prepare("UPDATE doctors SET availability = ? WHERE id = ?"); $stmt->execute([$availability, $doctorId]); header("Location: dashboard.php"); // Redirect to avoid form resubmission exit; } catch (PDOException $e) { // For simplicity, we are not displaying the error here. In a real application, you would log this. } } if (!isset($_SESSION['user_id'])) { header("Location: login.php"); exit; } $userName = $_SESSION['user_name'] ?? 'User'; $userRole = $_SESSION['user_role'] ?? 'guest'; // Content for different roles $dashboardContent = ''; switch ($userRole) { case 'superadmin': $dashboardContent = '

Here you can manage the entire application, including admins, hospitals, doctors, and patients.

'; break; case 'admin': $dashboardContent = '

Here you can manage hospitals, doctors, and patients.

'; break; case 'hospital': $dashboardContent = '

Here you can manage your hospital profile, treatments, and doctors.

Manage Treatment Categories Manage Doctors
'; break; case 'doctor': $db = db(); $doctorId = $_SESSION['user_id']; // Fetch doctor's complete profile $stmt = $db->prepare("SELECT d.full_name, d.email, d.specialty, d.qualifications, d.specialities, d.contact_phone, d.license_number, d.consultation_fee, d.availability, h.hospital_name, h.address, h.city, h.state, h.country FROM doctors d LEFT JOIN hospitals h ON d.hospital_id = h.id WHERE d.id = ?"); $stmt->execute([$doctorId]); $doctor = $stmt->fetch(PDO::FETCH_ASSOC); $profileInfo = '
My Profile
'; if ($doctor) { $profileInfo .= '

Name: '.htmlspecialchars($doctor['full_name']).'

'; $profileInfo .= '

Email: '.htmlspecialchars($doctor['email']).'

'; $profileInfo .= '

Contact Phone: '.htmlspecialchars($doctor['contact_phone']).'

'; $profileInfo .= '

Primary Specialty: '.htmlspecialchars($doctor['specialty']).'

'; $profileInfo .= '

Additional Specialities: '.nl2br(htmlspecialchars($doctor['specialities'])).'

'; $profileInfo .= '

Qualifications: '.nl2br(htmlspecialchars($doctor['qualifications'])).'

'; $profileInfo .= '

License Number: '.htmlspecialchars($doctor['license_number']).'

'; $profileInfo .= '

Consultation Fee: case 'patient': $dashboardContent = '

Here you can manage your profile, view your medical history, and book appointments.

'; break; default: $dashboardContent = '

Welcome to your dashboard.

'; break; } ?> Dashboard - Medicaltour

Welcome, !

Your role:

© 2025 Medicaltour. All Rights Reserved.

.htmlspecialchars($doctor['consultation_fee']).'

'; $profileInfo .= '

Availability: '.nl2br(htmlspecialchars($doctor['availability'])).'

'; } else { $profileInfo .= '

Profile not found.

'; } $profileInfo .= '
'; // Fetch hospital info $hospitalInfo = '
My Hospital
'; if ($doctor && $doctor['hospital_name']) { $hospitalInfo .= '

'.htmlspecialchars($doctor['hospital_name']).'

'; $hospitalInfo .= '

'.htmlspecialchars($doctor['address']).', '.htmlspecialchars($doctor['city']).', '.htmlspecialchars($doctor['state']).', '.htmlspecialchars($doctor['country']).'

'; } else { $hospitalInfo .= '

You are not currently affiliated with any hospital.

'; } $hospitalInfo .= '
'; // Fetch patient history $stmt = $db->prepare("SELECT p.full_name, a.appointment_date, a.notes FROM patients p JOIN appointments a ON p.id = a.patient_id WHERE a.doctor_id = ? ORDER BY a.appointment_date DESC"); $stmt->execute([$doctorId]); $appointments = $stmt->fetchAll(PDO::FETCH_ASSOC); $patientHistory = '
Patient History
'; if ($appointments) { $patientHistory .= ''; } else { $patientHistory .= '

No patient history found.

'; } $patientHistory .= '
'; $dashboardContent = $profileInfo . $hospitalInfo . $patientHistory; break; case 'patient': $dashboardContent = '

Here you can manage your profile, view your medical history, and book appointments.

'; break; default: $dashboardContent = '

Welcome to your dashboard.

'; break; } ?> Dashboard - Medicaltour

Welcome, !

Your role: