UnknownSec Bypass
403
:
/
var
/
www
/
zenithentcare
/
testappnew
/
wapfolder
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
update_patientid.php
<?php header('Content-Type: application/json'); header('Access-Control-Allow-Origin:*'); /*$data=json_decode(file_get_contents("php://input"),true); $productcode=$data["pcode"]; $softwarename=$data["sname"]; $softwareversion=$data["sversion"];*/ include "../config.php"; $uhid=isset($_GET['uhid']) ? $_GET['uhid']:die(); $suhid=isset($_GET['suhid']) ? $_GET['suhid']:die(); $regid=$_GET['regid']; $name=isset($_GET['name']) ? $_GET['name']:die(); $gender=isset($_GET['gender']) ? $_GET['gender']:die(); $age=isset($_GET['age']) ? $_GET['age']:die(); $ageinyears=isset($_GET['ageinyears']) ? $_GET['ageinyears']:die(); $mobileno=isset($_GET['mobileno']) ? $_GET['mobileno']:die(); $address=isset($_GET['address']) ? $_GET['address']:die(); $appdate=isset($_GET['appdate']) ? $_GET['appdate']:die(); $consultantid=isset($_GET['consultantid']) ? $_GET['consultantid']:die(); $creationdatetime = date("Y-m-d H:m:s"); $userid=0; $cnt=0; $query = "select count(0) as count from registrationtb where uhid='".$uhid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if($cnt==0 && $regid==0) { $query="INSERT INTO registrationtb(uhid,suhid,name,age,ageinyears,gender,mobileno,isdeleted,creationdatetime,userid) VALUES('{$uhid}','{$suhid}','{$name}','{$age}','{$ageinyears}','{$gender}','{$mobileno}','0','{$creationdatetime}','{$userid}')"; mysqli_query($conn, $query); $id = mysqli_insert_id($conn); $appno=0; $query = "select count(0) as count from appointmenttb where appdate='".$appdate."' and consultantid='".$consultantid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $appno= $row["count"]+1; } $query="INSERT INTO appointmenttb(regid,uhid,appno,name,age,ageinyear,gender,mobileno,appdate,consultantid,paymentstatus,NeworOld,isdeleted,creationdatetime,userid) VALUES('{$id}','{$uhid}','{$appno}','{$name}','{$age}','{$ageinyears}','{$gender}','{$mobileno}','{$appdate}','{$consultantid}','Yes',1,'0','{$creationdatetime}','{$userid}')"; $result = mysqli_query($conn, $query); if ($result==true) { $message="1"; } echo json_encode($message); } else { $sql="update registrationtb set uhid='".$uhid."',suhid='".$suhid."',name='".$name."',gender='".$gender."', age='".$age."',ageinyears='".$ageinyears."',mobileno='".$mobileno."' where regid=".$regid." "; $result=mysqli_query($conn, $sql) or die("SQL Query Failed."); $sql="update appointmenttb set uhid='".$uhid."',paymentstatus=1,name='".$name."',gender='".$gender."', age='".$age."',ageinyear='".$ageinyears."',mobileno='".$mobileno."' where regid=".$regid." "; $result=mysqli_query($conn, $sql) or die("SQL Query Failed."); echo json_encode($result); } ?>
Copyright © 2025 - UnknownSec