--- /dev/null
+#! /bin/env php
+<?php
+$db=new SQLite3("data/data.db");
+if(!empty($_SERVER["argv"][1]) && !empty($_SERVER["argv"][2]) && !empty($_SERVER["argv"][3])){
+ $stmt=$db->prepare("SELECT * FROM users WHERE user=:user");
+ $stmt->bindValue(":user",$_SERVER["argv"][1]);
+ if($stmt->execute()->fetchArray()){
+ $stmt=$db->prepare("UPDATE users SET usergroup=:usergroup,hash=:hash WHERE user=:user");
+ $stmt->bindValue(":user", $_SERVER["argv"][1]);
+ $stmt->bindValue(":hash", password_hash($_SERVER["argv"][3], PASSWORD_DEFAULT));
+ $stmt->execute();
+ }
+ else{
+ $stmt=$db->prepare("INSERT INTO users (user,usergroup,hash) VALUES (:user,:usergroup,:hash)");
+ $stmt->bindValue(":user", $_SERVER["argv"][1]);
+ $stmt->bindValue(":usergroup", $_SERVER["argv"][2]);
+ $stmt->bindValue(":hash", password_hash($_SERVER["argv"][3], PASSWORD_DEFAULT));
+ $stmt->execute();
+ }
+}
+else{
+ echo "Plese enter an username and password for entry into the DB\n";
+}
+?>
exit();
}
$error="<p>";
-$imgs="<div class='card mb-3'><div class='card-body'><div class='row'>";
+$imgs="<div class='card mb-3
w-100'><div class='card-body'><div class='row'>";
$pdfs="<div class='card mb-3'><div class='card-body'>";
if(!empty($_GET["pid"])){
$pid=$_GET["pid"];
if(!empty($_FILES)){
- if($_FILES["upload"]["size"]<8000000){
- if(in_array($_FILES["upload"]["type"], ["image/jpeg", "image/jpg", "image/png", "image/gif", "application/pdf"])){
- $fname=str_replace("/", "", $pid)."-".time()."-".rand(1000,9999).".".pathinfo($_FILES["upload"]["name"], PATHINFO_EXTENSION);
- move_uploaded_file($_FILES["upload"]["tmp_name"], "data/attachments/".$fname);
- }
- else{
- $error=$error."Only jpg, png, gif, pdf files are supported.";
- }
+ if(in_array($_FILES["upload"]["type"], ["image/jpeg", "image/jpg", "image/png", "image/gif", "application/pdf"])){
+ $fname=str_replace("/", "", $pid)."-".time()."-".rand(1000,9999).".".pathinfo($_FILES["upload"]["name"], PATHINFO_EXTENSION);
+ move_uploaded_file($_FILES["upload"]["tmp_name"], "data/attachments/".$fname);
}
else{
- $error=$error."Maximum filesize exceeded. File upload failed";
+ $error=$error."Only jpg, png, gif, pdf files are supported.";
}
}
}
else{
preg_match("/-([0-9]+)-/", pathinfo($attach, PATHINFO_FILENAME), $orig);
- $imgs=$imgs."<div class='col-md-6'><figure><img class='w-100' src='".$attach."'><figcaption>Uploaded on: ".date("M d, Y h:i a", $orig[1])."</figcaption></figure></div>";
+ $imgs=$imgs."<div class='col-md-6'><figure><a href='".$attach."'><img class='w-100' src='".$attach."'></a><figcaption>Uploaded on: ".date("M d, Y h:i a", $orig[1])."</figcaption></figure></div>";
}
}
}
</div>
<?php echo $error;?>
<form method="post" enctype="multipart/form-data">
+ <label for="upload">Select file to upload. JPG, PNG, GIF and PDF files are supported. Size limit: <span id="size-limit"><?php echo str_replace("M", "MB", ini_get("upload_max_filesize"));?></span><span id="upload-error"></span></label>
<input type="file" name="upload" id="upload" class="form-control">
<input type="submit" value="Upload" class="mt-2 btn btn-primary">
</form>
"type": "string"
}
},
- "required": ["pid", "name", "age", "sex", "date", "ward", "bed", "status"]
+ "required": ["pid", "name", "age", "sex", "date"]
}
$stmt=$this->prepare("SELECT hash FROM users WHERE user=:user");
$stmt->bindValue(":user", $username);
$result=$stmt->execute();
- return(password_verify($password, $result->fetchArray()[0]));
+ $hash=$result->fetchArray();
+ if($hash){
+ return(password_verify($password, $hash["hash"]));
+ }
+ else{
+ return(false);
+ }
}
function admit($post){
$quer=$this->prepare("SELECT count(rowid) FROM patients WHERE pid=:pid");
$stmt->bindValue(":data", json_encode($post));
$stmt->execute();
}
- function addDrug($pid, $name, $dose, $route, $frequency, $date, $time, $duration, $addl){
- $stmt=$this->prepare("INSERT INTO treatment (pid, name, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :name, :dose, :route, :frequency, :start, :duration, :omit, :addl);");
+ function addDrug($pid, $drug, $dose, $route, $frequency, $date, $time, $duration, $addl){
+ $stmt=$this->prepare("INSERT INTO treatment (pid, drug, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :start, :duration, :omit, :addl);");
$stmt->bindValue(":pid", $pid);
- $stmt->bindValue(":name", $name);
+ $stmt->bindValue(":drug", $drug);
$stmt->bindValue(":dose", $dose);
$stmt->bindValue(":route", $route);
$stmt->bindValue(":frequency", $frequency);
<script src="res/moment.js"></script>
<script src="res/bootstrap/js/bootstrap.bundle.min.js"></script>
<script src="res/bootstrap-4-autocomplete.min.js"></script>
-
-<script>
-$(document).ready(function(){
- $("[name='date']").each(function(){
- if($(this).val()==""){
- $(this).val(moment().format("YYYY-MM-DD"));
- }
- });
- $("[name='time']").each(function(){
- if($(this).val()==""){
- $(this).val(moment().format("HH:MM"));
- }
- });
- if($("[name='drug']").length){
- $(this).prop("autocomplete","off");
- $.get("autocomplete/drugs.json", function(data){
- $("[name='drug']").each(function(){
- $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:2});
- });
- });
- };
- if($("[name='route']").length){
- $(this).prop("autocomplete","off");
- $.get("autocomplete/route.json", function(data){
- $("[name='route']").each(function(){
- $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:1});
- });
- });
- };
- if($("[name='frequency']").length){
- $(this).prop("autocomplete","off");
- $.get("autocomplete/frequency.json", function(data){
- $("[name='frequency']").each(function(){
- $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:1});
- });
- });
- };
-});
-</script>
+<script src="res/script.js"></script>
require("lib/functions.php");
session_start();
$error="";
-if($_GET["action"]=="logout"){
+if(!empty($_GET["action"]) && $_GET["action"]=="logout"){
$_SESSION["user"]=null;
}
if(!empty($_POST["username"]) && !empty($_POST["password"])){
--- /dev/null
+$(document).ready(function(){
+ $("#upload").change(function(){
+ lim=$("#size-limit").text().split("MB")[0]*1000*1000;
+ if(this.files[0]["size"]>lim){
+ $("#upload-error").html(" <span class='text-danger'>[Selected file exceeds size limit]</span>");
+ }
+ else if(["image/jpeg", "image/jpg", "image/png", "image/gif", "application/pdf"].indexOf(this.files[0]["type"])==-1){
+ $("#upload-error").html(" <span class='text-danger'>"+this.files[0]["type"]+" files are not supported</span>");
+ }
+ else{
+ $("#upload-error").text("");
+ }
+ });
+ $("[name='date']").each(function(){
+ if($(this).val()==""){
+ $(this).val(moment().format("YYYY-MM-DD"));
+ }
+ });
+ $("[name='time']").each(function(){
+ if($(this).val()==""){
+ $(this).val(moment().format("HH:MM"));
+ }
+ });
+ if($("[name='drug']").length){
+ $(this).prop("autocomplete","off");
+ $.get("autocomplete/drugs.json", function(data){
+ $("[name='drug']").each(function(){
+ $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:2});
+ });
+ });
+ };
+ if($("[name='route']").length){
+ $(this).prop("autocomplete","off");
+ $.get("autocomplete/route.json", function(data){
+ $("[name='route']").each(function(){
+ $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:1});
+ });
+ });
+ };
+ if($("[name='frequency']").length){
+ $(this).prop("autocomplete","off");
+ $.get("autocomplete/frequency.json", function(data){
+ $("[name='frequency']").each(function(){
+ $(this).autocomplete({source:data, highlightClass:'text-danger',treshold:1});
+ });
+ });
+ };
+});
);
CREATE TABLE treatment(
pid int,
-name text,
+drug text,
dose text,
route text,
frequency text,
addl text
);
CREATE TABLE users(
-user text,
+user text unique,
usergroup text,
hash text,
change boolean,