From 0f55e9d0b9f48dc5fceb9affe52e238013a70abf Mon Sep 17 00:00:00 2001 From: Flatlogic Bot Date: Thu, 30 Oct 2025 00:12:08 +0000 Subject: [PATCH] Auto commit: 2025-10-30T00:12:08.183Z --- add_case_note.php | 40 +++ compose_message.php | 68 ++++ create_referral.php | 82 +++++ .../001_add_resident_enhancements.php | 47 +++ db/migrations/003_add_partner_schema.php | 47 +++ download_document.php | 65 ++++ export_residents.php | 77 ++++ manage_documents.php | 118 +++++++ partner_dashboard.php | 333 ++++++++++++++++-- resident_edit.php | 26 +- resident_view.php | 124 +++++-- send_message.php | 40 +++ staff_dashboard.php | 278 ++++++++++++--- submit_referral.php | 37 ++ update_referral_status.php | 61 ++++ update_resident_status.php | 44 +++ upload_document.php | 65 ++++ view_message.php | 95 +++++ 18 files changed, 1528 insertions(+), 119 deletions(-) create mode 100644 add_case_note.php create mode 100644 compose_message.php create mode 100644 create_referral.php create mode 100644 db/migrations/001_add_resident_enhancements.php create mode 100644 db/migrations/003_add_partner_schema.php create mode 100644 download_document.php create mode 100644 export_residents.php create mode 100644 manage_documents.php create mode 100644 send_message.php create mode 100644 submit_referral.php create mode 100644 update_referral_status.php create mode 100644 update_resident_status.php create mode 100644 upload_document.php create mode 100644 view_message.php diff --git a/add_case_note.php b/add_case_note.php new file mode 100644 index 0000000..ecf604c --- /dev/null +++ b/add_case_note.php @@ -0,0 +1,40 @@ +prepare("INSERT INTO case_notes (resident_id, note) VALUES (?, ?)"); + $stmt->execute([$resident_id, $note]); + + // Redirect back to the resident's view page after successful insertion + header("Location: resident_view.php?id={$resident_id}&success=note_added"); + exit; +} catch (PDOException $e) { + // In a real app, log this error. + // For simplicity, redirect with a generic error. + header("Location: resident_view.php?id={$resident_id}&error=db_error"); + exit; +} diff --git a/compose_message.php b/compose_message.php new file mode 100644 index 0000000..d9ab597 --- /dev/null +++ b/compose_message.php @@ -0,0 +1,68 @@ +query("SELECT id, email FROM users WHERE role = 'staff' ORDER BY email"); +$staff_users = $stmt->fetchAll(PDO::FETCH_ASSOC); + +?> + + + + + + Compose Message - Continuum of Healing + + + + + + +
+
+

Compose New Message

+ ← Back to Dashboard +
+ +
+
+
+
+ + +
+
+ + +
+
+ + +
+ +
+
+
+
+ + + + diff --git a/create_referral.php b/create_referral.php new file mode 100644 index 0000000..7476dba --- /dev/null +++ b/create_referral.php @@ -0,0 +1,82 @@ +prepare("SELECT * FROM residents WHERE id = ?"); +$stmt->execute([$resident_id]); +$resident = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$resident) { + header("Location: staff_dashboard.php"); + exit; +} + +// Fetch partners for the dropdown +$stmt = $pdo->query("SELECT id, name FROM partners ORDER BY name"); +$partners = $stmt->fetchAll(PDO::FETCH_ASSOC); + +?> + + + + + + New Referral - Continuum of Healing + + + + + + +
+
+

New Referral for

+ ← Back to Resident +
+ +
+
+
+ + +
+ + +
+
+ + +
+ +
+
+
+
+ + + + diff --git a/db/migrations/001_add_resident_enhancements.php b/db/migrations/001_add_resident_enhancements.php new file mode 100644 index 0000000..26a985a --- /dev/null +++ b/db/migrations/001_add_resident_enhancements.php @@ -0,0 +1,47 @@ +exec("ALTER TABLE residents ADD COLUMN risk_level VARCHAR(255) DEFAULT 'Low'"); + $db->exec("ALTER TABLE residents ADD COLUMN program VARCHAR(255) DEFAULT 'General'"); + $db->exec("ALTER TABLE residents ADD COLUMN status VARCHAR(255) DEFAULT 'Active'"); + + // 2. Create case_notes table + $db->exec(" + CREATE TABLE IF NOT EXISTS case_notes ( + id INT AUTO_INCREMENT PRIMARY KEY, + resident_id INT NOT NULL, + note TEXT NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY (resident_id) REFERENCES residents(id) ON DELETE CASCADE + ) + "); + + // 3. Populate with some data + $stmt = $db->query("SELECT id FROM residents"); + $resident_ids = $stmt->fetchAll(PDO::FETCH_COLUMN); + + if ($resident_ids) { + $programs = ['Housing', 'Health', 'Employment']; + $risks = ['Low', 'Medium', 'High']; + $statuses = ['Active', 'Inactive', 'Stabilized']; + + foreach ($resident_ids as $id) { + $program = $programs[array_rand($programs)]; + $risk = $risks[array_rand($risks)]; + $status = $statuses[array_rand($statuses)]; + $db->prepare("UPDATE residents SET program = ?, risk_level = ?, status = ? WHERE id = ?")->execute([$program, $risk, $status, $id]); + + // Add a case note + $db->prepare("INSERT INTO case_notes (resident_id, note) VALUES (?, ?)")->execute([$id, 'Initial intake assessment completed.']); + } + } + + echo "Database schema updated successfully."; + +} catch (PDOException $e) { + die("Database migration failed: " . $e->getMessage()); +} diff --git a/db/migrations/003_add_partner_schema.php b/db/migrations/003_add_partner_schema.php new file mode 100644 index 0000000..731dc43 --- /dev/null +++ b/db/migrations/003_add_partner_schema.php @@ -0,0 +1,47 @@ +exec(" + CREATE TABLE IF NOT EXISTS partners ( + id INT AUTO_INCREMENT PRIMARY KEY, + name VARCHAR(255) NOT NULL, + user_id INT UNIQUE + ) + "); + + // 2. Add partner_id to residents table + $db->exec("ALTER TABLE residents ADD COLUMN partner_id INT NULL"); + + // 3. Create a user for a partner (if not exists) + $partner_email = 'partner@goodwill.example'; + $stmt = $db->prepare("SELECT id FROM users WHERE email = ?"); + $stmt->execute([$partner_email]); + $partner_user_id = $stmt->fetchColumn(); + + if (!$partner_user_id) { + $db->prepare("INSERT INTO users (email, password, role) VALUES (?, ?, ?)")->execute([$partner_email, password_hash('password123', PASSWORD_DEFAULT), 'partner']); + $partner_user_id = $db->lastInsertId(); + } + + // 4. Create a partner profile + $stmt = $db->prepare("SELECT id FROM partners WHERE user_id = ?"); + $stmt->execute([$partner_user_id]); + $partner_id = $stmt->fetchColumn(); + + if (!$partner_id) { + $db->prepare("INSERT INTO partners (name, user_id) VALUES (?, ?)")->execute(['Goodwill Housing', $partner_user_id]); + $partner_id = $db->lastInsertId(); + } + + // 5. Assign some residents to the partner + $db->exec("UPDATE residents SET partner_id = {$partner_id} WHERE program = 'Housing'"); + + echo "Database schema updated successfully for partner feature."; + +} catch (PDOException $e) { + die("Database migration failed: " . $e->getMessage()); +} diff --git a/download_document.php b/download_document.php new file mode 100644 index 0000000..ee02b72 --- /dev/null +++ b/download_document.php @@ -0,0 +1,65 @@ +prepare("SELECT * FROM documents WHERE id = ?"); +$stmt->execute([$document_id]); +$document = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$document) { + header("HTTP/1.1 404 Not Found"); + exit; +} + +// Permission check +$user_role = $_SESSION['user_role']; +$user_id = $_SESSION['user_id']; +$has_permission = false; + +if ($user_role === 'staff') { + $has_permission = true; +} elseif ($user_role === 'partner') { + $stmt = $pdo->prepare("SELECT id FROM partners WHERE user_id = ?"); + $stmt->execute([$user_id]); + $partner_id = $stmt->fetchColumn(); + + if ($partner_id && $document['partner_id'] == $partner_id) { + $has_permission = true; + } +} + +if (!$has_permission) { + header("HTTP/1.1 403 Forbidden"); + exit("You do not have permission to access this file."); +} + +// Serve the file for download +$file_path = $document['file_path']; +if (file_exists($file_path)) { + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename="' . basename($document['file_name']) . '"'); + header('Expires: 0'); + header('Cache-Control: must-revalidate'); + header('Pragma: public'); + header('Content-Length: ' . filesize($file_path)); + readfile($file_path); + exit; +} else { + header("HTTP/1.1 404 Not Found"); + exit("File not found on server."); +} diff --git a/export_residents.php b/export_residents.php new file mode 100644 index 0000000..3c80dc9 --- /dev/null +++ b/export_residents.php @@ -0,0 +1,77 @@ +prepare($sql); +$stmt->execute($params); + +// -- CSV Generation -- +$filename = "continuum_residents_" . date('Y-m-d') . ".csv"; + +header('Content-Type: text/csv; charset=utf-8'); +header('Content-Disposition: attachment; filename=' . $filename); + +$output = fopen('php://output', 'w'); + +// Add header row +fputcsv($output, [ + 'ID', 'First Name', 'Last Name', 'Email', 'Phone Number', 'Date of Birth', + 'Program', 'Status', 'Risk Level', 'Health Progress', 'Housing Progress', 'Employment Progress', 'Created At' +]); + +// Add data rows +while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { + fputcsv($output, [ + $row['id'], + $row['first_name'], + $row['last_name'], + $row['email'], + $row['phone_number'], + $row['date_of_birth'], + $row['program'], + $row['status'], + $row['risk_level'], + $row['health_progress'], + $row['housing_progress'], + $row['employment_progress'], + $row['created_at'] + ]); +} + +fclose($output); +exit; diff --git a/manage_documents.php b/manage_documents.php new file mode 100644 index 0000000..abdee13 --- /dev/null +++ b/manage_documents.php @@ -0,0 +1,118 @@ +prepare("SELECT * FROM residents WHERE id = ?"); +$stmt->execute([$resident_id]); +$resident = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$resident) { + header("Location: partner_dashboard.php"); + exit; +} + +// Fetch documents for this resident +$stmt = $pdo->prepare("SELECT * FROM documents WHERE resident_id = ? ORDER BY uploaded_at DESC"); +$stmt->execute([$resident_id]); +$documents = $stmt->fetchAll(PDO::FETCH_ASSOC); + +?> + + + + + + Manage Documents - <?php echo htmlspecialchars($resident['first_name'] . ' ' . $resident['last_name']); ?> + + + + + + + +
+
+

Manage Documents for

+ ← Back to Dashboard +
+ +
+
+
+
Uploaded Documents
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
File NameDescriptionUploaded OnAction
No documents uploaded yet.
+ Download +
+
+
+
+
+
+
Upload New Document
+
+
+ +
+ + +
+
+ + +
+ +
+
+
+
+
+
+ + + + diff --git a/partner_dashboard.php b/partner_dashboard.php index 9a564bf..fd9dc36 100644 --- a/partner_dashboard.php +++ b/partner_dashboard.php @@ -8,19 +8,74 @@ if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'partner') { } $pdo = db(); +$current_user_id = $_SESSION['user_id']; -// Get partner details +// Get partner details from user_id $stmt = $pdo->prepare("SELECT * FROM partners WHERE user_id = ?"); -$stmt->execute([$_SESSION['user_id']]); +$stmt->execute([$current_user_id]); $partner = $stmt->fetch(PDO::FETCH_ASSOC); if (!$partner) { $error_message = "Could not find a partner profile linked to your user account."; } else { - // Get residents assigned to this partner - $stmt = $pdo->prepare("SELECT * FROM residents WHERE partner_id = ? ORDER BY last_name, first_name"); - $stmt->execute([$partner['id']]); - $residents = $stmt->fetchAll(PDO::FETCH_ASSOC); + $partner_id = $partner['id']; + + // -- Performance Summary -- + $stmt = $pdo->prepare("SELECT COUNT(*) FROM residents WHERE partner_id = ?"); + $stmt->execute([$partner_id]); + $total_assigned = $stmt->fetchColumn(); + + $stmt = $pdo->prepare("SELECT COUNT(*) FROM residents WHERE partner_id = ? AND status = 'Active'"); + $stmt->execute([$partner_id]); + $active_assigned = $stmt->fetchColumn(); + + $stmt = $pdo->prepare("SELECT COUNT(*) FROM referrals WHERE partner_id = ?"); + $stmt->execute([$partner_id]); + $total_referrals = $stmt->fetchColumn(); + + // -- Resident Data -- + $resident_sql = " + SELECT + r.id, r.first_name, r.last_name, r.program, r.risk_level, r.status, + (SELECT COUNT(*) FROM action_plans ap WHERE ap.resident_id = r.id AND ap.status != 'Completed') as open_plans_count, + (SELECT note FROM case_notes WHERE resident_id = r.id ORDER BY created_at DESC LIMIT 1) as last_note, + (SELECT created_at FROM case_notes WHERE resident_id = r.id ORDER BY created_at DESC LIMIT 1) as last_note_date + FROM residents r + WHERE r.partner_id = ? + ORDER BY r.last_name, r.first_name + "; + $resident_stmt = $pdo->prepare($resident_sql); + $resident_stmt->execute([$partner_id]); + $residents = $resident_stmt->fetchAll(PDO::FETCH_ASSOC); + + // -- Referral Data -- + $referral_sql = " + SELECT + ref.id, ref.referral_date, ref.status, ref.notes, + res.first_name, res.last_name, + u.email as staff_email + FROM referrals ref + JOIN residents res ON ref.resident_id = res.id + JOIN users u ON ref.staff_user_id = u.id + WHERE ref.partner_id = ? + ORDER BY ref.referral_date DESC + "; + $referral_stmt = $pdo->prepare($referral_sql); + $referral_stmt->execute([$partner_id]); + $referrals = $referral_stmt->fetchAll(PDO::FETCH_ASSOC); + + + // -- Fetch Messages -- + $message_sql = " + SELECT m.id, m.subject, m.created_at, m.read_at, u.email as sender_email + FROM messages m + JOIN users u ON m.sender_user_id = u.id + WHERE m.recipient_user_id = ? + ORDER BY m.created_at DESC + "; + $message_stmt = $pdo->prepare($message_sql); + $message_stmt->execute([$current_user_id]); + $messages = $message_stmt->fetchAll(PDO::FETCH_ASSOC); } ?> @@ -31,6 +86,7 @@ if (!$partner) { Partner Dashboard - Continuum of Healing + @@ -54,43 +110,256 @@ if (!$partner) {
-

Partner Dashboard:

+

Partner:

-
-
Assigned Residents
-
-
- - - - - - - - - - + + +
+ +
+
+ +
+
+
+
+
Total Assigned
+

+
+
+
+
+
+
+
Active Residents
+

+
+
+
+
+
+
+
Total Referrals
+

+
+
+
+
+ + +

Assigned Resident Health Cards

+
+ +
+
No residents are currently assigned to you.
+
+ + +
+
+
+
+ + +
+
+

+ Program: +

+

+ Status: + + +

+
+ Open Action Plans + +
+
Last Note
+

+ + "..." +
on + + No notes recorded yet. + +

+
+
+
+ + +
+
+
+ +
+
+

Referral Tracker

+
+
NameProgramStatus
+ - + + + + + - - + + + - - - + - - - -
No residents are currently assigned to you.DateResidentReferred ByStatusActions
No referrals found.
+ + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+
+

Inbox

+ Compose Message +
+
+ +
You have no messages.
+ + + +
+
+ +
+

From:

+ + + +
+
+
+ +
+
+

Document Management

+
+ +
No residents assigned to you.
+ + +
+ + Manage Documents +
+ + +
+ + - \ No newline at end of file + diff --git a/resident_edit.php b/resident_edit.php index 21b5a4f..489d7ab 100644 --- a/resident_edit.php +++ b/resident_edit.php @@ -19,7 +19,7 @@ $pdo = db(); // Handle form submission if ($_SERVER['REQUEST_METHOD'] === 'POST') { try { - $sql = "UPDATE residents SET first_name = ?, last_name = ?, email = ?, phone_number = ?, date_of_birth = ?, program = ?, status = ? WHERE id = ?"; + $sql = "UPDATE residents SET first_name = ?, last_name = ?, email = ?, phone_number = ?, date_of_birth = ?, program = ?, status = ?, health_progress = ?, housing_progress = ?, employment_progress = ? WHERE id = ?"; $stmt = $pdo->prepare($sql); $stmt->execute([ $_POST['first_name'], @@ -29,6 +29,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $_POST['date_of_birth'], $_POST['program'], $_POST['status'], + $_POST['health_progress'], + $_POST['housing_progress'], + $_POST['employment_progress'], $resident_id ]); header("Location: resident_view.php?id=" . $resident_id . "&success=2"); // Success code for update @@ -117,6 +120,25 @@ if (!$resident) { + +
+ +
Continuum Progress
+
+
+ + +
+
+ + +
+
+ + +
+
+ @@ -125,4 +147,4 @@ if (!$resident) { - \ No newline at end of file + diff --git a/resident_view.php b/resident_view.php index f628843..8fa65c8 100644 --- a/resident_view.php +++ b/resident_view.php @@ -27,9 +27,14 @@ if (!$resident) { } // Fetch action plans for the resident -$stmt = $pdo->prepare("SELECT * FROM action_plans WHERE resident_id = ? ORDER BY created_at DESC"); -$stmt->execute([$resident_id]); -$action_plans = $stmt->fetchAll(PDO::FETCH_ASSOC); +$action_plan_stmt = $pdo->prepare("SELECT * FROM action_plans WHERE resident_id = ? ORDER BY created_at DESC"); +$action_plan_stmt->execute([$resident_id]); +$action_plans = $action_plan_stmt->fetchAll(PDO::FETCH_ASSOC); + +// Fetch case notes for the resident +$case_notes_stmt = $pdo->prepare("SELECT * FROM case_notes WHERE resident_id = ? ORDER BY created_at DESC"); +$case_notes_stmt->execute([$resident_id]); +$case_notes = $case_notes_stmt->fetchAll(PDO::FETCH_ASSOC); ?> @@ -39,6 +44,7 @@ $action_plans = $stmt->fetchAll(PDO::FETCH_ASSOC); View Resident - <?php echo htmlspecialchars($resident['first_name'] . ' ' . $resident['last_name']); ?> + @@ -66,8 +72,17 @@ $action_plans = $stmt->fetchAll(PDO::FETCH_ASSOC);
- Resident Information - Edit + Resident Information +
+ Edit + +
+ + + +
+ +
@@ -85,44 +100,75 @@ $action_plans = $stmt->fetchAll(PDO::FETCH_ASSOC);
- -
-
- Action Plans - + New Action Plan -
-
-
- - - - - - - - - - - - - - - - - +
+
+ +
+
+ Action Plans + + New Action Plan +
+
+
+
TitleStatusDue DateCreated OnAction
No action plans found for this resident.
+ - - - - - + + + + + + + + + + + + + + + + + + + + + +
- View/Edit - TitleStatusDue DateAction
No action plans found.
+ View/Edit +
+
+
+
+
+
+ +
+
Case Notes
+
+ +
+ +
+ +
+ +
+ +
+ +
No notes yet.
+ + +
+

+ On +
- - +
+
diff --git a/send_message.php b/send_message.php new file mode 100644 index 0000000..cd0ba0c --- /dev/null +++ b/send_message.php @@ -0,0 +1,40 @@ +prepare("INSERT INTO messages (sender_user_id, recipient_user_id, subject, body) VALUES (?, ?, ?, ?)"); + $stmt->execute([$sender_user_id, $recipient_user_id, $subject, $body]); + + $redirect_url = ($_SESSION['user_role'] === 'staff') ? 'staff_dashboard.php' : 'partner_dashboard.php'; + header("Location: " . $redirect_url . "?success=message_sent"); + exit; +} catch (PDOException $e) { + // In a real app, log this error. + $redirect_url = ($_SESSION['user_role'] === 'staff') ? 'staff_dashboard.php' : 'partner_dashboard.php'; + header("Location: " . $redirect_url . "?error=db_error"); + exit; +} diff --git a/staff_dashboard.php b/staff_dashboard.php index 0556414..9e1228d 100644 --- a/staff_dashboard.php +++ b/staff_dashboard.php @@ -8,16 +8,53 @@ if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'staff') { exit; } -// Fetch residents from the database -try { - $pdo = db(); - $stmt = $pdo->query("SELECT id, first_name, last_name, status, program FROM residents ORDER BY last_name, first_name"); - $residents = $stmt->fetchAll(PDO::FETCH_ASSOC); -} catch (PDOException $e) { - // Handle DB error - for now, just show a simple message - $error_message = "Error fetching resident data."; - // In a real app, you'd log this error. +$pdo = db(); + +// -- Analytics & Alerts -- +// Fetch summary metrics +$total_residents = $pdo->query("SELECT count(*) FROM residents")->fetchColumn(); +$active_residents = $pdo->query("SELECT count(*) FROM residents WHERE status = 'Active'")->fetchColumn(); +$high_risk_residents = $pdo->query("SELECT count(*) FROM residents WHERE risk_level = 'High'")->fetchColumn(); + +// Fetch high-risk residents for the alert panel +$high_risk_alert_stmt = $pdo->query("SELECT id, first_name, last_name, program FROM residents WHERE risk_level = 'High' ORDER BY last_name, first_name LIMIT 5"); +$high_risk_alerts = $high_risk_alert_stmt->fetchAll(PDO::FETCH_ASSOC); + +// -- Filtering -- +$program_filter = $_GET['program'] ?? ''; +$risk_filter = $_GET['risk_level'] ?? ''; +$status_filter = $_GET['status'] ?? ''; + +$where_clauses = []; +$params = []; + +if ($program_filter) { + $where_clauses[] = "program = ?"; + $params[] = $program_filter; } +if ($risk_filter) { + $where_clauses[] = "risk_level = ?"; + $params[] = $risk_filter; +} +if ($status_filter) { + $where_clauses[] = "status = ?"; + $params[] = $status_filter; +} + +$sql = "SELECT id, first_name, last_name, status, program, risk_level, health_progress, housing_progress, employment_progress FROM residents"; +if (!empty($where_clauses)) { + $sql .= " WHERE " . implode(' AND ', $where_clauses); +} +$sql .= " ORDER BY last_name, first_name"; + +$stmt = $pdo->prepare($sql); +$stmt->execute($params); +$residents = $stmt->fetchAll(PDO::FETCH_ASSOC); + +// For filter dropdowns +$programs = $pdo->query("SELECT DISTINCT program FROM residents ORDER BY program")->fetchAll(PDO::FETCH_COLUMN); +$risk_levels = $pdo->query("SELECT DISTINCT risk_level FROM residents ORDER BY risk_level")->fetchAll(PDO::FETCH_COLUMN); +$statuses = $pdo->query("SELECT DISTINCT status FROM residents ORDER BY status")->fetchAll(PDO::FETCH_COLUMN); ?> @@ -27,6 +64,7 @@ try { Staff Dashboard | Continuum of Healing + @@ -51,52 +89,200 @@ try {

Continuum Control Center

- + New Resident + New Resident
- -
- - -
-
- All Residents + +
+
+
+
+
Total Residents
+

+
+
-
-
- - - - - - - - - - - - +
+
+
+
Active Residents
+

+
+
+
+
+
+
+
High Risk
+

+
+
+
+ + +
+ +
+
+
+
+ All Residents +
+ + + Export CSV + +
+
+
+
+ +
+
+
+
+ + +
+
+ + +
+
+ + +
+
+
+ Reset + +
+ +
+ +
+
NameProgramStatusAction
+ - - - - + + + + + + - - - - - - - -
- View - NameProgramRisk LevelContinuumStatusAction
No residents found.
+ + + + + + + + + + + + +
+
+
+
+
+
+
+
+
+
+
+ + + + + + + View + + + + + + No residents found matching your criteria. + + + + +
+
+
+
+ +
+
+
+ High Risk Alerts +
+
+ + + +
+
+
+ + + + +
+

No high risk residents found.

+
+ +
+ - + \ No newline at end of file diff --git a/submit_referral.php b/submit_referral.php new file mode 100644 index 0000000..1ac43be --- /dev/null +++ b/submit_referral.php @@ -0,0 +1,37 @@ +prepare($sql); + $stmt->execute([$resident_id, $partner_id, $staff_id, $notes]); + + header("Location: resident_view.php?id={$resident_id}&success=referral_sent"); + exit; +} catch (PDOException $e) { + // Log error in a real app + header("Location: create_referral.php?resident_id={$resident_id}&error=db_error"); + exit; +} diff --git a/update_referral_status.php b/update_referral_status.php new file mode 100644 index 0000000..d2eb871 --- /dev/null +++ b/update_referral_status.php @@ -0,0 +1,61 @@ + false, 'message' => 'Unauthorized']); + exit; +} + +// Check for POST request +if ($_SERVER['REQUEST_METHOD'] !== 'POST') { + echo json_encode(['success' => false, 'message' => 'Invalid request method.']); + exit; +} + +// Get and validate input +$input = json_decode(file_get_contents('php://input'), true); +$referral_id = $input['referral_id'] ?? null; +$new_status = $input['status'] ?? null; + +if (!$referral_id || !$new_status) { + echo json_encode(['success' => false, 'message' => 'Missing required parameters.']); + exit; +} + +if (!in_array($new_status, ['Accepted', 'Rejected'])) { + echo json_encode(['success' => false, 'message' => 'Invalid status.']); + exit; +} + +$pdo = db(); + +// Verify the partner owns this referral +$stmt = $pdo->prepare("SELECT r.id FROM referrals r JOIN partners p ON r.partner_id = p.id WHERE r.id = ? AND p.user_id = ?"); +$stmt->execute([$referral_id, $_SESSION['user_id']]); +$referral = $stmt->fetch(); + +if (!$referral) { + echo json_encode(['success' => false, 'message' => 'Referral not found or you do not have permission to modify it.']); + exit; +} + +// Update the referral status +try { + $update_stmt = $pdo->prepare("UPDATE referrals SET status = ? WHERE id = ?"); + $update_stmt->execute([$new_status, $referral_id]); + + if ($update_stmt->rowCount() > 0) { + echo json_encode(['success' => true, 'message' => 'Referral status updated successfully.']); + } else { + echo json_encode(['success' => false, 'message' => 'Failed to update status or status was already set.']); + } +} catch (PDOException $e) { + // Log error properly in a real application + echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]); +} + +?> \ No newline at end of file diff --git a/update_resident_status.php b/update_resident_status.php new file mode 100644 index 0000000..bbd426a --- /dev/null +++ b/update_resident_status.php @@ -0,0 +1,44 @@ +prepare("UPDATE residents SET status = ? WHERE id = ?"); + $stmt->execute([$status, $resident_id]); + + // Redirect back to the resident's view page + header("Location: resident_view.php?id={$resident_id}&success=status_updated"); + exit; +} catch (PDOException $e) { + // Log the error in a real app + header("Location: resident_view.php?id={$resident_id}&error=db_error"); + exit; +} diff --git a/upload_document.php b/upload_document.php new file mode 100644 index 0000000..dfa86cb --- /dev/null +++ b/upload_document.php @@ -0,0 +1,65 @@ + 5 * 1024 * 1024) { // 5MB limit + header("Location: manage_documents.php?resident_id={$resident_id}&error=file_too_large"); + exit; +} + +if (move_uploaded_file($file['tmp_name'], $target_path)) { + try { + $pdo = db(); + $partner_id = null; + $stmt = $pdo->prepare("SELECT id FROM partners WHERE user_id = ?"); + $stmt->execute([$_SESSION['user_id']]); + $partner_id = $stmt->fetchColumn(); + + $sql = "INSERT INTO documents (resident_id, partner_id, file_name, file_path, description) VALUES (?, ?, ?, ?, ?)"; + $stmt = $pdo->prepare($sql); + $stmt->execute([$resident_id, $partner_id, $original_name, $target_path, $description]); + + header("Location: manage_documents.php?resident_id={$resident_id}&success=uploaded"); + exit; + } catch (PDOException $e) { + // Clean up the uploaded file if DB insert fails + unlink($target_path); + header("Location: manage_documents.php?resident_id={$resident_id}&error=db_error"); + exit; + } +} else { + header("Location: manage_documents.php?resident_id={$resident_id}&error=upload_failed"); + exit; +} diff --git a/view_message.php b/view_message.php new file mode 100644 index 0000000..0711c56 --- /dev/null +++ b/view_message.php @@ -0,0 +1,95 @@ +prepare(" + SELECT m.*, u.email as sender_email + FROM messages m + JOIN users u ON m.sender_user_id = u.id + WHERE m.id = ? +"); +$stmt->execute([$message_id]); +$message = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$message || ($message['recipient_user_id'] != $_SESSION['user_id'] && $message['sender_user_id'] != $_SESSION['user_id'])) { + // Message not found or user is not part of the conversation + $redirect_url = ($_SESSION['user_role'] === 'staff') ? 'staff_dashboard.php' : 'partner_dashboard.php'; + header("Location: " . $redirect_url . "?error=not_found"); + exit; +} + +// Mark as read if the current user is the recipient +if ($message['recipient_user_id'] == $_SESSION['user_id'] && !$message['read_at']) { + $pdo->prepare("UPDATE messages SET read_at = NOW() WHERE id = ?")->execute([$message_id]); +} + +?> + + + + + + View Message - Continuum of Healing + + + + + + +
+
+

View Message

+ ← Back to Dashboard +
+ +
+
+
+ From: on +
+
+

+
+
+ +
+ +
+
Reply
+
+
+ + +
+ + +
+ +
+
+
+
+ + + +