protected void btnSubmit_Click(object sender, EventArgs e)
{
// Converts image file into byte[]
byte[] imgData = FileUpload.FileBytes;
int fileLen = FileUpload.PostedFile.ContentLength;
byte[] input = new byte[fileLen - 1];
input = FileUpload.FileBytes;
SqlParameter[] parameterList =
{
new SqlParameter("@Id", (object)0),
new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
new SqlParameter("@First_Name", txtFirstName.Text.Trim()),
new SqlParameter("@Last_Name", txtLastName.Text.Trim()),
new SqlParameter("@Sex", ddlSex.SelectedItem.Value),
new SqlParameter("@Hospital", txtHospitalName.Text.Trim()),
new SqlParameter("@Phone", txtPhone.Text.Trim()),
new SqlParameter("@Address", txtAddress.Text.Trim()),
new SqlParameter("@City", txtCity.Text.Trim()),
new SqlParameter("@County", txtCounty.Text.Trim()),
new SqlParameter("@Image", imgData)
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveDoctorProfile", parameterList);
if (i == 1)
{
Response.Redirect("frmMyPatients.aspx");
}
;
}
protected void btnSendRequest_Click(object sender, EventArgs e)
{
try
{
SqlParameter[] parameterList =
{
new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
new SqlParameter("@Status", Status.Request.New),
new SqlParameter("@RequestTable", CreateRequestIdTable()),
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveRequest", parameterList);
if (i == 1)
{
Response.Redirect("frmMyPatients.aspx");
}
;
}
catch (SqlException ex)
{
Response.Write("<script>alert('Already sent the Request');</script>");
}
catch (Exception ex)
{
Response.Write("<script>alert('" + ex.Message + "');</script>");
}
}
private void PatientProfileById(int Id, string OTP)
{
string FirstName = string.Empty;
string LastName = string.Empty;
string Email = string.Empty;
string MailBody = string.Empty;
SqlParameter[] parameterList =
{
new SqlParameter("@Id", Id)
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadPatientProfileById", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
FirstName = ds.Tables["Table"].Rows[0]["First_Name"].ToString();
LastName = ds.Tables["Table"].Rows[0]["Last_Name"].ToString();
}
MailBody = FirstName + " " + LastName + "'s OTP is " + OTP;
SendMail(txtEmail.Value.Trim(), FirstName, LastName, "EHR OTP", MailBody);
}
private void CountNewRequest()
{
SqlParameter[] parameterList =
{
new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
new SqlParameter("@Status", Status.Request.New)
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_CountAllRequest", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
Int32 i = Convert.ToInt32(ds.Tables[0].Rows[0]["TotalNewRequests"]);
if (i > 0)
{
hyplnkCount.Text = "You have " + ds.Tables[0].Rows[0]["TotalNewRequests"] + " New Request";
}
else
{
hyplnkCount.Visible = false;
}
}
}
private void LoadPatients()
{
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadAllPatients");
grvPatients.DataSource = ds;
grvPatients.DataBind();
}
private void UpdateRequestStatus(int Id, int Status)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Id", Id),
new SqlParameter("@Status", Status)
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_UpdateRequest", parameterList);
}
private void LoadRequests()
{
SqlParameter[] parameterList =
{
new SqlParameter("@Account_Id", Session["AccountId"].ToString())
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadRequests", parameterList);
grvRequests.DataSource = ds;
grvRequests.DataBind();
}
private void LoadPatientProfile(int Id)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Id", Id)
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
//Byte[] data = new Byte[0];
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadPatientProfileById", parameterList);
Byte[] imgbyte = (Byte[])(ds.Tables[0].Rows[0]["Image"]);
Response.BinaryWrite(imgbyte);
}
private void LoadMedication(int FromId, int ToId)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Account_Id", FromId),
new SqlParameter("@ToId", ToId)
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadMedication", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
grvMedication.DataSource = ds;
grvMedication.DataBind();
}
}
protected void btnVerify_Click(object sender, EventArgs e)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Id", txtHidden.Value.Trim()),
new SqlParameter("@OTP", txtOTP.Text.Trim())
};
// string sstr = Server.UrlEncode(EHRDataManager.Encrypt(txtHidden.Value.Trim(), "gftj-5dx7-lsavv1"));
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_verifyOTP", parameterList);
if (i == 1)
{
Response.Redirect("frmView.aspx?ReqId='" + Server.UrlEncode(EHRDataManager.Encrypt(txtHidden.Value.Trim(), "gftj-5dx7-lsavv1")) + "'");
}
;
}
protected void btnAdd_Click(object sender, EventArgs e)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
new SqlParameter("@ToId", Session["ToId"].ToString()),
new SqlParameter("@Medication", txtMedications.Text.Trim()),
new SqlParameter("@Prescription", txtPrescription.Text.Trim())
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveMedication", parameterList);
if (i == 1)
{
Response.Redirect("frmMyPatients.aspx");
}
;
}
private void LoadDoctorProfile(int Id)
{
SqlParameter[] parameterList =
{
new SqlParameter("@Id", Id)
};
dbConnection db = new dbConnection();
DataSet ds = new DataSet();
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_LoadDoctorProfileById", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
lblFirstName.Text = ds.Tables["Table"].Rows[0]["First_Name"].ToString();
lblLastName.Text = ds.Tables["Table"].Rows[0]["Last_Name"].ToString();
lblHospital.Text = ds.Tables["Table"].Rows[0]["Hospital_Name"].ToString();
lblPhone.Text = ds.Tables["Table"].Rows[0]["Phone"].ToString();
txtEmail.Value = ds.Tables["Table"].Rows[0]["Email"].ToString();
}
}
protected void btnAcceptRequest_Click(object sender, EventArgs e)
{
EHROTP OTP = new EHROTP();
string strOTP = string.Empty;
strOTP = OTP.GenerateOTP(true, 4);
SqlParameter[] parameterList =
{
new SqlParameter("@Id", Convert.ToInt32(Session["ReqId"])),
new SqlParameter("@OTP", strOTP)
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SaveOTP", parameterList);
PatientProfileById(Convert.ToInt32(Session["ReqId"]), strOTP);
UpdateRequestStatus(Convert.ToInt32(Session["ReqId"]), Convert.ToInt32(Status.Request.Accepted));
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
try
{
// Converts image file into byte[]
byte[] imgData = FileUpload.FileBytes;
SqlParameter[] parameterList =
{
new SqlParameter("@Id", (object)0),
new SqlParameter("@Account_Id", Session["AccountId"].ToString()),
new SqlParameter("@PPSN", txtPPSN.Text.Trim()),
new SqlParameter("@First_Name", txtFirstName.Text.Trim()),
new SqlParameter("@Last_Name", txtLastName.Text.Trim()),
new SqlParameter("@Sex", ddlSex.SelectedItem.Value),
new SqlParameter("@DOB", txtDOB.Text.Trim()),
new SqlParameter("@Nextofkin", txtNextofKin.Text.Trim()),
new SqlParameter("@Phone", txtPhone.Text.Trim()),
new SqlParameter("@Address", txtAddress.Text.Trim()),
new SqlParameter("@City", txtCity.Text.Trim()),
new SqlParameter("@County", txtCounty.Text.Trim()),
new SqlParameter("@Image", imgData)
};
dbConnection db = new dbConnection();
int i = db.ExecuteNonQuery(CommandType.StoredProcedure, "usp_SavePatientProfile", parameterList);
if (i == 1)
{
Response.Redirect("frmMyDoctors.aspx");
}
;
}
catch (Exception ex)
{
Response.Write("<script>alert('" + ex.Message + "');</script>");
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
Session.RemoveAll();
DataSet ds = new DataSet();
SqlParameter[] parameterList =
{
new SqlParameter("@Email", txtEmail.Text.Trim()),
new SqlParameter("@Pwd", EHRDataManager.Encrypt(txtPassword.Text.Trim(),"gftj-5dx7-lsavv1")),
new SqlParameter("@Role", hdnRole.Value.Trim())
};
dbConnection db = new dbConnection();
#region Patient Login
// 1 Means Patient
if (Convert.ToInt32(hdnRole.Value.Trim()) == 1)
{
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_PatientLogin", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
if (Convert.ToInt32(ds.Tables[0].Rows[0]["Account_Id"]) != 0)
{
Session["AccountId"] = ds.Tables[0].Rows[0]["Id"];
Session["Role"] = ds.Tables[0].Rows[0]["Role"];
Response.Redirect("frmMyDoctors.aspx");
}
else
{
Response.Redirect("frmPatientProfile.aspx");
}
}
else
{
Response.Write("<script>alert('Invalid User');</script>");
}
}
#endregion
#region Doctor Login
// 2 Means Doctor
if (Convert.ToInt32(hdnRole.Value.Trim()) == 2)
{
ds = db.ExecuteQuery(CommandType.StoredProcedure, "usp_DoctorLogin", parameterList);
if (ds.Tables[0].Rows.Count > 0)
{
if (Convert.ToInt32(ds.Tables[0].Rows[0]["Account_Id"]) != 0)
{
Session["AccountId"] = ds.Tables[0].Rows[0]["Id"];
Session["Role"] = ds.Tables[0].Rows[0]["Role"];
Response.Redirect("frmMyPatients.aspx");
}
else
{
Response.Redirect("frmDoctorProfile.aspx");
}
}
else
{
Response.Write("<script>alert('Invalid User');</script>");
}
}
#endregion
}