admin/clinic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

doctor can now be stored in the database, renamed a file to show its purpose

Browse Source
This commit is contained in:
Darrel Israel
2024-06-05 10:20:44 +08:00
parent b91b850139
commit 4d259c5f38
7 changed files with 77 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
saveuser.php
+64 -12
View File
@@ -7,30 +7,36 @@ if (!isset($_SESSION['isAdmin'])) {
header('Location: login.php');
}
if (isset($_POST["btnSaveUser"])) {
if (isset($_POST["btnSaveUser"]))
{
$pw1 = $_POST['userPass'];
$pw2 = $_POST['confirmUserPass'];
if ($pw1 == $pw2) {
if ($pw1 == $pw2)
{
$fname = $_POST['fname'];
$mname = $_POST['mname'];
$lname = $_POST['lname'];
$address = $_POST['address'];
$phonenum = $_POST['phonenum'];
$userpos = $_POST['UserPos'];
$licensenum = $_POST['licensenum'];
$specialization = $_POST['specialization'];
$username = $_POST['username'];
$password = $_POST['userPass'];
// Hash the password
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
if ($userpos == 'isSec') {
if ($userpos == 'isSec')
{
// Insert data into tblsec
$sql = "INSERT INTO tblsec (fname, mname, lname, phonenum, address)
VALUES ('$fname', '$mname', '$lname', '$phonenum', '$address')";
$result = mysqli_query($conn, $sql);
if ($result) {
if ($result)
{
// Get the userid of the last inserted row in tblsec
$secIDFK = mysqli_insert_id($conn);
@@ -38,24 +44,70 @@ if (isset($_POST["btnSaveUser"])) {
$sql2 = "INSERT INTO tbluserroles (isSec, secIDFK) VALUES (1, $secIDFK)";
$result2 = mysqli_query($conn, $sql2);
if ($result2) {
if ($result2)
{
$tbluserroleroleid = mysqli_insert_id($conn);
// Insert user authentication data into tbluserauth with hashed password
$sql1 = "INSERT INTO tbluserauth (username, password, tbluserroles_roleid)
$sql3 = "INSERT INTO tbluserauth (username, password, tbluserroles_roleid)
VALUES ('$username', '$hashedPassword', $tbluserroleroleid)";
$result1 = mysqli_query($conn, $sql1);
$result3 = mysqli_query($conn, $sql3);
if ($result1) {
if ($result3)
{
header("Location: adminindex.php?msg=New record created successfully");
} else {
}
else
{
echo "Failed to insert user authentication data: " . mysqli_error($conn);
}
} else {
}
else
{
echo "Failed to insert user role data: " . mysqli_error($conn);
}
} else {
} else
{
echo "Failed to insert secretary data: " . mysqli_error($conn);
}
}
else if ($userpos == 'isDoc')
{
$sql = "INSERT INTO tbldoctor (fname, mname, lname, specialization, licensenum, phonenum, address)
VALUES ('$fname', '$mname', '$lname', '$specialization', '$licensenum', '$phonenum', '$address')";
$result = mysqli_query($conn, $sql);
if ($result)
{
$doctorIDFK = mysqli_insert_id($conn);
$sql2 = "INSERT INTO tbluserroles (isDoc, doctorIDFK) VALUES (1, $doctorIDFK)";
$result2 = mysqli_query($conn, $sql2);
if ($result2)
{
$tbluserroleroleid = mysqli_insert_id($conn);
// Insert user authentication data into tbluserauth with hashed password
$sql3 = "INSERT INTO tbluserauth (username, password, tbluserroles_roleid)
VALUES ('$username', '$hashedPassword', $tbluserroleroleid)";
$result3 = mysqli_query($conn, $sql3);
if ($result3)
{
header("Location: adminindex.php?msg=New record created successfully");
}
else
{
echo "Failed to insert user authentication data: " . mysqli_error($conn);
}
}
else
{
echo "Failed to insert user role data: " . mysqli_error($conn);
}
}
else
{
echo "Failed to insert doctor data: " . mysqli_error($conn);
}
}
}
}
}