代码拉取完成,页面将自动刷新
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
<?php
// check the input 患者预约挂号 在medicalrecord里记录下来
function check($value)
{
if (get_magic_quotes_gpc()) {
$value = htmlspecialchars(trim($value));
} else {
$value = addslashes(htmlspecialchars(trim($value)));
}
return $value;
}
session_start();
if (!isset($_SESSION['username']) or !isset($_SESSION['identity']) or $_SESSION['identity'] != 0) {
header("Location:login.php");
exit();
}
date_default_timezone_set('PRC'); //北京时间
$username = $_SESSION['username'];
$Sno = check($_POST['Sno']);
$operation = $_POST['operation_choice'];
if ($operation == 1) { // select
if ($Sno == "") {
echo "
<script>
alert('未选择号源!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} else {
$db = @mysqli_connect("localhost", "root", "123456", "MIS");
if (!$db) {
die("Fail to connect the database!!" . mysqli_connect_error());
}
mysqli_query($db, "begin");
mysqli_query($db, "set names utf8");
$check_MedicalRecord = mysqli_query($db, "SELECT * FROM MedicalRecord WHERE Sno='$Sno' AND Pno='$username' for update");
if (mysqli_fetch_array($check_MedicalRecord)) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('该号已预约成功,无需重复预约!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
}
//别人已约的号不能再约
$check_Sno = mysqli_query($db, "SELECT * FROM Schedule WHERE Sno='$Sno' for update");
$schedule_info = mysqli_fetch_array($check_Sno);
if ($schedule_info) {
$appointed = $schedule_info['AppointedOrNot'];
if (!strcmp("已约",$appointed)) { //这里应该appointed不用引号?
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('该号已被他人预约!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} else {
$result1 = mysqli_query($db, " UPDATE Schedule SET AppointedOrNot = '已约' WHERE Sno='$Sno' ");
$Dno = $schedule_info['Dno'];
$result2 = mysqli_query($db, "INSERT INTO MedicalRecord(Pno, Sno,Dno) VALUES ('$username', '$Sno','$Dno')"); //还有Dno
$result3 = mysqli_query($db, "INSERT INTO Prescription(Pno, Sno) VALUES ('$username', '$Sno')");
if ($result1 && $result2 && $result3) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('挂号成功!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} else {
echo '挂号失败!!', mysqli_error($db), '<br />';
echo 'Click here to <a href="javascript:history.back(-1);">go back</a> and retry..';
mysqli_query($db, "rollback");
mysqli_close($db);
exit();
}
}
} else {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('该号源不存在!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
}
}
} elseif ($operation == -1) { // withdraw 撤销预约挂号
if ($Sno == "") {
echo "
<script>
alert('未选择号源!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} else {
$db = @mysqli_connect("localhost", "root", "123456", "MIS");
if (!$db) {
die("Fail to connect the database!!" . mysqli_connect_error());
}
mysqli_query($db, "begin");
mysqli_query($db, "set names utf8");
$check_MedicalRecord = mysqli_query($db, "SELECT * FROM MedicalRecord WHERE Sno='$Sno' AND Pno='$username' for update");
$medicalrecord = mysqli_fetch_array($check_MedicalRecord);
$current_time = date("y-m-d h:i:s");
$check_time = mysqli_query($db, "SELECT * FROM Schedule WHERE Sno='$Sno' for update");
$schedule_info = mysqli_fetch_array($check_time);
$start_time = $schedule_info['StartTime'];
if ($medicalrecord) {
if (strtotime($current_time)>= strtotime($start_time) ) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('当前时间晚于预约时间,该预约已经无法撤销!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} // 可能还有点问题 主要是mysql timestamp,不知道能不能用strtotime
$result1 = mysqli_query($db, "UPDATE Schedule SET AppointedOrNot ='未约' WHERE Sno='$Sno'");
$result2 = mysqli_query($db, "DELETE FROM MedicalRecord WHERE Sno='$Sno' AND Pno='$username'");
$result3 = mysqli_query($db, "DELETE FROM Prescription WHERE Sno='$Sno' AND Pno='$username'");
if ($result1 && $result2) {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('预约取消成功!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
} else {
echo '取消失败!!', mysqli_error($db), '<br />';
echo 'Click here to <a href="javascript:history.back(-1);">go back</a> and retry..';
mysqli_query($db, "rollback");
mysqli_close($db);
exit();
}
} else {
mysqli_query($db, "commit");
mysqli_close($db);
echo "
<script>
alert('相应挂号信息不存在!!');
window.location.href = 'patient_schedule.php';
</script>
";
exit();
}
}
}
?>
Loading...
举报
请认真填写举报原因,尽可能描述详细。
请选择举报类型
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化