prepare("SELECT status FROM hospitals WHERE id = ?"); $stmt->execute([$hospital_id]); $hospital = $stmt->fetch(PDO::FETCH_ASSOC); $hospital_status = $hospital['status'] ?? 'pending_verification'; $success_message = ''; $error_message = ''; // Table creation and form processing only if hospital is approved if ($hospital_status === 'approved') { try { // Idempotent table creation for recipients $pdo->exec("CREATE TABLE IF NOT EXISTS recipients ( id INT AUTO_INCREMENT PRIMARY KEY, hospital_id INT NOT NULL, full_name VARCHAR(255) NOT NULL, email VARCHAR(255) NOT NULL, phone VARCHAR(50), blood_type VARCHAR(10) NOT NULL, organ_needed VARCHAR(100) NOT NULL, urgency_level VARCHAR(50) NOT NULL, registration_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP, status VARCHAR(50) DEFAULT 'waiting', /* e.g., waiting, matched, transplanted */ FOREIGN KEY (hospital_id) REFERENCES hospitals(id) )"); } catch (PDOException $e) { $error_message = "Database error: " . $e->getMessage(); } // Handle new recipient registration if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['register_recipient'])) { $full_name = trim($_POST['full_name']); $email = trim($_POST['email']); $phone = trim($_POST['phone']); $blood_type = $_POST['blood_type']; $organ_needed = $_POST['organ_needed']; $urgency_level = $_POST['urgency_level']; if (empty($full_name) || empty($email) || empty($blood_type) || empty($organ_needed) || empty($urgency_level)) { $error_message = "Please fill all required fields."; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error_message = "Invalid email format."; } else { try { $stmt = $pdo->prepare("INSERT INTO recipients (hospital_id, full_name, email, phone, blood_type, organ_needed, urgency_level) VALUES (?, ?, ?, ?, ?, ?, ?)"); $stmt->execute([$hospital_id, $full_name, $email, $phone, $blood_type, $organ_needed, $urgency_level]); $success_message = "Recipient registered successfully!"; } catch (PDOException $e) { $error_message = "Error registering recipient. Please try again."; } } } } // Fetch this hospital's registered recipients $recipients = []; if ($hospital_status === 'approved') { $stmt = $pdo->prepare("SELECT * FROM recipients WHERE hospital_id = ? ORDER BY registration_date DESC"); $stmt->execute([$hospital_id]); $recipients = $stmt->fetchAll(PDO::FETCH_ASSOC); } // Logout logic if (isset($_GET['logout'])) { session_destroy(); header("Location: index.php"); exit(); } ?> Hospital Dashboard

Account Pending Approval

Your hospital registration is currently under review by our administrators. You will be able to register recipients once your account is approved.

Account Registration Rejected

Your hospital registration was not approved. Please contact an administrator for more information.

Register a New Recipient

Your Registered Recipients

You have not registered any recipients yet.

NameEmailBlood TypeOrgan NeededUrgencyStatusDate