def employeeEdit(): name = request.form['name'] email = request.form['email'] phone = request.form['phone'] value = request.form['value'] if name == '' or email == '' or phone == '' or value == '': flash(u'Empty fields are not allowed', 'Error') return redirect(url_for("employees.employees")) try: email.index('@') email.index('.') except: flash(u'invalid email', 'Error') return redirect(url_for("employees.employees")) cursor = mysql.get_db().cursor() cursor.execute(""" UPDATE `com_nucleo_medico_empleados` SET `nombre`=%s,`correo`=%s,`telefono`=%s WHERE `id`=%s """, (name, email, phone, value)) mysql.get_db().commit() return redirect(url_for('employees.employees'))
def laboratoriesAdd(): name = request.form['name'] email = request.form['email'] address = request.form['address'] phone = request.form['phone'] if name == '' or email == '' or address == '' or phone == '': flash(u'Empty fields are not allowed', 'Error') return redirect(url_for("laboratories.laboratories")) try: email.index('@') email.index('.') except: flash(u'Invalid email', 'Error') return redirect(url_for("laboratories.laboratories")) cursor = mysql.get_db().cursor() cursor.execute( """ INSERT INTO `com_nucleo_medico_laboratorios` (`own`, `name`, `email`, `address`, `telephone`) VALUES (%s, %s, %s, %s, %s) """, (session['id'], name, email, address, phone)) mysql.get_db().commit() return redirect(url_for("laboratories.laboratories"))
def laboratoriesEdit(): name = request.form['name'] email = request.form['email'] address = request.form['address'] phone = request.form['phone'] id = request.form['id'] if name == '' or email == '' or address == '' or phone == '' or id == '': flash(u'Empty fields are not allowed', 'Error') return redirect(url_for("laboratories.laboratories")) try: email.index('@') email.index('.') except: flash(u'invalid email', 'Error') return redirect(url_for("laboratories.laboratories")) cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_laboratorios` SET `name`=%s,`email`=%s,`address`=%s,`telephone`=%s WHERE `id` = %s""", (name, email, address, phone, id)) mysql.get_db().commit() return redirect(url_for("laboratories.laboratories"))
def providersRestore(): cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_proveedores` SET `isDelete`= 0 WHERE `id` LIKE %s""", (request.form['value'])) mysql.get_db().commit() return redirect(url_for("providers.providers"))
def medicinesAdd(): cursor = mysql.get_db().cursor() cursor.execute( """INSERT INTO `com_nucleo_medico_medicamentos`(`own`, `name`, `expiration`, `laboratory`, `provider`, `delete`) VALUES (%s, %s, %s, %s, %s, 0)""", (session['id'], request.form['name'], request.form['expiration'], request.form['laboratories'], request.form['providers'])) mysql.get_db().commit() return redirect(url_for("medicines.medicines"))
def providersEdit(): cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_proveedores` SET `name`=%s,`email`=%s,`address`=%s,`telephone`=%s WHERE `id` = %s""", (request.form['name'], request.form['email'], request.form['address'], request.form['phone'], request.form['id'])) mysql.get_db().commit() return redirect(url_for("providers.providers"))
def medicinesDelete(): cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_medicamentos` SET `delete`= 1 WHERE `id` LIKE %s""", (request.form['value'])) mysql.get_db().commit() return redirect(url_for("medicines.medicines"))
def employeeRestore(): cursor = mysql.get_db().cursor() cursor.execute(""" UPDATE `com_nucleo_medico_empleados` SET `status`= 0 WHERE `id` = %s """, (request.form['value'])) mysql.get_db().commit() return redirect(url_for('employees.employees'))
def laboratoriesDelete(): cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_laboratorios` SET `isDelete`= 1 WHERE `id` LIKE %s""", (request.form['value'])) mysql.get_db().commit() return redirect(url_for("laboratories.laboratories"))
def providersAdd(): cursor = mysql.get_db().cursor() cursor.execute( """INSERT INTO `com_nucleo_medico_proveedores`(`own`, `name`, `email`, `address`, `telephone`, `isDelete`) VALUES (%s, %s, %s, %s, %s, 0)""", (session['id'], request.form['name'], request.form['email'], request.form['address'], request.form['phone'])) mysql.get_db().commit() return redirect(url_for("providers.providers"))
def medicinesEdit(): cursor = mysql.get_db().cursor() cursor.execute( """UPDATE `com_nucleo_medico_medicamentos` SET `name`=%s,`expiration`=%s,`laboratory`=%s,`provider`=%s WHERE `id` LIKE %s""", (request.form['name'], request.form['expiration'], request.form['laboratories'], request.form['providers'], request.form['id'])) mysql.get_db().commit() return redirect(url_for("medicines.medicines"))
def appointmentsCheck(): cursor = mysql.get_db().cursor() cursor.execute( """ UPDATE `com_nucleo_medico_citas` SET `status`= 1 WHERE `id`= %s """, (request.form['id'])) mysql.get_db().commit() return redirect(url_for('appointments.appointments'))
def appointments(): cursor = mysql.get_db().cursor() try: date = request.form['date'] except: date = datetime.datetime.today() date = date.strftime('%Y-%m-%d') cursor.execute( """ SELECT `com_nucleo_medico_citas`.`id`, `com_nucleo_medico_citas`.`own`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_citas`.`hora`, `com_nucleo_medico_citas`.`descripcion`, `com_nucleo_medico_citas`.`status` FROM `com_nucleo_medico_citas` INNER JOIN `com_nucleo_medico_pacientes` ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id` WHERE `com_nucleo_medico_citas`.`fecha` = %s AND `com_nucleo_medico_citas`.`status` = 0 AND `com_nucleo_medico_citas`.`own` = %s """, (date, session['id'])) appointments = cursor.fetchall() cursor.execute(""" SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name` FROM `com_nucleo_medico_pacientes` WHERE `com_nucleo_medico_pacientes`.`delete` = 0 """) patients = cursor.fetchall() return render_template('app/modules/hospital/appointments.html', appointments=appointments, date=date, patients=patients)
def files(): cursor = mysql.get_db().cursor() cursor.execute( """ SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`email` FROM `com_nucleo_medico_pacientes` WHERE `com_nucleo_medico_pacientes`.`own` = %s AND `com_nucleo_medico_pacientes`.`delete` = 0 """, (session['id'])) users = cursor.fetchall() return render_template('app/modules/hospital/files.html', users=users)
def prescriptions(): if request.method == "POST": cursor = mysql.get_db().cursor() cursor.execute( """ UPDATE `com_nucleo_medico_citas` SET `status`= 1 WHERE `id`= %s """, (request.form['id'])) mysql.get_db().commit() cursor.execute( """ SELECT `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`id` FROM `com_nucleo_medico_citas` INNER JOIN `com_nucleo_medico_pacientes` ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id` WHERE `com_nucleo_medico_citas`.`id` = %s """, (request.form['id'])) userName = cursor.fetchone() return render_template('app/modules/hospital/prescriptions.html', id=userName[1], userName=userName) cursor = mysql.get_db().cursor() cursor.execute( """ SELECT `com_nucleo_medico_pacientes`.`id`, `com_nucleo_medico_pacientes`.`name`, `com_nucleo_medico_pacientes`.`email` FROM `com_nucleo_medico_pacientes` WHERE `com_nucleo_medico_pacientes`.`own` = %s AND `com_nucleo_medico_pacientes`.`delete` = 0 """, (session['id'])) users = cursor.fetchall() return render_template('app/modules/hospital/files.html', users=users, prescription=True)
def employees(): cursor = mysql.get_db().cursor() cursor.execute(""" SELECT `id`, `nombre`, `correo`, `telefono`, `status` FROM `com_nucleo_medico_empleados` WHERE `id_own` = %s """, (session['id'])) employees = cursor.fetchall() return render_template('app/modules/admin/employees.html', employees=employees)
def addToStock(): if request.method == 'GET': return redirect(url_for('farmacia.farmacia')) idMedicine = request.form['idMedicine'] quantity = request.form['quantity'] cursor = mysql.get_db().cursor() print( "UPDATE `com_nucleo_medico_medicamentos_stock` SET `cantidad`=%s WHERE `id`=%s" % (quantity, idMedicine)) cursor.execute( "UPDATE `com_nucleo_medico_medicamentos_stock` SET `cantidad`=%s WHERE `id`=%s", (quantity, idMedicine)) mysql.get_db().commit() return redirect(url_for('farmacia.farmacia'))
def appointmentsAdd(): if datetime.date( int(request.form['date'].split('-')[0]), int(request.form['date'].split('-')[1]), int(request.form['date'].split('-')[2])) < datetime.date.today(): flash("You can't schedule an appointment with a date before today", 'Error') return redirect(url_for("appointments.appointments")) if datetime.datetime.now().hour > int(request.form['hour'][:2]): flash("You can't make an appointment with an hour past", 'Error') return redirect(url_for("appointments.appointments")) if datetime.datetime.now().minute > int(request.form['hour'][3:5]): flash("You can't make an appointment with an hour past", 'Error') return redirect(url_for("appointments.appointments")) cursor = mysql.get_db().cursor() cursor.execute( """SELECT `hora` FROM `com_nucleo_medico_citas` WHERE `fecha` = %s AND `own` = %s AND `status` = 0 """, (request.form['date'], session['id'])) if str(cursor.fetchone()[0])[:3] == request.form['hour'][:3]: flash( "You can't register an appointment with an already scheduled time", 'Error') return redirect(url_for("appointments.appointments")) cursor.execute( """ INSERT INTO `com_nucleo_medico_citas`(`own`, `paciente`, `fecha`, `hora`, `descripcion`) VALUES (%s, %s, %s, %s, %s) """, (session['id'], request.form['patient'], request.form['date'], request.form['hour'], request.form['description'])) mysql.get_db().commit() return redirect(url_for('appointments.appointments'))
def prescriptionsAdd(): if request.method == "POST": cursor = mysql.get_db().cursor() cursor.execute( """ INSERT INTO `com_nucleo_medico_recetas`(`id_own`, `id_paciente`, `prescripcion`) VALUES (%s, %s, %s) """, (session['id'], request.form['id'], request.form['prescription'])) mysql.get_db().commit() cursor.execute( """ INSERT INTO `com_nucleo_medico_highlights`(`id_paciente`, `highlight`) VALUES (%s, %s) """, (request.form['id'], request.form['highlight'])) mysql.get_db().commit() return redirect(url_for('appointments.appointments'))
def providers(): cursor = mysql.get_db().cursor() cursor.execute( """SELECT `com_nucleo_medico_proveedores`.`id`, `com_nucleo_medico_proveedores`.`name`, `com_nucleo_medico_proveedores`.`email`, `com_nucleo_medico_proveedores`.`address`, `com_nucleo_medico_proveedores`.`telephone`, `com_nucleo_medico_proveedores`.`isDelete` FROM `com_nucleo_medico_proveedores` INNER JOIN `com_nucleo_medico_user` ON `com_nucleo_medico_proveedores`.`own` LIKE `com_nucleo_medico_user`.`id` WHERE `com_nucleo_medico_user`.`id` LIKE %s""", (session['id'])) provs = cursor.fetchall() return render_template('app/modules/admin/providers.html', provs=provs)
def employeeAdd(): name = request.form['name'] email = request.form['email'] phone = request.form['phone'] if name == '' or email == '' or phone == '': flash(u'Empty fields are not allowed', 'Error') return redirect(url_for("employees.employees")) cursor = mysql.get_db().cursor() passwordAux = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(20)) password = bcrypt.generate_password_hash(passwordAux) cursor.execute(""" INSERT INTO `com_nucleo_medico_empleados`(`id_own`, `nombre`, `correo`, `telefono`, `password`) VALUES (%s, %s, %s, %s, %s) """, (session['id'], name, email, phone, password)) mysql.get_db().commit() return redirect(url_for('root.sendMail', name=request.form['name'], email=request.form['email'], password=passwordAux))
def laboratories(): cursor = mysql.get_db().cursor() cursor.execute( """ SELECT `com_nucleo_medico_laboratorios`.`id`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_laboratorios`.`email`, `com_nucleo_medico_laboratorios`.`address`, `com_nucleo_medico_laboratorios`.`telephone`, `com_nucleo_medico_laboratorios`.`isDelete` FROM `com_nucleo_medico_laboratorios` INNER JOIN `com_nucleo_medico_user` ON `com_nucleo_medico_laboratorios`.`own` LIKE `com_nucleo_medico_user`.`id` WHERE `com_nucleo_medico_user`.`id` LIKE %s """, (session['id'])) labs = cursor.fetchall() return render_template('app/modules/admin/laboratories.html', labs=labs)
def farmacia(): cursor = mysql.get_db().cursor() cursor.execute( """ SELECT `com_nucleo_medico_medicamentos`.`id`, `com_nucleo_medico_medicamentos`.`name`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_medicamentos_stock`.`cantidad` FROM `com_nucleo_medico_medicamentos` INNER JOIN `com_nucleo_medico_medicamentos_stock` ON `com_nucleo_medico_medicamentos`.`id` = `com_nucleo_medico_medicamentos_stock`.`id` INNER JOIN `com_nucleo_medico_laboratorios` ON `com_nucleo_medico_laboratorios`.`id` = `com_nucleo_medico_medicamentos`.`laboratory` WHERE `com_nucleo_medico_medicamentos`.`delete` = 0 AND `com_nucleo_medico_medicamentos`.`expiration` > CURRENT_DATE AND `com_nucleo_medico_medicamentos`.`own` = %s """, (session['id_own'])) medicines = cursor.fetchall() return render_template('app/farmacia/farmacia.html', medicines=medicines)
def medicines(): cursor = mysql.get_db().cursor() cursor.execute( """SELECT `com_nucleo_medico_proveedores`.`id`, `com_nucleo_medico_proveedores`.`name` FROM `com_nucleo_medico_proveedores` INNER JOIN `com_nucleo_medico_user` ON `com_nucleo_medico_proveedores`.`own` LIKE `com_nucleo_medico_user`.`id` WHERE `com_nucleo_medico_user`.`id` LIKE %s AND `com_nucleo_medico_proveedores`.`isDelete` LIKE 0""", (session['id'])) provs = cursor.fetchall() cursor.execute( """SELECT `com_nucleo_medico_laboratorios`.`id`, `com_nucleo_medico_laboratorios`.`name` FROM `com_nucleo_medico_laboratorios` INNER JOIN `com_nucleo_medico_user` ON `com_nucleo_medico_laboratorios`.`own` LIKE `com_nucleo_medico_user`.`id` WHERE `com_nucleo_medico_user`.`id` LIKE %s AND `com_nucleo_medico_laboratorios`.`isDelete` LIKE 0""", (session['id'])) labs = cursor.fetchall() cursor.execute( """SELECT `com_nucleo_medico_medicamentos`.`id`, `com_nucleo_medico_medicamentos`.`name`, `com_nucleo_medico_medicamentos`.`expiration`, `com_nucleo_medico_laboratorios`.`name`, `com_nucleo_medico_proveedores`.`name`, `com_nucleo_medico_medicamentos`.`delete` FROM `com_nucleo_medico_medicamentos` INNER JOIN `com_nucleo_medico_laboratorios` ON `com_nucleo_medico_laboratorios`.`id` LIKE `com_nucleo_medico_medicamentos`.`laboratory` INNER JOIN `com_nucleo_medico_proveedores` ON `com_nucleo_medico_proveedores`.`id` LIKE `com_nucleo_medico_medicamentos`.`provider` WHERE `com_nucleo_medico_medicamentos`.`own` LIKE %s ORDER BY `com_nucleo_medico_medicamentos`.`name` ASC""", (session['id'])) meds = cursor.fetchall() return render_template('app/modules/admin/medicines.html', meds=meds, labs=labs, provs=provs)
def nucleo(): cursor = mysql.get_db().cursor() date = datetime.datetime.today() date = date.strftime('%Y-%m-%d') cursor.execute( """ SELECT COUNT(`com_nucleo_medico_citas`.`id`) AS total FROM `com_nucleo_medico_citas` INNER JOIN `com_nucleo_medico_pacientes` ON `com_nucleo_medico_citas`.`paciente` = `com_nucleo_medico_pacientes`.`id` WHERE `com_nucleo_medico_citas`.`fecha` = %s AND `com_nucleo_medico_citas`.`status` = 0 AND `com_nucleo_medico_citas`.`own` = %s """, (date, session['id'])) numAppointments = cursor.fetchone() userName = session["name"][:session["name"].find(" ")] return render_template('app/dashboard.html', userName=userName, numAppointments=numAppointments[0], numMedicines=0)
def filesView(): cursor = mysql.get_db().cursor() cursor.execute( """ SELECT `prescripcion`, `fecha` FROM `com_nucleo_medico_recetas` WHERE `com_nucleo_medico_recetas`.`id_paciente` = %s ORDER BY `com_nucleo_medico_recetas`.`fecha` DESC """, (request.form['userID'])) files = cursor.fetchall() cursor.execute( """ SELECT `com_nucleo_medico_pacientes`.`name` FROM `com_nucleo_medico_recetas` INNER JOIN `com_nucleo_medico_pacientes` ON `com_nucleo_medico_pacientes`.`id` = `com_nucleo_medico_recetas`.`id_paciente` WHERE `com_nucleo_medico_recetas`.`id_paciente` = %s LIMIT 1 """, (request.form['userID'])) userName = cursor.fetchone() cursor.execute( """ SELECT `highlight` FROM `com_nucleo_medico_highlights` WHERE `id_paciente` = %s """, (request.form['userID'])) highlights = cursor.fetchall() return render_template('app/modules/hospital/filesView.html', files=files, userName=userName[0], highlights=highlights)