-
Notifications
You must be signed in to change notification settings - Fork 2
/
newfunction.php
80 lines (72 loc) · 2.06 KB
/
newfunction.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
// session_start();
$con=mysqli_connect("localhost","root","","hms");
// if(isset($_POST['submit'])){
// $username=$_POST['username'];
// $password=$_POST['password'];
// $query="select * from logintb where username='$username' and password='$password';";
// $result=mysqli_query($con,$query);
// if(mysqli_num_rows($result)==1)
// {
// $_SESSION['username']=$username;
// $_SESSION['pid']=
// header("Location:patient-panel.php");
// }
// else
// header("Location:error.php");
// }
// if(isset($_POST['update_data']))
// {
// $contact=$_POST['contact'];
// $status=$_POST['status'];
// $query="update appointment set payment='$status' where contact='$contact';";
// $result=mysqli_query($con,$query);
// if($result)
// header("Location:updated.php");
// }
// function display_docs()
// {
// global $con;
// $query="select * from doctor";
// $result=mysqli_query($con,$query);
// while($row=mysqli_fetch_array($result))
// {
// $username=$row['username'];
// $price=$row['docFees'];
// echo '<option value="' .$username. '" data-value="'.$price.'">'.$username.'</option>';
// }
// }
function display_specs() {
global $con;
$query="select distinct(spec) from doctor";
$result=mysqli_query($con,$query);
while($row=mysqli_fetch_array($result))
{
$spec=$row['spec'];
echo '<option data-value="'.$spec.'">'.$spec.'</option>';
}
}
function display_docs()
{
global $con;
$query = "select * from doctor";
$result = mysqli_query($con,$query);
while( $row = mysqli_fetch_array($result) )
{
$username = $row['username'];
$price = $row['docFees'];
$spec = $row['spec'];
// Sanitize the username for use as an attribute value
$sanitizedUsername = htmlspecialchars($username, ENT_QUOTES, 'UTF-8');
echo '<option value="' .$sanitizedUsername. '" data-value="'.$price.'" data-spec="'.$spec.'">'.$sanitizedUsername.'</option>';
}
}
if(isset($_POST['doc_sub']))
{
$username=$_POST['username'];
$query="insert into doctor(username)values('$username')";
$result=mysqli_query($con,$query);
if($result)
header("Location:adddoc.php");
}
?>