POST['lastName'])."','".mysql_real_escape_string($_POST['gender'])."','".mysql_real_escape_string($_POST['speciality'])."','".mysql_real_escape_string($_POST['degrees'])."','".mysql_real_escape_string($_POST['experience'])."','".mysql_real_escape_string($_POST['training'])."','".mysql_real_escape_string($_POST['facebookURL'])."','".mysql_real_escape_string($_POST['twitterURL'])."','".mysql_real_escape_string($_POST['googlePlusURL'])."','".$uploadfile."','".serialize($_POST['workingDays'])."')");
header("location: doctors.php");
}else if(isset($_POST['action']) && $_POST['action']=="update"){
$sqlCondition = "";
$imageName = $_FILES["doctorImage"]["name"];
if(!empty($imageName)) {
if(isset($_POST['preImageName']) && $_POST['preImageName']!="" )
@unlink("../images/".$_POST['preImageName']);
$strDtMix = @date("d").substr((string)microtime(), 2, 8);
$uploadfile = $strDtMix.".".pathinfo($imageName, PATHINFO_EXTENSION);
move_uploaded_file($_FILES['doctorImage']['tmp_name'], "../images/".$uploadfile);
$sqlCondition = ",doctorImage ='".$uploadfile."' ";
}
mysql_query("UPDATE doctors SET designation='". mysql_real_escape_string($_POST['designation'])."',department_id='". mysql_real_escape_string($_POST['department_id'])."',firstName='". mysql_real_escape_string($_POST['firstName'])."',lastName='". mysql_real_escape_string($_POST['lastName'])."', gender='". mysql_real_escape_string($_POST['gender'])."',speciality='". mysql_real_escape_string($_POST['speciality'])."',degrees='". mysql_real_escape_string($_POST['degrees'])."', experience='". mysql_real_escape_string($_POST['experience'])."', training='". mysql_real_escape_string($_POST['training'])."',facebookURL='". mysql_real_escape_string($_POST['facebookURL'])."',twitterURL='". mysql_real_escape_string($_POST['twitterURL'])."',googlePlusURL='". mysql_real_escape_string($_POST['googlePlusURL'])."',work_days='".serialize($_POST['workingDays'])."' ".$sqlCondition." where id='".$_POST['id']."'");
header("location: doctors.php?act=2");
}
}
if(isset($_GET['action']) && $_GET['action']=="status"){
mysql_query("UPDATE doctors SET status='".$_GET['act']."' where id='".$_GET['id']."'");
header("location: doctors.php?act=2");
}
if(isset($_GET['act']) && $_GET['act']=="delete"){
mysql_query("UPDATE doctors SET isDelete='1' where id='".$_GET['id']."'");
header("location: doctors.php?act=1");
}
function weekDayName($i){
$days = array('Sunday','Monday','Tuesday','Wednesday', 'Thursday', 'Friday', 'Saturday');
return $days[$i];
}
$action = "add";
if(isset($_GET['action']) && $_GET['action']=="edit"){
$sqlEdit = mysql_query("SELECT * FROM doctors WHERE id='".$_GET['id']."'");
$rowsEdit = mysql_fetch_array($sqlEdit);
extract($rowsEdit);
$action = "update";
}
include "include/header.php";
?>
<div class="openHead">Manage Doctors</div>
<div class="middleMainContainer">
<?php if(isset($_GET['action']) && $_GET['action']=="add" || $_GET['action']=="edit"){ ?>
<form method="post" action="" enctype="multipart/form-data">
<table border="1" width="100%" cellpadding="5" cellspacing="0" align="center" class="formTb">
<tr>
<td colspan="2" align="right"><input type="button" value="Back to List" onclick="window.location.href='<?=$siteUrl;?>doctors.php'" class="smtButton" /></td>
</tr>
<tr>
<td width="15%" valign="top">Category</td>
<td width="85%"><select name="department_id">
<option value="0">- Select -</option>
<?php
$sqlCate = mysql_query("SELECT * FROM department where isDelete='0' order by categoryName asc");
while($rowsCate = mysql_fetch_array($sqlCate)){
echo '<option value="'.$rowsCate['id'].'" '.(($rowsCate['id']==$department_id)?'selected="selected"':'').' >'.$rowsCate['categoryName'].'</option>';
}
?>
</select><br/ >
<span class="txtHint">if you don't find Department <a target="_blank" href="<?=$siteUrl;?>department.php">Click here</a>.</span> </td>
</tr>
<tr>
<td valign="top">First Name</td>
<td><input type="text" name="firstName" value="<?=$firstName?>" /></td>
</tr>
<tr>
<td valign="top">Last Name</td>
<td><input type="text" name="lastName" value="<?=$lastName?>" /></td>
</tr>
<tr>
<td valign="top">Gender</td>
<td><input type="radio" name="gender" <?=(isset($gender) && $gender=="Male")?'checked="checked"':'';?> value="Male" > Male
<input type="radio" name="gender" <?=(isset($gender) && $gender=="Female")?'checked="checked"':'';?> value="Female" > Female
</td>
</tr>
<tr>
<td valign="top">Image </td>
<td><?php if($doctorImage!=""){
echo "<img src='".$siteUrl."/include/timthumb.php?src=".$siteUrlMain."/images/".(($doctorImage!="")?$doctorImage:'noImg.jpg')."&h=200&w=200&zc=1' />";
?>
<br/>
<input type="hidden" name="preImageName" value="<?=$doctorImage;?>" />
<?php }?>
<input type="file" name="doctorImage" /> <br />
<span class="txtHint">Please upload 468px X 542px</span>
</td>
</tr>
<tr>
<td valign="top" colspan="2"><b>Other Info</b></td>
</tr>
<tr>
<td valign="top">Designation</td>
<td><input type="text" name="designation" value="<?=$designation?>" /><br />
<span class="txtHint">i.e. Senior doctor at medicom etc.</span></td>
</tr>
<tr>
<td valign="top">Speciality</td>
<td><input type="text" name="speciality" value="<?=$speciality?>" /><br />
<span class="txtHint">i.e. physiotherapist etc.</span></td>
</tr>
<tr>
<td valign="top">Degrees</td>
<td><input type="text" name="degrees" value="<?=$degrees?>" /><br />
<span class="txtHint">i.e. M.D. of Medicine.</span></td>
</tr>
<tr>
<td valign="top">Experience</td>
<td><input type="text" name="experience" value="<?=$experience?>" /><br />
<span class="txtHint">i.e. 38 years of Experience</span></td>
</tr>
<tr>
<td valign="top">Training</td>
<td><input type="text" name="training" value="<?=$training?>" /></td>
</tr>
<tr>
<td valign="top">Working Days</td>
<td><?php
$workDayAry = (array)unserialize($work_days);
$weeksDays = array();
for($i=0;$i<7;$i++){
$weeksDays[] = '<input type="checkbox" name="workingDays[]" '.((in_array($i,$workDayAry)?'checked="checked"':'')).' value="'.$i.'" /> '.weekDayName($i);
}
$workingDay = implode(", ",$weeksDays);
echo $workingDay;
?><br />
<span class="txtHint">Checked doctor available days in week.</span></td>
</tr>
<tr>
<td valign="top" colspan="2"><b>Social Media</b></td>
</tr>
<tr>
<td valign="top">Facebook</td>
<td><input type="text" name="facebookURL" value="<?=$facebookURL?>" /><br />
<span class="txtHint">i.e. http://facebook.com</span></td>
</tr>
<tr>
<td valign="top">Twitter</td>
<td><input type="text" name="twitterURL" value="<?=$twitterURL?>" /><br />
<span class="txtHint">i.e. http://twitter.com</span></td>
</tr>
<tr>
<td valign="top">Google Plus</td>
<td><input type="text" name="googlePlusURL" value="<?=$googlePlusURL?>" /><br />
<span class="txtHint">i.e. http://plus.google.com/</span></td>
</tr>
<tr>
<td align="right"> </td>
<td><input type="hidden" name="action" value="<?=$action;?>" />
<input type="hidden" name="id" value="<?=$id;?>" />
<input type="submit" name="submit" class="smtButton" value="Submit" /></td>
</tr>
</table>
</form>
<?php }else{?>
<table class="listTb" border="1" cellpadding="0" cellspacing="0" width="100%">
<?php
if(isset($_GET['act']) && $_GET['act']=="1" || $_GET['act']=="3") {
echo "<tr>
<td colspan='6' align='center'><span class='success'>Delete doctor sucessfully</span></td>
</tr>";
}else if(isset($_GET['act']) && $_GET['act']=="2"){
echo '<tr>
<td colspan="6" align="center"><span class="success">Update doctor successfully.</span></td>
</tr>';
}
?>
<tr class="addTdRow">
<td align="right" colspan="6" >
<input type="button" class="smtButton" onclick="window.location.href='<?=$siteUrl;?>doctors.php?action=add'" value="Add New">
</td>
</tr>
<tr>
<th align="left" width="10%"> SNo</th>
<th align="left" width="35%">Name</th>
<th align="left" width="20%">Department</th>
<th align="center" width="25%">Image</th>
<th align="center" width="10%">Status</th>
<th align="center" width="10%">Action </th>
</tr>
<?php
$page_name="doctors.php";
if(!isset($_REQUEST["start"])) {
$start = 0;
}
else
$start = $_REQUEST["start"];
$eu = ($start - 0);
$limit = 20;
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
$sql = mysql_query("limit $eu, $limit");
$sqlSeller = "SELECT d.*,dp.categoryName FROM doctors as d,department as dp where d.isDelete='0' and dp.id=d.department_id ORDER BY d.id DESC limit $eu, $limit";
$sqltot = "SELECT d.*,dp.categoryName FROM doctors as d,department as dp where d.isDelete='0' and dp.id=d.department_id";
$resultSeller= mysql_query($sqlSeller);
$resulttot=mysql_query($sqltot);
$nume=mysql_num_rows($resulttot);
if (@mysql_num_rows($resultSeller)!=0){
$sno=0;
while($rows=mysql_fetch_array($resultSeller)){
$sno++;
echo '<tr>
<td> '.$sno.'</td>
<td>'.$rows['firstName'] .' '. $rows['lastName'].'</td>
<td>'.$rows['categoryName'].'</td>
<td align="center"><img src="'.$siteUrlMain.'/php/timthumb.php?src='.$siteUrlMain.'images/'. (($rows['doctorImage']!="")?$rows['doctorImage']:'noImg.jpg').'&h=100&w=100&zc=1" /></td>
<td align="center">'.(($rows['status']=="0")?'<a title="Enable" href="doctors.php?action=status&id='.$rows['id'].'&act=1"><img src="img/tick.png" /></a>':'<a title="Disable" href="doctors.php?action=status&id='.$rows['id'].'&act=0"><img src="img/delete.gif" /></a>').'</td>
<td align="center">
<a title="Edit this record" href="doctors.php?action=edit&id='.$rows['id'].'"><img src="img/edit.gif" /></a>
<a title="Delete this record" onclick="return confirm(\'Are you sure you want to delete?\');" href="doctors.php?act=delete&id='.$rows['id'].'"><img src="img/delete.gif" /></a>
</td>
</tr>';
}
?>
<tr>
<td colspan="6">
<?php
echo "<table align = 'center' width='100%'><tr><td align='left' width='30%'>";
//// if our variable $back is equal to 0 or more then only we will display the link to move back ////////
if($back >=0) {
print "<a href='$page_name?start=$back'><font face='Verdana' size='2'>PREV</font></a>";
}
//////////////// Let us display the page links at center. We will not display the current page as a link ///////////
echo "</td><td align=center width='30%'>Page:";
$i=0;
$l=1;
$total=0;
for($i=0;$i < $nume;$i=$i+$limit){
if($i <> $eu){
echo " <a href='$page_name?start=$i'><font face='Verdana' size='2'>$l</font></a> ";
}
else { echo "<font face='Verdana' size='2' color=red>$l</font>";} /// Current page is not displayed as link and given font color red
$l=$l+1;
$total = $total+1;
}
echo " of $total</td><td align='right' width='30%'>";
///////////// If we are not in the last page then Next link will be displayed. Here we check that /////
if($this1 < $nume) {
print "<a href='$page_name?start=$next'><font face='Verdana' size='2'>NEXT</font></a>";}
echo "</td></tr></table>";
?>
</td>
</tr><?php
}else{
echo "<tr>
<td colspan='6' align='center'>No Data Found.</td>
</tr>";
} ?>
</table>
<?php }?>
</div>
<?php include "include/footer.php"; ?>
PK 99