";
$pdfs="
";
$pdfs=$pdfs."";
if(!empty($_GET["pid"])){
$pid=$_GET["pid"];
if(!empty($_FILES)){
if(in_array($_FILES["upload"]["type"], ["image/jpeg", "image/jpg", "image/png", "image/gif", "application/pdf"])){
if(!empty($_GET["name"])){
$name=$_GET["name"]."-";
}
else{
$name="";
}
$fname=str_replace("/", "", $pid)."-".$name.time()."-".rand(1000,9999).".".pathinfo($_FILES["upload"]["name"], PATHINFO_EXTENSION);
move_uploaded_file($_FILES["upload"]["tmp_name"], CONFIG_WWW."data/attachments/".$fname);
if(!empty($_GET["req"])){
$db->omitRequisition($_GET["req"]);
}
}
else{
$error=$error."Only jpg, png, gif, pdf files are supported.";
}
}
elseif(!empty($_POST["delete"])){
$file=str_replace("/","",$_POST["delete"]);
rename(CONFIG_WWW."data/attachments/".$file, CONFIG_WWW."data/attachments/.trash/".$file);
}
if(checkAccess("attachments")=="all" && $db->getStatus($pid)->fetchArray()["status"]=="admitted"){
$hideEdit="";
}
else{
$hideEdit="style='display:none'";
}
foreach(glob("data/attachments/".str_replace("/", "", $pid)."-*") as $attach){
if(pathinfo($attach, PATHINFO_EXTENSION)=="pdf"){
$pdfs=$pdfs."
"; } else{ preg_match("/-([0-9]+)-/", pathinfo($attach, PATHINFO_FILENAME), $orig); $imgs=$imgs."![](".$attach.")
Uploaded on: ".date("M d, Y h:i a", $orig[1])."
".pathinfo($attach, PATHINFO_BASENAME)."
"; } else{ preg_match("/-([0-9]+)-/", pathinfo($attach, PATHINFO_FILENAME), $orig); $imgs=$imgs."