def profile():
mycursor = mydb.cursor()
a_id = session["u_id"]
mycursor.execute("SELECT * FROM Admins where ID = '%s'" % (a_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
if request.method == 'GET':
return render_template("profile.html",
type=type,
adminData=zip(row_headers, myresult),
view=1)
else:
if 'edit' in request.form: # requesting the edit form
return render_template("profile.html",
type=type,
adminData=zip(row_headers, myresult),
edit=1)
elif 'change' in request.form: # requesting to change password
return render_template("profile.html",
type=type,
adminData=zip(row_headers, myresult),
change=1)
else:
flash("Bad request", "error")
return render_template("profile.html",
type=type,
adminData=zip(row_headers, myresult),
view=1)
def A_login():
mycursor = mydb.cursor(dictionary=True)
if request.method == 'POST':
if 'loggedin' in session:
session.clear()
flash("Logout First")
return render_template("SignIn.html")
email = request.form['email']
password = request.form['password']
#check if user exists in the database
sql = 'SELECT * FROM Admins WHERE Email = %s AND Password = %s'
val = (email, password)
mycursor.execute(sql, val)
# Fetch user's record
account = mycursor.fetchone()
#check if account exists in the database
if account:
#create session data
session['loggedin'] = True
session['u_id'] = account['ID']
session['email'] = account['Email']
session['user'] = account['Name']
session['msg'] = 'A'
flash("signed in successfully!")
return redirect(url_for('admin.adminDash'))
else:
#if account doesnt exist or email/password incorrect
flash('Your email or password were incorrect')
return render_template('SignIn.html')
else:
return render_template('SignIn.html')
def addDr():
mycursor = mydb.cursor()
if request.method == 'GET':
return render_template("A_add_doctor.html")
else:
email = request.form['email']
mycursor.execute("SELECT * FROM Doctors WHERE Email = '%s'" % (email))
result = mycursor.fetchone()
if result:
return render_template("A_add_doctor.html",
err="This email is already registered!")
else:
name = request.form['name']
gender = request.form['gender']
phone = request.form['phone']
pw = request.form['password']
# DATE format YYYY-MM-DD
bdate = request.form['birthday']
ssn = request.form['SSN']
today = time.strftime('%Y-%m-%d')
try:
sql = "INSERT INTO Doctors (Name, Gender, Email, Password, Phone, SSN, Birthday, Join_date) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)"
val = (name, gender, email, pw, phone, ssn, bdate, today)
mycursor.execute(sql, val)
mydb.commit()
return render_template("A_add_doctor.html",
succ="Doctor registered successfully.")
except:
return render_template(
"A_add_doctor.html",
err="Something went wrong.") #"please check your ssn"
def unsolved(Qid):
mycursor = mydb.cursor(dictionary=True)
if request.method == 'GET':
mycursor.execute(
"SELECT msgTime, sender, msg FROM Messages WHERE questionID = %s" %
(Qid))
messages = mycursor.fetchall()
mycursor.execute(
"SELECT id, subject FROM ContactUsForms WHERE id = %s" % (Qid))
msg = mycursor.fetchone()
return render_template("question_thread.html",
messages=messages,
msg=msg,
unsolved=1)
else:
if 'send' in request.form:
msg = request.form['msg']
sql = "INSERT INTO Messages (msgTime, questionID, adminID, sender, msg) VALUES (%s,%s,%s,%s,%s)"
msgtime = datetime.now()
a_id = session["u_id"]
val = (msgtime, Qid, a_id, 'A', msg)
mycursor.execute(sql, val)
mydb.commit()
return redirect(url_for('admin.unsolved', Qid=Qid))
elif 'solved' in request.form:
mycursor.execute(
"UPDATE ContactUsForms SET is_solved = 1 WHERE id = %s" %
(Qid))
mydb.commit()
return redirect(url_for('admin.msg'))
def solved(Qid):
mycursor = mydb.cursor(dictionary=True)
mycursor.execute("SELECT msgTime, sender, msg FROM Messages WHERE questionID = %s" %(Qid))
messages = mycursor.fetchall()
mycursor.execute("SELECT id, subject FROM ContactUsForms WHERE id = %s" %(Qid))
msg = mycursor.fetchone()
return render_template("question_thread.html", messages=messages,msg=msg)
def editDr():
mycursor = mydb.cursor()
dr_id = request.form['ID']
name = request.form['Name']
gender = request.form['Gender']
email = request.form['Email']
phone = request.form['Phone']
pw = request.form['Password']
# DATE format YYYY-MM-DD
bdate = request.form['Birthday']
ssn = request.form['SSN']
try:
sql = "UPDATE Doctors SET Name = %s, Gender = %s, Email = %s, Password = %s, Phone = %s, SSN = %s, Birthday = %s WHERE ID = %s"
val = (name, gender, email, pw, phone, ssn, bdate, dr_id)
mycursor.execute(sql, val)
mydb.commit()
mycursor.execute("SELECT * FROM Doctors WHERE ID = '%s'" % (dr_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_doctors.html",
type=type,
Data=zip(row_headers, myresult),
succ="Doctor's profile updated successfully.")
except:
mycursor.execute("SELECT * FROM Doctors WHERE ID = '%s'" % (dr_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_doctors.html",
type=type,
Data=zip(row_headers, myresult),
err="Something went wrong.")
def d_login():
#check if user submitted login form (POST)
mycursor = mydb.cursor(dictionary=True, buffered=True)
if request.method == 'POST':
if 'loggedin' in session:
session.clear()
flash("Logout First")
return render_template("SignIn.html")
email = request.form['email']
password = request.form['password']
#check if user exists in the database
sql = 'SELECT * FROM Doctors WHERE Email = %s AND Password = %s'
val = (email, password)
mycursor.execute(sql, val)
# Fetch user's record
account = mycursor.fetchone()
##print("11")
#check if account exists in the database
if account:
#create session data
session['loggedin'] = True
session['u_id'] = account['ID']
session['email'] = account['Email']
session['user']=account['Name']
session['msg']='d'
#print(session['username'])
#msg = f"{session['user']},signed in successfully!"
flash(f"you have been logged successfully, {session['user']}")
return redirect(url_for('doctor.doctorDash'))
else:
#if account doesnt exist or email/password incorrect
flash("Your email or password were incorrect")
return render_template('SignIn.html')
else:
return render_template('SignIn.html')
def addPatient():
mycursor = mydb.cursor()
if request.method == 'GET':
return render_template("A_addpatient.html")
else:
email = request.form['email']
mycursor.execute("SELECT * FROM Patients WHERE Email = '%s'" % (email))
result = mycursor.fetchone()
if result:
return render_template("A_addpatient.html",
err="This email is already registered!")
else:
fname = request.form['fname']
lname = request.form['lname']
name = fname + " " + lname
phone = request.form['phone']
pw = request.form['password']
# DATE format YYYY-MM-DD
bdate = request.form['birthday']
ssn = request.form['SSN']
today = time.strftime('%Y-%m-%d')
if ssn == "":
ssn = None
gender = request.form['gender']
if gender == '0':
gender = None
job = request.form['job']
bloodtype = request.form['bloodtype']
if bloodtype == '0':
bloodtype = None
weight = request.form['weight']
if weight == "":
weight = None
height = request.form['height']
if height == "":
height = None
hypertension = request.form.get('hypertension')
HyperControl = request.form.get('controlledH')
diabetic = request.form.get('diabetic')
diabetesControl = request.form.get('controlledDiabetes')
heartStroke = request.form.get('heartStroke')
cholesterol = request.form.get('cholesterol')
# print(name, email, pw, phone, ssn,gender, bdate, job, bloodtype,
# weight, height, hypertension, HyperControl, diabetic, diabetesControl, heartStroke, cholesterol)
try:
sql = "INSERT INTO Patients (Name, Email, Password, Phone,Gender, Birthday,SSN,Job,BloodType,Weight,Height,Hypertension,ControlledHypertension,Diabetic,ControlledDiabetes,HeartStroke, Cholesterol, Join_date) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)"
val = (name, email, pw, phone, gender, bdate, ssn, job,
bloodtype, weight, height, hypertension, HyperControl,
diabetic, diabetesControl, heartStroke, cholesterol,
today)
mycursor.execute(sql, val)
mydb.commit()
return render_template("A_addpatient.html",
succ="Patient added successfully.")
except:
return render_template(
"A_addpatient.html",
err="Something went wrong.") #check your ssn
def edit_profile():
mycursor = mydb.cursor()
p_id = session['u_id']
if request.method == 'GET':
sql = 'SELECT * FROM Patients WHERE ID =%s'
val = (p_id,)
#Fetch user's record
mycursor.execute(sql,val)
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), edit=1)
else:
if 'edit' in request.form:
name = request.form['Name']
gender = request.form['Gender']
email = request.form['Email']
phone = request.form['Phone']
# DATE format YYYY-MM-DD
bdate = request.form['Birthday']
ssn = request.form['SSN']
job = request.form['Job']
bloodtype = request.form['BloodType']
weight = request.form['Weight']
height = request.form['Height']
hyper = request.form['Hypertension']
hypercont = request.form['ControlledHypertension']
diabetic = request.form['Diabetic']
diacont = request.form['ControlledDiabetes']
stroke = request.form['HeartStroke']
cholesterol = request.form['Cholesterol']
try:
# print(name, email, phone, ssn, bday, p_id)
sql = "UPDATE Patients SET Name = %s, Gender = %s, Email = %s, Phone = %s, SSN = %s, Birthday = %s, Job = %s, BloodType = %s, Weight = %s, Height = %s, Hypertension = %s, ControlledHypertension = %s, Diabetic = %s, ControlledDiabetes = %s, HeartStroke = %s, Cholesterol = %s WHERE ID = %s"
val = (name, gender, email, phone, ssn, bdate, job, bloodtype, weight, height, hyper, hypercont,diabetic, diacont, stroke, cholesterol, p_id)
mycursor.execute(sql, val)
mydb.commit()
flash("Profile updated successfully!", "info")
except:
flash("Something went wrong!", "error")
elif 'change' in request.form: #for changing password
old_pw = request.form['password']
mycursor.execute("SELECT Password FROM Patients where id = '%s'" %(p_id))
myresult = mycursor.fetchone()
pw = myresult[0]
# print(pw, old_pw)
if pw == old_pw:
new_pw = request.form['newpassword']
mycursor.execute("UPDATE Doctors SET Password = '******' WHERE id = '%s'" % (new_pw, p_id))
mydb.commit()
flash("Password changed successfully!", "info")
else:
flash("Incorrect password!", "error")
return redirect(url_for('patient.display_profile'))
def msg():
mycursor = mydb.cursor(dictionary=True)
sql = "SELECT id, subject FROM ContactUsForms WHERE is_solved IS NULL"
mycursor.execute(sql)
unsolved = mycursor.fetchall()
sql = "SELECT id, subject FROM ContactUsForms WHERE is_solved IS NOT NULL"
mycursor.execute(sql)
solved = mycursor.fetchall()
return render_template("all_questions.html",
unsolved=unsolved,
solved=solved)
def view_drs():
mycursor = mydb.cursor()
if request.method == 'GET':
mycursor.execute("SELECT * FROM Doctors")
# this will extract row headers
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_doctors.html",
AllDoctors=myresult,
headers=row_headers)
else:
if 'edit' in request.form:
drid = request.form['edit']
# print(drid)
mycursor.execute("SELECT * FROM Doctors WHERE ID = '%s'" % (drid))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_doctors.html",
type=type,
Data=zip(row_headers, myresult))
else: #delete
drid = request.form['del']
# print(drid)
try:
mycursor.execute("DELETE FROM Doctors WHERE ID = '%s'" %
(drid))
mydb.commit()
#delete calendar of the doctor
mycursor.execute(
"SELECT c_id FROM Calendars WHERE drID ='%s'" % (drid))
c_id = mycursor.fetchone()
g_api.delete_calendar(c_id['c_id'])
mycursor.execute("DELETE FROM Calendars WHERE c_id='%s'" %
(c_id['c_id']))
mydb.commit()
##
mycursor.execute("SELECT * FROM Doctors")
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_doctors.html",
AllDoctors=myresult,
headers=row_headers,
succ="Doctor deleted successfully.")
except:
mycursor.execute("SELECT * FROM Doctors")
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_doctors.html",
AllDoctors=myresult,
headers=row_headers,
err="Something went wrong.")
def login():
user_email = request.form['username']
paswd = request.form['password']
cursor = mydb.cursor()
cursor.execute('SELECT HashPassword FROM Usuario WHERE UserName = "******"' %
user_email)
result = cursor.fetchone()
if result is None:
return home()
if paswd == result[0]:
session['logged_in'] = True
else:
flash('Wrong password')
return home()
def edit_profile():
mycursor = mydb.cursor()
d_id = session['u_id']
if request.method == 'GET':
sql = 'SELECT * FROM Doctors WHERE ID =%s'
val = (d_id,)
#Fetch user's record
mycursor.execute(sql,val)
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), edit=1)
else:
if 'edit' in request.form:
name = request.form['Name']
gender = request.form['Gender']
email = request.form['Email']
phone = request.form['Phone']
# DATE format YYYY-MM-DD
bdate = request.form['Birthday']
ssn = request.form['SSN']
# dep = request.form['DepartmentID']
try:
# print(name, email, phone, ssn, bday, d_id)
mycursor.execute("UPDATE Doctors SET Name = '%s', Gender = '%s', Email = '%s', Phone = '%s', SSN = '%s', Birthday = '%s' WHERE id = '%s'" % (name,gender, email, phone, ssn, bdate, d_id))
mydb.commit()
flash("Profile updated successfully!", "info")
except:
flash("Something went wrong!", "error")
elif 'change' in request.form: #for changing password
old_pw = request.form['password']
mycursor.execute("SELECT Password FROM Doctors where ID = '%s'" %(d_id))
myresult = mycursor.fetchone()
pw = myresult[0]
# print(pw, old_pw)
if pw == old_pw:
new_pw = request.form['newpassword']
mycursor.execute("UPDATE Doctors SET Password = '******' WHERE ID = '%s'" % (new_pw, d_id))
mydb.commit()
flash("Password changed successfully!", "info")
else:
flash("Incorrect password!", "error")
return redirect(url_for('doctor.display_profile'))
def edit_profile():
mycursor = mydb.cursor()
a_id = session["u_id"]
if request.method == 'GET':
mycursor.execute("SELECT * FROM Admins where ID = '%s'" % (a_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("profile.html",
type=type,
adminData=zip(row_headers, myresult),
edit=1)
else:
if 'edit' in request.form:
name = request.form['Name']
email = request.form['Email']
phone = request.form['Phone']
ssn = request.form['SSN']
bday = request.form['Birthday']
try:
# print(name, email, phone, ssn, bday, a_id)
mycursor.execute(
"UPDATE Admins SET Name = '%s', Email = '%s', Phone = '%s', SSN = '%s', Birthday = '%s' WHERE ID = '%s'"
% (name, email, phone, ssn, bday, a_id))
mydb.commit()
flash("Profile updated successfully!", "info")
except:
flash("Something went wrong!", "error")
elif 'change' in request.form: #for changing password
old_pw = request.form['password']
mycursor.execute("SELECT Password FROM Admins where ID = '%s'" %
(a_id))
myresult = mycursor.fetchone()
pw = myresult[0]
# print(pw, old_pw)
if pw == old_pw:
new_pw = request.form['newpassword']
mycursor.execute(
"UPDATE Admins SET Password = '******' WHERE ID = '%s'" %
(new_pw, a_id))
mydb.commit()
flash("Password changed successfully!", "info")
else:
flash("Incorrect password!", "error")
return redirect(url_for('admin.profile'))
def editpat():
mycursor = mydb.cursor()
pat_id = request.form['ID']
name = request.form['Name']
gender = request.form['Gender']
email = request.form['Email']
pw = request.form['Password']
phone = request.form['Phone']
# DATE format YYYY-MM-DD
bdate = request.form['Birthday']
ssn = request.form['SSN']
job = request.form['Job']
bloodtype = request.form['BloodType']
weight = request.form['Weight']
height = request.form['Height']
hyper = request.form['Hypertension']
hypercont = request.form['ControlledHypertension']
diabetic = request.form['Diabetic']
diacont = request.form['ControlledDiabetes']
stroke = request.form['HeartStroke']
cholesterol = request.form['Cholesterol']
try:
sql = "UPDATE Patients SET Name = %s, Gender = %s, Email = %s, Password = %s, Phone = %s, SSN = %s, Birthday = %s, Job = %s, BloodType = %s, Weight = %s, Height = %s, Hypertension = %s, ControlledHypertension = %s, Diabetic = %s, ControlledDiabetes = %s, HeartStroke = %s, Cholesterol = %s WHERE ID = %s"
val = (name, gender, email, pw, phone, ssn, bdate, job, bloodtype,
weight, height, hyper, hypercont, diabetic, diacont, stroke,
cholesterol, pat_id)
mycursor.execute(sql, val)
mydb.commit()
mycursor.execute("SELECT * FROM Patients WHERE ID = '%s'" % (pat_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_patients.html",
type=type,
Data=zip(row_headers, myresult),
succ="Patient's profile updated successfully.")
except:
mycursor.execute("SELECT * FROM Patients WHERE ID = '%s'" % (pat_id))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_patients.html",
type=type,
Data=zip(row_headers, myresult),
err="Something went wrong.")
def view_patients():
mycursor = mydb.cursor()
if request.method == 'GET':
mycursor.execute(
"SELECT ID, Name, Email, Password, Phone, Gender, SSN, Birthday, Job , Join_date FROM Patients"
)
# this will extract row headers
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_patients.html",
AllPatients=myresult,
headers=row_headers)
else:
if 'edit' in request.form:
patid = request.form['edit']
mycursor.execute("SELECT * FROM Patients WHERE ID = '%s'" %
(patid))
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
return render_template("A_update_patients.html",
type=type,
Data=zip(row_headers, myresult))
else: #delete
patid = request.form['del']
try:
mycursor.execute("DELETE FROM Patients WHERE ID = '%s'" %
(patid))
mydb.commit()
mycursor.execute("SELECT * FROM Patients")
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_patients.html",
AllPatients=myresult,
headers=row_headers,
succ="Patient deleted successfully.")
except:
mycursor.execute("SELECT * FROM Patients")
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchall()
return render_template("A_view_patients.html",
AllPatients=myresult,
headers=row_headers,
err="Something went wrong.")
def display_profile():
mycursor = mydb.cursor()
# p_id = session['u_id']
p_id = session['u_id']
sql = 'SELECT * FROM Patients WHERE ID =%s'
val = (p_id,)
#Fetch user's record
mycursor.execute(sql,val)
row_headers = [x[0] for x in mycursor.description]
myresult = mycursor.fetchone()
if request.method == 'GET':
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), view=1)
else:
if 'edit' in request.form: # requesting the edit form
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), edit=1)
elif 'change' in request.form: # requesting to change password
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), change=1)
else:
flash("Bad request", "error")
return render_template("profile.html", type=type, allData=zip(row_headers, myresult), view=1)
def stat():
mycursor = mydb.cursor(dictionary=True, buffered=True)
mycursor.execute("SELECT * FROM Doctors")
doctors = len(mycursor.fetchall())
mycursor.execute("SELECT * FROM Patients")
patients = len(mycursor.fetchall())
x = ["Solved_Requests", " Un_Solved_Requests"]
sql = "SELECT * FROM ContactUsForms WHERE is_solved = %s"
val_u = (0, )
val_s = (1, )
mycursor.execute(sql, val_u)
unsolved = len(mycursor.fetchall())
mycursor.execute(sql, val_s)
solved = len(mycursor.fetchall())
forms = [solved, unsolved]
plt.style.use('ggplot')
fig = plt.figure(figsize=(5, 5))
plt.bar(x, forms, color="yellow")
plt.savefig('./static/images/new_plot.png')
####
mycursor = mydb.cursor(dictionary=True, buffered=True)
plt.style.use('ggplot')
fig = plt.figure(figsize=(5, 5))
today = datetime.today()
first = today.replace(day=1)
last = first - timedelta(days=31)
llast = last - timedelta(days=30)
lllast = llast - timedelta(days=31)
next = first + timedelta(days=30)
x = [(first.strftime("%m/%Y")), (last.strftime("%m/%Y")),
(llast.strftime("%m/%Y")), (lllast.strftime("%m/%Y"))]
sql = "SELECT * FROM Appointments WHERE bookedTime >= %s And bookedTime < %s"
val1 = (first, next)
val2 = (last, first)
val3 = (llast, last)
val4 = (lllast, llast)
mycursor.execute(sql, val1)
app_this_month = len(mycursor.fetchall())
mycursor.execute(sql, val2)
app_last_month = len(mycursor.fetchall())
mycursor.execute(sql, val3)
app_llast_month = len(mycursor.fetchall())
mycursor.execute(sql, val4)
app_lllast_month = len(mycursor.fetchall())
Appointments = [
app_this_month, app_last_month, app_llast_month, app_lllast_month
]
ax = fig.add_subplot(1, 1, 1)
plt.style.use('ggplot')
fig = plt.figure(figsize=(5, 5))
plt.bar(x, Appointments, color="yellow")
plt.savefig('./static/images/new_plot2.png')
return render_template("stat.html", patients=patients, doctors=doctors)
def book():
mycursor = mydb.cursor(dictionary=True, buffered=True)
mycursor.execute("SELECT * FROM Doctors")
myresult = mycursor.fetchall()
number_of_doctors = len(myresult)
id_1_l = math.ceil((number_of_doctors / 2))
if request.method == 'POST':
selected_data = request.form['doctor']
selected_date = request.form['date'] #in mm/dd/yyy
selected_hour = request.form['hour']
p_id = request.form['p_id']
#check if date or time is empty
if (not request.form['date']) or request.form['hour'] == 'Select Time':
# print("jjj"))
flash(
"please select a date, a time and a doctor/Not Specific Doctor "
)
return render_template("p_book_appointment.html",
doctorsData=myresult,
id_1_l=id_1_l)
#get the values we need
if selected_data != 'Not Specific Doctor':
doctor_id, selected_doctor = selected_data.split('-')
else:
doctor_id = random.randint(1, number_of_doctors)
#get the values we need
format_str = '%m/%d/%Y' # The format
date_datetime = datetime.strptime(selected_date, format_str).date()
time_datetime = datetime.strptime(selected_hour, '%H:%M').time()
bookedTime = datetime.combine(date_datetime, time_datetime)
#check if the time is booked already in doctor's schedule
sql = 'SELECT * FROM Appointments WHERE drID = %s AND bookedTime = %s'
val = (doctor_id, bookedTime)
mycursor.execute(sql, val)
# Fetch user's record
account = mycursor.fetchall()
# If account exists show error and validation checks
if account:
flash('Doctor is not available in this time, choose another time!')
return render_template("p_book_appointment.html",
doctorsData=myresult,
id_1_l=id_1_l)
# Nothing wrong with booking, insertingappointment details
id = session["u_id"]
sql = "INSERT INTO Appointments (drID,bookedTime, patID) VALUES (%s, %s, %s)"
val = (doctor_id, bookedTime, p_id)
# print(val)
mycursor.execute(sql, val)
mydb.commit()
# mycursor.close()
flash("Appointment is Booked Successfully!")
#Synchronize with doctor's calendar
#getting appointment id to add in events table
sql = "SELECT id FROM Appointments WHERE drID =%s AND bookedTime =%s"
val = (doctor_id, bookedTime)
mycursor.execute(sql, val)
a_id = mycursor.fetchone()
#getting dr data
doctor = next(
(doctor for doctor in myresult if doctor['ID'] == int(doctor_id)),
False)
doctor_email = doctor['Email']
doctor_id = int(doctor_id)
sql = "SELECT * FROM Calendars WHERE drID = %s"
mycursor.execute(sql, (doctor_id, ))
dr_cal = mycursor.fetchall()
print(dr_cal)
if not dr_cal:
ID = g_api.create_calendar("Cardiology Department", "Africa/Cairo")
g_api.give_access(ID, doctor_email)
sql = "INSERT INTO Calendars (c_id,drID) VALUES (%s,%s)"
val = (ID, doctor_id)
print(val)
mycursor.execute(sql, val)
mydb.commit()
mycursor.execute("SELECT * FROM Calendars WHERE drID = '%s'" %
(doctor_id))
dr_cal = mycursor.fetchone()
event_id = g_api.create_event(bookedTime, dr_cal['c_id'])
#insert event into Events table
sql = "INSERT INTO Events (e_id,cal_id,a_id) VALUES (%s,%s,%s)"
val = (event_id, dr_cal['c_id'], a_id['id'])
mycursor.execute(sql, val)
mydb.commit()
print("EVENT CREATED")
return render_template("p_book_appointment.html",
doctorsData=myresult,
id_1_l=id_1_l)
else:
return render_template("p_book_appointment.html",
doctorsData=myresult,
id_1_l=id_1_l)
import mysql.connector, os
from flask import Flask, render_template, request, abort, session, redirect, url_for, flash
from werkzeug.utils import secure_filename
from auto_bp import auto, auto_2, auto_3
from patient import patient
from doctor import doctor
from admin import admin
from database import mydb
import datetime
import g_api
mycursor = mydb.cursor(dictionary=True, buffered=True)
app = Flask(__name__)
app.secret_key = 'your secret key'
#bluprints
app.register_blueprint(patient, url_prefix="/p")
app.register_blueprint(doctor, url_prefix="/d")
app.register_blueprint(auto, url_prefix='/browse/prescriptions')
app.register_blueprint(auto_2, url_prefix='/browse/scans')
app.register_blueprint(auto_3, url_prefix='/browse/reports')
app.register_blueprint(admin, url_prefix="/A")
app.config['MAX_CONTENT_LENGTH'] = 100 * 1024 * 1024
app.config['UPLOAD_EXTENSIONS'] = [
'.jpg', '.png', '.gif', '.txt', '.pdf', '.jpeg', '.gif', '.csv', '.eps',
'.bmp', '.raw', '.xml', '.doc', '.docs', '.xls'
]
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 2592000
app.config['UPLOAD_PATH'] = './static/uploads'
def register():
tipo_usuario = request.form['tipo_usuario']
username = request.form['username']
email = request.form['email']
telefono = request.form['telefono']
password = request.form['password']
password2 = request.form['password2']
nombre = request.form['nombre']
apellido_paterno = request.form['apellido_paterno']
apellido_materno = request.form['apellido_materno']
sexo = request.form['sexo']
fecha_nacimiento = request.form['fecha_nacimiento']
#Validar campos vacios
if tipo_usuario == "1":
if apellido_materno is None or apellido_materno is None:
return render_template('register.html',
mensaje="Algun campo está vacío")
if sexo is None or fecha_nacimiento is None:
return render_template('register.html',
mensaje="Algun campo está vacío")
#Validar que las cont coincidan
if password != password2:
return render_template('register.html',
mensaje="Las contraseñas no coinciden")
#Validar que no exisa usuario ni correo
cursor = mydb.cursor()
cursor.execute('SELECT username FROM Usuario WHERE UserName = "******"' %
username)
result = cursor.fetchone()
if result is not None:
return render_template('register.html', mensaje="usuario existente")
cursor.execute('SELECT Email FROM Usuario WHERE Email = "%s"' % email)
result = cursor.fetchone()
if result is not None:
return render_template('register.html', mensaje="correo existente")
#REGISTRO DEL USUARIO#
sentence = 'INSERT INTO Usuario(UserName,TipoUsuario,HashPassword,Email,Telefono,Admin) VALUES (%s,%s,%s,%s,%s,FALSE)'
variables = (username, tipo_usuario, password, email, telefono)
cursor.execute(sentence, variables)
mydb.commit()
#EXTRACCION DEL NUEVO ID#
cursor.execute('SELECT idUsuario FROM Usuario WHERE UserName = "******"' %
username)
result = cursor.fetchone()
if tipo_usuario == "1":
sentence = 'INSERT INTO Persona(Nombre,ApellidoPaterno,ApellidoMaterno,IdUsuario,Sexo,FechaNacimiento) VALUES (%s,%s,%s,%s,%s,%s)'
variables = (nombre, apellido_paterno, apellido_materno, result[0],
sexo, fecha_nacimiento)
else:
sentence = 'INSERT INTO Empresa(Nombre, IdUsuario) VALUES (%s,%s)'
variables = (nombre, result[0])
cursor.execute(sentence, variables)
mydb.commit()
session['logged_in'] = True
return home()
