DEWATA [ login.easenup.in ]

Name	Size	Permission
.well-known	[ DIR ]	drwxr-xr-x
client.easenup.in	[ DIR ]	drwxr-x---
easenup	[ DIR ]	drwxr-x---
easenup.in	[ DIR ]	drwxr-xr-x
easenup.online	[ DIR ]	drwxr-x---
ebNDW	[ DIR ]	drwxr-x---
login.easenup.in	[ DIR ]	drwxr-x---
patient.easenup.in	[ DIR ]	drwxr-x---
.htaccess	487 B	-rw-r--r--
.mad-root	0 B	-rw-r--r--
DBController.php	816 B	-rw-r--r--
DBManager.php	891 B	-rw-r--r--
LoginManager.php	58.46 KB	-rw-r--r--
LoginManager_mod.php	43.65 KB	-rw-r--r--
dbconnection.php	307 B	-rw-r--r--
error_log	31.53 KB	-rw-r--r--
function.php	4.61 KB	-rw-r--r--
patientmanager.php	328.21 KB	-rw-r--r--
patientmanager_24mod.php	288.17 KB	-rw-r--r--
patientmanager_Pharma.php	13.53 KB	-rw-r--r--
patientmanager_Ptreg.php	6.65 KB	-rw-r--r--
patientmanager_Reg.php	41.58 KB	-rw-r--r--
patientmanager_diagno.php	21.7 KB	-rw-r--r--
patientmanager_ipd.php	89.7 KB	-rw-r--r--
patientmanager_old.php	274.17 KB	-rw-r--r--
patientmanager_older.php	295.38 KB	-rw-r--r--
patientmanager_opd.php	79.82 KB	-rw-r--r--
php.ini	583 B	-rw-r--r--
pwnkit	0 B	-rwxr-xr-x

Code Editor : patientmanager_Ptreg.php

<?php 
date_default_timezone_set('Asia/Kolkata');
require_once("LoginManager.php");
class PatientManager
{	
public static $userhomepage="welcome.php",$loginpage="login.php",$adminhomepage="price.php",$drhomepage="drprofile.php",$patienthomepage="patient_basic.php";

//START TWO RECORDS ACCESS WITOUT PATIENT PERMISSION//
public static function patientAccessTWO($prescriptionid,$patientid,$adminid,$typevisit,$casetype,$note,$entered_by)
{
	$link=DBManager::connect();
	$narayan=LoginManager::currentUser();
	$anilka=LoginManager::getUserTypeByuname("$narayan");
	$entered_by="$anilka";
	$updated_at=date("Y-m-d");
$created_at=date("F d, Y / h:i:s A");
	$sql="INSERT INTO accesspatient(accessid,prescriptionid,patientid,adminid,typevisit,casetype,note,entered_by,created_at) VALUES (NULL,'$prescriptionid','$patientid','$adminid','$typevisit','$casetype','$note','$entered_by','$created_at')";
	$result=mysqli_query($link,$sql);
if($result)
echo "<script>window.location='profile.php?prescriptionid=$prescriptionid&patientid=$patientid'</script>;</script>";
else 
	echo "Fail";
	$link=DBManager::close($link);
}

public static function getRandomkey()
{
		$length=16;
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $string = '';

for ($i = 0; $i < $length; $i++) {
        $string .= $characters[mt_rand(0, strlen($characters) - 1)];
    }

return $string;

}

public static function setActivityLog($userno,$prescriptionid,$discription,$link,$enteredby)
{
	$updated_at=date("Y-m-d");
   $created_at=date("F d, Y / h:i:s A");
	$sql="INSERT INTO save_activity(srno,userno,prescriptionid,discription,entered_by,link,created_at,updated_at) VALUES (NULL, '$userno','$prescriptionid','$discription<br>Doc.no-','$enteredby','$link',' $created_at','$updated_at')";
	$link=DBManager::connect();

$result=mysqli_query($link,$sql);
	if($result){
		$insid= mysqli_insert_id($link);
			$srid= $insid;
		$link=DBManager::close($link);
	}

}
public static function registerUser($uname,$name,$numbers,$usertype,$password,$status,$entered_by)
{
	
$link=DBManager::connect();
$userkey=PatientManager::getRandomkey();
$password=rand(10000, 99999);
$user_otp = rand(100000, 999999);
$user_activation_code = md5(rand());
$updated_at=date("Y-m-d");
$created_at=date("F d, Y / h:i:s A");
$sql="INSERT INTO site_users(userno,uname,name,numbers,usertype,status,password,userkey,user_otp,user_activation_code,entered_by,created_at,updated_at) VALUES (NULL, '$uname', '$name', '$numbers', '$usertype', '$status','$password', '$userkey','$user_otp','$user_activation_code','$entered_by', '$created_at', '$updated_at');";
$result=mysqli_query($link,$sql);
if(!$result)
	return false;
$sql ="select last_insert_id() from site_users";
$result=mysqli_query($link,$sql);
if(!$result)
	return false;
$row=mysqli_fetch_row($result);
$userno=$row[0];
  PatientManager::setActivityLog($userno,"$noknow","User registered","showinvestigation.php?prescriptionid=$prescriptionid&patientid=$patientid","$entered_by");
return $userno;
}

public static function registerpatient($familyid,$headnumber,$pic,$fr,$patientname,$gendor,$HusbandName,$Email,$numbers,$dob,$age_type,$Weight,$Height,$bloodgroup,$Nationality,$Marital,$Religion,$Occupation,$Familyinc,$Education,$Passportnm,$AadharNu,$Referred,$Country,$State,$city,$pincode,$bloc,$nameofinc,$Policynm,$entered_by)
{
  	$link=DBManager::connect();
        
	$narayan=LoginManager::currentUser();
$harilal=LoginManager::getUserTypeByuname("$narayan");

$entered_by=$harilal;
		$patientuser = rand(1000, 9999);
		  $CheckPatient = $link->query("SELECT * FROM `site_users` WHERE `numbers` = '$numbers' AND `name` = '$patientname'");
$numSU=mysqli_num_rows($CheckPatient);
if($numSU > 0){
        echo "<script>alert('Already Exists');</script>";
    }else{ 
$userno=PatientManager::registerUser("Patient$patientuser",$patientname,$numbers,"Patient",$password,"Active","$entered_by");

echo "<br>Userno=$userno<br>";

$username = "ventexint@gmail.com";
     $apikey = "eebcced9-0ca1-4a6f-940b-c616276e2ec9";
    $sendername = "EASNUP";
	$user_otp = rand(100000, 999999);
	$user_activation_code = md5(rand());
$patientid=$userno;
$narayan=LoginManager::currentUser();
$harilal=LoginManager::getUserTypeByuname("$narayan");
$entered_by=$harilal;
$Referred=$harilal;
 $updated_at=date("Y-m-d");
   $created_at=date("F d, Y / h:i:s A");
	$sql="INSERT INTO patient(srno,patientid,familyid,headnumber,pic,fr,patientname,gendor,HusbandName,Email,numbers,dob,age_type,Weight,Height,bloodgroup,Nationality,Marital,Religion,Occupation,Familyinc,Education, Passportnm,AadharNu,Referred,Country,State,city,pincode,bloc,nameofinc,Policynm,user_otp,numbers_status,user_activation_code,entered_by, created_at,updated_at) VALUES (NULL, '$userno','$familyid','$headnumber','$pic','$fr','$patientname','$gendor','$HusbandName','$Email','$numbers','$dob','$age_type','$Weight','$Height','$bloodgroup','$Nationality','$Marital','$Religion','$Occupation','$Familyinc','$Education','$Passportnm','$AadharNu','$Referred','$Country','$State','$city','$pincode','$bloc','$nameofinc','$Policynm','$user_otp','Not Verified','$user_activation_code','$entered_by','$created_at','$updated_at')";
	
		$message="Hello $patientname, Your OTP to complete the Registration with Ease'n'Up is $user_otp Regards, HAND Corp";
	$message=urlencode($message);
$sms ="http://login.aquasms.com/sendSMS?username=ventexint@gmail.com&message=$message&sendername=EASNUP&smstype=TRANS&numbers=$numbers&apikey=eebcced9-0ca1-4a6f-940b-c616276e2ec9";
	//$sms=urlencode($sms);
	$result=file_get_contents($sms);
	//echo $sql;
$result=mysqli_query($link,$sql);
if($result)
echo "<script>window.location='patient_verify.php?code=$user_activation_code';</script>;</script>";
else 
	echo "Fail";
	$link=DBManager::close($link);
}
}

public static function patientAccess($prescriptionid,$patientid,$adminid,$typevisit,$casetype,$note,$entered_by)
{
	$link=DBManager::connect();
	$narayan=LoginManager::currentUser();
	$anilka=LoginManager::getUserTypeByuname("$narayan");
	$entered_by="$anilka";
	$updated_at=date("Y-m-d");
$created_at=date("F d, Y / h:i:s A");
	$sql="INSERT INTO accesspatient(accessid,prescriptionid,patientid,adminid,typevisit,casetype,note,entered_by,created_at) VALUES (NULL,'$prescriptionid','$patientid','$adminid','$typevisit','$casetype','$note','$entered_by','$created_at')";
	$result=mysqli_query($link,$sql);
if($result)
echo "<script>alert('Member Add successfully');</script><script>window.location='medication2.php?patientid=$patientid'</script>;</script>";
else 
	echo "Fail";
	$link=DBManager::close($link);
}

}
?>

${this.title}

Code Editor : patientmanager_Ptreg.php