UnknownSec Bypass
403
:
/
var
/
www
/
zenithentcare
/
wapfolder
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
update_appointment.php
<?php header('Content-Type: application/json'); header('Access-Control-Allow-Origin:*'); /*$data=json_decode(file_get_contents("php://input"),true); $productcode=$data["pcode"]; $softwarename=$data["sname"]; $softwareversion=$data["sversion"];*/ $appid=isset($_GET['appid']) ? $_GET['appid']:die(); $uhid=isset($_GET['uhid']) ? $_GET['uhid']:die(); $suhid=isset($_GET['suhid']) ? $_GET['suhid']:die(); $name=isset($_GET['name']) ? $_GET['name']:die(); $gender=isset($_GET['gender']) ? $_GET['gender']:die(); $age=isset($_GET['age']) ? $_GET['age']:die(); $ageinyears=isset($_GET['ageinyears']) ? $_GET['ageinyears']:die(); $mobileno=isset($_GET['mobileno']) ? $_GET['mobileno']:die(); $address=isset($_GET['address']) ? $_GET['address']:die(); $appdate=isset($_GET['appdate']) ? $_GET['appdate']:die(); $consultantid=isset($_GET['consultantid']) ? $_GET['consultantid']:die(); $paystatus=isset($_GET['paystatus']) ? $_GET['paystatus']:die(); $creationdatetime = date("Y-m-d H:m:s"); $userid=0; include "../config.php"; if($appid!="0") { $sql="update appointmenttb set paymentstatus='".$paystatus."' where appid='".$appid."' "; $result=mysqli_query($conn, $sql) or die("SQL Query Failed."); echo json_encode($result); } else { $regid=0; $cnt=0; $query = "select count(0) as count from registrationtb where uhid='".$uhid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if($cnt==0) { $query="INSERT INTO registrationtb(uhid,suhid,name,age,ageinyears,gender,mobileno,isdeleted,creationdatetime,userid) VALUES('{$uhid}','{$suhid}','{$name}','{$age}','{$ageinyears}','{$gender}','{$mobileno}','0','{$creationdatetime}','{$userid}')"; mysqli_query($conn, $query); } $query = "select regid from registrationtb where uhid='".$uhid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $regid= $row["regid"]; } $appno=0; $query = "select count(0) as count from appointmenttb where appdate='".$appdate."' and consultantid='".$consultantid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $appno= $row["count"]+1; } $cnt=0; $query = "select count(0) as count from appointmenttb where appdate='".$appdate."' and consultantid='".$consultantid."' and uhid='".$uhid."' and isdeleted='0'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if($cnt==0) { $query="INSERT INTO appointmenttb(regid,uhid,appno,name,age,ageinyear,gender,mobileno,appdate,consultantid,paymentstatus,NeworOld,isdeleted,creationdatetime,userid) VALUES('{$regid}','{$uhid}','{$appno}','{$name}','{$age}','{$ageinyears}','{$gender}','{$mobileno}','{$appdate}','{$consultantid}','{$paystatus}','No','0','{$creationdatetime}','{$userid}')"; $result = mysqli_query($conn, $query); if ($result==true) { $message="1"; } echo json_encode($message); } } ?>
Copyright © 2025 - UnknownSec