150 lines
6.0 KiB
PHP
150 lines
6.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// Ensure user is logged in and is a hospital admin
|
|
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'hospital') {
|
|
header("Location: login.php");
|
|
exit;
|
|
}
|
|
|
|
$hospitalId = $_SESSION['user_id'];
|
|
$message = '';
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Add hospital_id to doctors table if it doesn't exist
|
|
$pdo->exec("ALTER TABLE `doctors` ADD COLUMN IF NOT EXISTS `hospital_id` INT NULL AFTER `id`, ADD INDEX (`hospital_id`);");
|
|
|
|
// Handle form submission to add a new doctor
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['email'])) {
|
|
$fullName = $_POST['full_name'];
|
|
$email = $_POST['email'];
|
|
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
|
|
|
if (!empty($email) && !empty($fullName) && !empty($_POST['password'])) {
|
|
$stmt = $pdo->prepare("INSERT INTO doctors (hospital_id, full_name, email, password, status) VALUES (:hospital_id, :full_name, :email, :password, 'active')");
|
|
$stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT);
|
|
$stmt->bindParam(':full_name', $fullName, PDO::PARAM_STR);
|
|
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
|
|
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
|
|
|
|
if ($stmt->execute()) {
|
|
$message = '<div class="alert alert-success">Doctor added successfully!</div>';
|
|
} else {
|
|
$message = '<div class="alert alert-danger">Failed to add doctor. The email might already be registered.</div>';
|
|
}
|
|
} else {
|
|
$message = '<div class="alert alert-warning">Please fill all required fields.</div>';
|
|
}
|
|
}
|
|
|
|
// Fetch existing doctors for this hospital
|
|
$stmt = $pdo->prepare("SELECT id, full_name, email, specialty FROM doctors WHERE hospital_id = :hospital_id ORDER BY full_name");
|
|
$stmt->bindParam(':hospital_id', $hospitalId, PDO::PARAM_INT);
|
|
$stmt->execute();
|
|
$doctors = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
} catch (PDOException $e) {
|
|
$message = '<div class="alert alert-danger">Database error: ' . $e->getMessage() . '</div>';
|
|
$doctors = [];
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Manage Doctors - Medicaltour</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="assets/css/custom.css">
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Navigation -->
|
|
<nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
|
|
<div class="container">
|
|
<a class="navbar-brand" href="index.php">Medicaltour</a>
|
|
<div class="collapse navbar-collapse">
|
|
<ul class="navbar-nav ms-auto">
|
|
<li class="nav-item"><a class="nav-link" href="dashboard.php">Dashboard</a></li>
|
|
<li class="nav-item"><a class="nav-link" href="logout.php">Logout</a></li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
</nav>
|
|
|
|
<!-- Page Content -->
|
|
<main class="container mt-5 pt-5">
|
|
<section id="manage-doctors" class="py-5">
|
|
<h2 class="mb-4">Manage Doctors</h2>
|
|
|
|
<?php echo $message; ?>
|
|
|
|
<!-- Add Doctor Form -->
|
|
<div class="card mb-4">
|
|
<div class="card-header">Add New Doctor</div>
|
|
<div class="card-body">
|
|
<form action="hospital-doctors.php" method="POST">
|
|
<div class="mb-3">
|
|
<label for="full_name" class="form-label">Full Name</label>
|
|
<input type="text" class="form-control" id="full_name" name="full_name" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="email" class="form-label">Email Address</label>
|
|
<input type="email" class="form-control" id="email" name="email" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="password" class="form-label">Temporary Password</label>
|
|
<input type="password" class="form-control" id="password" name="password" required>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">Add Doctor</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Existing Doctors List -->
|
|
<div class="card">
|
|
<div class="card-header">Your Doctors</div>
|
|
<div class="card-body">
|
|
<?php if (empty($doctors)): ?>
|
|
<p>You have not added any doctors yet.</p>
|
|
<?php else: ?>
|
|
<div class="table-responsive">
|
|
<table class="table table-striped">
|
|
<thead>
|
|
<tr>
|
|
<th>Name</th>
|
|
<th>Email</th>
|
|
<th>Specialty</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($doctors as $doctor): ?>
|
|
<tr>
|
|
<td><?php echo htmlspecialchars($doctor['full_name']); ?></td>
|
|
<td><?php echo htmlspecialchars($doctor['email']); ?></td>
|
|
<td><?php echo htmlspecialchars($doctor['specialty'] ?? 'N/A'); ?></td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
</div>
|
|
</section>
|
|
</main>
|
|
|
|
<!-- Footer -->
|
|
<footer class="py-5 bg-dark text-white mt-auto">
|
|
<div class="container text-center">
|
|
<p>© 2025 Medicaltour. All Rights Reserved.</p>
|
|
</div>
|
|
</footer>
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
|
|
</body>
|
|
</html>
|