453 lines
24 KiB
PHP
453 lines
24 KiB
PHP
<?php
|
|
// includes/actions.php
|
|
$message = '';
|
|
|
|
if (isset($_SESSION['flash_message'])) {
|
|
$message = $_SESSION['flash_message'];
|
|
unset($_SESSION['flash_message']);
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$redirect = false;
|
|
if (isset($_POST['action'])) {
|
|
if ($_POST['action'] === 'add_patient') {
|
|
$name = $_POST['name'] ?? '';
|
|
$phone = $_POST['phone'] ?? '';
|
|
$dob = $_POST['dob'] ?? '';
|
|
$gender = $_POST['gender'] ?? '';
|
|
$blood_group = $_POST['blood_group'] ?? '';
|
|
$address = $_POST['address'] ?? '';
|
|
$insurance_company_id = $_POST['insurance_company_id'] ?: null;
|
|
$policy_number = $_POST['policy_number'] ?? '';
|
|
|
|
if ($name && $phone) {
|
|
$stmt = $db->prepare("INSERT INTO patients (name, phone, dob, gender, blood_group, address, insurance_company_id, policy_number) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name, $phone, $dob, $gender, $blood_group, $address, $insurance_company_id, $policy_number]);
|
|
$_SESSION['flash_message'] = __('add_patient') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_patient') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name = $_POST['name'] ?? '';
|
|
$phone = $_POST['phone'] ?? '';
|
|
$dob = $_POST['dob'] ?? '';
|
|
$gender = $_POST['gender'] ?? '';
|
|
$blood_group = $_POST['blood_group'] ?? '';
|
|
$address = $_POST['address'] ?? '';
|
|
$insurance_company_id = $_POST['insurance_company_id'] ?: null;
|
|
$policy_number = $_POST['policy_number'] ?? '';
|
|
|
|
if ($id && $name && $phone) {
|
|
$stmt = $db->prepare("UPDATE patients SET name = ?, phone = ?, dob = ?, gender = ?, blood_group = ?, address = ?, insurance_company_id = ?, policy_number = ? WHERE id = ?");
|
|
$stmt->execute([$name, $phone, $dob, $gender, $blood_group, $address, $insurance_company_id, $policy_number, $id]);
|
|
$_SESSION['flash_message'] = __('update_patient') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_patient') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM patients WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_patient') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_doctor') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$spec_en = $_POST['specialization_en'] ?? '';
|
|
$spec_ar = $_POST['specialization_ar'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$tel = $_POST['tel'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO doctors (name_en, name_ar, specialization_en, specialization_ar, department_id, tel, email) VALUES (?, ?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $spec_en, $spec_ar, $dept_id, $tel, $email]);
|
|
$_SESSION['flash_message'] = __('add_doctor') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_doctor') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$spec_en = $_POST['specialization_en'] ?? '';
|
|
$spec_ar = $_POST['specialization_ar'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$tel = $_POST['tel'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE doctors SET name_en = ?, name_ar = ?, specialization_en = ?, specialization_ar = ?, department_id = ?, tel = ?, email = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $spec_en, $spec_ar, $dept_id, $tel, $email, $id]);
|
|
$_SESSION['flash_message'] = __('update_doctor') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_doctor') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM doctors WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_doctor') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_nurse') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$tel = $_POST['tel'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO nurses (name_en, name_ar, department_id, tel, email) VALUES (?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $dept_id, $tel, $email]);
|
|
$_SESSION['flash_message'] = __('add_nurse') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_nurse') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$tel = $_POST['tel'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE nurses SET name_en = ?, name_ar = ?, department_id = ?, tel = ?, email = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $dept_id, $tel, $email, $id]);
|
|
$_SESSION['flash_message'] = __('update_nurse') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_nurse') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM nurses WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_nurse') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_department') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO departments (name_en, name_ar) VALUES (?, ?)");
|
|
$stmt->execute([$name_en, $name_ar]);
|
|
$_SESSION['flash_message'] = __('add_department') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_department') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE departments SET name_en = ?, name_ar = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $id]);
|
|
$_SESSION['flash_message'] = __('update_department') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_department') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM departments WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_department') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_insurance') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
$phone = $_POST['phone'] ?? '';
|
|
$contact = $_POST['contact_info'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO insurance_companies (name_en, name_ar, email, phone, contact_info) VALUES (?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $email, $phone, $contact]);
|
|
$_SESSION['flash_message'] = __('insurance_company') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'book_appointment') {
|
|
$patient_id = $_POST['patient_id'] ?? '';
|
|
$doctor_id = $_POST['doctor_id'] ?? '';
|
|
$date = $_POST['date'] ?? '';
|
|
$reason = $_POST['reason'] ?? '';
|
|
|
|
if ($patient_id && $doctor_id && $date) {
|
|
$stmt = $db->prepare("INSERT INTO appointments (patient_id, doctor_id, appointment_date, reason) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$patient_id, $doctor_id, $date, $reason]);
|
|
$_SESSION['flash_message'] = __('book_appointment') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'record_visit') {
|
|
$patient_id = $_POST['patient_id'] ?? '';
|
|
$doctor_id = $_POST['doctor_id'] ?? '';
|
|
$appointment_id = $_POST['appointment_id'] ?: null;
|
|
$weight = $_POST['weight'] ?? '';
|
|
$bp = $_POST['blood_pressure'] ?? '';
|
|
$hr = $_POST['heart_rate'] ?? '';
|
|
$temp = $_POST['temperature'] ?? '';
|
|
$symptoms = $_POST['symptoms'] ?? '';
|
|
$diagnosis = $_POST['diagnosis'] ?? '';
|
|
$treatment = $_POST['treatment_plan'] ?? '';
|
|
|
|
if ($patient_id && $doctor_id) {
|
|
$stmt = $db->prepare("INSERT INTO visits (patient_id, doctor_id, appointment_id, weight, blood_pressure, heart_rate, temperature, symptoms, diagnosis, treatment_plan) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$patient_id, $doctor_id, $appointment_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment]);
|
|
|
|
if ($appointment_id) {
|
|
$db->prepare("UPDATE appointments SET status = 'Completed' WHERE id = ?")->execute([$appointment_id]);
|
|
}
|
|
$_SESSION['flash_message'] = __('visit_recorded');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_visit') {
|
|
$id = $_POST['id'] ?? '';
|
|
$patient_id = $_POST['patient_id'] ?? '';
|
|
$doctor_id = $_POST['doctor_id'] ?? '';
|
|
$weight = $_POST['weight'] ?? '';
|
|
$bp = $_POST['blood_pressure'] ?? '';
|
|
$hr = $_POST['heart_rate'] ?? '';
|
|
$temp = $_POST['temperature'] ?? '';
|
|
$symptoms = $_POST['symptoms'] ?? '';
|
|
$diagnosis = $_POST['diagnosis'] ?? '';
|
|
$treatment = $_POST['treatment_plan'] ?? '';
|
|
|
|
if ($id && $patient_id && $doctor_id) {
|
|
$stmt = $db->prepare("UPDATE visits SET patient_id = ?, doctor_id = ?, weight = ?, blood_pressure = ?, heart_rate = ?, temperature = ?, symptoms = ?, diagnosis = ?, treatment_plan = ? WHERE id = ?");
|
|
$stmt->execute([$patient_id, $doctor_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment, $id]);
|
|
$_SESSION['flash_message'] = __('update_visit') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'create_report') {
|
|
$visit_id = $_POST['visit_id'] ?? '';
|
|
$type = $_POST['report_type'] ?? '';
|
|
$findings = $_POST['findings'] ?? '';
|
|
$recommendations = $_POST['recommendations'] ?? '';
|
|
|
|
if ($visit_id && $type) {
|
|
$stmt = $db->prepare("INSERT INTO provisional_reports (visit_id, report_type, findings, recommendations) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$visit_id, $type, $findings, $recommendations]);
|
|
$_SESSION['flash_message'] = __('report_created');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'create_bill') {
|
|
$patient_id = $_POST['patient_id'] ?? '';
|
|
$visit_id = $_POST['visit_id'] ?: null;
|
|
$items = $_POST['items'] ?? [];
|
|
$amounts = $_POST['amounts'] ?? [];
|
|
|
|
if ($patient_id && !empty($items)) {
|
|
$total = array_sum($amounts);
|
|
|
|
// Check if patient has insurance
|
|
$patient = $db->prepare("SELECT insurance_company_id FROM patients WHERE id = ?");
|
|
$patient->execute([$patient_id]);
|
|
$p_data = $patient->fetch();
|
|
|
|
$insurance_covered = 0;
|
|
if ($p_data && $p_data['insurance_company_id']) {
|
|
// Simple logic: insurance covers 80% if they have insurance
|
|
$insurance_covered = $total * 0.8;
|
|
}
|
|
$patient_payable = $total - $insurance_covered;
|
|
|
|
$stmt = $db->prepare("INSERT INTO bills (patient_id, visit_id, total_amount, insurance_covered, patient_payable, status) VALUES (?, ?, ?, ?, ?, 'Pending')");
|
|
$stmt->execute([$patient_id, $visit_id, $total, $insurance_covered, $patient_payable]);
|
|
$bill_id = $db->lastInsertId();
|
|
|
|
$item_stmt = $db->prepare("INSERT INTO bill_items (bill_id, description, amount) VALUES (?, ?, ?)");
|
|
foreach ($items as $index => $desc) {
|
|
if ($desc && isset($amounts[$index])) {
|
|
$item_stmt->execute([$bill_id, $desc, $amounts[$index]]);
|
|
}
|
|
}
|
|
$_SESSION['flash_message'] = __('bill_created');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'mark_paid') {
|
|
$bill_id = $_POST['bill_id'] ?? '';
|
|
if ($bill_id) {
|
|
$db->prepare("UPDATE bills SET status = 'Paid' WHERE id = ?")->execute([$bill_id]);
|
|
$_SESSION['flash_message'] = __('bill_paid');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_employee') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$dob = $_POST['dob'] ?? '';
|
|
$mobile = $_POST['mobile'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$passion_en = $_POST['passion_en'] ?? '';
|
|
$passion_ar = $_POST['passion_ar'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO employees (name_en, name_ar, dob, mobile, email, department_id, passion_en, passion_ar) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $dob, $mobile, $email, $dept_id, $passion_en, $passion_ar]);
|
|
$_SESSION['flash_message'] = __('add_employee') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_employee') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$dob = $_POST['dob'] ?? '';
|
|
$mobile = $_POST['mobile'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
$dept_id = $_POST['department_id'] ?: null;
|
|
$passion_en = $_POST['passion_en'] ?? '';
|
|
$passion_ar = $_POST['passion_ar'] ?? '';
|
|
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE employees SET name_en = ?, name_ar = ?, dob = ?, mobile = ?, email = ?, department_id = ?, passion_en = ?, passion_ar = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $dob, $mobile, $email, $dept_id, $passion_en, $passion_ar, $id]);
|
|
$_SESSION['flash_message'] = __('update_employee') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_employee') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM employees WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_employee') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_poison') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$desc_en = $_POST['description_en'] ?? '';
|
|
$desc_ar = $_POST['description_ar'] ?? '';
|
|
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO poisons (name_en, name_ar, description_en, description_ar) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $desc_en, $desc_ar]);
|
|
$_SESSION['flash_message'] = __('add_poison') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_poison') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$desc_en = $_POST['description_en'] ?? '';
|
|
$desc_ar = $_POST['description_ar'] ?? '';
|
|
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE poisons SET name_en = ?, name_ar = ?, description_en = ?, description_ar = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $desc_en, $desc_ar, $id]);
|
|
$_SESSION['flash_message'] = __('update_poison') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_poison') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM poisons WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_poison') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_test_group') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO test_groups (name_en, name_ar) VALUES (?, ?)");
|
|
$stmt->execute([$name_en, $name_ar]);
|
|
$_SESSION['flash_message'] = __('add_test_group') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_test_group') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE test_groups SET name_en = ?, name_ar = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $id]);
|
|
$_SESSION['flash_message'] = __('update_test_group') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_test_group') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM test_groups WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_test_group') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_test') {
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$group_id = $_POST['group_id'] ?: null;
|
|
$price = $_POST['price'] ?? 0;
|
|
$range = $_POST['normal_range'] ?? '';
|
|
if ($name_en && $name_ar) {
|
|
$stmt = $db->prepare("INSERT INTO laboratory_tests (name_en, name_ar, group_id, price, normal_range) VALUES (?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name_en, $name_ar, $group_id, $price, $range]);
|
|
$_SESSION['flash_message'] = __('add_test') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_test') {
|
|
$id = $_POST['id'] ?? '';
|
|
$name_en = $_POST['name_en'] ?? '';
|
|
$name_ar = $_POST['name_ar'] ?? '';
|
|
$group_id = $_POST['group_id'] ?: null;
|
|
$price = $_POST['price'] ?? 0;
|
|
$range = $_POST['normal_range'] ?? '';
|
|
if ($id && $name_en && $name_ar) {
|
|
$stmt = $db->prepare("UPDATE laboratory_tests SET name_en = ?, name_ar = ?, group_id = ?, price = ?, normal_range = ? WHERE id = ?");
|
|
$stmt->execute([$name_en, $name_ar, $group_id, $price, $range, $id]);
|
|
$_SESSION['flash_message'] = __('update_test') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_test') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM laboratory_tests WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete_test') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'add_inquiry') {
|
|
$patient_name = $_POST['patient_name'] ?? '';
|
|
$test_id = $_POST['test_id'] ?: null;
|
|
$source = $_POST['source'] ?? 'Internal';
|
|
$date = $_POST['inquiry_date'] ?: date('Y-m-d H:i');
|
|
$status = $_POST['status'] ?? 'Pending';
|
|
$notes = $_POST['notes'] ?? '';
|
|
|
|
if ($patient_name) {
|
|
$stmt = $db->prepare("INSERT INTO laboratory_inquiries (patient_name, test_id, source, inquiry_date, status, notes) VALUES (?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$patient_name, $test_id, $source, $date, $status, $notes]);
|
|
$_SESSION['flash_message'] = __('add_inquiry') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_inquiry') {
|
|
$id = $_POST['id'] ?? '';
|
|
$patient_name = $_POST['patient_name'] ?? '';
|
|
$test_id = $_POST['test_id'] ?: null;
|
|
$source = $_POST['source'] ?? 'Internal';
|
|
$date = $_POST['inquiry_date'] ?: date('Y-m-d H:i');
|
|
$status = $_POST['status'] ?? 'Pending';
|
|
$notes = $_POST['notes'] ?? '';
|
|
|
|
if ($id && $patient_name) {
|
|
$stmt = $db->prepare("UPDATE laboratory_inquiries SET patient_name = ?, test_id = ?, source = ?, inquiry_date = ?, status = ?, notes = ? WHERE id = ?");
|
|
$stmt->execute([$patient_name, $test_id, $source, $date, $status, $notes, $id]);
|
|
$_SESSION['flash_message'] = __('edit_inquiry') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
} elseif ($_POST['action'] === 'delete_inquiry') {
|
|
$id = $_POST['id'] ?? '';
|
|
if ($id) {
|
|
$stmt = $db->prepare("DELETE FROM laboratory_inquiries WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('delete') . ' ' . __('successfully');
|
|
$redirect = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($redirect) {
|
|
header("Location: " . $_SERVER['REQUEST_URI']);
|
|
exit;
|
|
}
|
|
} |