Server IP : 162.240.98.243 / Your IP : 3.139.82.4 Web Server : Apache System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : btiyawmy ( 1003) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/btiyawmy/public_html/login.easenup.in/Pharmacy/ |
Upload File : |
<?php session_start(); require_once('../../DBManager.php'); require_once('../../LoginManager.php'); require_once('../../patientmanager.php'); if(isset($_POST[signup])) { PatientManager::patientAccessTWO("$_POST[prescriptionid]","$_POST[patientid]","$_POST[adminid]","$_POST[typevisit]","$_POST[casetype]","$_POST[note]","$_POST[entered_by]"); } if(isset($_POST[verify])) { PatientManager::patientAccessTWO("$_POST[prescriptionid]","$_POST[patientid]","$_POST[adminid]","$_POST[typevisit]","$_POST[casetype]","$_POST[note]","$_POST[entered_by]"); } ?> <?php $connect = new PDO("mysql:host=localhost;dbname=btiyawmy_software", "btiyawmy_software", "@#admin@#"); $error_user_otp = ''; $patientid = ''; $message = ''; if(isset($_GET["patientid"])) { $patientid = $_GET["patientid"]; if(isset($_POST["submit"])) { if(empty($_POST["user_otp"])) { $error_user_otp = 'Enter OTP Number'; } else { $query = " SELECT * FROM patient WHERE patientid = '".$patientid."' AND user_otp = '".trim($_POST["user_otp"])."' "; $statement = $connect->prepare($query); $statement->execute(); $total_row = $statement->rowCount(); if($total_row > 0) { $query = " UPDATE patient SET numbers_status = 'verified' WHERE patientid = '".$patientid."' "; $statement = $connect->prepare($query); if($statement->execute()) { include("../../dbconnection.php"); $sql ="SELECT * FROM addaspatient WHERE patientid='$patientid' AND prescriptionid='$_GET[prescriptionid]' "; $qsql = mysqli_query($con,$sql); while($rs = mysqli_fetch_array($qsql)) { echo "<script>window.location='profile.php?prescriptionid=$rs[prescriptionid]&patientid=$patientid'</script>;</script>"; } } } else { $message = '<label class="text-danger">Invalid OTP Number</label>'; } } } } else { $message = '<label class="text-danger">Invalid Url</label>'; } ?> <!DOCTYPE html> <html lang="en"> <meta charset="UTF-8"> <meta content='yes' name='apple-mobile-web-app-capable'/> <meta content='yes' name='mobile-web-app-capable'/> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <link rel="stylesheet" href="./styles.css"> <link rel="manifest" href="./manifest.webmanifest"> <link rel="assetlinks" href="assetlinks.json"> <title>OTP Verify</title> <link href="../assets/css/bootstrap.css" rel="stylesheet"> <link href="../assets/font-awesome/css/font-awesome.css" rel="stylesheet" /> <link href="../assets/css/style.css" rel="stylesheet"> <link href="../assets/css/style-responsive.css" rel="stylesheet"> </head> <body> <div id="login-page"> <div class="container"> <?php include("../dbconnection.php"); $narayan=LoginManager::currentUser(); $hari=LoginManager::getUserTypeByuname("$narayan"); $sql ="SELECT * FROM addaspatient WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]' "; $qsql = mysqli_query($con,$sql); while($rp = mysqli_fetch_array($qsql)) { echo " <form name='signup' method='post'> <input type='hidden' name='prescriptionid' value='$rp[prescriptionid]'> <input type='hidden' name='patientid' value='$rp[patientid]'> <input type='hidden' name='adminid' value='$rp[hospitalid]'> <input type='hidden' name='typevisit' value='$rp[typevisit]'> <input type='hidden' name='casetype' value='$rp[casetype]'> <input type='hidden' name='entered_by' value='$hari'> <input type='hidden' name='typevisit' value='Patient Registration'> <input type='hidden' name='note' value='verify'> <div class='login-wrap'> <br> <input type='text' name='user_otp' id='user_otp' class='form-control' placeholder='Enter Your Six Digit OTP' ><br > <input name='verify' value='Verify' class='btn btn-theme btn-block' type='submit'> <br> "; } ?> <?php include("../dbconnection.php"); $narayan=LoginManager::currentUser(); $hari=LoginManager::getUserTypeByuname("$narayan"); $sql ="SELECT * FROM addaspatient WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]' "; $qsql = mysqli_query($con,$sql); while($rp = mysqli_fetch_array($qsql)) { echo " <form name='signup' method='post'> <input type='hidden' name='prescriptionid' value='$rp[prescriptionid]'> <input type='hidden' name='patientid' value='$rp[patientid]'> <input type='hidden' name='adminid' value='$rp[hospitalid]'> <input type='hidden' name='typevisit' value='$rp[typevisit]'> <input type='hidden' name='casetype' value='$rp[casetype]'> <input type='hidden' name='entered_by' value='$hari'> <input type='hidden' name='typevisit' value='Patient Registration'> <button class='btn btn-theme btn-block' type='submit' name='signup'>SKIP</button> </form>"; } ?> </div> </div> <script src="../assets/js/jquery.js"></script> <script src="../assets/js/bootstrap.min.js"></script> <script type="text/javascript" src="../assets/js/jquery.backstretch.min.js"></script> <script> $.backstretch("../assets/img/login-bg.jpg", {speed: 500}); </script> <script src="./index.js" type="module"></script> </body> </html>