diff --git a/apply_migrations.php b/apply_migrations.php
index 3e8640e..007ed32 100644
--- a/apply_migrations.php
+++ b/apply_migrations.php
@@ -1,18 +1,40 @@
setAttribute(PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true);
$files = glob('db/migrations/*.sql');
sort($files);
foreach ($files as $file) {
echo "Processing $file...\n";
- $sql = file_get_contents($file);
- try {
- $db->exec($sql);
- echo "Done.\n";
- } catch (PDOException $e) {
- echo "Error: " . $e->getMessage() . "\n";
+ $sql_content = file_get_contents($file);
+ $sql_content = preg_replace('/--.*$/m', '', $sql_content);
+ $statements = explode(';', $sql_content);
+
+ foreach ($statements as $sql) {
+ $sql = trim($sql);
+ if (empty($sql)) continue;
+
+ try {
+ // Use query() instead of exec() to handle potential result sets (like SELECT 1)
+ // and close the cursor explicitly.
+ $stmt = $db->query($sql);
+ if ($stmt) {
+ $stmt->closeCursor();
+ }
+ echo "Executed: " . substr(str_replace("\n", " ", $sql), 0, 60) . "...\n";
+ } catch (PDOException $e) {
+ $msg = $e->getMessage();
+ if (strpos($msg, "Duplicate column") !== false ||
+ strpos($msg, "already exists") !== false ||
+ strpos($msg, "Duplicate key") !== false) {
+ echo "Skipped (Exists): " . substr(str_replace("\n", " ", $sql), 0, 60) . "...\n";
+ } else {
+ echo "Error: " . $msg . "\n";
+ }
+ }
}
}
-
+echo "All migrations applied.\n";
diff --git a/db/migrations/20260305_create_suppliers_module.sql b/db/migrations/20260305_create_suppliers_module.sql
new file mode 100644
index 0000000..c8e3b0e
--- /dev/null
+++ b/db/migrations/20260305_create_suppliers_module.sql
@@ -0,0 +1,14 @@
+CREATE TABLE IF NOT EXISTS suppliers (
+ id INT AUTO_INCREMENT PRIMARY KEY,
+ name_en VARCHAR(255) NOT NULL,
+ name_ar VARCHAR(255) NOT NULL,
+ contact_person VARCHAR(255),
+ phone VARCHAR(50),
+ email VARCHAR(100),
+ address TEXT,
+ created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+ALTER TABLE drugs ADD COLUMN expiry_date DATE DEFAULT NULL;
+ALTER TABLE drugs ADD COLUMN supplier_id INT DEFAULT NULL;
+ALTER TABLE drugs ADD CONSTRAINT fk_drugs_supplier FOREIGN KEY (supplier_id) REFERENCES suppliers(id) ON DELETE SET NULL;
diff --git a/drugs.php b/drugs.php
new file mode 100644
index 0000000..810b8fa
--- /dev/null
+++ b/drugs.php
@@ -0,0 +1,12 @@
+prepare("INSERT INTO drugs (name_en, name_ar, group_id, description_en, description_ar, default_dosage, default_instructions, price) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
- $stmt->execute([$name_en, $name_ar, $group_id, $desc_en, $desc_ar, $dosage, $instructions, $price]);
+ $stmt = $db->prepare("INSERT INTO drugs (name_en, name_ar, group_id, description_en, description_ar, default_dosage, default_instructions, price, expiry_date, supplier_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
+ $stmt->execute([$name_en, $name_ar, $group_id, $desc_en, $desc_ar, $dosage, $instructions, $price, $expiry_date, $supplier_id]);
$_SESSION['flash_message'] = __('add_drug') . ' ' . __('successfully');
$redirect = true;
}
@@ -680,10 +681,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$dosage = $_POST['default_dosage'] ?? '';
$instructions = $_POST['default_instructions'] ?? '';
$price = $_POST['price'] ?? 0;
+ $expiry_date = $_POST['expiry_date'] ?: null;
+ $supplier_id = $_POST['supplier_id'] ?: null;
if ($id && $name_en && $name_ar) {
- $stmt = $db->prepare("UPDATE drugs SET name_en = ?, name_ar = ?, group_id = ?, description_en = ?, description_ar = ?, default_dosage = ?, default_instructions = ?, price = ? WHERE id = ?");
- $stmt->execute([$name_en, $name_ar, $group_id, $desc_en, $desc_ar, $dosage, $instructions, $price, $id]);
+ $stmt = $db->prepare("UPDATE drugs SET name_en = ?, name_ar = ?, group_id = ?, description_en = ?, description_ar = ?, default_dosage = ?, default_instructions = ?, price = ?, expiry_date = ?, supplier_id = ? WHERE id = ?");
+ $stmt->execute([$name_en, $name_ar, $group_id, $desc_en, $desc_ar, $dosage, $instructions, $price, $expiry_date, $supplier_id, $id]);
$_SESSION['flash_message'] = __('edit_drug') . ' ' . __('successfully');
$redirect = true;
}
@@ -695,11 +698,143 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$_SESSION['flash_message'] = __('delete') . ' ' . __('successfully');
$redirect = true;
}
+ } elseif ($_POST['action'] === 'add_supplier') {
+ $name_en = $_POST['name_en'] ?? '';
+ $name_ar = $_POST['name_ar'] ?? '';
+ $contact = $_POST['contact_person'] ?? '';
+ $phone = $_POST['phone'] ?? '';
+ $email = $_POST['email'] ?? '';
+ $address = $_POST['address'] ?? '';
+
+ if ($name_en && $name_ar) {
+ $stmt = $db->prepare("INSERT INTO suppliers (name_en, name_ar, contact_person, phone, email, address) VALUES (?, ?, ?, ?, ?, ?)");
+ $stmt->execute([$name_en, $name_ar, $contact, $phone, $email, $address]);
+ $_SESSION['flash_message'] = __('add_supplier') . ' ' . __('successfully');
+ $redirect = true;
+ }
+ } elseif ($_POST['action'] === 'edit_supplier') {
+ $id = $_POST['id'] ?? '';
+ $name_en = $_POST['name_en'] ?? '';
+ $name_ar = $_POST['name_ar'] ?? '';
+ $contact = $_POST['contact_person'] ?? '';
+ $phone = $_POST['phone'] ?? '';
+ $email = $_POST['email'] ?? '';
+ $address = $_POST['address'] ?? '';
+
+ if ($id && $name_en && $name_ar) {
+ $stmt = $db->prepare("UPDATE suppliers SET name_en = ?, name_ar = ?, contact_person = ?, phone = ?, email = ?, address = ? WHERE id = ?");
+ $stmt->execute([$name_en, $name_ar, $contact, $phone, $email, $address, $id]);
+ $_SESSION['flash_message'] = __('edit_supplier') . ' ' . __('successfully');
+ $redirect = true;
+ }
+ } elseif ($_POST['action'] === 'delete_supplier') {
+ $id = $_POST['id'] ?? '';
+ if ($id) {
+ $stmt = $db->prepare("DELETE FROM suppliers WHERE id = ?");
+ $stmt->execute([$id]);
+ $_SESSION['flash_message'] = __('delete') . ' ' . __('successfully');
+ $redirect = true;
+ }
+ } elseif ($_POST['action'] === 'import_drugs_groups') {
+ if (isset($_FILES['csv_file']) && $_FILES['csv_file']['error'] === UPLOAD_ERR_OK) {
+ $file = fopen($_FILES['csv_file']['tmp_name'], 'r');
+ // Skip header
+ fgetcsv($file);
+
+ $stmt = $db->prepare("INSERT INTO drugs_groups (name_en, name_ar) VALUES (?, ?)");
+ $checkStmt = $db->prepare("SELECT id FROM drugs_groups WHERE name_en = ?");
+
+ while (($row = fgetcsv($file)) !== false) {
+ $name_en = $row[0] ?? '';
+ $name_ar = $row[1] ?? '';
+
+ if ($name_en) {
+ // Check duplicate
+ $checkStmt->execute([$name_en]);
+ if (!$checkStmt->fetch()) {
+ $stmt->execute([$name_en, $name_ar]);
+ }
+ }
+ }
+ fclose($file);
+ $_SESSION['flash_message'] = __('import_successfully');
+ $redirect = true;
+ }
+ } elseif ($_POST['action'] === 'import_drugs') {
+ if (isset($_FILES['csv_file']) && $_FILES['csv_file']['error'] === UPLOAD_ERR_OK) {
+ $file = fopen($_FILES['csv_file']['tmp_name'], 'r');
+ // Skip header
+ fgetcsv($file);
+
+ $stmt = $db->prepare("INSERT INTO drugs (name_en, name_ar, group_id, price, expiry_date, supplier_id) VALUES (?, ?, ?, ?, ?, ?)");
+
+ $groupMap = [];
+ $supplierMap = [];
+
+ while (($row = fgetcsv($file)) !== false) {
+ $name_en = $row[0] ?? '';
+ $name_ar = $row[1] ?? '';
+ $group_name = $row[2] ?? '';
+ $price = $row[3] ?? 0;
+ $expiry = $row[4] ?? null; // YYYY-MM-DD
+ $supplier_name = $row[5] ?? '';
+
+ if ($name_en) {
+ $group_id = null;
+ if ($group_name) {
+ if (isset($groupMap[$group_name])) {
+ $group_id = $groupMap[$group_name];
+ } else {
+ $gStmt = $db->prepare("SELECT id FROM drugs_groups WHERE name_en = ? OR name_ar = ?");
+ $gStmt->execute([$group_name, $group_name]);
+ $gRes = $gStmt->fetch();
+ if ($gRes) {
+ $group_id = $gRes['id'];
+ } else {
+ // Create group
+ $cgStmt = $db->prepare("INSERT INTO drugs_groups (name_en, name_ar) VALUES (?, ?)");
+ $cgStmt->execute([$group_name, $group_name]);
+ $group_id = $db->lastInsertId();
+ }
+ $groupMap[$group_name] = $group_id;
+ }
+ }
+
+ $supplier_id = null;
+ if ($supplier_name) {
+ if (isset($supplierMap[$supplier_name])) {
+ $supplier_id = $supplierMap[$supplier_name];
+ } else {
+ $sStmt = $db->prepare("SELECT id FROM suppliers WHERE name_en = ? OR name_ar = ?");
+ $sStmt->execute([$supplier_name, $supplier_name]);
+ $sRes = $sStmt->fetch();
+ if ($sRes) {
+ $supplier_id = $sRes['id'];
+ } else {
+ // Create supplier
+ $csStmt = $db->prepare("INSERT INTO suppliers (name_en, name_ar) VALUES (?, ?)");
+ $csStmt->execute([$supplier_name, $supplier_name]);
+ $supplier_id = $db->lastInsertId();
+ }
+ $supplierMap[$supplier_name] = $supplier_id;
+ }
+ }
+
+ // Validate date
+ if ($expiry && !strtotime($expiry)) $expiry = null;
+ $stmt->execute([$name_en, $name_ar, $group_id, $price, $expiry, $supplier_id]);
+ }
+ }
+ fclose($file);
+ $_SESSION['flash_message'] = __('import_successfully');
+ $redirect = true;
+ }
+ }
}
if ($redirect) {
header("Location: " . $_SERVER['REQUEST_URI']);
exit;
}
-}
+}
\ No newline at end of file
diff --git a/includes/layout/header.php b/includes/layout/header.php
index df40957..96f3754 100644
--- a/includes/layout/header.php
+++ b/includes/layout/header.php
@@ -120,14 +120,15 @@ $site_favicon = !empty($site_settings['company_favicon']) ? $site_settings['comp
-
-