Mr.Fn4ticHz Shell

Server IP : 162.240.98.243 / Your IP : 3.137.217.220
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /home/btiyawmy/public_html/login.easenup.in/

Upload File :

[ HOME ]

Current File : /home/btiyawmy/public_html/login.easenup.in/update_appoiment.php

<?php 
session_start();
include 'dbconnection.php';
include 'menu.php';
include 'header.php';
//Code for Registration 
if(isset($_POST['signup'])) 
{ 
$sql ="UPDATE bookap SET VisitConsultant='$_POST[VisitConsultant]',selectdate='$_POST[selectdate]',SelectTime='$_POST[SelectTime]',drid='$_POST[drid]' ,statusva='$_POST[statusva]' WHERE srno='$_GET[srno]'";
if($qsql = mysqli_query($con,$sql))
		{
    echo "<script>alert('Update successfully');</script><script>window.history.go(-2)</script>;</script>";
  } else {
    echo "Sorry, there was an error uploading your file.";
  } 
    
}

?>




  <?php

$sql1 ="SELECT * FROM bookap WHERE srno='$_GET[srno]'";
		$qsql1 = mysqli_query($con,$sql1);
		if($rspatient = mysqli_fetch_array($qsql1))
	{
	    $sql ="SELECT * FROM site_users WHERE userno='$rspatient[drid]'";
		$qsql = mysqli_query($con,$sql);
		if($rs = mysqli_fetch_array($qsql))
		{
	    $sql12 ="SELECT * FROM patient WHERE patientid='$rspatient[patientid]'";
		$qsql12 = mysqli_query($con,$sql12);
		if($rspatient12 = mysqli_fetch_array($qsql12))
	{
	echo "

		    <div class='content-wrapper'>
    <!-- Content Header (Page header) -->
   <form name='signup'  method='post'>
    <div class='center'>
    <table  id='example2' class='table table-bordered table-hover'>
    <tr>
<td>&nbsp;  &nbsp; &nbsp; &nbsp;  Type of Appointment: </td>
<td><select name='VisitConsultant'><option value='$rspatient[VisitConsultant]'>$rspatient[VisitConsultant]</option></select></td>
</tr>
<tr>
<td>&nbsp;  &nbsp; &nbsp; &nbsp;  Appointment Date: </td>
<td><input type='date' name='selectdate' value='$rspatient[selectdate]'></td>
</tr>
<tr>
<td>&nbsp;  &nbsp; &nbsp; &nbsp;  Appointment Time: </td>
<td><input type='time' name='SelectTime' value='$rspatient[SelectTime]'></td>
</tr>

<td width='50%'>&nbsp;  &nbsp; &nbsp; &nbsp;  Admitted Under</td>
<td width='50%'>
<select name='drid' id='select2' required>
          <option value='$rs[userno]'>$rs[name]</option>
";
}
}
}
?>
<?php
include("dbconnection.php");
$username = "ventexint@gmail.com";
    $apikey = "eebcced9-0ca1-4a6f-940b-c616276e2ec9";
    $sendername = "EASNUP";
$narayan=LoginManager::currentUser();
$usertype=LoginManager::getUserTypeByuname("$narayan");
	$sql1 ="SELECT * FROM site_users WHERE userno='$usertype'";
		$qsql1 = mysqli_query($con,$sql1);
		if($re = mysqli_fetch_array($qsql1))
		{
          	$sqldoctor= "SELECT * FROM site_users WHERE usertype='Doctor' and entered_by='$re[entered_by]'";
			$qsqldoctor = mysqli_query($con,$sqldoctor);
			while($rsdoctor = mysqli_fetch_array($qsqldoctor))
			{
				
				echo "<option value='$rsdoctor[userno]'>$rsdoctor[name]</option>";
				}
		}
		?>
		echo"
		  
		  </select>
</td>
</tr>
<tr><td>&nbsp;  &nbsp; &nbsp; &nbsp;  Status</td><td>
<select name='statusva'>
    <option value='' disabled selected>Status</option>
    <option value='Confirmed'>Confirmed</option>
    <option value='Awaiting'>Awaiting</option>
    <option value='Cancelled'>Cancelled </option>
    <option value='reschedule'>reschedule</option>
    </select></td></tr>
</table>
</fieldset>
	<button type='submit' name='signup'> <span style='color:WHITE'>Update</SPAN></button>
</div>
</form>


		  <html>
           <head>
               <style>
                     
       .center {
   border: 1px solid grey;
   text-align:;
}
</style>
              
           </head>
    <body>
       
         <?php ?>
  
		</body>
	
  </html>

Anon7 - 2022
AnonSec Team