\n";
if(empty($_GET['onlyType']))
{
$proTypeQ="SELECT Pro_type FROM $servProdb WHERE Pro_id='$servpro_id'";
$proTypeR=mysql_query($proTypeQ);
$proTypeRA=mysql_fetch_array($proTypeR);
$proType=$proTypeRA['Pro_type'];
$rep_appt_str=repeating_appt_str($proType);
} else {
$rep_appt_str=$_GET['onlyType'];
}
///strtotime() to convert to unix time
$untimemult = strtotime($datimemult);
// echo $timenextmult; echo "untimemult is " . $untimemult;
//echo " ";
$countermult = $number_appts;
//echo "countermult is " . $countermult . " ";
/////////////HERE IS THE COUNTER////////////////////////
for ($counter=0; $counter <= $countermult; $counter++)
{
$dalightbefore = date('I', $untimemult);
$untimemult += 604800; ////this is one week
$dalightafter = date('I', $untimemult);
if($dalightbefore - $dalightafter == 1) {$untimemult += 3600;}
if($dalightbefore - $dalightafter == -1) {$untimemult -=3600;}
$timenextmult = strftime('%H:%M:%S', $untimemult);
$daynextmult = strftime('%Y-%m-%d', $untimemult);
$tempuserCL=$_SESSION['userCLid'];
$querymult2="SELECT appt_id, date_format(day, '%a %b %e %Y'), day, time, Assmt, Agent_id, client_id, location, bill_to, lastaccess
FROM $apptdb WHERE (Agent_id='$servpro_id' AND (day = '$daynextmult'
AND time = '$timenextmult')) AND location='$cityholder'
AND (client_id IS NULL OR client_id='$tempuserCL') AND (Assmt = $rep_appt_str)";
$resultmult2=mysql_query($querymult2);
if(!$resultmult2) error_message("Line 114 " . sql_error());
$query_datamult2 = mysql_fetch_array($resultmult2);
$marker=1;
$marker = mysql_num_rows($resultmult2);
if(!$marker)
{//////IF NO NEXT APPT
echo "
";
echo "
Next appointment unavailable. Other options below!
";
//echo "code here to get range of apointments FOR THE DAY";
$tempuserCL=$_SESSION['userCLid'];
$querymult3="SELECT appt_id, date_format(day, '%a %b %e %Y'), day, time, Assmt, Agent_id, client_id, location, bill_to, lastaccess
FROM $apptdb WHERE (Agent_id='$servpro_id' AND day = '$daynextmult') AND location='$cityholder'
AND (client_id IS NULL OR client_id='$tempuserCL') AND (Assmt = $rep_appt_str) ORDER BY time";
$resultmult3=mysql_query($querymult3);
if(!$resultmult3) error_message("Line 128 " . sql_error());
$ifnoapptsthatday=mysql_num_rows($resultmult3);
if($ifnoapptsthatday==0)
{echo "
";
echo "Ooops, no more appointments that day!
";
}
/////////NOW GO THRU AND DISPLAY ALL RESULTS FROM SUBSEARCH FOR DAY
while($query_datamult3=mysql_fetch_array($resultmult3))
{
$appt_id=$query_datamult3["appt_id"];
$Assmt=$query_datamult3['Assmt'];
$day=$query_datamult3["date_format(day, '%a %b %e %Y')"];
$day_raw=$query_datamult3['day']; $day_cln=str_replace('-','',$day_raw);
//$time=$query_datamult3["time"];
$Agent_id=$query_datamult3["Agent_id"];
$client_id=$query_datamult3["client_id"];
$pm=0;
list($timex4, $timex5, $timex6)=explode(":" , $query_datamult3["time"]);
$daytime_cln=$day_cln . $timex4 . $timex5 . $timex6;
if($nbkstr > $daytime_cln){$nobook=1;} else {$nobook=0;}
if($nclstr > $daytime_cln){$nocanc=1;} else {$nocanc=0;}
$pm=0;
if ($timex4 > 12)
{$pm=1; $timex4 -= 12;}
echo "
";
}
/////////////////END FUNCTION GET MULTIPLE APPOINTMENTS
//////function show gif
function show_gif()
{
global $CL_login, $CL_logout, $third_login, $third_logout, $logout_script;
echo "
";
if(!empty($_SESSION['third_co_selected']))
{
echo "";
}
third_co_list();
echo "";
echo " Reference/claim no: ";
echo "";
echo "(optional unless there is more than one case/claim number for the selected third party)";
//echo "";
}
//////////////////END ASK IF REQUEST PAYOR
////////function to get email addresses for third party or client or pro
function get_userid_email($email, $case_id, $the_id, $the_db_name)
{
$func_query = "SELECT " . $email . " from " . $the_db_name . " where " . $case_id . " = '$the_id'";
$result_get_query=mysql_query($func_query);
$result_get=mysql_result($result_get_query, 0, 0);
if(empty($result_get)) echo "failed to get user email";
return $result_get;
}
////END function get_userid_email
//////////////////FUNCTION TO GET APPT DATE AND TIME FROM APPT_ID
function get_datime_fr_appt_id($appt_id)
{
global $apptdb;
$datime_result=mysql_query("SELECT day, time from $apptdb where appt_id='$appt_id'");
$datime1=mysql_result($datime_result, 0, 0);
$datime2=mysql_result($datime_result, 0, 1);
$translation= array(":00:00" => ":00", ":30:00" => ":30", ":15:00" => ":15");
$datime3=strtr($datime2,$translation);
$datime=$datime1 . " " . $datime3;
return $datime;
}//////////////////END FUNC TO GET APPT DATE AND TIME FROM APPT_ID
//////////////////FUNCTION TO EMAIL EVERYBODY
function email_everybody($to_hold_email, $to_hold_client_email, $to_hold_booked, $to_hold_canceled, $reply_to)
{
//global $email_addresses, $booked, $canceled;
$s_email_addresses = implode(",", $to_hold_email);
$s_booked = implode(", ", $to_hold_booked);
$s_canceled = implode(", ", $to_hold_canceled);
$s_email_message_body = "This is a message from zappointments.com.\n";
if($s_booked){$s_email_message_body .= "The following appts have been booked: ";
$s_email_message_body .= $s_booked;
$s_email_message_body .= ".\n";}
if($s_canceled){$s_email_message_body .= "The following appts have been canceled: " . $s_canceled . ".\n";}
$s_email_message_body .= "You may wish to check the www.zappointments.com website ";
$s_email_message_body .= "for your updated schedule.\n";
$s_email_subject="Changed appts";
//echo "EMAIL ADDRESSES: " . $s_email_addresses;
//echo $s_email_message_body;
mail($s_email_addresses, $s_email_subject, $s_email_message_body, $reply_to);
mail($to_hold_client_email, $s_email_subject, $s_email_message_body, $reply_to);
}
//////////END FUNCTION TO EMAIL EVERYBODY
//////////FUNCTION TO GET BOOKED ARRAY INTO DATABASE
function into_database($app_id, $arykey)
{
global $todaytime2, $authdb;
$into_query="INSERT INTO $authdb VALUES(NULL, '$todaytime2', '$app_id', 0)";
$into_var=mysql_query($into_query);
if(!$into_var) error_message("Failed to put appt into auth database");
}
//////////END FUNCTION TO GET BOOKED ARRAY INTO DATABASE
//////////body//////BODY////BODY/////BODY
session_start();
//session_register("user3id1");
//session_register("userCLid");
//session_register("navProid");
if($_GET['navProid']==""){$_GET['navProid']='zsaper';}///////SHOULD BE MODIFIED FOR GET ARRAY
?>
Book Multiple Appointments
";
show_gif();
echo "
Appointment booking method Patent Pending
";
$getprovholder=$_GET['provholder'];
if(empty($getprovholder)) {error_message("No province selected");}
else if($_GET['provholder']=="BC"){$apptdb="appointments";$servProdb="service_providers"; $authdb="auth_by_3rd";}
else if($_GET['provholder']=="AB"){$apptdb="appointments_ab";$servProdb="service_providers_ab"; $authdb="auth_by_3rd_ab";}
else if($_GET['provholder']=="SK"){$apptdb="appointments_sk";$servProdb="service_providers_sk"; $authdb="auth_by_3rd_sk";}
else if($_GET['provholder']=="MB"){$apptdb="appointments_mb";$servProdb="service_providers_mb"; $authdb="auth_by_3rd_mb";}
else if($_GET['provholder']=="ON"){$apptdb="appointments_on";$servProdb="service_providers_on"; $authdb="auth_by_3rd_on";}
else if($_GET['provholder']=="QC"){$apptdb="appointments_qc";$servProdb="service_providers_qc"; $authdb="auth_by_3rd_qc";}
else if($_GET['provholder']=="NS"){$apptdb="appointments_ns";$servProdb="service_providers_ns"; $authdb="auth_by_3rd_ns";}
else if($_GET['provholder']=="NB"){$apptdb="appointments_nb";$servProdb="service_providers_nb"; $authdb="auth_by_3rd_nb";}
else if($_GET['provholder']=="PE"){$apptdb="appointments_pe";$servProdb="service_providers_pe"; $authdb="auth_by_3rd_pe";}
else if($_GET['provholder']=="NL"){$apptdb="appointments_nl";$servProdb="service_providers_nl"; $authdb="auth_by_3rd_nl";}
else if($_GET['provholder']=="YK"){$apptdb="appointments_yk";$servProdb="service_providers_yk"; $authdb="auth_by_3rd_yk";}
else if($_GET['provholder']=="NW"){$apptdb="appointments_nw";$servProdb="service_providers_nw"; $authdb="auth_by_3rd_nw";}
else if($_GET['provholder']=="NV"){$apptdb="appointments_nv";$servProdb="service_providers_nv"; $authdb="auth_by_3rd_nv";}
if($_SESSION['userCLprov']=="BC"){$clients_db="clients";$permdb="cl_perm";}
else if($_SESSION['userCLprov']=="AB"){$clients_db="clients_ab";$permdb="cl_perm_ab";}
else if($_SESSION['userCLprov']=="SK"){$clients_db="clients_sk";$permdb="cl_perm_sk";}
else if($_SESSION['userCLprov']=="MB"){$clients_db="clients_mb";$permdb="cl_perm_mb";}
else if($_SESSION['userCLprov']=="ON"){$clients_db="clients_on";$permdb="cl_perm_on";}
else if($_SESSION['userCLprov']=="QC"){$clients_db="clients_qc";$permdb="cl_perm_qc";}
else if($_SESSION['userCLprov']=="NB"){$clients_db="clients_nb";$permdb="cl_perm_nb";}
else if($_SESSION['userCLprov']=="NS"){$clients_db="clients_ns";$permdb="cl_perm_ns";}
else if($_SESSION['userCLprov']=="PE"){$clients_db="clients_pe";$permdb="cl_perm_pe";}
else if($_SESSION['userCLprov']=="NL"){$clients_db="clients_nl";$permdb="cl_perm_nl";}
else if($_SESSION['userCLprov']=="YK"){$clients_db="clients_yk";$permdb="cl_perm_yk";}
else if($_SESSION['userCLprov']=="NW"){$clients_db="clients_nw";$permdb="cl_perm_nw";}
else if($_SESSION['userCLprov']=="NV"){$clients_db="clients_nv";$permdb="cl_perm_nv";}
//echo "userCLid is " . $_SESSION['userCLid'];
if($_POST)
{
$link_id = db_connect();
if(!$link_id) die(sql_error());
if(empty($_SESSION['userCLid'])) {error_message("No client logged in!");}
/////$to_hold_booked_appts=array();
/////global set up array to_hold_canceled_appts;
/////global set up array to_hold_email_addresses;
if(empty($_SESSION['user3id1']))
{
if($_POST['CLthird_co'] != "SELF")
{
$CLid=$_SESSION['userCLid'];
$TDquery="SELECT CL_iv, CLthird_co1, CLclaim_no1, third_party_email1, CLthird_co2, CLclaim_no2, third_party_email2, CLthird_co3, CLclaim_no3, third_party_email3, CLthird_co4, CLclaim_no4, third_party_email4, CLthird_co5, CLclaim_no5, third_party_email5 from $clients_db where CL_id='$CLid'";
$TDresult=mysql_query($TDquery);
$TDresult_array=mysql_fetch_array($TDresult);
$TDCL_iv=$TDresult_array['CL_iv'];
$TDCL_iv=base64_decode($TDCL_iv);
$TDCLthird_co1=$TDresult_array['CLthird_co1'];
$TDCLthird_co2=$TDresult_array['CLthird_co2'];
$TDCLthird_co3=$TDresult_array['CLthird_co3'];
$TDCLthird_co4=$TDresult_array['CLthird_co4'];
$TDCLthird_co5=$TDresult_array['CLthird_co5'];
$TDCLclaim_no1=$TDresult_array['CLclaim_no1'];
$TDCLclaim_no2=$TDresult_array['CLclaim_no2'];
$TDCLclaim_no3=$TDresult_array['CLclaim_no3'];
$TDCLclaim_no4=$TDresult_array['CLclaim_no4'];
$TDCLclaim_no5=$TDresult_array['CLclaim_no5'];
$TDCLclaim_no1=rtrim($TDCLclaim_no1, "\0");
$TDCLclaim_no2=rtrim($TDCLclaim_no2, "\0");
$TDCLclaim_no3=rtrim($TDCLclaim_no3, "\0");
$TDCLclaim_no4=rtrim($TDCLclaim_no4, "\0");
$TDCLclaim_no5=rtrim($TDCLclaim_no5, "\0");
$TDthird_party_email1=$TDresult_array['third_party_email1'];
$TDthird_party_email2=$TDresult_array['third_party_email2'];
$TDthird_party_email3=$TDresult_array['third_party_email3'];
$TDthird_party_email4=$TDresult_array['third_party_email4'];
$TDthird_party_email5=$TDresult_array['third_party_email5'];
$mcrypt_module = mcrypt_module_open('rijndael-256', '', 'cbc', '');
if(!empty($TDCLclaim_no1))
{
mcrypt_generic_init($mcrypt_module, $mcrypt_key, $TDCL_iv);
$mCLclaim_no1=mdecrypt_generic($mcrypt_module, base64_decode($TDCLclaim_no1));
$mCLclaim_no1=trim($mCLclaim_no1);
}
if(!empty($TDCLclaim_no2))
{
mcrypt_generic_init($mcrypt_module, $mcrypt_key, $TDCL_iv);
$mCLclaim_no2=mdecrypt_generic($mcrypt_module, base64_decode($TDCLclaim_no2));
$mCLclaim_no2=trim($mCLclaim_no2);
}
if(!empty($TDCLclaim_no3))
{
mcrypt_generic_init($mcrypt_module, $mcrypt_key, $TDCL_iv);
$mCLclaim_no3=mdecrypt_generic($mcrypt_module, base64_decode($TDCLclaim_no3));
$mCLclaim_no3=trim($mCLclaim_no3);
}
if(!empty($TDCLclaim_no4))
{
mcrypt_generic_init($mcrypt_module, $mcrypt_key, $TDCL_iv);
$mCLclaim_no4=mdecrypt_generic($mcrypt_module, base64_decode($TDCLclaim_no4));
$mCLclaim_no4=trim($mCLclaim_no4);
}
if(!empty($TDCLclaim_no5))
{
mcrypt_generic_init($mcrypt_module, $mcrypt_key, $TDCL_iv);
$mCLclaim_no5=mdecrypt_generic($mcrypt_module, base64_decode($TDCLclaim_no5));
$mCLclaim_no5=trim($mCLclaim_no5);
}
mcrypt_generic_deinit($mcrypt_module);
$no_co=0;
if($_POST['CLthird_co'] == $TDCLthird_co1)
{$no_co++;$to_hold_3_email=$TDthird_party_email1;$to_hold_claim=$mCLclaim_no1;}
if($_POST['CLthird_co'] == $TDCLthird_co2)
{$no_co++;$to_hold_3_email=$TDthird_party_email2;$to_hold_claim=$mCLclaim_no2;}
if($_POST['CLthird_co'] == $TDCLthird_co3)
{$no_co++;$to_hold_3_email=$TDthird_party_email3;$to_hold_claim=$mCLclaim_no3;}
if($_POST['CLthird_co'] == $TDCLthird_co4)
{$no_co++;$to_hold_3_email=$TDthird_party_email4;$to_hold_claim=$mCLclaim_no4;}
if($_POST['CLthird_co'] == $TDCLthird_co5)
{
$no_co++;
$to_hold_3_email=$TDthird_party_email5;
$to_hold_claim=$mCLclaim_no5;
}
if($no_co < 1){error_message("That third party is not part of this client's profile");}else if($no_co == 1){$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
if($no_co > 1){
if($_POST['CLclaim_no'] == $mCLclaim_no1)
{$to_hold_3_email=$TDthird_party_email1;$to_hold_claim=$mCLclaim_no1;$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
else if($_POST['CLclaim_no'] == $mCLclaim_no2)
{$to_hold_3_email=$TDthird_party_email2;$to_hold_claim=$mCLclaim_no2;$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
else if($_POST['CLclaim_no'] == $mCLclaim_no3)
{$to_hold_3_email=$TDthird_party_email3;$to_hold_claim=$mCLclaim_no3;$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
else if($_POST['CLclaim_no'] == $mCLclaim_no4)
{$to_hold_3_email=$TDthird_party_email4;$to_hold_claim=$mCLclaim_no4;$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
else if($_POST['CLclaim_no'] == $mCLclaim_no5)
{$to_hold_3_email=$TDthird_party_email5;$to_hold_claim=$mCLclaim_no5;$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
else {error_message("You must enter the correct claim or case number for this client");}
}
} else {$_SESSION['third_co_selected']=$_POST['CLthird_co'];}
}
else {$user3id2=$_SESSION['user3id1'];
$email="email";
$case_id="third_id";
$dbnom="thirdparty";
$to_hold_email_addresses[] = get_userid_email($email, $case_id, $user3id2, $dbnom);
}
$dbnom=$clients_db;
$email="CLemail";
$case_id="CL_id";
$to_hold_client_email = get_userid_email($email, $case_id, $_SESSION['userCLid'], $dbnom);
$dbnom=$servProdb;////service provider will be set by GET HTTP or login
$email="Proemail";
$case_id="Pro_id";
$to_hold_email_addresses[] = get_userid_email($email, $case_id, $_GET['navProid'], $dbnom);
$to_hold_email_addresses[] = "admin@zappointments.com";
while (list($lvar, $lvalue) = each($_POST))
{
///first check if access time is same
if ($lvalue=="book")
{if(isset($user3id2))/////////// CHECK THIS PART!!!!!!!
{$gotcoQ="SELECT third_co from thirdparty WHERE third_id='$user3id2'";
$gotcoR=mysql_query($gotcoQ);
$gotco_resultA=mysql_fetch_array($gotcoR);
$gotco_result=$gotco_resultA['third_co'];
$tempuserCL=$_SESSION['userCLid'];
$bookquery="UPDATE $apptdb SET client_id='$tempuserCL', bill_to='$gotco_result'
WHERE appt_id='$lvar' and client_id IS NULL";
}
else if(isset($_POST['CLthird_co']) && ($_POST['CLthird_co'] != "SELF"))
{
$CLthird_co=$_POST['CLthird_co'];
$tempuserCL=$_SESSION['userCLid'];
$bookquery="UPDATE $apptdb SET client_id='$tempuserCL', bill_to='$CLthird_co'
WHERE appt_id='$lvar' and client_id IS NULL";
}
else
{
$tempuserCL=$_SESSION['userCLid'];
$bookquery="UPDATE $apptdb SET client_id='$tempuserCL', bill_to='SELF'
WHERE appt_id='$lvar' and client_id IS NULL";
}
$bookresult=mysql_query($bookquery);
$numrowsresult=mysql_affected_rows($link_id);
if(!$numrowsresult)
{error_message("Appt already booked. Reload the page.");
//echo "";
} else {add_perm($link_id, $permdb);}
$to_hold_booked_appts[]=get_datime_fr_appt_id($lvar);
$to_hold_booked_auth[]=$lvar;
}
else if ($lvalue=="cancel")
{
$cancelquery="UPDATE $apptdb SET client_id=NULL, bill_to=NULL, auth_by_3rd=0
WHERE appt_id='$lvar'";
$cancelresult=mysql_query($cancelquery);
if(!$cancelresult) error_message(sql_error());
$to_hold_canceled_appts[]=get_datime_fr_appt_id($lvar);
}
else { }
}
$reply_to_fields="From: admin@zappointments.com";///\nReply-to: admin@zappointments.com";
email_everybody($to_hold_email_addresses, $to_hold_client_email, $to_hold_booked_appts, $to_hold_canceled_appts, $reply_to_fields);
///////////////SEND SECURE EMAIL TO AUTH 3RD PRTY
if((isset($_POST['CLthird_co'])) and ($_POST['CLthird_co'] != "SELF"))
{
$secure_mail_subject = "Authorization requested";
$secure_mail_body = "--01fedcb871d3f012e43680250ba5ca3f\n";
$secure_mail_body .= "Content-type:text/html; charset=\"iso-8859-1\"\n";
$secure_mail_body .= "Content-transfer-encoding:7bit\n\n";
$secure_mail_body .= "\n";
$secure_mail_body .= "\n";
$secure_mail_body .= "