Hệ thống quản lý phòng khám trực tuyến bằng PHP
1 <?php
2 // This script and data application were generated by AppGini 5.62
3 // Download AppGini for free from https://bigprof.com/appgini/download/
4
5 /*
6 ajax-callable script that retrieves a list of users for admin, indicating which ones have
7 access to supplied table.
8
9 REQUEST parameters:
10 ===============
11 t: table name
12 id: optional, primary key value of current record
13 p: page number (default = 1)
14 s: search term
15 */
16
17 /* return json */
18 header('Content-type: application/json');
19
20 $start_ts = microtime(true);
21
22 $curr_dir=dirname(__FILE__);
23 require("{$curr_dir}/incCommon.php");
24
25 // how many results to return per call, in case of json output
26 $results_per_page = 50;
27
28 $id = false;
29 if(isset($_REQUEST['id'])) $id = iconv('UTF-8', datalist_db_encoding, $_REQUEST['id']);
30
31 $search_term = false;
32 if(isset($_REQUEST['s'])) $search_term = iconv('UTF-8', datalist_db_encoding, $_REQUEST['s']);
33
34 $page = intval($_REQUEST['p']);
35 if($page < 1) $page = 1;
36 $skip = $results_per_page * ($page - 1);
37
38 $table_name = $_REQUEST['t'];
39 if(!in_array($table_name, array_keys(getTableList()))){
40 /* invalid table */
41 echo '{"results":[{"id":"","text":"Invalid table"}],"more":false,"elapsed":0}';
42 exit;
43 }
44
45 /* if id is provided, get owner */
46 $owner = false;
47 if($id){
48 $owner = sqlValue("select memberID from membership_userrecords where tableName='{$table_name}' and pkValue='" . makeSafe($id) . "'");
49 }
50
51 $prepared_data = array();
52 $where = "g.name!='{$adminConfig['anonymousGroup']}' and p.allowView>0 ";
53 if($search_term){
54 $search_term = makeSafe($search_term);
55 $where .= "and (u.memberID like '%{$search_term}%' or g.name like '%{$search_term}%')";
56 }
57 $res = sql("select u.memberID, g.name from membership_users u left join membership_groups g on u.groupID=g.groupID left join membership_grouppermissions p on g.groupID=p.groupID and p.tableName='{$table_name}' where {$where} order by g.name, u.memberID limit {$skip}, {$results_per_page}", $eo);
58 while($row = db_fetch_row($res)){
59 $prepared_data[] = array('id' => iconv(datalist_db_encoding, 'UTF-8', $row[0]), 'text' => iconv(datalist_db_encoding, 'UTF-8', "<b>{$row[1]}</b>/{$row[0]}"));
60 }
61
62 echo json_encode(array(
63 'results' => $prepared_data,
64 'more' => (@db_num_rows($res) >= $results_per_page),
65 'elapsed' => round(microtime(true) - $start_ts, 3)
66 ));