def employeeEdit():
name = request.form['name']
email = request.form['email']
phone = request.form['phone']
value = request.form['value']
if name == '' or email == '' or phone == '' or value == '':
flash(u'Empty fields are not allowed', 'Error')
return redirect(url_for("employees.employees"))
try:
email.index('@')
email.index('.')
except:
flash(u'invalid email', 'Error')
return redirect(url_for("employees.employees"))
cursor = mysql.get_db().cursor()
cursor.execute("""
UPDATE `com_nucleo_medico_empleados`
SET `nombre`=%s,`correo`=%s,`telefono`=%s
WHERE `id`=%s
""", (name, email, phone, value))
mysql.get_db().commit()
return redirect(url_for('employees.employees'))
def laboratoriesAdd():
name = request.form['name']
email = request.form['email']
address = request.form['address']
phone = request.form['phone']
if name == '' or email == '' or address == '' or phone == '':
flash(u'Empty fields are not allowed', 'Error')
return redirect(url_for("laboratories.laboratories"))
try:
email.index('@')
email.index('.')
except:
flash(u'Invalid email', 'Error')
return redirect(url_for("laboratories.laboratories"))
cursor = mysql.get_db().cursor()
cursor.execute(
"""
INSERT INTO `com_nucleo_medico_laboratorios` (`own`, `name`, `email`, `address`, `telephone`)
VALUES (%s, %s, %s, %s, %s)
""", (session['id'], name, email, address, phone))
mysql.get_db().commit()
return redirect(url_for("laboratories.laboratories"))
def laboratoriesEdit():
name = request.form['name']
email = request.form['email']
address = request.form['address']
phone = request.form['phone']
id = request.form['id']
if name == '' or email == '' or address == '' or phone == '' or id == '':
flash(u'Empty fields are not allowed', 'Error')
return redirect(url_for("laboratories.laboratories"))
try:
email.index('@')
email.index('.')
except:
flash(u'invalid email', 'Error')
return redirect(url_for("laboratories.laboratories"))
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_laboratorios` SET `name`=%s,`email`=%s,`address`=%s,`telephone`=%s
WHERE `id` = %s""", (name, email, address, phone, id))
mysql.get_db().commit()
return redirect(url_for("laboratories.laboratories"))
def providersRestore():
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_proveedores`
SET `isDelete`= 0
WHERE `id` LIKE %s""", (request.form['value']))
mysql.get_db().commit()
return redirect(url_for("providers.providers"))
def medicinesAdd():
cursor = mysql.get_db().cursor()
cursor.execute(
"""INSERT INTO `com_nucleo_medico_medicamentos`(`own`, `name`, `expiration`, `laboratory`, `provider`, `delete`) VALUES (%s, %s, %s, %s, %s, 0)""",
(session['id'], request.form['name'], request.form['expiration'],
request.form['laboratories'], request.form['providers']))
mysql.get_db().commit()
return redirect(url_for("medicines.medicines"))
def providersEdit():
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_proveedores` SET `name`=%s,`email`=%s,`address`=%s,`telephone`=%s
WHERE `id` = %s""",
(request.form['name'], request.form['email'], request.form['address'],
request.form['phone'], request.form['id']))
mysql.get_db().commit()
return redirect(url_for("providers.providers"))
def medicinesDelete():
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_medicamentos`
SET `delete`= 1
WHERE `id` LIKE %s""", (request.form['value']))
mysql.get_db().commit()
return redirect(url_for("medicines.medicines"))
def employeeRestore():
cursor = mysql.get_db().cursor()
cursor.execute("""
UPDATE `com_nucleo_medico_empleados` SET `status`= 0 WHERE `id` = %s
""", (request.form['value']))
mysql.get_db().commit()
return redirect(url_for('employees.employees'))
def laboratoriesDelete():
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_laboratorios`
SET `isDelete`= 1
WHERE `id` LIKE %s""", (request.form['value']))
mysql.get_db().commit()
return redirect(url_for("laboratories.laboratories"))
def providersAdd():
cursor = mysql.get_db().cursor()
cursor.execute(
"""INSERT INTO `com_nucleo_medico_proveedores`(`own`, `name`, `email`, `address`, `telephone`, `isDelete`)
VALUES (%s, %s, %s, %s, %s, 0)""",
(session['id'], request.form['name'], request.form['email'],
request.form['address'], request.form['phone']))
mysql.get_db().commit()
return redirect(url_for("providers.providers"))
def medicinesEdit():
cursor = mysql.get_db().cursor()
cursor.execute(
"""UPDATE `com_nucleo_medico_medicamentos` SET `name`=%s,`expiration`=%s,`laboratory`=%s,`provider`=%s WHERE `id` LIKE %s""",
(request.form['name'], request.form['expiration'],
request.form['laboratories'], request.form['providers'],
request.form['id']))
mysql.get_db().commit()
return redirect(url_for("medicines.medicines"))
def appointmentsCheck():
cursor = mysql.get_db().cursor()
cursor.execute(
"""
UPDATE `com_nucleo_medico_citas`
SET `status`= 1
WHERE `id`= %s
""", (request.form['id']))
mysql.get_db().commit()
return redirect(url_for('appointments.appointments'))
def appointments():
cursor = mysql.get_db().cursor()
try:
date = request.form['date']
except:
date = datetime.datetime.today()
date = date.strftime('%Y-%m-%d')
cursor.execute(
"""
SELECT `com_nucleo_medico_citas`.`id`, `com_nucleo_medico_citas`.`own`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_citas`.`hora`, `com_nucleo_medico_citas`.`descripcion`, `com_nucleo_medico_citas`.`status`
FROM `com_nucleo_medico_citas`
INNER JOIN `com_nucleo_medico_pacientes`
ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id`
WHERE `com_nucleo_medico_citas`.`fecha` = %s AND `com_nucleo_medico_citas`.`status` = 0 AND `com_nucleo_medico_citas`.`own` = %s
""", (date, session['id']))
appointments = cursor.fetchall()
cursor.execute("""
SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name`
FROM `com_nucleo_medico_pacientes`
WHERE `com_nucleo_medico_pacientes`.`delete` = 0
""")
patients = cursor.fetchall()
return render_template('app/modules/hospital/appointments.html',
appointments=appointments,
date=date,
patients=patients)
def files():
cursor = mysql.get_db().cursor()
cursor.execute(
"""
SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`email`
FROM `com_nucleo_medico_pacientes` WHERE `com_nucleo_medico_pacientes`.`own` = %s AND `com_nucleo_medico_pacientes`.`delete` = 0
""", (session['id']))
users = cursor.fetchall()
return render_template('app/modules/hospital/files.html', users=users)
def prescriptions():
if request.method == "POST":
cursor = mysql.get_db().cursor()
cursor.execute(
"""
UPDATE `com_nucleo_medico_citas`
SET `status`= 1
WHERE `id`= %s
""", (request.form['id']))
mysql.get_db().commit()
cursor.execute(
"""
SELECT `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`id`
FROM `com_nucleo_medico_citas`
INNER JOIN `com_nucleo_medico_pacientes`
ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id`
WHERE `com_nucleo_medico_citas`.`id` = %s
""", (request.form['id']))
userName = cursor.fetchone()
return render_template('app/modules/hospital/prescriptions.html',
id=userName[1],
userName=userName)
cursor = mysql.get_db().cursor()
cursor.execute(
"""
SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`email`
FROM `com_nucleo_medico_pacientes` WHERE `com_nucleo_medico_pacientes`.`own` = %s AND `com_nucleo_medico_pacientes`.`delete` = 0
""", (session['id']))
users = cursor.fetchall()
return render_template('app/modules/hospital/files.html',
users=users,
prescription=True)
def employees():
cursor = mysql.get_db().cursor()
cursor.execute("""
SELECT `id`, `nombre`, `correo`, `telefono`, `status`
FROM `com_nucleo_medico_empleados`
WHERE `id_own` = %s
""", (session['id']))
employees = cursor.fetchall()
return render_template('app/modules/admin/employees.html', employees=employees)
def addToStock():
if request.method == 'GET':
return redirect(url_for('farmacia.farmacia'))
idMedicine = request.form['idMedicine']
quantity = request.form['quantity']
cursor = mysql.get_db().cursor()
print(
"UPDATE `com_nucleo_medico_medicamentos_stock` SET `cantidad`=%s WHERE `id`=%s"
% (quantity, idMedicine))
cursor.execute(
"UPDATE `com_nucleo_medico_medicamentos_stock` SET `cantidad`=%s WHERE `id`=%s",
(quantity, idMedicine))
mysql.get_db().commit()
return redirect(url_for('farmacia.farmacia'))
def appointmentsAdd():
if datetime.date(
int(request.form['date'].split('-')[0]),
int(request.form['date'].split('-')[1]),
int(request.form['date'].split('-')[2])) < datetime.date.today():
flash("You can't schedule an appointment with a date before today",
'Error')
return redirect(url_for("appointments.appointments"))
if datetime.datetime.now().hour > int(request.form['hour'][:2]):
flash("You can't make an appointment with an hour past", 'Error')
return redirect(url_for("appointments.appointments"))
if datetime.datetime.now().minute > int(request.form['hour'][3:5]):
flash("You can't make an appointment with an hour past", 'Error')
return redirect(url_for("appointments.appointments"))
cursor = mysql.get_db().cursor()
cursor.execute(
"""SELECT `hora` FROM `com_nucleo_medico_citas` WHERE `fecha` = %s AND `own` = %s AND `status` = 0
""", (request.form['date'], session['id']))
if str(cursor.fetchone()[0])[:3] == request.form['hour'][:3]:
flash(
"You can't register an appointment with an already scheduled time",
'Error')
return redirect(url_for("appointments.appointments"))
cursor.execute(
"""
INSERT INTO `com_nucleo_medico_citas`(`own`, `paciente`, `fecha`, `hora`, `descripcion`)
VALUES (%s, %s, %s, %s, %s)
""", (session['id'], request.form['patient'], request.form['date'],
request.form['hour'], request.form['description']))
mysql.get_db().commit()
return redirect(url_for('appointments.appointments'))
def prescriptionsAdd():
if request.method == "POST":
cursor = mysql.get_db().cursor()
cursor.execute(
"""
INSERT INTO `com_nucleo_medico_recetas`(`id_own`, `id_paciente`, `prescripcion`)
VALUES (%s, %s, %s)
""",
(session['id'], request.form['id'], request.form['prescription']))
mysql.get_db().commit()
cursor.execute(
"""
INSERT INTO `com_nucleo_medico_highlights`(`id_paciente`, `highlight`)
VALUES (%s, %s)
""", (request.form['id'], request.form['highlight']))
mysql.get_db().commit()
return redirect(url_for('appointments.appointments'))
def providers():
cursor = mysql.get_db().cursor()
cursor.execute(
"""SELECT `com_nucleo_medico_proveedores`.`id`, `com_nucleo_medico_proveedores`.`name`, `com_nucleo_medico_proveedores`.`email`, `com_nucleo_medico_proveedores`.`address`, `com_nucleo_medico_proveedores`.`telephone`, `com_nucleo_medico_proveedores`.`isDelete`
FROM `com_nucleo_medico_proveedores`
INNER JOIN `com_nucleo_medico_user`
ON `com_nucleo_medico_proveedores`.`own` LIKE `com_nucleo_medico_user`.`id`
WHERE `com_nucleo_medico_user`.`id` LIKE %s""",
(session['id']))
provs = cursor.fetchall()
return render_template('app/modules/admin/providers.html', provs=provs)
def employeeAdd():
name = request.form['name']
email = request.form['email']
phone = request.form['phone']
if name == '' or email == '' or phone == '':
flash(u'Empty fields are not allowed', 'Error')
return redirect(url_for("employees.employees"))
cursor = mysql.get_db().cursor()
passwordAux = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(20))
password = bcrypt.generate_password_hash(passwordAux)
cursor.execute("""
INSERT INTO `com_nucleo_medico_empleados`(`id_own`, `nombre`, `correo`, `telefono`, `password`)
VALUES (%s, %s, %s, %s, %s)
""", (session['id'], name, email, phone, password))
mysql.get_db().commit()
return redirect(url_for('root.sendMail', name=request.form['name'], email=request.form['email'], password=passwordAux))
def laboratories():
cursor = mysql.get_db().cursor()
cursor.execute(
"""
SELECT `com_nucleo_medico_laboratorios`.`id`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_laboratorios`.`email`, `com_nucleo_medico_laboratorios`.`address`, `com_nucleo_medico_laboratorios`.`telephone`, `com_nucleo_medico_laboratorios`.`isDelete`
FROM `com_nucleo_medico_laboratorios`
INNER JOIN `com_nucleo_medico_user`
ON `com_nucleo_medico_laboratorios`.`own` LIKE `com_nucleo_medico_user`.`id`
WHERE `com_nucleo_medico_user`.`id` LIKE %s
""", (session['id']))
labs = cursor.fetchall()
return render_template('app/modules/admin/laboratories.html', labs=labs)
def farmacia():
cursor = mysql.get_db().cursor()
cursor.execute(
"""
SELECT `com_nucleo_medico_medicamentos`.`id`, `com_nucleo_medico_medicamentos`.`name`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_medicamentos_stock`.`cantidad`
FROM `com_nucleo_medico_medicamentos`
INNER JOIN `com_nucleo_medico_medicamentos_stock`
ON `com_nucleo_medico_medicamentos`.`id` = `com_nucleo_medico_medicamentos_stock`.`id`
INNER JOIN `com_nucleo_medico_laboratorios`
ON `com_nucleo_medico_laboratorios`.`id` = `com_nucleo_medico_medicamentos`.`laboratory`
WHERE `com_nucleo_medico_medicamentos`.`delete` = 0 AND `com_nucleo_medico_medicamentos`.`expiration` > CURRENT_DATE AND `com_nucleo_medico_medicamentos`.`own` = %s
""", (session['id_own']))
medicines = cursor.fetchall()
return render_template('app/farmacia/farmacia.html', medicines=medicines)
def medicines():
cursor = mysql.get_db().cursor()
cursor.execute(
"""SELECT `com_nucleo_medico_proveedores`.`id`, `com_nucleo_medico_proveedores`.`name`
FROM `com_nucleo_medico_proveedores`
INNER JOIN `com_nucleo_medico_user`
ON `com_nucleo_medico_proveedores`.`own` LIKE `com_nucleo_medico_user`.`id`
WHERE `com_nucleo_medico_user`.`id` LIKE %s AND `com_nucleo_medico_proveedores`.`isDelete` LIKE 0""",
(session['id']))
provs = cursor.fetchall()
cursor.execute(
"""SELECT `com_nucleo_medico_laboratorios`.`id`, `com_nucleo_medico_laboratorios`.`name`
FROM `com_nucleo_medico_laboratorios`
INNER JOIN `com_nucleo_medico_user`
ON `com_nucleo_medico_laboratorios`.`own` LIKE `com_nucleo_medico_user`.`id`
WHERE `com_nucleo_medico_user`.`id` LIKE %s AND `com_nucleo_medico_laboratorios`.`isDelete` LIKE 0""",
(session['id']))
labs = cursor.fetchall()
cursor.execute(
"""SELECT `com_nucleo_medico_medicamentos`.`id`, `com_nucleo_medico_medicamentos`.`name`, `com_nucleo_medico_medicamentos`.`expiration`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_proveedores`.`name`, `com_nucleo_medico_medicamentos`.`delete`
FROM `com_nucleo_medico_medicamentos`
INNER JOIN `com_nucleo_medico_laboratorios`
ON `com_nucleo_medico_laboratorios`.`id` LIKE `com_nucleo_medico_medicamentos`.`laboratory`
INNER JOIN `com_nucleo_medico_proveedores`
ON `com_nucleo_medico_proveedores`.`id` LIKE `com_nucleo_medico_medicamentos`.`provider`
WHERE `com_nucleo_medico_medicamentos`.`own`
LIKE %s ORDER BY `com_nucleo_medico_medicamentos`.`name` ASC""",
(session['id']))
meds = cursor.fetchall()
return render_template('app/modules/admin/medicines.html',
meds=meds,
labs=labs,
provs=provs)
def nucleo():
cursor = mysql.get_db().cursor()
date = datetime.datetime.today()
date = date.strftime('%Y-%m-%d')
cursor.execute(
"""
SELECT COUNT(`com_nucleo_medico_citas`.`id`) AS total
FROM `com_nucleo_medico_citas`
INNER JOIN `com_nucleo_medico_pacientes`
ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id`
WHERE `com_nucleo_medico_citas`.`fecha` = %s AND `com_nucleo_medico_citas`.`status` = 0 AND `com_nucleo_medico_citas`.`own` = %s
""", (date, session['id']))
numAppointments = cursor.fetchone()
userName = session["name"][:session["name"].find(" ")]
return render_template('app/dashboard.html',
userName=userName,
numAppointments=numAppointments[0],
numMedicines=0)
def filesView():
cursor = mysql.get_db().cursor()
cursor.execute(
"""
SELECT `prescripcion`, `fecha`
FROM `com_nucleo_medico_recetas`
WHERE `com_nucleo_medico_recetas`.`id_paciente` = %s
ORDER BY `com_nucleo_medico_recetas`.`fecha` DESC
""", (request.form['userID']))
files = cursor.fetchall()
cursor.execute(
"""
SELECT `com_nucleo_medico_pacientes`.`name`
FROM `com_nucleo_medico_recetas`
INNER JOIN `com_nucleo_medico_pacientes`
ON `com_nucleo_medico_pacientes`.`id` = `com_nucleo_medico_recetas`.`id_paciente`
WHERE `com_nucleo_medico_recetas`.`id_paciente` = %s
LIMIT 1
""", (request.form['userID']))
userName = cursor.fetchone()
cursor.execute(
"""
SELECT `highlight`
FROM `com_nucleo_medico_highlights`
WHERE `id_paciente` = %s
""", (request.form['userID']))
highlights = cursor.fetchall()
return render_template('app/modules/hospital/filesView.html',
files=files,
userName=userName[0],
highlights=highlights)
