This repository was archived by the owner on Apr 24, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsearchPageAjax.php
More file actions
61 lines (49 loc) · 2.38 KB
/
searchPageAjax.php
File metadata and controls
61 lines (49 loc) · 2.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
include("AES.php");
include("mysqlCredentials.php");
session_start();
if(!isset($_SESSION["isLoggedIn"]))exit("Not logged in");
// We could also do a POST.
$servername = "localhost";
$username = "root";
$password = $MYSQL_Password;
$dbname = "localWebServer";
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password); // Initialize the connection.
$stmt = $conn->prepare("SELECT * FROM staff WHERE username=:username");
$stmt->execute(['username' => $_SESSION["username"]]);
$row = $stmt->fetch();
$sodium = hex2bin(decrypt($_SESSION["shaPass"], $row["localKey"]));
function decryptSodium($data, $sodium){
$data = sodium_crypto_box_seal_open(hex2bin($data), $sodium);
if($data == "")$data = "** Not Filled Out **";
return $data;
}
//Website Method
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password); // Initialize the connection.
$search = $_POST["search"];
$sql = "SELECT * FROM patients WHERE MID_Name LIKE :likeSearch ORDER BY checkIn_Time DESC";
//When new database is put in
//$sql = "SELECT * FROM users where MID_Name like :likeSearch order by MID_WhateverAccessDate desc";
$likeSearch = $search . "%";
$stmt = $conn->prepare($sql);
$stmt->execute(['likeSearch' => $likeSearch]);
$patientRecords = '';
//if ($stmt) {
while ($row = $stmt->fetch()) {
$patientRecords .= "<tr id='tr-id-0' class='tr-class-0' data-title='bootstrap table' data-name='Ash Ketchum'>";
$patientRecords .= "<td id='td-id-0' class='td-class-0' data-title='bootstrap table'>" . decryptSodium($row["MID_Name"],$sodium) . "</td>";
$patientRecords .= "<td data-value='100'>" . decryptSodium($row["MID_Gender"],$sodium) . "</td>";
$patientRecords .= "<td data-text='no'>" . decryptSodium($row["MID_Birthday"],$sodium) . "</td>";
$patientRecords .= "<td>" . decryptSodium($row["MID_City"],$sodium) . "</td>";
$patientRecords .= "<td data-text=''>" . decryptSodium($row["MID_HomePhone"],$sodium) . "</td>";
//Change conditions to check-in time when ready
$patientRecords .= "<td data-text=''>" . decryptSodium($row["checkIn_Time"],$sodium) . "</td>";
$patientRecords .= "<td data-i18n='Actions'>";
$patientRecords .= "<a class='like' href='personalInfo.php?id=".$row["record_ID"]."' title='Like'><i class='fas fa-search'></i></a>";
$patientRecords .= "</td></tr>";
}
//} else {
// echo 'Data Not found';
//}
// echo Everytjing
echo $patientRecords;