From 933409e6cf0c679bc8b597bba1516cae2249ee9b Mon Sep 17 00:00:00 2001 From: Flatlogic Bot Date: Wed, 4 Mar 2026 08:07:04 +0000 Subject: [PATCH] Autosave: 20260304-080704 --- includes/actions.php | 222 +++---- includes/layout/footer.php | 731 ++++++++++++++++++------ includes/layout/header.php | 15 +- includes/pages/departments.php | 41 +- includes/pages/doctors.php | 64 +-- includes/pages/employees.php | 64 +-- includes/pages/laboratory_inquiries.php | 92 +-- includes/pages/laboratory_tests.php | 4 +- includes/pages/nurses.php | 56 +- includes/pages/patients.php | 8 +- includes/pages/poisons.php | 37 +- includes/pages/test_groups.php | 68 +-- includes/pages/visits.php | 8 +- laboratory_inquiries.php | 25 +- lang.php | 18 +- 15 files changed, 874 insertions(+), 579 deletions(-) diff --git a/includes/actions.php b/includes/actions.php index 249fac8..42d4690 100644 --- a/includes/actions.php +++ b/includes/actions.php @@ -1,28 +1,25 @@ prepare("INSERT INTO patients (name, phone, dob, gender, blood_group, address, insurance_company_id, policy_number) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); - $stmt->execute([$name, $phone, $dob, $gender, $blood_group, $address, $insurance_company_id, $policy_number]); + if ($name) { + $stmt = $db->prepare("INSERT INTO patients (name, phone, dob, gender, blood_group, insurance_company_id, policy_number, address) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); + $stmt->execute([$name, $phone, $dob, $gender, $blood_group, $insurance_company_id, $policy_number, $address]); $_SESSION['flash_message'] = __('add_patient') . ' ' . __('successfully'); $redirect = true; } @@ -30,17 +27,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $id = $_POST['id'] ?? ''; $name = $_POST['name'] ?? ''; $phone = $_POST['phone'] ?? ''; - $dob = $_POST['dob'] ?? ''; + $dob = $_POST['dob'] ?: null; $gender = $_POST['gender'] ?? ''; $blood_group = $_POST['blood_group'] ?? ''; - $address = $_POST['address'] ?? ''; $insurance_company_id = $_POST['insurance_company_id'] ?: null; $policy_number = $_POST['policy_number'] ?? ''; + $address = $_POST['address'] ?? ''; - if ($id && $name && $phone) { - $stmt = $db->prepare("UPDATE patients SET name = ?, phone = ?, dob = ?, gender = ?, blood_group = ?, address = ?, insurance_company_id = ?, policy_number = ? WHERE id = ?"); - $stmt->execute([$name, $phone, $dob, $gender, $blood_group, $address, $insurance_company_id, $policy_number, $id]); - $_SESSION['flash_message'] = __('update_patient') . ' ' . __('successfully'); + if ($id && $name) { + $stmt = $db->prepare("UPDATE patients SET name = ?, phone = ?, dob = ?, gender = ?, blood_group = ?, insurance_company_id = ?, policy_number = ?, address = ? WHERE id = ?"); + $stmt->execute([$name, $phone, $dob, $gender, $blood_group, $insurance_company_id, $policy_number, $address, $id]); + $_SESSION['flash_message'] = __('edit_patient') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_patient') { @@ -48,21 +45,21 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM patients WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_patient') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_doctor') { $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; + $tel = $_POST['tel'] ?? ''; + $email = $_POST['email'] ?? ''; $spec_en = $_POST['specialization_en'] ?? ''; $spec_ar = $_POST['specialization_ar'] ?? ''; $dept_id = $_POST['department_id'] ?: null; - $tel = $_POST['tel'] ?? ''; - $email = $_POST['email'] ?? ''; if ($name_en && $name_ar) { - $stmt = $db->prepare("INSERT INTO doctors (name_en, name_ar, specialization_en, specialization_ar, department_id, tel, email) VALUES (?, ?, ?, ?, ?, ?, ?)"); - $stmt->execute([$name_en, $name_ar, $spec_en, $spec_ar, $dept_id, $tel, $email]); + $stmt = $db->prepare("INSERT INTO doctors (name_en, name_ar, tel, email, specialization_en, specialization_ar, department_id) VALUES (?, ?, ?, ?, ?, ?, ?)"); + $stmt->execute([$name_en, $name_ar, $tel, $email, $spec_en, $spec_ar, $dept_id]); $_SESSION['flash_message'] = __('add_doctor') . ' ' . __('successfully'); $redirect = true; } @@ -70,16 +67,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $id = $_POST['id'] ?? ''; $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; + $tel = $_POST['tel'] ?? ''; + $email = $_POST['email'] ?? ''; $spec_en = $_POST['specialization_en'] ?? ''; $spec_ar = $_POST['specialization_ar'] ?? ''; $dept_id = $_POST['department_id'] ?: null; - $tel = $_POST['tel'] ?? ''; - $email = $_POST['email'] ?? ''; if ($id && $name_en && $name_ar) { - $stmt = $db->prepare("UPDATE doctors SET name_en = ?, name_ar = ?, specialization_en = ?, specialization_ar = ?, department_id = ?, tel = ?, email = ? WHERE id = ?"); - $stmt->execute([$name_en, $name_ar, $spec_en, $spec_ar, $dept_id, $tel, $email, $id]); - $_SESSION['flash_message'] = __('update_doctor') . ' ' . __('successfully'); + $stmt = $db->prepare("UPDATE doctors SET name_en = ?, name_ar = ?, tel = ?, email = ?, specialization_en = ?, specialization_ar = ?, department_id = ? WHERE id = ?"); + $stmt->execute([$name_en, $name_ar, $tel, $email, $spec_en, $spec_ar, $dept_id, $id]); + $_SESSION['flash_message'] = __('edit_doctor') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_doctor') { @@ -87,19 +84,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM doctors WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_doctor') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_nurse') { $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - $dept_id = $_POST['department_id'] ?: null; $tel = $_POST['tel'] ?? ''; $email = $_POST['email'] ?? ''; + $dept_id = $_POST['department_id'] ?: null; if ($name_en && $name_ar) { - $stmt = $db->prepare("INSERT INTO nurses (name_en, name_ar, department_id, tel, email) VALUES (?, ?, ?, ?, ?)"); - $stmt->execute([$name_en, $name_ar, $dept_id, $tel, $email]); + $stmt = $db->prepare("INSERT INTO nurses (name_en, name_ar, tel, email, department_id) VALUES (?, ?, ?, ?, ?)"); + $stmt->execute([$name_en, $name_ar, $tel, $email, $dept_id]); $_SESSION['flash_message'] = __('add_nurse') . ' ' . __('successfully'); $redirect = true; } @@ -107,14 +104,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $id = $_POST['id'] ?? ''; $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - $dept_id = $_POST['department_id'] ?: null; $tel = $_POST['tel'] ?? ''; $email = $_POST['email'] ?? ''; + $dept_id = $_POST['department_id'] ?: null; if ($id && $name_en && $name_ar) { - $stmt = $db->prepare("UPDATE nurses SET name_en = ?, name_ar = ?, department_id = ?, tel = ?, email = ? WHERE id = ?"); - $stmt->execute([$name_en, $name_ar, $dept_id, $tel, $email, $id]); - $_SESSION['flash_message'] = __('update_nurse') . ' ' . __('successfully'); + $stmt = $db->prepare("UPDATE nurses SET name_en = ?, name_ar = ?, tel = ?, email = ?, department_id = ? WHERE id = ?"); + $stmt->execute([$name_en, $name_ar, $tel, $email, $dept_id, $id]); + $_SESSION['flash_message'] = __('edit_nurse') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_nurse') { @@ -122,13 +119,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM nurses WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_nurse') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_department') { $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - if ($name_en && $name_ar) { $stmt = $db->prepare("INSERT INTO departments (name_en, name_ar) VALUES (?, ?)"); $stmt->execute([$name_en, $name_ar]); @@ -139,11 +135,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $id = $_POST['id'] ?? ''; $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - if ($id && $name_en && $name_ar) { $stmt = $db->prepare("UPDATE departments SET name_en = ?, name_ar = ? WHERE id = ?"); $stmt->execute([$name_en, $name_ar, $id]); - $_SESSION['flash_message'] = __('update_department') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_department') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_department') { @@ -151,20 +146,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM departments WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_department') . ' ' . __('successfully'); - $redirect = true; - } - } elseif ($_POST['action'] === 'add_insurance') { - $name_en = $_POST['name_en'] ?? ''; - $name_ar = $_POST['name_ar'] ?? ''; - $email = $_POST['email'] ?? ''; - $phone = $_POST['phone'] ?? ''; - $contact = $_POST['contact_info'] ?? ''; - - if ($name_en && $name_ar) { - $stmt = $db->prepare("INSERT INTO insurance_companies (name_en, name_ar, email, phone, contact_info) VALUES (?, ?, ?, ?, ?)"); - $stmt->execute([$name_en, $name_ar, $email, $phone, $contact]); - $_SESSION['flash_message'] = __('insurance_company') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'book_appointment') { @@ -192,13 +174,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $treatment = $_POST['treatment_plan'] ?? ''; if ($patient_id && $doctor_id) { + $db->beginTransaction(); $stmt = $db->prepare("INSERT INTO visits (patient_id, doctor_id, appointment_id, weight, blood_pressure, heart_rate, temperature, symptoms, diagnosis, treatment_plan) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $stmt->execute([$patient_id, $doctor_id, $appointment_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment]); if ($appointment_id) { - $db->prepare("UPDATE appointments SET status = 'Completed' WHERE id = ?")->execute([$appointment_id]); + $stmt = $db->prepare("UPDATE appointments SET status = 'Completed' WHERE id = ?"); + $stmt->execute([$appointment_id]); } - $_SESSION['flash_message'] = __('visit_recorded'); + $db->commit(); + $_SESSION['flash_message'] = __('add_visit') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'edit_visit') { @@ -216,19 +201,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id && $patient_id && $doctor_id) { $stmt = $db->prepare("UPDATE visits SET patient_id = ?, doctor_id = ?, weight = ?, blood_pressure = ?, heart_rate = ?, temperature = ?, symptoms = ?, diagnosis = ?, treatment_plan = ? WHERE id = ?"); $stmt->execute([$patient_id, $doctor_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment, $id]); - $_SESSION['flash_message'] = __('update_visit') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_visit') . ' ' . __('successfully'); $redirect = true; } - } elseif ($_POST['action'] === 'create_report') { - $visit_id = $_POST['visit_id'] ?? ''; - $type = $_POST['report_type'] ?? ''; - $findings = $_POST['findings'] ?? ''; - $recommendations = $_POST['recommendations'] ?? ''; - - if ($visit_id && $type) { - $stmt = $db->prepare("INSERT INTO provisional_reports (visit_id, report_type, findings, recommendations) VALUES (?, ?, ?, ?)"); - $stmt->execute([$visit_id, $type, $findings, $recommendations]); - $_SESSION['flash_message'] = __('report_created'); + } elseif ($_POST['action'] === 'delete_visit') { + $id = $_POST['id'] ?? ''; + if ($id) { + $stmt = $db->prepare("DELETE FROM visits WHERE id = ?"); + $stmt->execute([$id]); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'create_bill') { @@ -238,44 +219,52 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $amounts = $_POST['amounts'] ?? []; if ($patient_id && !empty($items)) { + $db->beginTransaction(); + $total = array_sum($amounts); // Check if patient has insurance - $patient = $db->prepare("SELECT insurance_company_id FROM patients WHERE id = ?"); - $patient->execute([$patient_id]); - $p_data = $patient->fetch(); + $stmt = $db->prepare("SELECT insurance_company_id FROM patients WHERE id = ?"); + $stmt->execute([$patient_id]); + $patient = $stmt->fetch(); $insurance_covered = 0; - if ($p_data && $p_data['insurance_company_id']) { - // Simple logic: insurance covers 80% if they have insurance - $insurance_covered = $total * 0.8; + if ($patient && $patient['insurance_company_id']) { + $insurance_covered = $total * 0.8; // 80% coverage } $patient_payable = $total - $insurance_covered; - - $stmt = $db->prepare("INSERT INTO bills (patient_id, visit_id, total_amount, insurance_covered, patient_payable, status) VALUES (?, ?, ?, ?, ?, 'Pending')"); + + $stmt = $db->prepare("INSERT INTO bills (patient_id, visit_id, total_amount, insurance_covered, patient_payable) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$patient_id, $visit_id, $total, $insurance_covered, $patient_payable]); $bill_id = $db->lastInsertId(); - $item_stmt = $db->prepare("INSERT INTO bill_items (bill_id, description, amount) VALUES (?, ?, ?)"); + $stmt = $db->prepare("INSERT INTO bill_items (bill_id, description, amount) VALUES (?, ?, ?)"); foreach ($items as $index => $desc) { if ($desc && isset($amounts[$index])) { - $item_stmt->execute([$bill_id, $desc, $amounts[$index]]); + $stmt->execute([$bill_id, $desc, $amounts[$index]]); } } - $_SESSION['flash_message'] = __('bill_created'); + + $db->commit(); + $_SESSION['flash_message'] = __('create_bill') . ' ' . __('successfully'); $redirect = true; } - } elseif ($_POST['action'] === 'mark_paid') { - $bill_id = $_POST['bill_id'] ?? ''; - if ($bill_id) { - $db->prepare("UPDATE bills SET status = 'Paid' WHERE id = ?")->execute([$bill_id]); - $_SESSION['flash_message'] = __('bill_paid'); + } elseif ($_POST['action'] === 'create_report') { + $visit_id = $_POST['visit_id'] ?? ''; + $type = $_POST['report_type'] ?? ''; + $findings = $_POST['findings'] ?? ''; + $recom = $_POST['recommendations'] ?? ''; + + if ($visit_id && $type) { + $stmt = $db->prepare("INSERT INTO provisional_reports (visit_id, report_type, findings, recommendations) VALUES (?, ?, ?, ?)"); + $stmt->execute([$visit_id, $type, $findings, $recom]); + $_SESSION['flash_message'] = __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_employee') { $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - $dob = $_POST['dob'] ?? ''; + $dob = $_POST['dob'] ?: null; $mobile = $_POST['mobile'] ?? ''; $email = $_POST['email'] ?? ''; $dept_id = $_POST['department_id'] ?: null; @@ -292,7 +281,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $id = $_POST['id'] ?? ''; $name_en = $_POST['name_en'] ?? ''; $name_ar = $_POST['name_ar'] ?? ''; - $dob = $_POST['dob'] ?? ''; + $dob = $_POST['dob'] ?: null; $mobile = $_POST['mobile'] ?? ''; $email = $_POST['email'] ?? ''; $dept_id = $_POST['department_id'] ?: null; @@ -302,7 +291,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id && $name_en && $name_ar) { $stmt = $db->prepare("UPDATE employees SET name_en = ?, name_ar = ?, dob = ?, mobile = ?, email = ?, department_id = ?, passion_en = ?, passion_ar = ? WHERE id = ?"); $stmt->execute([$name_en, $name_ar, $dob, $mobile, $email, $dept_id, $passion_en, $passion_ar, $id]); - $_SESSION['flash_message'] = __('update_employee') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_employee') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_employee') { @@ -310,7 +299,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM employees WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_employee') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_poison') { @@ -335,7 +324,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id && $name_en && $name_ar) { $stmt = $db->prepare("UPDATE poisons SET name_en = ?, name_ar = ?, description_en = ?, description_ar = ? WHERE id = ?"); $stmt->execute([$name_en, $name_ar, $desc_en, $desc_ar, $id]); - $_SESSION['flash_message'] = __('update_poison') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_poison') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_poison') { @@ -343,7 +332,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM poisons WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_poison') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_test_group') { @@ -362,7 +351,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id && $name_en && $name_ar) { $stmt = $db->prepare("UPDATE test_groups SET name_en = ?, name_ar = ? WHERE id = ?"); $stmt->execute([$name_en, $name_ar, $id]); - $_SESSION['flash_message'] = __('update_test_group') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_test_group') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_test_group') { @@ -370,7 +359,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $db->prepare("DELETE FROM test_groups WHERE id = ?"); $stmt->execute([$id]); - $_SESSION['flash_message'] = __('delete_test_group') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'add_test') { @@ -379,6 +368,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $group_id = $_POST['group_id'] ?: null; $price = $_POST['price'] ?? 0; $range = $_POST['normal_range'] ?? ''; + if ($name_en && $name_ar) { $stmt = $db->prepare("INSERT INTO laboratory_tests (name_en, name_ar, group_id, price, normal_range) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$name_en, $name_ar, $group_id, $price, $range]); @@ -392,10 +382,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $group_id = $_POST['group_id'] ?: null; $price = $_POST['price'] ?? 0; $range = $_POST['normal_range'] ?? ''; + if ($id && $name_en && $name_ar) { $stmt = $db->prepare("UPDATE laboratory_tests SET name_en = ?, name_ar = ?, group_id = ?, price = ?, normal_range = ? WHERE id = ?"); $stmt->execute([$name_en, $name_ar, $group_id, $price, $range, $id]); - $_SESSION['flash_message'] = __('update_test') . ' ' . __('successfully'); + $_SESSION['flash_message'] = __('edit_test') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'delete_test') { @@ -408,30 +399,61 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { } } elseif ($_POST['action'] === 'add_inquiry') { $patient_name = $_POST['patient_name'] ?? ''; - $test_id = $_POST['test_id'] ?: null; + $test_ids = $_POST['test_ids'] ?? []; + $results = $_POST['results'] ?? []; + $ranges = $_POST['normal_ranges'] ?? []; $source = $_POST['source'] ?? 'Internal'; $date = $_POST['inquiry_date'] ?: date('Y-m-d H:i'); $status = $_POST['status'] ?? 'Pending'; $notes = $_POST['notes'] ?? ''; if ($patient_name) { - $stmt = $db->prepare("INSERT INTO laboratory_inquiries (patient_name, test_id, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?, ?)"); - $stmt->execute([$patient_name, $test_id, $source, $date, $status, $notes]); + $db->beginTransaction(); + $stmt = $db->prepare("INSERT INTO laboratory_inquiries (patient_name, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?)"); + $stmt->execute([$patient_name, $source, $date, $status, $notes]); + $inquiry_id = $db->lastInsertId(); + + if (!empty($test_ids)) { + $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result, normal_range) VALUES (?, ?, ?, ?)"); + foreach ($test_ids as $index => $tid) { + if ($tid) { + $testStmt->execute([$inquiry_id, $tid, $results[$index] ?? '', $ranges[$index] ?? '']); + } + } + } + $db->commit(); $_SESSION['flash_message'] = __('add_inquiry') . ' ' . __('successfully'); $redirect = true; } } elseif ($_POST['action'] === 'edit_inquiry') { $id = $_POST['id'] ?? ''; $patient_name = $_POST['patient_name'] ?? ''; - $test_id = $_POST['test_id'] ?: null; + $test_ids = $_POST['test_ids'] ?? []; + $results = $_POST['results'] ?? []; + $ranges = $_POST['normal_ranges'] ?? []; $source = $_POST['source'] ?? 'Internal'; $date = $_POST['inquiry_date'] ?: date('Y-m-d H:i'); $status = $_POST['status'] ?? 'Pending'; $notes = $_POST['notes'] ?? ''; if ($id && $patient_name) { - $stmt = $db->prepare("UPDATE laboratory_inquiries SET patient_name = ?, test_id = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?"); - $stmt->execute([$patient_name, $test_id, $source, $date, $status, $notes, $id]); + $db->beginTransaction(); + $stmt = $db->prepare("UPDATE laboratory_inquiries SET patient_name = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?"); + $stmt->execute([$patient_name, $source, $date, $status, $notes, $id]); + + // Remove old tests and insert new ones + $stmt = $db->prepare("DELETE FROM inquiry_tests WHERE inquiry_id = ?"); + $stmt->execute([$id]); + + if (!empty($test_ids)) { + $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result, normal_range) VALUES (?, ?, ?, ?)"); + foreach ($test_ids as $index => $tid) { + if ($tid) { + $testStmt->execute([$id, $tid, $results[$index] ?? '', $ranges[$index] ?? '']); + } + } + } + $db->commit(); $_SESSION['flash_message'] = __('edit_inquiry') . ' ' . __('successfully'); $redirect = true; } @@ -450,4 +472,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { header("Location: " . $_SERVER['REQUEST_URI']); exit; } -} \ No newline at end of file +} diff --git a/includes/layout/footer.php b/includes/layout/footer.php index 5ec797f..365fa78 100644 --- a/includes/layout/footer.php +++ b/includes/layout/footer.php @@ -11,7 +11,7 @@
-
+
@@ -82,7 +82,7 @@
-
+
@@ -153,7 +153,7 @@
-
+
@@ -175,7 +175,7 @@
-
+
@@ -232,7 +232,7 @@
-
+
@@ -289,7 +289,7 @@
-
+
@@ -311,7 +311,7 @@
-
+
@@ -360,7 +360,7 @@
-
+
@@ -409,7 +409,7 @@
-
+
@@ -431,7 +431,7 @@
-
+
@@ -461,7 +461,7 @@
-
+
@@ -491,7 +491,7 @@
-
+
@@ -513,7 +513,7 @@
-
+
@@ -556,7 +556,7 @@
-
+
@@ -619,7 +619,7 @@
-
+
@@ -682,7 +682,7 @@
-
+
@@ -704,7 +704,7 @@
-
+
@@ -742,7 +742,7 @@
-
+
@@ -780,7 +780,7 @@
-
+
@@ -802,7 +802,7 @@
-
+
@@ -832,7 +832,7 @@
-
+
@@ -862,7 +862,7 @@
-
+
@@ -884,7 +884,7 @@
-
+
@@ -931,7 +931,7 @@
-
+
@@ -978,7 +978,7 @@
-
+
@@ -995,12 +995,12 @@