代码拉取完成,页面将自动刷新
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
<?php
// check the input
function check($value)
{
if (get_magic_quotes_gpc()) {
$value = htmlspecialchars(trim($value));
} else {
$value = addslashes(htmlspecialchars(trim($value)));
}
return $value;
}
session_start();
if (!isset($_SESSION['username']) or !isset($_SESSION['identity']) or ($_SESSION['identity'] != 0 && $_SESSION['identity'] != 1)) {
header("Location:login.php");
exit();
}
$username = $_SESSION['username'];
$name = check($_POST['name']);
if (isset($_POST['Pid'])) {
$pid = check($_POST['Pid']);
}
if (isset($_POST['PtelNo'])) {
$ptelno = check($_POST['PtelNo']);
}
if (isset($_POST['PmedicareCard'])) {
$pmcard = check($_POST['PmedicareCard']);
}
if (isset($_POST['Dtitle'])) {
$dtitle = check($_POST['Dtitle']);
}
if (isset($_POST['Department'])) {
$department = check($_POST['Department']);
}
if ($_SESSION['identity'] == 0) { // patient
if ($pid != "" || strlen($pid) != 18 ) {
echo "
<script>
alert('身份证号有误!!');
window.location.href = 'patient_patient.php';
</script>
";
exit();
}
if ( strlen($ptelno) != 11) {
echo "
<script>
alert('手机号需为11位!!');
window.location.href = 'patient_patient.php';
</script>
";
exit();
}
$db = @mysqli_connect("localhost", "root", "123456", "MIS");
if (!$db) {
die("Fail to connect the database!!" . mysqli_connect_error());
}
mysqli_query($db, "begin");
mysqli_query($db, "set names utf8");
$result1 = mysqli_query($db, "UPDATE Patient SET Pname='$name', Pid='$pid', PtelNo='$ptelno',
PmedicareCard='$pmcard' WHERE Pno='$username'");
$result2 = mysqli_query($db, "UPDATE User SET name='$name' WHERE username='$username'");
if ($result1 && $result2) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('个人信息保存成功!!');
window.location.href = 'patient_patient.php';
</script>
";
exit();
} else {
echo '保存失败!!', mysqli_error($db), '<br />';
echo 'Click here to <a href="javascript:history.back(-1);">go back</a> and retry..';
mysqli_query($db, "rollback");
mysqli_close($db);
exit();
}
} elseif ($_SESSION['identity'] == 1) { // doctor
$db = @mysqli_connect("localhost", "root", "123456", "MIS");
if (!$db) {
die("Fail to connect the database!!" . mysqli_connect_error());
}
mysqli_query($db, "begin");
mysqli_query($db, "set names utf8");
$result1 = mysqli_query($db, "UPDATE Doctor SET Dname='$name', Department='$department', Dtitle='$dtitle' WHERE Dno='$username'");
$result2 = mysqli_query($db, "UPDATE User SET name='$name' WHERE username='$username'");
if ($result1 && $result2) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('个人信息保存成功!!');
window.location.href = 'doctor_doctor.php';
</script>
";
exit();
} else {
echo '保存失败!!', mysqli_error($db), '<br />';
echo 'Click here to <a href="javascript:history.back(-1);">go back</a> and retry..';
mysqli_query($db, "rollback");
mysqli_close($db);
exit();
}
}
?>
Loading...
举报
请认真填写举报原因,尽可能描述详细。
请选择举报类型
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化