adding html editor

2026-03-04 17:34:51 +00:00 · 2026-03-04 17:34:51 +00:00 · d3172b6c89
commit d3172b6c89
parent 6f43ba8047
17 changed files with 845 additions and 368 deletions
--- a/assets/images/logo_1772630133.png
+++ b/assets/images/logo_1772630133.png
--- a/assets/images/logo_1772630277.png
+++ b/assets/images/logo_1772630277.png
--- a/assets/uploads/xrays/1772636719_file_0000000075d072469947147bc1c7d810.png
+++ b/assets/uploads/xrays/1772636719_file_0000000075d072469947147bc1c7d810.png
--- a/db/migrations/20260304_add_attachment_to_lab_tests.sql
+++ b/db/migrations/20260304_add_attachment_to_lab_tests.sql
@ -0,0 +1,30 @@
 -- Migration: Add attachment to inquiry_tests
 -- This table might have been created by previous agents or manually
 CREATE TABLE IF NOT EXISTS inquiry_tests (
    id INT AUTO_INCREMENT PRIMARY KEY,
    inquiry_id INT,
    test_id INT,
    result VARCHAR(255),
    normal_range VARCHAR(255),
    attachment VARCHAR(255),
    FOREIGN KEY (inquiry_id) REFERENCES laboratory_inquiries(id) ON DELETE CASCADE,
    FOREIGN KEY (test_id) REFERENCES laboratory_tests(id) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
 -- Ensure attachment column exists (in case inquiry_tests already existed without it)
 SET @dbname = DATABASE();
 SET @tablename = "inquiry_tests";
 SET @columnname = "attachment";
 SET @preparedStatement = (SELECT IF(
  (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS
   WHERE TABLE_SCHEMA = @dbname
     AND TABLE_NAME = @tablename
     AND COLUMN_NAME = @columnname
  ) > 0,
  "SELECT 1",
  "ALTER TABLE inquiry_tests ADD COLUMN attachment VARCHAR(255) AFTER normal_range"
 ));
 PREPARE stmt FROM @preparedStatement;
 EXECUTE stmt;
 DEALLOCATE PREPARE stmt;
--- a/db/migrations/20260304_add_attachment_to_xrays.sql
+++ b/db/migrations/20260304_add_attachment_to_xrays.sql
@ -0,0 +1,2 @@
 -- Add attachment column to xray_inquiry_items to store uploaded images/results
 ALTER TABLE xray_inquiry_items ADD COLUMN attachment VARCHAR(255) DEFAULT NULL;
--- a/db/migrations/20260304_create_settings_table.sql
+++ b/db/migrations/20260304_create_settings_table.sql
@ -0,0 +1,18 @@
 CREATE TABLE IF NOT EXISTS settings (
    id INT AUTO_INCREMENT PRIMARY KEY,
    setting_key VARCHAR(100) NOT NULL UNIQUE,
    setting_value TEXT,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
 );
 INSERT INTO settings (setting_key, setting_value) VALUES 
 ('company_name', 'Hospital Management System'),
 ('company_logo', ''),
 ('company_favicon', ''),
 ('company_ctr_no', ''),
 ('company_registration_no', ''),
 ('company_address', ''),
 ('company_phone', ''),
 ('company_email', ''),
 ('company_vat_no', '');
--- a/db/migrations/20260304_link_inquiries_to_visits.sql
+++ b/db/migrations/20260304_link_inquiries_to_visits.sql
@ -0,0 +1,15 @@
 -- Update laboratory_inquiries and xray_inquiries to link with patients and visits
 ALTER TABLE laboratory_inquiries ADD COLUMN patient_id INT NULL AFTER id;
 ALTER TABLE laboratory_inquiries ADD COLUMN visit_id INT NULL AFTER patient_id;
 ALTER TABLE laboratory_inquiries MODIFY patient_name VARCHAR(255) NULL;
 ALTER TABLE laboratory_inquiries ADD CONSTRAINT fk_lab_patient FOREIGN KEY (patient_id) REFERENCES patients(id) ON DELETE CASCADE;
 ALTER TABLE laboratory_inquiries ADD CONSTRAINT fk_lab_visit FOREIGN KEY (visit_id) REFERENCES visits(id) ON DELETE SET NULL;
 ALTER TABLE xray_inquiries ADD COLUMN patient_id INT NULL AFTER id;
 ALTER TABLE xray_inquiries ADD COLUMN visit_id INT NULL AFTER patient_id;
 ALTER TABLE xray_inquiries MODIFY patient_name VARCHAR(255) NULL;
 ALTER TABLE xray_inquiries ADD CONSTRAINT fk_xray_patient FOREIGN KEY (patient_id) REFERENCES patients(id) ON DELETE CASCADE;
 ALTER TABLE xray_inquiries ADD CONSTRAINT fk_xray_visit FOREIGN KEY (visit_id) REFERENCES visits(id) ON DELETE SET NULL;
--- a/includes/actions.php
+++ b/includes/actions.php
@ -3,6 +3,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    require_once __DIR__ . '/../db/config.php';
    require_once __DIR__ . '/../helpers.php';
    $db = db();
    function upload_file($file_array, $index, $target_dir = "assets/uploads/") { 
        if (!isset($file_array["name"][$index]) || $file_array["error"][$index] !== UPLOAD_ERR_OK) { 
            return null; 
        } 
        if (!is_dir(__DIR__ . "/../" . $target_dir)) { 
            mkdir(__DIR__ . "/../" . $target_dir, 0775, true); 
        } 
        $filename = time() . "_" . basename($file_array["name"][$index]); 
        $target_file = $target_dir . $filename; 
        if (move_uploaded_file($file_array["tmp_name"][$index], __DIR__ . "/../" . $target_file)) { 
            return $target_file; 
        } 
        return null; 
    }
    $lang = $_SESSION['lang'] ?? 'en';
    $redirect = false;
@ -408,15 +422,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            if ($patient_name) {
                $db->beginTransaction();
-                $stmt = $db->prepare("INSERT INTO laboratory_inquiries (patient_name, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?)");
+                $stmt = $db->prepare("INSERT INTO laboratory_inquiries (patient_id, visit_id, patient_name, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?, ?, ?)");
-                $stmt->execute([$patient_name, $source, $date, $status, $notes]);
+                $stmt->execute([$_POST['patient_id'] ?: null, $_POST['visit_id'] ?: null, $patient_name, $source, $date, $status, $notes]);
                $inquiry_id = $db->lastInsertId();
                if (!empty($test_ids)) {
-                    $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result) VALUES (?, ?, ?)");
+                    $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result, attachment) VALUES (?, ?, ?, ?)");
                    foreach ($test_ids as $index => $tid) {
                        if ($tid) {
-                            $testStmt->execute([$inquiry_id, $tid, $results[$index] ?? '']);
+                            $attachment = upload_file($_FILES['attachments'] ?? null, $index, "assets/uploads/labs/");
                            $testStmt->execute([$inquiry_id, $tid, $results[$index] ?? '', $attachment]);
                        }
                    }
                }
@ -429,6 +444,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $patient_name = $_POST['patient_name'] ?? '';
            $test_ids = $_POST['test_ids'] ?? [];
            $results = $_POST['results'] ?? [];
            $existing_attachments = $_POST['existing_attachments'] ?? [];
            $source = $_POST['source'] ?? 'Internal';
            $date = $_POST['inquiry_date'] ?: date('Y-m-d H:i');
            $status = $_POST['status'] ?? 'Pending';
@ -436,18 +452,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            if ($id && $patient_name) {
                $db->beginTransaction();
-                $stmt = $db->prepare("UPDATE laboratory_inquiries SET patient_name = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?");
+                $stmt = $db->prepare("UPDATE laboratory_inquiries SET patient_id = ?, visit_id = ?, patient_name = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?");
-                $stmt->execute([$patient_name, $source, $date, $status, $notes, $id]);
+                $stmt->execute([$_POST['patient_id'] ?: null, $_POST['visit_id'] ?: null, $patient_name, $source, $date, $status, $notes, $id]);
                // Remove old tests and insert new ones
                $stmt = $db->prepare("DELETE FROM inquiry_tests WHERE inquiry_id = ?");
                $stmt->execute([$id]);
                if (!empty($test_ids)) {
-                    $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result) VALUES (?, ?, ?)");
+                    $testStmt = $db->prepare("INSERT INTO inquiry_tests (inquiry_id, test_id, result, attachment) VALUES (?, ?, ?, ?)");
                    foreach ($test_ids as $index => $tid) {
                        if ($tid) {
-                            $testStmt->execute([$id, $tid, $results[$index] ?? '']);
+                            $attachment = upload_file($_FILES['attachments'] ?? null, $index, "assets/uploads/labs/") ?: ($existing_attachments[$index] ?? null);
                            $testStmt->execute([$id, $tid, $results[$index] ?? '', $attachment]);
                        }
                    }
                }
@ -531,14 +548,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $notes = $_POST['notes'] ?? '';
            if ($patient_name) {
                $db->beginTransaction();
-                $stmt = $db->prepare("INSERT INTO xray_inquiries (patient_name, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?)");
+                $stmt = $db->prepare("INSERT INTO xray_inquiries (patient_id, visit_id, patient_name, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?, ?, ?)");
-                $stmt->execute([$patient_name, $source, $date, $status, $notes]);
+                $stmt->execute([$_POST['patient_id'] ?: null, $_POST['visit_id'] ?: null, $patient_name, $source, $date, $status, $notes]);
                $inquiry_id = $db->lastInsertId();
                if (!empty($xray_ids)) {
-                    $testStmt = $db->prepare("INSERT INTO xray_inquiry_items (inquiry_id, xray_id, result) VALUES (?, ?, ?)");
+                    $testStmt = $db->prepare("INSERT INTO xray_inquiry_items (inquiry_id, xray_id, result, attachment) VALUES (?, ?, ?, ?)");
                    foreach ($xray_ids as $index => $tid) {
                        if ($tid) {
-                            $testStmt->execute([$inquiry_id, $tid, $results[$index] ?? '']);
+                            $attachment = upload_file($_FILES['attachments'] ?? null, $index, "assets/uploads/xrays/");
                            $testStmt->execute([$inquiry_id, $tid, $results[$index] ?? '', $attachment]);
                        }
                    }
                }
@ -550,6 +568,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $id = $_POST['id'] ?? '';
            $patient_name = $_POST['patient_name'] ?? '';
            $xray_ids = $_POST['xray_ids'] ?? [];
            $existing_attachments = $_POST['existing_attachments'] ?? [];
            $results = $_POST['results'] ?? [];
            $source = $_POST['source'] ?? 'Internal';
            $date = $_POST['inquiry_date'] ?: date('Y-m-d H:i');
@ -557,15 +576,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $notes = $_POST['notes'] ?? '';
            if ($id && $patient_name) {
                $db->beginTransaction();
-                $stmt = $db->prepare("UPDATE xray_inquiries SET patient_name = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?");
+                $stmt = $db->prepare("UPDATE xray_inquiries SET patient_id = ?, visit_id = ?, patient_name = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?");
-                $stmt->execute([$patient_name, $source, $date, $status, $notes, $id]);
+                $stmt->execute([$_POST['patient_id'] ?: null, $_POST['visit_id'] ?: null, $patient_name, $source, $date, $status, $notes, $id]);
                $stmt = $db->prepare("DELETE FROM xray_inquiry_items WHERE inquiry_id = ?");
                $stmt->execute([$id]);
                if (!empty($xray_ids)) {
-                    $testStmt = $db->prepare("INSERT INTO xray_inquiry_items (inquiry_id, xray_id, result) VALUES (?, ?, ?)");
+                    $testStmt = $db->prepare("INSERT INTO xray_inquiry_items (inquiry_id, xray_id, result, attachment) VALUES (?, ?, ?, ?)");
                    foreach ($xray_ids as $index => $tid) {
                        if ($tid) {
-                            $testStmt->execute([$id, $tid, $results[$index] ?? '']);
+                            $attachment = upload_file($_FILES['attachments'] ?? null, $index, "assets/uploads/xrays/") ?: ($existing_attachments[$index] ?? null);
                            $testStmt->execute([$id, $tid, $results[$index] ?? '', $attachment]);
                        }
                    }
                }
--- a/includes/layout/footer.php
+++ b/includes/layout/footer.php
--- a/includes/layout/header.php
+++ b/includes/layout/header.php
@ -7,13 +7,26 @@ $lang = $_SESSION['lang'];
 $section = $section ?? 'dashboard';
 $message = $message ?? '';
 // Fetch company settings for dynamic branding
 $stmt = $db->query("SELECT setting_key, setting_value FROM settings WHERE setting_key IN ('company_name', 'company_logo', 'company_favicon')");
 $site_settings = [];
 while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
    $site_settings[$row['setting_key']] = $row['setting_value'];
 }
 $site_name = !empty($site_settings['company_name']) ? $site_settings['company_name'] : __('hospital_management');
 $site_logo = !empty($site_settings['company_logo']) ? $site_settings['company_logo'] : null;
 $site_favicon = !empty($site_settings['company_favicon']) ? $site_settings['company_favicon'] : null;
 ?>
 <!DOCTYPE html>
 <html lang="<?php echo $_SESSION['lang']; ?>" dir="<?php echo get_dir(); ?>">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title><?php echo __('hospital_management'); ?></title>
+    <title><?php echo htmlspecialchars($site_name); ?></title>
    <?php if ($site_favicon): ?>
    <link rel="icon" type="image/x-icon" href="<?php echo htmlspecialchars($site_favicon); ?>">
    <?php endif; ?>
    <!-- Bootstrap 5 CSS -->
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
    <?php if (is_rtl()): ?>
@ -24,6 +37,8 @@ $message = $message ?? '';
    <!-- Select2 CSS -->
    <link href="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css" rel="stylesheet" />
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/select2-bootstrap-5-theme@1.3.0/dist/select2-bootstrap-5-theme.min.css" />
    <!-- Summernote Lite CSS -->
    <link href="https://cdn.jsdelivr.net/npm/summernote@0.8.18/dist/summernote-lite.min.css" rel="stylesheet">
    <style>
        body { font-family: 'Inter', 'Tajawal', sans-serif; background-color: #f4f7f6; }
@ -56,6 +71,10 @@ $message = $message ?? '';
            border-radius: 0.375rem;
            min-height: calc(1.5em + 0.75rem + 2px);
        }
        /* Summernote custom styling */
        .note-editor.note-frame { border: 1px solid #dee2e6; border-radius: 0.375rem; }
        .note-editor.note-airframe .note-editing-area .note-editable, .note-editor.note-frame .note-editing-area .note-editable { background-color: white; }
    </style>
 </head>
 <body>
@ -64,7 +83,11 @@ $message = $message ?? '';
    <!-- Sidebar -->
    <div class="sidebar d-none d-md-block">
        <div class="p-4 text-center">
-            <h5 class="fw-bold"><i class="bi bi-hospital"></i> <?php echo __('hospital_management'); ?></h5>
+            <?php if ($site_logo): ?>
                <img src="<?php echo htmlspecialchars($site_logo); ?>" alt="Logo" class="img-fluid mb-2" style="max-height: 50px;">
            <?php else: ?>
                <h5 class="fw-bold"><i class="bi bi-hospital"></i> <?php echo htmlspecialchars($site_name); ?></h5>
            <?php endif; ?>
        </div>
        <nav class="mt-3">
            <a href="dashboard.php" class="sidebar-link <?php echo $section === 'dashboard' ? 'active' : ''; ?>"><i class="bi bi-speedometer2 me-2"></i> <?php echo __('dashboard'); ?></a>
@ -103,12 +126,13 @@ $message = $message ?? '';
            <a href="nurses.php" class="sidebar-link <?php echo $section === 'nurses' ? 'active' : ''; ?>"><i class="bi bi-person-heart me-2"></i> <?php echo __('nurses'); ?></a>
            <a href="departments.php" class="sidebar-link <?php echo $section === 'departments' ? 'active' : ''; ?>"><i class="bi bi-diagram-3 me-2"></i> <?php echo __('departments'); ?></a>
-            <a href="#settingsSubmenu" data-bs-toggle="collapse" class="sidebar-link <?php echo in_array($section, ['employees', 'poisons']) ? 'active' : ''; ?> d-flex justify-content-between align-items-center">
+            <a href="#settingsSubmenu" data-bs-toggle="collapse" class="sidebar-link <?php echo in_array($section, ['employees', 'poisons', 'company_profile']) ? 'active' : ''; ?> d-flex justify-content-between align-items-center">
                <span><i class="bi bi-gear me-2"></i> <?php echo __('settings'); ?></span>
                <i class="bi bi-chevron-down small"></i>
            </a>
-            <div class="collapse <?php echo in_array($section, ['employees', 'poisons']) ? 'show' : ''; ?>" id="settingsSubmenu">
+            <div class="collapse <?php echo in_array($section, ['employees', 'poisons', 'company_profile']) ? 'show' : ''; ?>" id="settingsSubmenu">
                <div class="sidebar-submenu">
                    <a href="settings.php" class="sidebar-link py-2 <?php echo $section === 'company_profile' ? 'active' : ''; ?>"><i class="bi bi-building me-2"></i> <?php echo __('company_profile'); ?></a>
                    <a href="employees.php" class="sidebar-link py-2 <?php echo $section === 'employees' ? 'active' : ''; ?>"><i class="bi bi-person-workspace me-2"></i> <?php echo __('employees'); ?></a>
                    <a href="poisons.php" class="sidebar-link py-2 <?php echo $section === 'poisons' ? 'active' : ''; ?>"><i class="bi bi-radioactive me-2"></i> <?php echo __('poisons'); ?></a>
                </div>
@ -148,6 +172,6 @@ $message = $message ?? '';
        <?php if ($message): ?>
        <div class="alert alert-success alert-dismissible fade show" role="alert">
            <?php echo $message; ?>
-            <button type="button" class="btn-close" data-bs-alert="alert" aria-label="Close"></button>
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
        </div>
        <?php endif; ?>
--- a/includes/pages/dashboard.php
+++ b/includes/pages/dashboard.php
@ -1,7 +1,7 @@
 <?php
 // Fetch Stats
 $total_patients = $db->query("SELECT COUNT(*) FROM patients")->fetchColumn();
-$today_appointments = $db->query("SELECT COUNT(*) FROM appointments WHERE DATE(appointment_date) = CURDATE()")->fetchColumn();
+$today_appointments = $db->query("SELECT COUNT(*) FROM appointments WHERE DATE(start_time) = CURDATE()")->fetchColumn();
 $total_visits = $db->query("SELECT COUNT(*) FROM visits")->fetchColumn();
 $total_revenue = $db->query("SELECT SUM(total_amount) FROM bills WHERE status = 'Paid'")->fetchColumn() ?: 0;
 $pending_revenue = $db->query("SELECT SUM(total_amount) FROM bills WHERE status = 'Pending'")->fetchColumn() ?: 0;
@ -20,7 +20,7 @@ $appointments_sql = "
    FROM appointments a 
    JOIN patients p ON a.patient_id = p.id 
    JOIN doctors d ON a.doctor_id = d.id 
-    ORDER BY a.appointment_date DESC 
+    ORDER BY a.start_time DESC 
    LIMIT 5";
 $appointments = $db->query($appointments_sql)->fetchAll();
 ?>
@ -43,7 +43,7 @@ $appointments = $db->query($appointments_sql)->fetchAll();
    </div>
    <div class="col-md-3 mb-3">
        <div class="card stat-card h-100">
-            <i class="bi bi-prescription2 text-info"></i>
+            <i class="bi bi-flask text-info"></i>
            <h3><?php echo $total_labs; ?></h3>
            <p class="text-muted mb-0"><?php echo __('laboratory'); ?> <?php echo __('inquiries'); ?></p>
        </div>
@ -153,7 +153,7 @@ $appointments = $db->query($appointments_sql)->fetchAll();
                            <tr>
                                <td><?php echo htmlspecialchars($a['patient_name']); ?></td>
                                <td><?php echo htmlspecialchars($a['doctor_name']); ?></td>
-                                <td><?php echo date('M d, H:i', strtotime($a['appointment_date'])); ?></td>
+                                <td><?php echo date('M d, H:i', strtotime($a['start_time'])); ?></td>
                                <td><span class="badge <?php echo $a['status'] === 'Completed' ? 'bg-success' : 'bg-secondary'; ?>"><?php echo __($a['status']); ?></span></td>
                            </tr>
                            <?php endforeach; if (empty($appointments)): ?>
--- a/includes/pages/laboratory_inquiries.php
+++ b/includes/pages/laboratory_inquiries.php
@ -2,19 +2,25 @@
 $search_patient = $_GET['patient'] ?? '';
 $search_status = $_GET['status'] ?? '';
-$query = "SELECT * FROM laboratory_inquiries WHERE 1=1";
+$query = "
    SELECT li.*, p.name as official_patient_name, v.visit_date
    FROM laboratory_inquiries li
    LEFT JOIN patients p ON li.patient_id = p.id
    LEFT JOIN visits v ON li.visit_id = v.id
    WHERE 1=1";
 $params = [];
 if ($search_patient) {
-    $query .= " AND patient_name LIKE ?";
+    $query .= " AND (li.patient_name LIKE ? OR p.name LIKE ?)";
    $params[] = "%$search_patient%";
    $params[] = "%$search_patient%";
 }
 if ($search_status) {
-    $query .= " AND status = ?";
+    $query .= " AND li.status = ?";
    $params[] = $search_status;
 }
-$query .= " ORDER BY inquiry_date DESC";
+$query .= " ORDER BY li.inquiry_date DESC";
 $stmt = $db->prepare($query);
 $stmt->execute($params);
 $inquiries = $stmt->fetchAll();
@ -90,7 +96,15 @@ unset($inquiry);
                    <?php foreach ($inquiries as $inquiry): ?>
                    <tr>
                        <td class="px-4 text-secondary"><?php echo $inquiry['id']; ?></td>
-                        <td class="fw-semibold text-dark"><?php echo htmlspecialchars($inquiry['patient_name']); ?></td>
+                        <td class="fw-semibold text-dark">
                            <?php echo htmlspecialchars($inquiry['official_patient_name'] ?: $inquiry['patient_name']); ?>
                            <?php if ($inquiry['visit_id']): ?>
                                <div class="small text-muted">
                                    <i class="bi bi-calendar-check me-1"></i>
                                    Linked to Visit #<?php echo $inquiry['visit_id']; ?> (<?php echo date('Y-m-d', strtotime($inquiry['visit_date'])); ?>)
                                </div>
                            <?php endif; ?>
                        </td>
                        <td class="text-secondary small"><?php echo $inquiry['inquiry_date']; ?></td>
                        <td>
                            <?php 
@ -103,9 +117,14 @@ unset($inquiry);
                        </td>
                        <td>
                            <?php foreach ($inquiry['tests'] as $test): ?>
-                            <span class="badge bg-light text-dark border me-1 small mb-1" data-bs-toggle="tooltip" title="Ref: <?php echo htmlspecialchars($test['reference_range']); ?>">
+                            <div class="mb-1">
                                <span class="badge bg-light text-dark border small" data-bs-toggle="tooltip" title="Ref: <?php echo htmlspecialchars($test['reference_range']); ?>">
                                    <?php echo htmlspecialchars($test['test_name']); ?>: <strong><?php echo htmlspecialchars($test['result'] ?: '-'); ?></strong>
                                </span>
                                <?php if ($test['attachment']): ?>
                                    <a href="<?php echo htmlspecialchars($test['attachment']); ?>" target="_blank" class="text-info ms-1" title="<?php echo __('view_image'); ?>"><i class="bi bi-image"></i></a>
                                <?php endif; ?>
                            </div>
                            <?php endforeach; ?>
                        </td>
                        <td class="text-end px-4">
@ -135,4 +154,3 @@ unset($inquiry);
        </div>
    </div>
 </div>
--- a/includes/pages/settings.php
+++ b/includes/pages/settings.php
@ -0,0 +1,85 @@
 <div class="container-fluid">
    <div class="row">
        <div class="col-12">
            <h3 class="mb-4 fw-bold text-dark"><i class="bi bi-building me-2"></i> <?php echo __('company_profile'); ?></h3>
            <?php if ($message): ?>
            <div class="alert alert-success alert-dismissible fade show" role="alert">
                <?php echo $message; ?>
                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
            </div>
            <?php endif; ?>
            <div class="card shadow-sm border-0">
                <div class="card-header py-3 d-flex align-items-center">
                    <i class="bi bi-info-circle me-2"></i>
                    <h5 class="mb-0 fw-bold"><?php echo __('company_details'); ?></h5>
                </div>
                <div class="card-body p-4">
                    <form action="settings.php" method="POST" enctype="multipart/form-data">
                        <div class="row g-4">
                            <!-- Basic Information -->
                            <div class="col-md-6">
                                <label for="company_name" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_name'); ?></label>
                                <input type="text" class="form-control" id="company_name" name="company_name" value="<?php echo htmlspecialchars($settings['company_name'] ?? ''); ?>" required>
                            </div>
                            <div class="col-md-6">
                                <label for="company_email" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_email'); ?></label>
                                <input type="email" class="form-control" id="company_email" name="company_email" value="<?php echo htmlspecialchars($settings['company_email'] ?? ''); ?>">
                            </div>
                            <div class="col-md-6">
                                <label for="company_phone" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_phone'); ?></label>
                                <input type="text" class="form-control" id="company_phone" name="company_phone" value="<?php echo htmlspecialchars($settings['company_phone'] ?? ''); ?>">
                            </div>
                            <div class="col-md-6">
                                <label for="company_address" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_address'); ?></label>
                                <input type="text" class="form-control" id="company_address" name="company_address" value="<?php echo htmlspecialchars($settings['company_address'] ?? ''); ?>">
                            </div>
                            <!-- Registration Details -->
                            <div class="col-md-4">
                                <label for="company_ctr_no" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('ctr_no'); ?></label>
                                <input type="text" class="form-control" id="company_ctr_no" name="company_ctr_no" value="<?php echo htmlspecialchars($settings['company_ctr_no'] ?? ''); ?>">
                            </div>
                            <div class="col-md-4">
                                <label for="company_registration_no" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('registration_no'); ?></label>
                                <input type="text" class="form-control" id="company_registration_no" name="company_registration_no" value="<?php echo htmlspecialchars($settings['company_registration_no'] ?? ''); ?>">
                            </div>
                            <div class="col-md-4">
                                <label for="company_vat_no" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('vat_no'); ?></label>
                                <input type="text" class="form-control" id="company_vat_no" name="company_vat_no" value="<?php echo htmlspecialchars($settings['company_vat_no'] ?? ''); ?>">
                            </div>
                            <!-- Branding -->
                            <div class="col-md-6 mt-5">
                                <label for="company_logo" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_logo'); ?></label>
                                <?php if (!empty($settings['company_logo'])): ?>
                                <div class="mb-2">
                                    <img src="<?php echo htmlspecialchars($settings['company_logo']); ?>" alt="Logo" class="img-thumbnail" style="max-height: 80px;">
                                </div>
                                <?php endif; ?>
                                <input type="file" class="form-control" id="company_logo" name="company_logo" accept="image/*">
                            </div>
                            <div class="col-md-6 mt-5">
                                <label for="company_favicon" class="form-label fw-semibold text-muted small text-uppercase"><?php echo __('company_favicon'); ?></label>
                                <?php if (!empty($settings['company_favicon'])): ?>
                                <div class="mb-2">
                                    <img src="<?php echo htmlspecialchars($settings['company_favicon']); ?>" alt="Favicon" class="img-thumbnail" style="max-height: 32px;">
                                </div>
                                <?php endif; ?>
                                <input type="file" class="form-control" id="company_favicon" name="company_favicon" accept="image/x-icon,image/png">
                            </div>
                            <div class="col-12 mt-5 text-end">
                                <button type="submit" name="submit" class="btn btn-primary btn-lg px-5">
                                    <i class="bi bi-check2-circle me-2"></i> <?php echo __('save_changes'); ?>
                                </button>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
 </div>
--- a/includes/pages/visits.php
+++ b/includes/pages/visits.php
@ -28,7 +28,24 @@ if ($search_date) {
 $query .= " ORDER BY v.visit_date DESC";
 $stmt = $db->prepare($query);
 $stmt->execute($params);
-$visits = $stmt->fetchAll();
+$raw_visits = $stmt->fetchAll(); 
 $visits = [];
 foreach ($raw_visits as $v) { 
    // Fetch Lab Inquiries
    $v['lab_inquiries'] = $db->query("SELECT li.* FROM laboratory_inquiries li WHERE li.visit_id = " . (int)$v['id'])->fetchAll();
    foreach($v['lab_inquiries'] as &$li) {
        $li['items'] = $db->query("SELECT it.*, lt.name_$lang as test_name FROM inquiry_tests it JOIN laboratory_tests lt ON it.test_id = lt.id WHERE it.inquiry_id = " . (int)$li['id'])->fetchAll();
        // Maintain a string summary for backward compatibility or simple display
        $li['results'] = implode(', ', array_map(function($item) { return $item['test_name'] . ': ' . ($item['result'] ?: '-'); }, $li['items']));
    }
    // Fetch X-Ray Inquiries
    $v['xray_inquiries'] = $db->query("SELECT xi.* FROM xray_inquiries xi WHERE xi.visit_id = " . (int)$v['id'])->fetchAll(); 
    foreach($v['xray_inquiries'] as &$xi) { 
        $xi['items'] = $db->query("SELECT xit.*, xt.name_$lang as xray_name FROM xray_inquiry_items xit JOIN xray_tests xt ON xit.xray_id = xt.id WHERE xit.inquiry_id = " . (int)$xi['id'])->fetchAll(); 
    } 
    $visits[] = $v;
 }
 ?>
 <div class="d-flex justify-content-between align-items-center mb-4">
@ -77,13 +94,14 @@ $visits = $stmt->fetchAll();
                        <th class="py-3"><?php echo __('patient'); ?></th>
                        <th class="py-3"><?php echo __('doctor'); ?></th>
                        <th class="py-3"><?php echo __('diagnosis'); ?></th>
                        <th class="py-3"><?php echo __('results'); ?></th>
                        <th class="py-3 text-end px-4"><?php echo __('actions'); ?></th>
                    </tr>
                </thead>
                <tbody>
                    <?php if (empty($visits)): ?>
                    <tr>
-                        <td colspan="5" class="text-center py-5 text-muted">
+                        <td colspan="6" class="text-center py-5 text-muted">
                            <i class="bi bi-clipboard2-pulse display-4 d-block mb-3"></i>
                            No visits found.
                        </td>
@ -94,14 +112,61 @@ $visits = $stmt->fetchAll();
                        <td class="px-4 text-secondary"><?php echo date('Y-m-d H:i', strtotime($v['visit_date'])); ?></td>
                        <td class="fw-semibold text-dark"><?php echo htmlspecialchars($v['patient_name']); ?></td>
                        <td class="text-secondary"><?php echo htmlspecialchars($v['doctor_name']); ?></td>
-                        <td><small class="text-truncate d-inline-block text-muted" style="max-width: 200px;"><?php echo htmlspecialchars($v['diagnosis']); ?></small></td>
+                        <td>
                            <?php 
                            $diagnosis_plain = strip_tags($v['diagnosis']);
                            $snippet = mb_strimwidth($diagnosis_plain, 0, 50, "...");
                            ?>
                            <small class="text-muted" title="<?php echo htmlspecialchars($diagnosis_plain); ?>"><?php echo htmlspecialchars($snippet); ?></small>
                        </td>
                        <td>
                            <?php if (!empty($v['lab_inquiries'])): ?> 
                                <span class="badge bg-info text-white me-1" title="<?php echo __('laboratory'); ?>" data-bs-toggle="tooltip">
                                    <i class="bi bi-flask"></i> <?php echo count($v['lab_inquiries']); ?>
                                    <?php 
                                    $lab_has_attachment = false; 
                                    foreach($v['lab_inquiries'] as $li) { 
                                        foreach($li['items'] as $item) { 
                                            if(!empty($item['attachment'])) $lab_has_attachment = true; 
                                        } 
                                    } 
                                    if($lab_has_attachment) echo ' <i class="bi bi-image"></i>'; 
                                    ?>
                                </span>
                            <?php endif; ?> 
                            <?php if (!empty($v['xray_inquiries'])): ?> 
                                <span class="badge bg-dark text-white" title="<?php echo __('xray'); ?>" data-bs-toggle="tooltip">
                                    <i class="bi bi-camera"></i> <?php echo count($v['xray_inquiries']); ?>
                                    <?php 
                                    $has_attachment = false; 
                                    foreach($v['xray_inquiries'] as $xi) { 
                                        foreach($xi['items'] as $item) { 
                                            if(!empty($item['attachment'])) $has_attachment = true; 
                                        } 
                                    } 
                                    if($has_attachment) echo ' <i class="bi bi-image"></i>'; 
                                    ?>
                                </span>
                            <?php endif; ?>
                        </td>
                        <td class="text-end px-4">
                            <div class="btn-group shadow-sm border rounded bg-white">
                                <button class="btn btn-link text-success py-1 px-2 border-end" onclick="showVisitResultsModal(<?php echo htmlspecialchars(json_encode($v, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | JSON_UNESCAPED_UNICODE)); ?>)" data-bs-toggle="tooltip" title="<?php echo __('view_results'); ?>"><i class="bi bi-eye"></i></button>
                                <button class="btn btn-link text-warning py-1 px-2 border-end" 
                                        onclick="showEditVisitModal(<?php echo htmlspecialchars(json_encode($v, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | JSON_UNESCAPED_UNICODE)); ?>)"
                                        data-bs-toggle="tooltip" title="<?php echo __('edit'); ?>">
                                    <i class="bi bi-pencil-square"></i>
                                </button>
                                <button class="btn btn-link text-info py-1 px-2 border-end" 
                                        onclick="showLabInquiryModalFromVisit(<?php echo $v['id']; ?>, <?php echo $v['patient_id']; ?>, <?php echo htmlspecialchars(json_encode($v['patient_name'], JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | JSON_UNESCAPED_UNICODE)); ?>)"
                                        data-bs-toggle="tooltip" title="<?php echo __('add_inquiry'); ?>">
                                    <i class="bi bi-flask"></i>
                                </button>
                                <button class="btn btn-link text-dark py-1 px-2 border-end" 
                                        onclick="showXrayInquiryModalFromVisit(<?php echo $v['id']; ?>, <?php echo $v['patient_id']; ?>, <?php echo htmlspecialchars(json_encode($v['patient_name'], JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | JSON_UNESCAPED_UNICODE)); ?>)"
                                        data-bs-toggle="tooltip" title="<?php echo __('add_xray_inquiry'); ?>">
                                    <i class="bi bi-camera"></i>
                                </button>
                                <button class="btn btn-link text-primary py-1 px-2 border-end" 
                                        onclick="showReportModal(<?php echo $v['id']; ?>)"
                                        data-bs-toggle="tooltip" title="<?php echo __('new_report'); ?>">
--- a/includes/pages/xray_inquiries.php
+++ b/includes/pages/xray_inquiries.php
@ -1,23 +1,26 @@
 <?php
 ?>
 <?php
 $search_patient = $_GET['patient'] ?? '';
 $search_status = $_GET['status'] ?? '';
-$query = "SELECT * FROM xray_inquiries WHERE 1=1";
+$query = "
    SELECT xi.*, p.name as official_patient_name, v.visit_date
    FROM xray_inquiries xi
    LEFT JOIN patients p ON xi.patient_id = p.id
    LEFT JOIN visits v ON xi.visit_id = v.id
    WHERE 1=1";
 $params = [];
 if ($search_patient) {
-    $query .= " AND patient_name LIKE ?";
+    $query .= " AND (xi.patient_name LIKE ? OR p.name LIKE ?)";
    $params[] = "%$search_patient%";
    $params[] = "%$search_patient%";
 }
 if ($search_status) {
-    $query .= " AND status = ?";
+    $query .= " AND xi.status = ?";
    $params[] = $search_status;
 }
-$query .= " ORDER BY inquiry_date DESC";
+$query .= " ORDER BY xi.inquiry_date DESC";
 $stmt = $db->prepare($query);
 $stmt->execute($params);
 $inquiries = $stmt->fetchAll();
@ -80,13 +83,14 @@ $all_xrays_list = $db->query("SELECT id, name_$lang as name FROM xray_tests ORDE
                        <th class="py-3"><?php echo __('inquiry_date'); ?></th>
                        <th class="py-3"><?php echo __('status'); ?></th>
                        <th class="py-3"><?php echo __('xrays'); ?></th>
                        <th class="py-3"><?php echo __('results'); ?></th>
                        <th class="py-3 text-end px-4"><?php echo __('actions'); ?></th>
                    </tr>
                </thead>
                <tbody>
                    <?php if (empty($inquiries)): ?>
                    <tr>
-                        <td colspan="6" class="text-center py-5 text-muted">
+                        <td colspan="7" class="text-center py-5 text-muted">
                            <i class="bi bi-question-circle display-4 d-block mb-3"></i>
                            No inquiries found.
                        </td>
@ -95,7 +99,15 @@ $all_xrays_list = $db->query("SELECT id, name_$lang as name FROM xray_tests ORDE
                    <?php foreach ($inquiries as $inquiry): ?>
                    <tr>
                        <td class="px-4 text-secondary"><?php echo $inquiry['id']; ?></td>
-                        <td class="fw-semibold text-dark"><?php echo htmlspecialchars($inquiry['patient_name']); ?></td>
+                        <td class="fw-semibold text-dark">
                            <?php echo htmlspecialchars($inquiry['official_patient_name'] ?: $inquiry['patient_name']); ?>
                            <?php if ($inquiry['visit_id']): ?>
                                <div class="small text-muted">
                                    <i class="bi bi-calendar-check me-1"></i>
                                    Linked to Visit #<?php echo $inquiry['visit_id']; ?> (<?php echo date('Y-m-d', strtotime($inquiry['visit_date'])); ?>)
                                </div>
                            <?php endif; ?>
                        </td>
                        <td class="text-secondary small"><?php echo $inquiry['inquiry_date']; ?></td>
                        <td>
                            <?php 
@ -107,12 +119,26 @@ $all_xrays_list = $db->query("SELECT id, name_$lang as name FROM xray_tests ORDE
                            <span class="badge <?php echo $status_class; ?>"><?php echo __($inquiry['status']); ?></span>
                        </td>
                        <td>
                            <div class="d-flex flex-wrap gap-1">
                                <?php foreach ($inquiry['items'] as $item): ?>
-                                <span class="badge bg-light text-dark border me-1 mb-1">
+                                    <span class="badge bg-light text-dark border">
                                        <?php echo htmlspecialchars($item['xray_name']); ?>
                                    <?php if ($item['result']): ?>: <span class="text-primary"><?php echo htmlspecialchars($item['result']); ?></span><?php endif; ?>
                                    </span>
                                <?php endforeach; ?>
                            </div>
                        </td>
                        <td>
                            <?php foreach ($inquiry['items'] as $item): ?>
                                <div class="small mb-1 d-flex align-items-center">
                                    <span class="text-muted me-1"><?php echo htmlspecialchars($item['xray_name']); ?>:</span>
                                    <span class="fw-bold me-2"><?php echo htmlspecialchars($item['result'] ?: '-'); ?></span>
                                    <?php if ($item['attachment']): ?>
                                        <a href="<?php echo $item['attachment']; ?>" target="_blank" class="btn btn-sm btn-outline-info py-0 px-1" title="<?php echo __('view_image'); ?>">
                                            <i class="bi bi-image"></i>
                                        </a>
                                    <?php endif; ?>
                                </div>
                            <?php endforeach; ?>
                        </td>
                        <td class="text-end px-4">
                            <div class="btn-group shadow-sm border rounded bg-white">
--- a/lang.php
+++ b/lang.php
@ -185,9 +185,44 @@ $translations = [
        'xray_group' => 'X-Ray Group',
        'groups' => 'Groups',
        'add_xray' => 'Add X-Ray',
-        'xrays' => 'X-Rays'
+        'xrays' => 'X-Rays',
        'company_profile' => 'Company Profile',
        'company_details' => 'Company Details',
        'company_name' => 'Company Name',
        'company_email' => 'Company Email',
        'company_phone' => 'Company Phone',
        'company_address' => 'Company Address',
        'ctr_no' => 'CTR No',
        'registration_no' => 'Registration No',
        'vat_no' => 'VAT No',
        'company_logo' => 'Company Logo',
        'company_favicon' => 'Company Favicon',
        'save_changes' => 'Save Changes',
        'settings_updated_successfully' => 'Settings updated successfully',
        'attachment' => 'Attachment',
        'image' => 'Image',
        'view_current' => 'View Current',
        'view_image' => 'View Image',
        'view_results' => 'View Results',
        'no_data_found' => 'No data found',
        'close' => 'Close',
        'results' => 'Results',
        'laboratory_inquiries' => 'Laboratory Inquiries',
        'xray_inquiries' => 'X-Ray Inquiries'
    ],
    'ar' => [
        'attachment' => 'المرفق',
        'image' => 'الصورة',
        'view_current' => 'عرض الحالي',
        'view_image' => 'عرض الصورة',
        'view_results' => 'عرض النتائج',
        'no_data_found' => 'لم يتم العثور على بيانات',
        'close' => 'إغلاق',
        'results' => 'النتائج',
        'laboratory' => 'المختبر',
        'xray' => 'الأشعة',
        'laboratory_inquiries' => 'استفسارات المختبر',
        'xray_inquiries' => 'استفسارات الأشعة',
        'dashboard' => 'لوحة القيادة',
        'patients' => 'المرضى',
        'doctors' => 'الأطباء',
@ -307,7 +342,7 @@ $translations = [
        'edit_nurse' => 'تعديل ممرضة',
        'update_nurse' => 'تحديث بيانات الممرضة',
        'delete_nurse' => 'حذف ممرضة',
-        'no_nurses_found' => 'لم يتم العور على ممرضات',
+        'no_nurses_found' => 'لم يتم العثور على ممرضات',
        'settings' => 'الإعدادات',
        'employees' => 'الموظفون',
        'poisons' => 'السموم',
@ -372,6 +407,19 @@ $translations = [
        'xray_group' => 'مجموعة الأشعة',
        'groups' => 'المجموعات',
        'add_xray' => 'إضافة أشعة',
-        'xrays' => 'الأشعة'
+        'xrays' => 'الأشعة',
        'company_profile' => 'ملف الشركة',
        'company_details' => 'تفاصيل الشركة',
        'company_name' => 'اسم الشركة',
        'company_email' => 'البريد الإلكتروني للشركة',
        'company_phone' => 'هاتف الشركة',
        'company_address' => 'عنوان الشركة',
        'ctr_no' => 'رقم CTR',
        'registration_no' => 'رقم التسجيل',
        'vat_no' => 'الرقم الضريبي',
        'company_logo' => 'شعار الشركة',
        'company_favicon' => 'أيقونة الشركة',
        'save_changes' => 'حفظ التغييرات',
        'settings_updated_successfully' => 'تم تحديث الإعدادات بنجاح'
    ]
 ];
--- a/settings.php
+++ b/settings.php
@ -0,0 +1,54 @@
 <?php
 $section = 'company_profile';
 require_once __DIR__ . '/db/config.php';
 require_once __DIR__ . '/helpers.php';
 $db = db();
 $lang = $_SESSION['lang'];
 $message = '';
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    foreach ($_POST as $key => $value) {
        if ($key !== 'submit') {
            $stmt = $db->prepare("UPDATE settings SET setting_value = ? WHERE setting_key = ?");
            $stmt->execute([$value, $key]);
        }
    }
    // Handle File Uploads (Logo & Favicon)
    $upload_dir = __DIR__ . '/assets/images/';
    if (!is_dir($upload_dir)) {
        mkdir($upload_dir, 0775, true);
    }
    if (isset($_FILES['company_logo']) && $_FILES['company_logo']['error'] === UPLOAD_ERR_OK) {
        $ext = pathinfo($_FILES['company_logo']['name'], PATHINFO_EXTENSION);
        $logo_name = 'logo_' . time() . '.' . $ext;
        move_uploaded_file($_FILES['company_logo']['tmp_name'], $upload_dir . $logo_name);
        $stmt = $db->prepare("UPDATE settings SET setting_value = ? WHERE setting_key = 'company_logo'");
        $stmt->execute(['assets/images/' . $logo_name]);
    }
    if (isset($_FILES['company_favicon']) && $_FILES['company_favicon']['error'] === UPLOAD_ERR_OK) {
        $ext = pathinfo($_FILES['company_favicon']['name'], PATHINFO_EXTENSION);
        $favicon_name = 'favicon_' . time() . '.' . $ext;
        move_uploaded_file($_FILES['company_favicon']['tmp_name'], $upload_dir . $favicon_name);
        $stmt = $db->prepare("UPDATE settings SET setting_value = ? WHERE setting_key = 'company_favicon'");
        $stmt->execute(['assets/images/' . $favicon_name]);
    }
    $message = __('settings_updated_successfully');
 }
 // Fetch all settings
 $stmt = $db->query("SELECT setting_key, setting_value FROM settings");
 $settings = [];
 while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
    $settings[$row['setting_key']] = $row['setting_value'];
 }
 require_once __DIR__ . '/includes/actions.php';
 require_once __DIR__ . '/includes/common_data.php';
 require_once __DIR__ . '/includes/layout/header.php';
 require_once __DIR__ . '/includes/pages/settings.php';
 require_once __DIR__ . '/includes/layout/footer.php';
		`@ -0,0 +1,2 @@`
							`-- Add attachment column to xray_inquiry_items to store uploaded images/results`
							`ALTER TABLE xray_inquiry_items ADD COLUMN attachment VARCHAR(255) DEFAULT NULL;`