diff --git a/admin-registration.php b/admin-registration.php new file mode 100644 index 0000000..9485927 --- /dev/null +++ b/admin-registration.php @@ -0,0 +1,140 @@ +exec("CREATE TABLE IF NOT EXISTS admins ( + id INT AUTO_INCREMENT PRIMARY KEY, + name VARCHAR(255) NOT NULL, + email VARCHAR(255) NOT NULL UNIQUE, + password VARCHAR(255) NOT NULL, + role ENUM('admin', 'superadmin') NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + )"); + + $name = $_POST['name']; + $email = $_POST['email']; + $password = password_hash($_POST['password'], PASSWORD_DEFAULT); + $role = $_POST['role']; + + // Check if email already exists + $stmt = $pdo->prepare("SELECT id FROM admins WHERE email = ?"); + $stmt->execute([$email]); + if ($stmt->fetch()) { + $message = '
Error: An account with this email already exists.
'; + } else { + $sql = "INSERT INTO admins (name, email, password, role) VALUES (?, ?, ?, ?)"; + $stmt = $pdo->prepare($sql); + if ($stmt->execute([$name, $email, $password, $role])) { + $message = '
Admin user created successfully! You can now log in. For security, please consider removing this registration file.
'; + } else { + $message = '
Error: Could not create admin user.
'; + } + } + } catch (PDOException $e) { + $message = '
Database error: ' . $e->getMessage() . '
'; + } +} +?> + + + + + + Admin Registration - Medicaltour + + + + + + + + + + +
+
+
+
+

Admin Registration

+

Create a new Admin or Superadmin account. This page should be deleted after use.

+ + + +
+
+ + +
Please enter your full name.
+
+
+ + +
Please enter a valid email address.
+
+
+ + +
Please enter a password.
+
+
+ + +
Please select a role.
+
+
+ +
+
+
+
+
+
+ + + + + + + + diff --git a/assets/css/custom.css b/assets/css/custom.css new file mode 100644 index 0000000..29086df --- /dev/null +++ b/assets/css/custom.css @@ -0,0 +1,27 @@ +body { + background-color: #F8F9FA; +} + +.navbar { + background-color: #FFFFFF; + box-shadow: 0 2px 4px rgba(0,0,0,.1); +} + +.section { + padding: 60px 0; +} + +.hero { + background: linear-gradient(to right, #0D6EFD, #198754); + color: white; + padding: 100px 0; +} + +.hero h1 { + font-weight: 700; +} + +.btn-accent { + background-color: #198754; + color: white; +} diff --git a/assets/js/main.js b/assets/js/main.js new file mode 100644 index 0000000..3566977 --- /dev/null +++ b/assets/js/main.js @@ -0,0 +1,9 @@ +document.querySelectorAll('a[href^="#"]').forEach(anchor => { + anchor.addEventListener('click', function (e) { + e.preventDefault(); + + document.querySelector(this.getAttribute('href')).scrollIntoView({ + behavior: 'smooth' + }); + }); +}); diff --git a/dashboard.php b/dashboard.php new file mode 100644 index 0000000..a2bef77 --- /dev/null +++ b/dashboard.php @@ -0,0 +1,227 @@ +prepare("UPDATE doctors SET availability = ? WHERE id = ?"); + $stmt->execute([$availability, $doctorId]); + header("Location: dashboard.php"); // Redirect to avoid form resubmission + exit; + } catch (PDOException $e) { + // For simplicity, we are not displaying the error here. In a real application, you would log this. + } +} + + +if (!isset($_SESSION['user_id'])) { + header("Location: login.php"); + exit; +} + +$userName = $_SESSION['user_name'] ?? 'User'; +$userRole = $_SESSION['user_role'] ?? 'guest'; + +// Content for different roles +$dashboardContent = ''; +switch ($userRole) { + case 'superadmin': + $dashboardContent = '

Here you can manage the entire application, including admins, hospitals, doctors, and patients.

'; + break; + case 'admin': + $dashboardContent = '

Here you can manage hospitals, doctors, and patients.

'; + break; + case 'hospital': + $dashboardContent = ' +

Here you can manage your hospital profile, treatments, and doctors.

+
+ Manage Treatment Categories + Manage Doctors +
+ '; + break; + case 'doctor': + $db = db(); + $doctorId = $_SESSION['user_id']; + + // Fetch doctor's complete profile + $stmt = $db->prepare("SELECT d.full_name, d.email, d.specialty, d.qualifications, d.specialities, d.contact_phone, d.license_number, d.consultation_fee, d.availability, h.hospital_name, h.address, h.city, h.state, h.country FROM doctors d LEFT JOIN hospitals h ON d.hospital_id = h.id WHERE d.id = ?"); + $stmt->execute([$doctorId]); + $doctor = $stmt->fetch(PDO::FETCH_ASSOC); + + $profileInfo = '
My Profile
'; + if ($doctor) { + $profileInfo .= '

Name: '.htmlspecialchars($doctor['full_name']).'

'; + $profileInfo .= '

Email: '.htmlspecialchars($doctor['email']).'

'; + $profileInfo .= '

Contact Phone: '.htmlspecialchars($doctor['contact_phone']).'

'; + $profileInfo .= '

Primary Specialty: '.htmlspecialchars($doctor['specialty']).'

'; + $profileInfo .= '

Additional Specialities: '.nl2br(htmlspecialchars($doctor['specialities'])).'

'; + $profileInfo .= '

Qualifications: '.nl2br(htmlspecialchars($doctor['qualifications'])).'

'; + $profileInfo .= '

License Number: '.htmlspecialchars($doctor['license_number']).'

'; + $profileInfo .= '

Consultation Fee: + case 'patient': + $dashboardContent = '

Here you can manage your profile, view your medical history, and book appointments.

'; + break; + default: + $dashboardContent = '

Welcome to your dashboard.

'; + break; +} + +?> + + + + + + Dashboard - Medicaltour + + + + + + + + + + +
+
+
+
+

Welcome, !

+

Your role:

+
+
+ +
+
+
+
+
+ + +
+
+

© 2025 Medicaltour. All Rights Reserved.

+
+
+ + + + +.htmlspecialchars($doctor['consultation_fee']).'

'; + $profileInfo .= '

Availability: '.nl2br(htmlspecialchars($doctor['availability'])).'

'; + } else { + $profileInfo .= '

Profile not found.

'; + } + $profileInfo .= '
'; + + + // Fetch hospital info + $hospitalInfo = '
My Hospital
'; + if ($doctor && $doctor['hospital_name']) { + $hospitalInfo .= '

'.htmlspecialchars($doctor['hospital_name']).'

'; + $hospitalInfo .= '

'.htmlspecialchars($doctor['address']).', '.htmlspecialchars($doctor['city']).', '.htmlspecialchars($doctor['state']).', '.htmlspecialchars($doctor['country']).'

'; + } else { + $hospitalInfo .= '

You are not currently affiliated with any hospital.

'; + } + $hospitalInfo .= '
'; + + // Fetch patient history + $stmt = $db->prepare("SELECT p.full_name, a.appointment_date, a.notes FROM patients p JOIN appointments a ON p.id = a.patient_id WHERE a.doctor_id = ? ORDER BY a.appointment_date DESC"); + $stmt->execute([$doctorId]); + $appointments = $stmt->fetchAll(PDO::FETCH_ASSOC); + + $patientHistory = '
Patient History
'; + if ($appointments) { + $patientHistory .= ''; + } else { + $patientHistory .= '

No patient history found.

'; + } + $patientHistory .= '
'; + + $dashboardContent = $profileInfo . $hospitalInfo . $patientHistory; + break; + case 'patient': + $dashboardContent = '

Here you can manage your profile, view your medical history, and book appointments.

'; + break; + default: + $dashboardContent = '

Welcome to your dashboard.

'; + break; +} + +?> + + + + + + Dashboard - Medicaltour + + + + + + + + + + +
+
+
+
+

Welcome, !

+

Your role:

+
+
+ +
+
+
+
+
+ + + + + + + + \ No newline at end of file diff --git a/doctor-profile.php b/doctor-profile.php new file mode 100644 index 0000000..c04f3d0 --- /dev/null +++ b/doctor-profile.php @@ -0,0 +1,97 @@ +prepare("SELECT d.full_name, d.email, d.specialty, d.qualifications, d.specialities, d.contact_phone, d.license_number, d.consultation_fee, d.availability, h.hospital_name, h.address, h.city, h.state, h.country FROM doctors d LEFT JOIN hospitals h ON d.hospital_id = h.id WHERE d.id = ?"); + $stmt->execute([$doctorId]); + $doctor = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$doctor) { + $error_message = "Doctor not found."; + } + + } catch (PDOException $e) { + $error_message = "Database error: " . $e->getMessage(); + } +} else { + $error_message = "No doctor ID provided."; +} +?> + + + + + + Doctor Profile - Medicaltour + + + + + + + + + +
+
+
+
+ +
+ +
+
+

+

Primary Specialty:

+

Qualifications:

+

Additional Specialities:

+

Contact Phone:

+

Consultation Fee: $

+

Availability:

+ + +
+

Affiliated Hospital

+

+

, , ,

+ +
+
+ +
+
+
+
+ + + + + + + + diff --git a/doctor-registration.php b/doctor-registration.php new file mode 100644 index 0000000..3281fe0 --- /dev/null +++ b/doctor-registration.php @@ -0,0 +1,237 @@ +query("SELECT id, hospital_name as name FROM hospitals ORDER BY name"); + $hospitals = $stmt->fetchAll(PDO::FETCH_ASSOC); +} catch (PDOException $e) { + // If hospitals table doesn't exist, we can proceed without it + if ($e->getCode() !== '42S02') { + $error_message = "Database error: " . $e->getMessage(); + } +} + +if ($_SERVER["REQUEST_METHOD"] == "POST") { + try { + $pdo = db(); + + // Ensure doctors table is up-to-date + $pdo->exec("CREATE TABLE IF NOT EXISTS doctors ( + id INT AUTO_INCREMENT PRIMARY KEY, + hospital_id INT NULL, + full_name VARCHAR(255) NOT NULL, + email VARCHAR(255) NOT NULL UNIQUE, + password VARCHAR(255) NOT NULL, + specialty VARCHAR(255), + qualifications TEXT, + specialities TEXT, + contact_phone VARCHAR(255), + license_number VARCHAR(255), + cv_path VARCHAR(255), + license_upload_path VARCHAR(255), + consultation_fee DECIMAL(10, 2), + availability TEXT, + status VARCHAR(50) DEFAULT 'pending', + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY (hospital_id) REFERENCES hospitals(id) ON DELETE SET NULL + )"); + // Add hospital_id column if it doesn't exist (for backward compatibility) + $pdo->exec("ALTER TABLE `doctors` ADD COLUMN IF NOT EXISTS `hospital_id` INT NULL AFTER `id`, ADD INDEX (`hospital_id`);"); + + + // File upload handling + $cv_path = null; + if (isset($_FILES['cv']) && $_FILES['cv']['error'] == UPLOAD_ERR_OK) { + $upload_dir = 'uploads/doctors/'; + if (!is_dir($upload_dir)) mkdir($upload_dir, 0775, true); + $file_name = uniqid() . '-cv-' . basename($_FILES['cv']['name']); + $cv_path = $upload_dir . $file_name; + if (!move_uploaded_file($_FILES['cv']['tmp_name'], $cv_path)) { + throw new Exception("Failed to upload CV file."); + } + } + + $license_upload_path = null; + if (isset($_FILES['licenseUpload']) && $_FILES['licenseUpload']['error'] == UPLOAD_ERR_OK) { + $upload_dir = 'uploads/doctors/'; + if (!is_dir($upload_dir)) mkdir($upload_dir, 0775, true); + $file_name = uniqid() . '-license-' . basename($_FILES['licenseUpload']['name']); + $license_upload_path = $upload_dir . $file_name; + if (!move_uploaded_file($_FILES['licenseUpload']['tmp_name'], $license_upload_path)) { + throw new Exception("Failed to upload license file."); + } + } + + // Hash password + $password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT); + $hospital_id = !empty($_POST['hospital_id']) ? $_POST['hospital_id'] : null; + + // Insert data + $stmt = $pdo->prepare( + "INSERT INTO doctors (hospital_id, full_name, email, password, specialty, license_number, cv_path, license_upload_path, consultation_fee, availability, qualifications, specialities, contact_phone) + VALUES (:hospital_id, :full_name, :email, :password, :specialty, :license_number, :cv_path, :license_upload_path, :consultation_fee, :availability, :qualifications, :specialities, :contact_phone)" + ); + + $stmt->bindParam(':hospital_id', $hospital_id, PDO::PARAM_INT); + $stmt->bindParam(':full_name', $_POST['fullName']); + $stmt->bindParam(':email', $_POST['email']); + $stmt->bindParam(':password', $password_hash); + $stmt->bindParam(':specialty', $_POST['specialty']); + $stmt->bindParam(':license_number', $_POST['licenseNumber']); + $stmt->bindParam(':cv_path', $cv_path); + $stmt->bindParam(':license_upload_path', $license_upload_path); + $stmt->bindParam(':consultation_fee', $_POST['consultationFee']); + $stmt->bindParam(':availability', $_POST['availability']); + $stmt->bindParam(':qualifications', $_POST['qualifications']); + $stmt->bindParam(':specialities', $_POST['specialities']); + $stmt->bindParam(':contact_phone', $_POST['contact_phone']); + + $stmt->execute(); + + $success_message = "Registration successful! Your profile will be reviewed shortly."; + + } catch (PDOException $e) { + if ($e->getCode() == 23000) { // Integrity constraint violation (duplicate entry) + $error_message = "An account with this email address already exists."; + } else { + $error_message = "Database error: " . $e->getMessage(); + } + } catch (Exception $e) { + $error_message = "An error occurred: " . $e->getMessage(); + } +} +?> + + + + + + Doctor Registration - Medicaltour + + + + + + +
+ +
+ +
+
+
+

Doctor Registration

+ + +
+ + +
+ + + +

Join our network of trusted medical professionals.

+
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+ + +
+
+ +
+
+ +
+
+
+ + + + + + diff --git a/hospital-doctors.php b/hospital-doctors.php new file mode 100644 index 0000000..d209483 --- /dev/null +++ b/hospital-doctors.php @@ -0,0 +1,149 @@ +exec("ALTER TABLE `doctors` ADD COLUMN IF NOT EXISTS `hospital_id` INT NULL AFTER `id`, ADD INDEX (`hospital_id`);"); + + // Handle form submission to add a new doctor + if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['email'])) { + $fullName = $_POST['full_name']; + $email = $_POST['email']; + $password = password_hash($_POST['password'], PASSWORD_DEFAULT); + + if (!empty($email) && !empty($fullName) && !empty($_POST['password'])) { + $stmt = $pdo->prepare("INSERT INTO doctors (hospital_id, full_name, email, password, status) VALUES (:hospital_id, :full_name, :email, :password, 'active')"); + $stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT); + $stmt->bindParam(':full_name', $fullName, PDO::PARAM_STR); + $stmt->bindParam(':email', $email, PDO::PARAM_STR); + $stmt->bindParam(':password', $password, PDO::PARAM_STR); + + if ($stmt->execute()) { + $message = '
Doctor added successfully!
'; + } else { + $message = '
Failed to add doctor. The email might already be registered.
'; + } + } else { + $message = '
Please fill all required fields.
'; + } + } + + // Fetch existing doctors for this hospital + $stmt = $pdo->prepare("SELECT id, full_name, email, specialty FROM doctors WHERE hospital_id = :hospital_id ORDER BY full_name"); + $stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT); + $stmt->execute(); + $doctors = $stmt->fetchAll(PDO::FETCH_ASSOC); + +} catch (PDOException $e) { + $message = '
Database error: ' . $e->getMessage() . '
'; + $doctors = []; +} +?> + + + + + + Manage Doctors - Medicaltour + + + + + + + + + +
+
+

Manage Doctors

+ + + + +
+
Add New Doctor
+
+
+
+ + +
+
+ + +
+
+ + +
+ +
+
+
+ + +
+
Your Doctors
+
+ +

You have not added any doctors yet.

+ +
+ + + + + + + + + + + + + + + + + +
NameEmailSpecialty
+
+ +
+
+
+
+ + + + + + + diff --git a/hospital-registration.php b/hospital-registration.php new file mode 100644 index 0000000..744e474 --- /dev/null +++ b/hospital-registration.php @@ -0,0 +1,237 @@ +exec("CREATE TABLE IF NOT EXISTS hospitals ( + id INT AUTO_INCREMENT PRIMARY KEY, + hospital_name VARCHAR(255) NOT NULL, + address VARCHAR(255), + contact_person VARCHAR(255), + contact_email VARCHAR(255) NOT NULL UNIQUE, + password VARCHAR(255) NOT NULL, + specialties TEXT, + accreditation_path VARCHAR(255), + billing_details TEXT, + subscription_plan VARCHAR(50), + logo_path VARCHAR(255), + gallery_paths TEXT, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + )"); + + // File upload handling + $upload_dir = 'uploads/hospitals/'; + + $accreditation_path = null; + if (isset($_FILES['accreditation']) && $_FILES['accreditation']['error'] == UPLOAD_ERR_OK) { + $file_name = uniqid() . '-accreditation-' . basename($_FILES['accreditation']['name']); + $accreditation_path = $upload_dir . $file_name; + if (!move_uploaded_file($_FILES['accreditation']['tmp_name'], $accreditation_path)) { + throw new Exception("Failed to upload accreditation file."); + } + } + + $logo_path = null; + if (isset($_FILES['logo']) && $_FILES['logo']['error'] == UPLOAD_ERR_OK) { + $file_name = uniqid() . '-logo-' . basename($_FILES['logo']['name']); + $logo_path = $upload_dir . $file_name; + if (!move_uploaded_file($_FILES['logo']['tmp_name'], $logo_path)) { + throw new Exception("Failed to upload logo file."); + } + } + + $gallery_paths = []; + if (isset($_FILES['gallery']['name']) && is_array($_FILES['gallery']['name'])) { + foreach ($_FILES['gallery']['tmp_name'] as $key => $tmp_name) { + if ($_FILES['gallery']['error'][$key] == UPLOAD_ERR_OK) { + $file_name = uniqid() . '-gallery-' . basename($_FILES['gallery']['name'][$key]); + $gallery_path = $upload_dir . $file_name; + if (move_uploaded_file($tmp_name, $gallery_path)) { + $gallery_paths[] = $gallery_path; + } + } + } + } + $gallery_paths_json = json_encode($gallery_paths); + + // Hash password + $password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT); + + // Insert data + $stmt = $pdo->prepare( + "INSERT INTO hospitals (hospital_name, address, contact_person, contact_email, password, specialties, accreditation_path, billing_details, subscription_plan, logo_path, gallery_paths) + VALUES (:hospital_name, :address, :contact_person, :contact_email, :password, :specialties, :accreditation_path, :billing_details, :subscription_plan, :logo_path, :gallery_paths)" + ); + + $stmt->bindParam(':hospital_name', $_POST['hospitalName']); + $stmt->bindParam(':address', $_POST['address']); + $stmt->bindParam(':contact_person', $_POST['contactPerson']); + $stmt->bindParam(':contact_email', $_POST['contactEmail']); + $stmt->bindParam(':password', $password_hash); + $stmt->bindParam(':specialties', $_POST['specialties']); + $stmt->bindParam(':accreditation_path', $accreditation_path); + $stmt->bindParam(':billing_details', $_POST['billingDetails']); + $stmt->bindParam(':subscription_plan', $_POST['subscriptionPlan']); + $stmt->bindParam(':logo_path', $logo_path); + $stmt->bindParam(':gallery_paths', $gallery_paths_json); + + $stmt->execute(); + + $success_message = "Registration successful! Your hospital profile will be reviewed shortly."; + + } catch (PDOException $e) { + if ($e->getCode() == 23000) { // Integrity constraint violation (duplicate entry) + $error_message = "An account with this email address already exists."; + } else { + $error_message = "Database error: " . $e->getMessage(); + } + } catch (Exception $e) { + $error_message = "An error occurred: " . $e->getMessage(); + } +} +?> + + + + + + Hospital Registration - Medicaltour + + + + + + + + +
+ +
+ +
+
+
+

Hospital Registration

+ + +
+ + +
+ + + +

Register your hospital to be part of our exclusive network.

+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+
+ +
+
+ +
+
+
+ + + + + + + diff --git a/hospital-treatments.php b/hospital-treatments.php new file mode 100644 index 0000000..4cc62f4 --- /dev/null +++ b/hospital-treatments.php @@ -0,0 +1,138 @@ +exec("CREATE TABLE IF NOT EXISTS `treatment_categories` ( + `id` INT AUTO_INCREMENT PRIMARY KEY, + `hospital_id` INT NOT NULL, + `name` VARCHAR(255) NOT NULL, + `description` TEXT, + FOREIGN KEY (`hospital_id`) REFERENCES `hospitals`(`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;"); + + // Handle form submission + if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['category_name'])) { + $categoryName = trim($_POST['category_name']); + $description = trim($_POST['description']); + + if (!empty($categoryName)) { + $stmt = $pdo->prepare("INSERT INTO treatment_categories (hospital_id, name, description) VALUES (:hospital_id, :name, :description)"); + $stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT); + $stmt->bindParam(':name', $categoryName, PDO::PARAM_STR); + $stmt->bindParam(':description', $description, PDO::PARAM_STR); + + if ($stmt->execute()) { + $message = '
Treatment category added successfully!
'; + } else { + $message = '
Failed to add category.
'; + } + } else { + $message = '
Category name is required.
'; + } + } + + // Fetch existing categories for this hospital + $stmt = $pdo->prepare("SELECT * FROM treatment_categories WHERE hospital_id = :hospital_id ORDER BY name"); + $stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT); + $stmt->execute(); + $categories = $stmt->fetchAll(PDO::FETCH_ASSOC); + +} catch (PDOException $e) { + $message = '
Database error: ' . $e->getMessage() . '
'; + $categories = []; +} +?> + + + + + + Manage Treatment Categories - Medicaltour + + + + + + + + + +
+
+

Manage Treatment Categories

+ + + + +
+
Add New Category
+
+
+
+ + +
+
+ + +
+ +
+
+
+ + +
+
Your Treatment Categories
+
+ +

You have not added any treatment categories yet.

+ +
    + +
  • +
    +
    + +
    +
    • + +
+ +
+
+
+
+ + + + + + + diff --git a/index.php b/index.php index 7205f3d..3694231 100644 --- a/index.php +++ b/index.php @@ -1,150 +1,354 @@ - - + + - - - New Style - - - - - - - - - - - - - - - - - - - + + + Medicaltour + + + + + + + + + + + -
-
-

Analyzing your requirements and generating your website…

-
- Loading… -
-

AI is collecting your requirements and applying the first changes.

-

This page will update automatically as the plan is implemented.

-

Runtime: PHP — UTC

+ +
+ +
+ +
+
+
+

Find Your Trusted Medical Partner Abroad

+

Your one-stop platform for medical tourism. Connect with the best hospitals and doctors worldwide.

+ Explore Services +
+
+ +
+
+
+
+

About Us

+

We are dedicated to connecting patients with world-class medical facilities and renowned doctors. Our platform simplifies the process of finding and booking medical treatments abroad, ensuring a seamless and stress-free experience.

+
+
+ +
+
+
+
+ +
+
+

Our Services

+
+
+
+
+ +
Hospital Listings
+

Search and compare top-rated hospitals from around the globe.

+
+
+
+
+
+
+ +
Doctor Profiles
+

Find experienced specialists and book consultations with ease.

+
+
+
+
+
+
+ +
Travel Packages
+

Coordinate your travel and accommodation seamlessly with our partners.

+
+
+
+
+ +

Major Treatment Categories

+
+
+
+
+ +
Cardiology
+
+
+
+
+
+
+ +
Oncology
+
+
+
+
+
+
+ +
Orthopedics
+
+
+
+
+
+
+ +
Neurology
+
+
+
+
+
+
+ +
Cosmetic Surgery
+
+
+
+
+
+
+ +
Fertility
+
+
+
+
+
+
+ +
+
+

Treatment Packages

+
+
+
+
+
Cardiac Care Package
+

Includes initial consultation, coronary angiography, and a 5-day hospital stay in a private room.

+
    +
  • Full Cardiac Checkup
    • +
  • 7-Day Luxury Stay
    • +
  • Airport Transfers
    • +
+
+

$8,500

+ +
+
+
+
+
+
+
+
Orthopedic Wellness
+

Knee replacement surgery, including pre-op assessments, the procedure, and a 10-day rehabilitation stay.

+
    +
  • Joint Replacement
    • +
  • 14-Day Rehab Stay
    • +
  • Chauffeur Service
    • +
+
+

$12,300

+ +
+
+
+
+
+
+
+
Cosmetic Rejuvenation
+

A complete package including a facelift, accommodation in a 5-star hotel, and all local transportation.

+
    +
  • Full Facelift Procedure
    • +
  • 10-Day Luxury Suite
    • +
  • Private Tours
    • +
+
+

$15,000

+ +
+
+
+
+
+
+
+ +
+
+

Top Healthcare Destinations

+
+
+
+
+
India
+
    +
  • New Delhi
    • +
  • Mumbai
    • +
  • Chennai
    • +
  • Bangalore
    • +
+
+
+
+
+
+
+
Singapore
+
    +
  • Singapore
    • +
+
+
+
+
+
+
+
Thailand
+
    +
  • Bangkok
    • +
  • Phuket
    • +
+
+
+
+
+
+
+
Malaysia
+
    +
  • Kuala Lumpur
    • +
  • Penang
    • +
+
+
+
+
+
+
+
Turkey
+
    +
  • Istanbul
    • +
  • Ankara
    • +
+
+
+
+
+
+
+
Mexico
+
    +
  • Tijuana
    • +
  • Cancun
    • +
+
+
+
+
+
+
+ +
+
+

What Our Patients Say

+
+
+
+
+

"The platform made it so easy to find a great hospital for my procedure. The entire process was smooth and well-organized. Highly recommended!"

+
John Doe
+
+
+
+
+
+
+ +
+
+

Contact Us

+
+
+
+
+ +
+
+ +
+
+ +
+
+ +
+
+
+
+
+
+
+ +
- + + + + - + \ No newline at end of file diff --git a/login.php b/login.php new file mode 100644 index 0000000..e934ad9 --- /dev/null +++ b/login.php @@ -0,0 +1,144 @@ +prepare("SELECT id, name, password, role FROM admins WHERE email = ?"); + $stmt->execute([$email]); + $user = $stmt->fetch(); + if ($user && password_verify($password, $user['password'])) { + $role = $user['role']; + $user_id = $user['id']; + $user_name = $user['name']; + } + + // 2. Check patients table (if not found in admins) + if (!$user_id) { + $stmt = $pdo->prepare("SELECT id, full_name as name, password FROM patients WHERE email = ?"); + $stmt->execute([$email]); + $user = $stmt->fetch(); + if ($user && password_verify($password, $user['password'])) { + $role = 'patient'; + $user_id = $user['id']; + $user_name = $user['name']; + } + } + + // 3. Check doctors table (if not found yet) + if (!$user_id) { + $stmt = $pdo->prepare("SELECT id, full_name as name, password FROM doctors WHERE email = ?"); + $stmt->execute([$email]); + $user = $stmt->fetch(); + if ($user && password_verify($password, $user['password'])) { + $role = 'doctor'; + $user_id = $user['id']; + $user_name = $user['name']; + } + } + + // 4. Check hospitals table (if not found yet) + if (!$user_id) { + $stmt = $pdo->prepare("SELECT id, hospital_name as name, password FROM hospitals WHERE contact_email = ?"); + $stmt->execute([$email]); + $user = $stmt->fetch(); + if ($user && password_verify($password, $user['password'])) { + $role = 'hospital'; + $user_id = $user['id']; + $user_name = $user['name']; + } + } + + if ($user_id) { + $_SESSION['user_id'] = $user_id; + $_SESSION['user_name'] = $user_name; + $_SESSION['user_role'] = $role; + $_SESSION['user_email'] = $email; + header("Location: dashboard.php"); + exit; + } else { + $message = '
Invalid email or password.
'; + } + + } catch (PDOException $e) { + $message = '
Database error: ' . $e->getMessage() . '
'; + } +} +?> + + + + + + Login - Medicaltour + + + + + + + + + + +
+
+
+
+

Login

+

Access your dashboard.

+ + + +
+
+ + +
+
+ + +
+
+ +
+
+
+

Don't have an account? Register here

+
+
+
+
+
+ + + + + + + + \ No newline at end of file diff --git a/logout.php b/logout.php new file mode 100644 index 0000000..2d2c92f --- /dev/null +++ b/logout.php @@ -0,0 +1,7 @@ + \ No newline at end of file diff --git a/patient-registration.php b/patient-registration.php new file mode 100644 index 0000000..5ff90aa --- /dev/null +++ b/patient-registration.php @@ -0,0 +1,196 @@ +exec("CREATE TABLE IF NOT EXISTS patients ( + id INT AUTO_INCREMENT PRIMARY KEY, + full_name VARCHAR(255) NOT NULL, + email VARCHAR(255) NOT NULL UNIQUE, + password VARCHAR(255) NOT NULL, + dob DATE, + passport_id_path VARCHAR(255), + contact_number VARCHAR(50), + emergency_contact VARCHAR(50), + medical_history TEXT, + insurance_info VARCHAR(255), + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + )"); + + // File upload handling + $passport_id_path = null; + if (isset($_FILES['passportId']) && $_FILES['passportId']['error'] == UPLOAD_ERR_OK) { + $upload_dir = 'uploads/passports/'; + $file_name = uniqid() . '-' . basename($_FILES['passportId']['name']); + $passport_id_path = $upload_dir . $file_name; + if (!move_uploaded_file($_FILES['passportId']['tmp_name'], $passport_id_path)) { + throw new Exception("Failed to upload passport/ID file."); + } + } + + // Hash password + $password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT); + + // Insert data + $stmt = $pdo->prepare( + "INSERT INTO patients (full_name, email, password, dob, passport_id_path, contact_number, emergency_contact, medical_history, insurance_info) + VALUES (:full_name, :email, :password, :dob, :passport_id_path, :contact_number, :emergency_contact, :medical_history, :insurance_info)" + ); + + $stmt->bindParam(':full_name', $_POST['fullName']); + $stmt->bindParam(':email', $_POST['email']); + $stmt->bindParam(':password', $password_hash); + $stmt->bindParam(':dob', $_POST['dob']); + $stmt->bindParam(':passport_id_path', $passport_id_path); + $stmt->bindParam(':contact_number', $_POST['contactNumber']); + $stmt->bindParam(':emergency_contact', $_POST['emergencyContact']); + $stmt->bindParam(':medical_history', $_POST['medicalHistory']); + $stmt->bindParam(':insurance_info', $_POST['insuranceInfo']); + + $stmt->execute(); + + $success_message = "Registration successful! You can now log in."; + + } catch (PDOException $e) { + if ($e->getCode() == 23000) { // Integrity constraint violation (duplicate entry) + $error_message = "An account with this email address already exists."; + } else { + $error_message = "Database error: " . $e->getMessage(); + } + } catch (Exception $e) { + $error_message = "An error occurred: " . $e->getMessage(); + } +} +?> + + + + + + Patient Registration - Medicaltour + + + + + + + + +
+ +
+ +
+
+
+

Patient Registration

+ + +
+ + +
+ + + +

Create your account to access our services.

+
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+ + +
+
+
+ + +
+
+
+ + +
+
+ + +
+
+
+ + +
+
+ + +
+
+ +
+
+ +
+
+
+ + + + + + +