Beispiel #1
0
        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            // Converts image file into byte[]
            byte[] imgData = FileUpload.FileBytes;

            int fileLen = FileUpload.PostedFile.ContentLength;

            byte[] input = new byte[fileLen - 1];
            input = FileUpload.FileBytes;

            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id",         (object)0),
                new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
                new SqlParameter("@First_Name", txtFirstName.Text.Trim()),
                new SqlParameter("@Last_Name",  txtLastName.Text.Trim()),
                new SqlParameter("@Sex",        ddlSex.SelectedItem.Value),
                new SqlParameter("@Hospital",   txtHospitalName.Text.Trim()),
                new SqlParameter("@Phone",      txtPhone.Text.Trim()),
                new SqlParameter("@Address",    txtAddress.Text.Trim()),
                new SqlParameter("@City",       txtCity.Text.Trim()),
                new SqlParameter("@County",     txtCounty.Text.Trim()),
                new SqlParameter("@Image",      imgData)
            };

            dbConnection db = new dbConnection();
            int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveDoctorProfile", parameterList);

            if (i == 1)
            {
                Response.Redirect("frmMyPatients.aspx");
            }
            ;
        }
Beispiel #2
0
        protected void btnSendRequest_Click(object sender, EventArgs e)
        {
            try
            {
                SqlParameter[] parameterList =
                {
                    new SqlParameter("@Account_Id",   Session["AccountId"].ToString()),
                    new SqlParameter("@Status",       Status.Request.New),
                    new SqlParameter("@RequestTable", CreateRequestIdTable()),
                };

                dbConnection db = new dbConnection();
                int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveRequest", parameterList);
                if (i == 1)
                {
                    Response.Redirect("frmMyPatients.aspx");
                }
                ;
            }
            catch (SqlException ex)
            {
                Response.Write("<script>alert('Already sent the Request');</script>");
            }
            catch (Exception ex)
            {
                Response.Write("<script>alert('" + ex.Message + "');</script>");
            }
        }
        private void PatientProfileById(int Id, string OTP)
        {
            string FirstName = string.Empty;
            string LastName  = string.Empty;
            string Email     = string.Empty;
            string MailBody  = string.Empty;

            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id", Id)
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadPatientProfileById", parameterList);
            if (ds.Tables[0].Rows.Count > 0)
            {
                FirstName = ds.Tables["Table"].Rows[0]["First_Name"].ToString();
                LastName  = ds.Tables["Table"].Rows[0]["Last_Name"].ToString();
            }

            MailBody = FirstName + " " + LastName + "'s OTP is " + OTP;
            SendMail(txtEmail.Value.Trim(), FirstName, LastName, "EHR OTP", MailBody);
        }
Beispiel #4
0
        private void CountNewRequest()
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
                new SqlParameter("@Status",     Status.Request.New)
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_CountAllRequest", parameterList);
            if (ds.Tables[0].Rows.Count > 0)
            {
                Int32 i = Convert.ToInt32(ds.Tables[0].Rows[0]["TotalNewRequests"]);
                if (i > 0)
                {
                    hyplnkCount.Text = "You have  " + ds.Tables[0].Rows[0]["TotalNewRequests"] + "  New Request";
                }
                else
                {
                    hyplnkCount.Visible = false;
                }
            }
        }
Beispiel #5
0
        private void LoadPatients()
        {
            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadAllPatients");
            grvPatients.DataSource = ds;
            grvPatients.DataBind();
        }
        private void UpdateRequestStatus(int Id, int Status)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id",     Id),
                new SqlParameter("@Status", Status)
            };

            dbConnection db = new dbConnection();
            int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_UpdateRequest", parameterList);
        }
Beispiel #7
0
        private void LoadRequests()
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Account_Id", Session["AccountId"].ToString())
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadRequests", parameterList);
            grvRequests.DataSource = ds;
            grvRequests.DataBind();
        }
Beispiel #8
0
        private void LoadPatientProfile(int Id)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id", Id)
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            //Byte[] data = new Byte[0];


            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadPatientProfileById", parameterList);
            Byte[] imgbyte = (Byte[])(ds.Tables[0].Rows[0]["Image"]);
            Response.BinaryWrite(imgbyte);
        }
Beispiel #9
0
        private void LoadMedication(int FromId, int ToId)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Account_Id", FromId),
                new SqlParameter("@ToId",       ToId)
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadMedication", parameterList);
            if (ds.Tables[0].Rows.Count > 0)
            {
                grvMedication.DataSource = ds;
                grvMedication.DataBind();
            }
        }
Beispiel #10
0
        protected void btnVerify_Click(object sender, EventArgs e)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id",  txtHidden.Value.Trim()),
                new SqlParameter("@OTP", txtOTP.Text.Trim())
            };

            // string sstr = Server.UrlEncode(EHRDataManager.Encrypt(txtHidden.Value.Trim(), "gftj-5dx7-lsavv1"));
            dbConnection db = new dbConnection();
            int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_verifyOTP", parameterList);

            if (i == 1)
            {
                Response.Redirect("frmView.aspx?ReqId='" + Server.UrlEncode(EHRDataManager.Encrypt(txtHidden.Value.Trim(), "gftj-5dx7-lsavv1")) + "'");
            }
            ;
        }
Beispiel #11
0
        protected void btnAdd_Click(object sender, EventArgs e)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Account_Id",   Session["AccountId"].ToString()),
                new SqlParameter("@ToId",         Session["ToId"].ToString()),
                new SqlParameter("@Medication",   txtMedications.Text.Trim()),
                new SqlParameter("@Prescription", txtPrescription.Text.Trim())
            };

            dbConnection db = new dbConnection();
            int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveMedication", parameterList);

            if (i == 1)
            {
                Response.Redirect("frmMyPatients.aspx");
            }
            ;
        }
        private void LoadDoctorProfile(int Id)
        {
            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id", Id)
            };

            dbConnection db = new dbConnection();
            DataSet      ds = new DataSet();

            ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadDoctorProfileById", parameterList);
            if (ds.Tables[0].Rows.Count > 0)
            {
                lblFirstName.Text = ds.Tables["Table"].Rows[0]["First_Name"].ToString();
                lblLastName.Text  = ds.Tables["Table"].Rows[0]["Last_Name"].ToString();
                lblHospital.Text  = ds.Tables["Table"].Rows[0]["Hospital_Name"].ToString();
                lblPhone.Text     = ds.Tables["Table"].Rows[0]["Phone"].ToString();
                txtEmail.Value    = ds.Tables["Table"].Rows[0]["Email"].ToString();
            }
        }
        protected void btnAcceptRequest_Click(object sender, EventArgs e)
        {
            EHROTP OTP    = new EHROTP();
            string strOTP = string.Empty;

            strOTP = OTP.GenerateOTP(true, 4);

            SqlParameter[] parameterList =
            {
                new SqlParameter("@Id",  Convert.ToInt32(Session["ReqId"])),
                new SqlParameter("@OTP", strOTP)
            };

            dbConnection db = new dbConnection();
            int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveOTP", parameterList);

            PatientProfileById(Convert.ToInt32(Session["ReqId"]), strOTP);

            UpdateRequestStatus(Convert.ToInt32(Session["ReqId"]), Convert.ToInt32(Status.Request.Accepted));
        }
        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            try
            {
                // Converts image file into byte[]
                byte[] imgData = FileUpload.FileBytes;

                SqlParameter[] parameterList =
                {
                    new SqlParameter("@Id",         (object)0),
                    new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
                    new SqlParameter("@PPSN",       txtPPSN.Text.Trim()),
                    new SqlParameter("@First_Name", txtFirstName.Text.Trim()),
                    new SqlParameter("@Last_Name",  txtLastName.Text.Trim()),
                    new SqlParameter("@Sex",        ddlSex.SelectedItem.Value),
                    new SqlParameter("@DOB",        txtDOB.Text.Trim()),
                    new SqlParameter("@Nextofkin",  txtNextofKin.Text.Trim()),
                    new SqlParameter("@Phone",      txtPhone.Text.Trim()),
                    new SqlParameter("@Address",    txtAddress.Text.Trim()),
                    new SqlParameter("@City",       txtCity.Text.Trim()),
                    new SqlParameter("@County",     txtCounty.Text.Trim()),
                    new SqlParameter("@Image",      imgData)
                };

                dbConnection db = new dbConnection();
                int          i  = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SavePatientProfile", parameterList);
                if (i == 1)
                {
                    Response.Redirect("frmMyDoctors.aspx");
                }
                ;
            }
            catch (Exception ex)
            {
                Response.Write("<script>alert('" + ex.Message + "');</script>");
            }
        }
Beispiel #15
0
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            Session.RemoveAll();

            DataSet ds = new DataSet();

            SqlParameter[] parameterList =
            {
                new SqlParameter("@Email", txtEmail.Text.Trim()),
                new SqlParameter("@Pwd",   EHRDataManager.Encrypt(txtPassword.Text.Trim(),"gftj-5dx7-lsavv1")),
                new SqlParameter("@Role",  hdnRole.Value.Trim())
            };

            dbConnection db = new dbConnection();

            #region Patient Login
            // 1 Means Patient
            if (Convert.ToInt32(hdnRole.Value.Trim()) == 1)
            {
                ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_PatientLogin", parameterList);

                if (ds.Tables[0].Rows.Count > 0)
                {
                    if (Convert.ToInt32(ds.Tables[0].Rows[0]["Account_Id"]) != 0)
                    {
                        Session["AccountId"] = ds.Tables[0].Rows[0]["Id"];
                        Session["Role"]      = ds.Tables[0].Rows[0]["Role"];
                        Response.Redirect("frmMyDoctors.aspx");
                    }
                    else
                    {
                        Response.Redirect("frmPatientProfile.aspx");
                    }
                }
                else
                {
                    Response.Write("<script>alert('Invalid User');</script>");
                }
            }
            #endregion

            #region Doctor Login
            // 2 Means Doctor
            if (Convert.ToInt32(hdnRole.Value.Trim()) == 2)
            {
                ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_DoctorLogin", parameterList);

                if (ds.Tables[0].Rows.Count > 0)
                {
                    if (Convert.ToInt32(ds.Tables[0].Rows[0]["Account_Id"]) != 0)
                    {
                        Session["AccountId"] = ds.Tables[0].Rows[0]["Id"];
                        Session["Role"]      = ds.Tables[0].Rows[0]["Role"];
                        Response.Redirect("frmMyPatients.aspx");
                    }
                    else
                    {
                        Response.Redirect("frmDoctorProfile.aspx");
                    }
                }
                else
                {
                    Response.Write("<script>alert('Invalid User');</script>");
                }
            }
            #endregion
        }