Query($sql); if ( $rs ) { $paciente = $GLOBALS['dbSQL']->getAll(); if( count($paciente)>0 ) { $validarPrimerAcceso = ((intval($paciente[0]["cli_validapass"])===1)?false:true); //print_r("r[".$validarPrimerAcceso."]");die; } } } if( $validarPrimerAcceso ) { $passVal = ""; } $sql = "SELECT TOP 1 c.cli_dni AS DNI , cli_codigo , c.cli_nombre AS PACIENTE , o.obs_denom AS OBRA_SOCIAL , p.obsp_denom AS PLAN_ , o.obs_codigo AS ID_OBRA_SOCIAL , c.obsp_cod , c.cli_email AS EMAIL , c.cli_fecnto AS FacN , c.cli_sexo AS Sexo , c.cli_tel AS Telefono , c.cli_carnet AS carnet , o.obs_lock , c.cli_revalidaweb AS ValEmail , c.cli_tel_cod_area AS TelArea , c.cli_tel_numero AS TelNro , c.cli_revalidawebtel AS ValTelefono , c.cli_validapass AS ValPass , (CASE WHEN o.obs_telemed IS NULL THEN 0 ELSE 1 END) AS ObsTelemed , c.cli_bloqueado FROM clientes AS c , obrasoc AS o , obsplan AS p WHERE c.cli_dni = '".$dni."' ".$passVal." ".$emailVal." AND c.obs_codigo = o.obs_codigo AND p.obs_codigo = o.obs_codigo AND p.obsp_cod = c.obsp_cod ORDER BY cli_registracion"; //die($sql); debug($sql); $rs = $GLOBALS['dbSQL']->Query($sql); if ( $rs ) { $result = $GLOBALS['dbSQL']->getAll(); if( count($result)>0 ) { $codP = $result[0]['cli_codigo']; $name = trim($result[0]['PACIENTE']); //$name = str_replace(" ",", ",$name); $nameObS = $result[0]['OBRA_SOCIAL']; $planObS = $result[0]['PLAN_']; $idObS = $result[0]['ID_OBRA_SOCIAL']; $idPlanObS = $result[0]['obsp_cod']; $email = $result[0]['EMAIL']; $sexo = $result[0]['Sexo']; $facn = $result[0]['FacN']; $tel = $result[0]['Telefono']; $carnet = $result[0]['carnet']; $obsflag = (intval($result[0]['obs_lock'])==1?true:false); $validaemail= (intval($result[0]['ValEmail'])==1?true:false); $telarea = $result[0]['TelArea']; $telnumero = $result[0]['TelNro']; $validatel = (intval($result[0]['ValTelefono'])==1?true:false); $obstelemed = $result[0]['ObsTelemed']; $validaPass = (intval($result[0]['ValPass'])==1?true:false); $clienteBloqueado= (intval($result[0]['cli_bloqueado'])==1?true:false); return $result; } } return false; } function getListMisTurnosFamilares(&$turnos) { if( isset($_REQUEST["idcli"]) && !empty($_REQUEST["idcli"]) && !is_null($_REQUEST["idcli"]) && is_numeric($_REQUEST["idcli"]) ) { $sql = "SELECT (CASE WHEN t.esp_codigo IS NULL THEN e.esp_denom ELSE t.tur_subesp END) AS Esp , m.med_nombre AS Med , CONVERT(VARCHAR(10),t.tur_fecha,103) AS Fec , t.tur_hora AS Hor , t.tur_numero AS CodT , t.med_codigo AS idMed , tt.tit_abrev AS Tit , t.tur_numero AS TurId , o.[obs_denom] as Obs , op.[obsp_denom] as ObsPlan , m.med_webcoment AS MedMsg , m.med_turnos_web AS turnero , (CASE WHEN t.tur_telemed IS NULL THEN 0 ELSE 1 END) AS Telemed ,1 as ff ,c.cli_nombre as Fname ,c.cli_dni as Fdni FROM turnos AS t , medicos AS m , especial AS e , tbl_titulos tt , obrasoc as o , obsplan as op , clientes as c WHERE t.cli_codigo_padre = ".$_REQUEST["idcli"]." AND LEFT(CONVERT(VARCHAR,t.tur_fecha, 120), 10) >= LEFT(CONVERT(VARCHAR, GETDATE(), 120), 10) AND t.med_codigo = m.med_codigo AND m.esp_codigo = e.esp_codigo AND tt.tit_codigo = m.tit_codigo AND t.obs_codigo = o.obs_codigo AND t.obs_codigo = op.obs_codigo AND t.obsp_cod = op.obsp_cod AND t.cli_codigo = c.cli_codigo AND t.tur_asiste = 0 ORDER BY t.tur_fecha DESC, t.tur_hora ASC"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); //print_r($rs);die; if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); //print_r($rs);die; if(count($rs)===0){return true;} else{$turnos=$rs;} return $rs; } else { return false; } } function getCountListMisTurnos($idCliente) { $total = 0; $totalTurnos = 0; $sql = "SELECT COUNT(*) AS TotTurnos FROM turnos AS t WHERE t.cli_codigo = ".$idCliente." AND t.tur_asiste = 0 AND LEFT(CONVERT(VARCHAR, t.tur_fecha, 120), 10) >= LEFT(CONVERT(VARCHAR, GETDATE(), 120), 10)"; // $sql = "SELECT COUNT(*) AS TotTurnos // FROM turnos AS t // WHERE t.cli_codigo = ".$idCliente." // AND t.tur_asiste = 0 // AND t.tur_fecha >= GETDATE()"; //if($idCliente=='36372'){print_r($sql);die;} $rs = $GLOBALS['dbSQL']->Query($sql); //print_r($rs);die; if ( !$rs ) { //return 0; } $turnos = $GLOBALS['dbSQL']->getAll(); $totalTurnos = $turnos[0]['TotTurnos']; if( $GLOBALS['FAMILIAR'] ) { $_REQUEST["idcli"] = $idCliente; $turnosF=array(); $resultadoF = getListMisTurnosFamilares($turnosF); $totalTurnosFam = count($turnosF); if(count($turnosF)>0) { $total = $totalTurnos + $totalTurnosFam; } } // $turnos = $GLOBALS['dbSQL']->getOne(); // return $turnos['TotTurnos']; //$turnos = $GLOBALS['dbSQL']->getAll(); //return $turnos[0]['TotTurnos']; return $total; } function getRespondioEncuesta($idCliente) { $result = false; try { } catch ( Exception $e ) { //Error al consultar el WS print_r($e->__toString());print_r("\n"); print_r(" ");die; return false; } return $result; } function validarEmailExistente_($email) { $sql = "SELECT cli_email FROM dbo.[clientes] WHERE ltrom(rtrim(lower([cli_email]))) = '" . mb_strtolower(trim($email)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); if(count($rs)===0){return true;} return false; } function validarEmailExistente($email) { $sql = "SELECT TOP 1 cli_email FROM dbo.[clientes] WHERE ltrim(rtrim(lower([cli_email]))) = '" . mb_strtolower(trim($email)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); //print_r("c[".count($rs)."]");print_r("\n");die; if(is_array($rs)&&count($rs)>0){return true;} return false; } function validarDNIExistente($dni) { $sql = "SELECT TOP 1 cli_codigo FROM dbo.[clientes] WHERE ltrim(rtrim(lower([cli_dni]))) = '" . mb_strtolower(trim($dni)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); if(count($rs)>0){return true;} return false; } function validarDNIActualizarCliente($id,$dni) { $sql = "SELECT TOP 1 cli_codigo FROM dbo.[clientes] WHERE ltrim(rtrim(lower([cli_dni]))) = '" . mb_strtolower(trim($dni)) ."' AND [cli_codigo]!= '" . mb_strtolower(trim($id)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); if(count($rs)>0){return true;} return false; } function getClienteSaldo($idCliente,&$saldo) { try { $sql = "SELECT (CASE WHEN T1.SALDO IS NULL THEN 0 ELSE T1.SALDO END) AS CliSaldo ,T1.Act as CliActualizado FROM( SELECT pbal_saldo as SALDO, pbal_actualizado AS Act FROM ldoc_paciente_balance AS tur1 WHERE cli_codigo = ".$idCliente." ) AS T1"; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { //return EMPTY_ACCOUNT; return false; } // $saldo = array( // "saldo" => 0 // ,"signo" => 1 // ,"saldoI" => 0 // ,"saldoD" => '00' // ,"actualizado" => '' // ); $saldo = array( "saldo" => 0 ,"signo" => 1 ,"salint" => 0 ,"saldec" => 0 ,"actualizado" => '' ); $saldoInf = $GLOBALS['dbSQL']->getAll(); if(count($saldoInf)>0) { $signo = 1; $saldoVal = number_format(floatval($saldoInf[0]["CliSaldo"]),2); if( $saldoVal >= 0 ) { $saldoD = intval($saldoVal); $decimales = floatval($saldoVal-$saldoD); //print_r("s[".$saldoVal."] sD[".$saldoD."]de[".$decimales."]");die; $decimalesT = ''; $pos = stripos($decimales, '.'); if($pos!==false) { $aux = substr($decimales, 2); if(strlen($aux)<2) { $decimalesT = $aux . '0'; } else { $decimalesT = $aux; } } else { if(strlen($decimales)<2) { $decimalesT = $decimales . '0'; } else { $decimalesT = $decimales; } } } else { $saldoD = intval($saldoVal); $decimales = floatval($saldoVal-$saldoD); $signo = -1; //print_r("s[".$saldoVal."] sD[".$saldoD."]de[".$decimales."]");die; $decimalesT = ''; $pos = stripos($decimales, '.'); if($pos!==false) { $aux = substr($decimales, 3); if(strlen($aux)<2) { $decimalesT = $aux . '0'; } else { $decimalesT = $aux; } } else { if(strlen($decimales)<2) { $decimalesT = $decimales . '0'; } else { $decimalesT = $decimales; } } } $saldo = array( "saldo" => $saldoVal ,"signo" => $signo ,"salint" => $saldoD ,"saldec" => $decimalesT ,"actualizado" => $saldoInf[0]["CliActualizado"] ); //return (floatval($saldoVal)>0?NOTEMPTY_ACCOUNT:EMPTY_ACCOUNT); return true; } else { return true; } //return EMPTY_ACCOUNT; //return false; } catch ( Exception $e ) { //return EMPTY_ACCOUNT; //print_r($e->__toString()); return false; } } function loginUser(&$resultInfo) { $dni = ''; $email = ''; $password = ''; $continue = true; $resultInfo['code'] = 0; if(!$GLOBALS['LOGIN_USER_EMAIL']) { if( !( isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) ) ) { $resultInfo['code'] = 2; //$resultInfo['errorDes'] = "Paciente no registrado"; $resultInfo['errorDes'] = "Paciente no registrado.(Cod. 100)"; $continue = false; } else { $dni = $_REQUEST["dni"]; } } if( $GLOBALS['LOGIN_USER_PASS'] && !( isset($_REQUEST["pass"]) /*&& !empty($_REQUEST["pass"]) && !is_null($_REQUEST["pass"])*/ ) ) { $resultInfo['code'] = 2; //$resultInfo['errorDes'] = "Paciente no registrado"; $resultInfo['errorDes'] = "Paciente no registrado.(Cod. 101)"; $continue = false; } else { $password = (isset($_REQUEST["pass"])?$_REQUEST["pass"]:''); } if( $GLOBALS['LOGIN_USER_EMAIL'] && !( isset($_REQUEST["email"]) && !empty($_REQUEST["email"]) && !is_null($_REQUEST["email"]) ) ) { $resultInfo['code'] = 2; $resultInfo['errorDes'] = "Paciente no registrado.(Cod. 102)"; $continue = false; } else//if( $GLOBALS['LOGIN_USER_EMAIL'] ) { $email = (isset($_REQUEST["email"])?$_REQUEST["email"]:''); } if( $continue ) { $name = ""; $codP = -1; $idObS = false; $nameObS = false; $planObS = false; $idPlanObS = false; //$email = ''; $sexo = false; $facn = false; $tel = false; $carnet = false; $obsflag = false; $validaemail= false; $telarea = false; $telnumero = false; $validatel = false; $obstelemed = 0; $validaPass = false; if(!$GLOBALS['LOGIN_USER_EMAIL']) { if( is_numeric($dni) ) { $resultado = getValidarDNIFast($dni, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$email,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); //print_r("r[$resultado]");die(" <<<<< "); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $turnos = getCountListMisTurnos($codP); $userInfo['turnos'] = $turnos; //Asistencias / Inasistencias $asist=0;$inasist=0; list($asist,$inasist) = getEstadisticasAsistencia($codP); $userInfo['estadisticas'] = $asist.';'.$inasist; $resenc = getRespondioEncuesta($codP); $userInfo['renc'] = $resenc; $saldo = false; $saldoRel = getClienteSaldo($codP,$saldo); $userInfo['ld_csld'] = $saldo; // //$saldoRel = getClienteSaldo($codP,$saldo); // //$userInfo['ld_csld'] = $saldo; // $clieSaldo = false; // $_REQUEST["idclie"] = $codP; // $saldoRel = getLDClieSaldo($clieSaldo); // //print($clieSaldo);//die; // $userInfo['ld_csld']= $clieSaldo["data"]; $userInfo['token'] = getToken('u',$codP,$name,$email); $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); //print_r($resultInfo);die( " <<>> " ); } else { $resultInfo['code'] = 1; //$resultInfo['errorDes'] = "Paciente no registrado"; $resultInfo['errorDes'] = "Paciente no registrado.(Cod. 103)"; } } else { $resultInfo['code'] = 2; $resultInfo['errorDes'] = "Paciente no registrado"; } } else { if( ValidarEmail($email) ) { $resultado = getValidarEmailFast($email, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$dni,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $turnos = getCountListMisTurnos($codP); $userInfo['turnos'] = $turnos; //Asistencias / Inasistencias $asist=0;$inasist=0; // list($asist,$inasist) = getEstadisticasAsistencia($codP); $userInfo['estadisticas'] = $asist.';'.$inasist; $resenc = getRespondioEncuesta($codP); $userInfo['renc'] = $resenc; $saldo = false; $saldoRel = getClienteSaldo($codP,$saldo); $userInfo['ld_csld'] = $saldo; // //$saldoRel = getClienteSaldo($codP,$saldo); // //$userInfo['ld_csld'] = $saldo; // $clieSaldo = false; // $_REQUEST["idclie"] = $codP; // $saldoRel = getLDClieSaldo($clieSaldo); // //print($clieSaldo);//die; // $userInfo['ld_csld']= $clieSaldo["data"]; $userInfo['token'] = getToken('u',$codP,$name,$email); $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); //print_r($resultInfo);die( " <<>> " ); } else { $resultInfo['code'] = 1; //$resultInfo['errorDes'] = "Paciente no registrado"; $resultInfo['errorDes'] = "Paciente no registrado.(Cod. 103)"; } } else { $resultInfo['code'] = 2; $resultInfo['errorDes'] = "Paciente no registrado"; } } } } function recuperarClave(&$resultInfo) { $dni = ''; $email = ''; $password = ''; $continue = true; $resultInfo['code'] = 0; if( !( isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) ) ) { $resultInfo['code'] = 1; $resultInfo['errorDes'] = "Debe ingresar un número de documento válido"; $continue = false; } else { $dni = $_REQUEST["dni"]; } //Buscar el dni $sql = "SELECT (CASE WHEN cli_email IS NULL THEN '-1' ELSE cli_email END) as email ,(CASE WHEN cli_tel IS NULL THEN '-1' ELSE cli_tel END) as telefono ,(CASE WHEN cli_tel_cod_area IS NULL THEN '-1' ELSE cli_tel_cod_area END) as telcodarea ,(CASE WHEN cli_tel_numero IS NULL THEN '-1' ELSE cli_tel_numero END) as telnro FROM clientes WHERE cli_dni = '".addslashes($dni)."'"; //die($sql); //debug($sql); //print_r("$sql");die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( $rs ) { $paciente = $GLOBALS['dbSQL']->getAll(); if( count($paciente)>0 ) { $email = $paciente[0]["email"]; if(is_numeric($email) && intval($email)===-1) { $resultInfo['code'] = 4; $resultInfo['errorDes'] = "El paciente no tiene registrado una cuenta de email. Contactese con administración."; $continue = false; } elseif(!is_numeric($email) && trim($email)==='') { $resultInfo['code'] = 5; $resultInfo['errorDes'] = "El paciente no tiene registrado una cuenta de email. Contactese con administración."; $continue = false; } else { //Enviar link recuperacion; $passwordTemporal = rand(0,9).rand(0,9).rand(0,9).rand(0,9); $sql = "UPDATE dbo.[clientes] SET [cli_passw] = '".md5($passwordTemporal)."' ,[cli_validapass] = 0 WHERE cli_dni = '".$dni."'"; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $datos = array(); $datos['cl'] = $passwordTemporal; $datos['dni'] = $dni; $datos['email'] = $email; sendEmailConfirmacionWs(TYPE_EMAIL_RC, $datos); //Enviar clave por whatsapp if( $GLOBALS['SEND_RECOVERPASS_WHATSAPP'] ) { $telefono1 = $paciente[0]["telefono"]; $telefono2_cod = $paciente[0]["telcodarea"]; $telefono2_nro = $paciente[0]["telnro"]; $telefono2 = false; if( is_numeric($telefono1) && intval($telefono1)===-1 ) { $telefono1 = false; } if( is_numeric($telefono2_cod) && intval($telefono2_cod)===-1 || is_numeric($telefono2_nro) && intval($telefono2_nro)===-1 ) { $telefono2 = false; } if( is_numeric($telefono2_cod) && intval($telefono2_cod)!==-1 && is_numeric($telefono2_nro) && intval($telefono2_nro)!==-1 ) { $telefono2 = $telefono2_cod.$telefono2_nro; } $lstTelefonos = ""; if( $telefono1 ) { $lstTelefonos = "(GETDATE(),0,NULL,'".$telefono1."','".$passwordTemporal."')"; } if( $telefono2 ) { if($telefono1 && (getNroWhatsapp($telefono1)<>getNroWhatsapp($telefono2))) { $lstTelefonos.= ($telefono1?',':'') . "(GETDATE(),0,NULL,'".$telefono2."','".$passwordTemporal."')"; } elseif(!$telefono1 && $telefono2) { $lstTelefonos.= "(GETDATE(),0,NULL,'".$telefono2."','".$passwordTemporal."')"; } } if( $lstTelefonos ) { $sql = "INSERT INTO mensajes_whatsapp_recover ( men_fechaenvio ,men_procesado ,men_fechaproceso ,men_telefono ,men_clave ) VALUES " . $lstTelefonos; //print_r($sql);print_r("\n"); $rs = $GLOBALS['dbSQL']->Query($sql,true); //$rs = true; if( !$rs ) { //$continue = false; $errorPoint = 'Error al enviar los mensajes de Whatsapp de Cancelación'; //print_r('Rollback['.$res.']');print_r("\n"); //print_r('errorPoint['.$errorPoint.']');print_r("\n"); } } } $resultInfo['code'] = 0; $resultInfo['data'] = array( "email" => $email ); } else { $resultInfo['code'] = 6; $resultInfo['errorDes'] = "Se produjo un error en el sistema. Intente mas tarde."; } } //print_r("r[".$validarPrimerAcceso."]");die; } else { $resultInfo['code'] = 3; $resultInfo['errorDes'] = "Paciente no registrado. Seleccione la opcion 'REGISTRASE'."; } } else { $resultInfo['code'] = 2; $resultInfo['errorDes'] = "Paciente no registrado"; } } function getCustomerFeatures() { $sql = "SELECT lwf_nombre,lwf_codigo FROM lweb_features WHERE lwf_vigente = 1"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $features = $GLOBALS['dbSQL']->getAll(); return $features; } function registrarCliente(&$resultInfo) { if( isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) && is_numeric($_REQUEST["dni"]) && isset($_REQUEST["nombre"]) && !empty($_REQUEST["nombre"]) && !is_null($_REQUEST["nombre"]) && isset($_REQUEST["apellido"]) && !empty($_REQUEST["apellido"]) && !is_null($_REQUEST["apellido"]) && isset($_REQUEST["email"]) && !empty($_REQUEST["email"]) && !is_null($_REQUEST["email"]) && isset($_REQUEST["tarea"]) && !empty($_REQUEST["tarea"]) && !is_null($_REQUEST["tarea"]) && isset($_REQUEST["tnumero"]) && !empty($_REQUEST["tnumero"]) && !is_null($_REQUEST["tnumero"]) // isset($_REQUEST["tel"]) && // !empty($_REQUEST["tel"]) && // !is_null($_REQUEST["tel"]) ) { $flagFamiliar = false; $cliecod = 'NULL'; $continue = true; if( isset($_REQUEST["ff"]) && isset($_REQUEST["token"]) ) { //Validar el Token $tokenInfo = false; $result = false; $continue = Acl::validateToken($_REQUEST["token"],$tokenInfo,$result); if( $result == Acl::TOKEN_VALID ) { $clienteId = $tokenInfo->uid; $continue = true; } elseif( $result == Acl::TOKEN_EXPIRED ) { $resultInfo['code'] = 3; $resultInfo['data'] = array("res"=>"SU SESION HA EXPIRADO. REINGRESE E INTENTE NUEVAMENTE"); $resultInfo['errorDes'] = "SU SESION HA EXPIRADO. REINGRESE E INTENTE NUEVAMENTE"; $continue = false; } $flagFamiliar = true; $cliecod = $tokenInfo->uid; } if( $continue ) { if( $GLOBALS['LOGIN_USER_PASS'] && !$flagFamiliar ) { $flagPassOk = false; if( isset($_REQUEST["pass"]) && !empty($_REQUEST["pass"]) && !is_null($_REQUEST["pass"]) && isset($_REQUEST["rpass"]) && !empty($_REQUEST["rpass"]) && !is_null($_REQUEST["rpass"]) ) { $flagPassOk = true; } if( $flagPassOk ) { $password = $_REQUEST["pass"]; $rpassword = $_REQUEST["rpass"]; if( $password == $rpassword ) { $continue = true; } else { $resultInfo['code'] = 4; $resultInfo['data'] = array("res"=>"La Repetición de la clave no coincide"); } } else { $resultInfo['code'] = 2; $resultInfo['data'] = array("res"=>"Parametros faltantes"); } } else { $password = ''; $continue = true; } if( $continue ) { if( $flagFamiliar || (!validarEmailExistente($_REQUEST["email"]))) { if( !validarDNIExistente($_REQUEST["dni"])) { $sql = "UPDATE [codigos] SET [num_ultimo] = [num_ultimo] + 1, [num_fecha] = GETDATE() WHERE [num_codigo] = 6"; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $sql = "SELECT [num_ultimo] FROM [codigos] WHERE num_codigo = 6"; $rsN = $GLOBALS['dbSQL']->Query($sql); if ( $rsN ) { $conta=0; $rsN = $GLOBALS['dbSQL']->getAll(); foreach($rsN as $row) { $idCliente = $row["num_ultimo"]; $conta++; } if( $conta > 0 ) { if(strlen($_REQUEST["fnm"])<2){$_REQUEST["fnm"]='0'.$_REQUEST["fnm"];} if(strlen($_REQUEST["fnd"])<2){$_REQUEST["fnd"]='0'.$_REQUEST["fnd"];} //,[cli_nombre_] //,'".mb_strtoupper($_REQUEST["apellido"]).' '.mb_strtoupper($_REQUEST["nombre"])."' $sql = "INSERT INTO dbo.[clientes] ( [cli_codigo] ,[cli_dni] ,[cli_nombre] ,[cli_fecnto] ,[cli_sexo] ,[obs_codigo] ,[obsp_cod] ,[cli_email] ,[med_codigo] ,[cli_tel] ,[cli_tel_cod_area] ,[cli_tel_numero] ,[cli_carnet] ,[tid_codigo] ,[dgi_codigo] ,[cli_passw] ,[cli_validapass] ,[cli_origen] ,[cli_codigo_padre] ) VALUES ( ".$idCliente." ,'".$_REQUEST["dni"]."' ,'".mb_convert_encoding(mb_strtoupper($_REQUEST["apellido"]),"iso-8859-1", "UTF-8").' '.mb_convert_encoding(mb_strtoupper($_REQUEST["nombre"]),"iso-8859-1", "UTF-8")."' ,'".$_REQUEST["fna"].'-'.trim($_REQUEST["fnm"]).'-'.trim($_REQUEST["fnd"])."T00:00:00' ,'".($_REQUEST["sexo"]=="H"?"M":"F") ."' ,". $_REQUEST["obs"] .' ,'. $_REQUEST["obsp"] ." ,'".mb_strtolower(trim($_REQUEST["email"])) ."' ,1 ,'".$_REQUEST["tel"]."' ,'".$_REQUEST["tarea"]."' ,'".$_REQUEST["tnumero"]."' ,'".(isset($_REQUEST["afil"])?$_REQUEST["afil"]:'')."' ,1 ,5 ,'".md5(trim($password))."' ,1 ,'WEB' ,".$cliecod." )"; //debug($sql,true); //print_r($sql); $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $dni = $_REQUEST["dni"]; $userinfo = loginUserRegistrar($dni); $resultInfo['code'] = 0; //$resultInfo['data'] = array("id"=>$GLOBALS['dbSQL']->getLastId('clientes','cli_codigo')); $resultInfo['data'] = array( "userinfo" => $userinfo ); } else { $resultInfo['code'] = 1; $resultInfo['data'] = array("res"=>"Se produjo un error al registrar el usuario"); } } } } } else { $resultInfo['code'] = 3; $resultInfo['data'] = array("res"=>"El DNI ingresado ya se encuentra registrado"); $resultInfo['errorDes'] = "El DNI ingresado ya se encuentra registrado"; } } else { $resultInfo['code'] = 3; $resultInfo['data'] = array("res"=>"El email ingresado ya se encuentra registrado"); $resultInfo['errorDes'] = "El email ingresado ya se encuentra registrado"; } } elseif($resultInfo['code'] != 4) { $resultInfo['code'] = 3; $resultInfo['data'] = array("res"=>"La clave no puede estar vacía"); $resultInfo['errorDes'] = "La clave no puede estar vacía"; } } } else { $resultInfo['code'] = 2; $resultInfo['data'] = array("res"=>"Parametros faltantes"); } } function updateCliente(&$resultInfo) { if( isset($_REQUEST["idc"]) && !empty($_REQUEST["idc"]) && !is_null($_REQUEST["idc"]) && is_numeric($_REQUEST["idc"]) ) { $id = trim($_REQUEST["idc"]); $mes = $_REQUEST["fnm"]; if(strlen($mes)<2){$mes='0'.$mes;} $dia = $_REQUEST["fnd"]; if(strlen($dia)<2){$dia='0'.$dia;} if( !validarDNIActualizarCliente($id,$_REQUEST["dni"])) { $sql = " UPDATE dbo.[clientes] SET [cli_dni] = '".$_REQUEST["dni"] ."' ,[cli_nombre] = '".mb_strtoupper($_REQUEST["apellido"]).' '.mb_strtoupper($_REQUEST["nombre"])."' ,[cli_fecnto] = '".$_REQUEST["fna"].'-'.$mes.'-'.$mes."T00:00:00.000' ,[cli_sexo] = '".$_REQUEST["sexo"] ."' ,[obs_codigo] = ".$_REQUEST["obs"] .' ,[obsp_cod] = '.$_REQUEST["obsp"] ." ,[cli_email] = '".mb_strtolower(trim($_REQUEST["email"]))."' ,[cli_tel] = '".$_REQUEST["telefono"]."' ,[cli_tel_cod_area]= '".(isset($_REQUEST["tarea"])?$_REQUEST["tarea"]:'')."' ,[cli_tel_numero] = '".(isset($_REQUEST["tnumero"])?$_REQUEST["tnumero"]:'')."' ,[cli_carnet] = '".$_REQUEST["afil"]."' "; $sql.= " WHERE [cli_codigo] = ".$id; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $userInfo = false; $dni = $_REQUEST["dni"]; if( is_numeric($dni) ) { $name = ""; $codP = -1; $idObS = false; $nameObS = false; $planObS = false; $idPlanObS = false; $email = ''; $sexo = false; $facn = false; $tel = false; $carnet = false; $obsflag = false; $validaemail= false; $telarea = false; $telnumero = false; $validatel = false; $obstelemed = 0; $password = -3; $validaPass = false; $resultado = getValidarDNIFast($dni, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$email,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $userInfo['token'] = getToken('u',$codP,$name,$email); } } //Listar Obras Sociales $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); } else { $resultInfo['code'] = 1; $resultInfo['errorDes'] = "Se produjo un error al actualizar los datos del usuario"; } } else { $resultInfo['code'] = 3; $resultInfo['errorDes'] = "El dni ingresado ya existe."; } } else { $resultInfo['code'] = 2; $resultInfo['errorDes'] = "El código del usuario no fue recibido"; } } function updateEmailCliente(&$resultInfo) { if( isset($_REQUEST["idc"]) && !empty($_REQUEST["idc"]) && !is_null($_REQUEST["idc"]) && is_numeric($_REQUEST["idc"])&& isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) && is_numeric($_REQUEST["dni"])&& isset($_REQUEST["email"]) && !empty($_REQUEST["email"]) && !is_null($_REQUEST["email"]) ) { $id = trim($_REQUEST["idc"]); $dni = trim($_REQUEST["dni"]); $email = trim($_REQUEST["email"]); $sql = " UPDATE dbo.[clientes] SET [cli_email] = '".$email."' ,[cli_revalidaweb] = 1 WHERE [cli_codigo] = ".$id." AND [cli_dni] = ".$dni; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $userInfo = false; $name = ""; $codP = -1; $idObS = false; $nameObS = false; $planObS = false; $idPlanObS = false; $email = ''; $sexo = false; $facn = false; $tel = false; $carnet = false; $obsflag = false; $validaemail= false; $telarea = false; $telnumero = false; $validatel = false; $obstelemed = 0; $password = -3; $validaPass = false; $resultado = getValidarDNIFast($dni, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$email,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $userInfo['token'] = getToken('u',$codP,$name,$email); } //Listar Obras Sociales $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); } else { $resultInfo['code'] = 1; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } else { $resultInfo['code'] = 2; //$resultInfo['errorDes'] = "Se pro recibido"; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } function updateClaveCliente(&$resultInfo) { if( isset($_REQUEST["idc"]) && !empty($_REQUEST["idc"]) && !is_null($_REQUEST["idc"]) && is_numeric($_REQUEST["idc"])&& isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) && is_numeric($_REQUEST["dni"])&& isset($_REQUEST["pass"]) && !empty($_REQUEST["pass"]) && !is_null($_REQUEST["pass"]) ) { $id = trim($_REQUEST["idc"]); $dni = trim($_REQUEST["dni"]); $clave = trim($_REQUEST["pass"]); $sql = " UPDATE dbo.[clientes] SET [cli_passw] = '".md5($clave)."' ,[cli_validapass] = 1 WHERE [cli_codigo] = ".$id." AND [cli_dni] = ".$dni; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $userInfo = false; $name = ""; $codP = -1; $idObS = false; $nameObS = false; $planObS = false; $idPlanObS = false; $email = ''; $sexo = false; $facn = false; $tel = false; $carnet = false; $obsflag = false; $validaemail= false; $telarea = false; $telnumero = false; $validatel = false; $obstelemed = 0; $password = -3; $validaPass = false; $resultado = getValidarDNIFast($dni, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$email,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $userInfo['token'] = getToken('u',$codP,$name,$email); } //Listar Obras Sociales $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); } else { $resultInfo['code'] = 1; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } else { $resultInfo['code'] = 2; //$resultInfo['errorDes'] = "Se pro recibido"; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } function updateTelCliente(&$resultInfo) { if( isset($_REQUEST["idc"]) && !empty($_REQUEST["idc"]) && !is_null($_REQUEST["idc"]) && is_numeric($_REQUEST["idc"])&& isset($_REQUEST["dni"]) && !empty($_REQUEST["dni"]) && !is_null($_REQUEST["dni"]) && is_numeric($_REQUEST["dni"])&& isset($_REQUEST["tarea"]) && !empty($_REQUEST["tarea"]) && !is_null($_REQUEST["tarea"])&& isset($_REQUEST["tnumero"]) && !empty($_REQUEST["tnumero"])&& !is_null($_REQUEST["tnumero"]) ) { $id = trim($_REQUEST["idc"]); $dni = trim($_REQUEST["dni"]); $tarea = trim($_REQUEST["tarea"]); $tnumero = trim($_REQUEST["tnumero"]); $sql = " UPDATE dbo.[clientes] SET [cli_tel_cod_area] = '".$tarea."' ,[cli_tel_numero] = '".$tnumero."' ,[cli_revalidawebtel] = 1 WHERE [cli_codigo] = '".addslashes($id)."' AND [cli_dni] = '".addslashes($dni)."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql,true); if ( $rs ) { $userInfo = false; $name = ""; $codP = -1; $idObS = false; $nameObS = false; $planObS = false; $idPlanObS = false; $email = -3; $sexo = false; $facn = false; $tel = false; $carnet = false; $obsflag = false; $validaemail= false; $telarea = false; $telnumero = false; $validatel = false; $obstelemed = 0; $password = -3; $validaPass = false; $resultado = getValidarDNIFast($dni, $password,$name,$codP,$idObS,$nameObS,$planObS,$idPlanObS,$email,$sexo,$facn,$tel,$carnet,$obsflag,$validaemail,$validatel,$telarea,$telnumero,$obstelemed,$validaPass); if( $resultado ) { $userInfo['dni'] = $dni; $userInfo['idClie'] = $codP; $userInfo['name'] = $name; $userInfo['email'] = $email; $userInfo['codPl'] = $idPlanObS; $userInfo['codOb'] = $idObS; $userInfo['nameOb'] = $nameObS; $userInfo['namePl'] = $planObS; $userInfo['sexo'] = $sexo; $userInfo['facn'] = $facn; $userInfo['tel'] = $tel; $userInfo['carnet'] = $carnet; $userInfo['d'] = date("d",strtotime($facn)); $userInfo['m'] = date("m",strtotime($facn)); $userInfo['a'] = date("Y",strtotime($facn)); $userInfo['vp'] = $validaPass; $userInfo['ve'] = $validaemail; $userInfo['vt'] = $validatel; $userInfo['tarea'] = $telarea; $userInfo['tnumero'] = $telnumero; $userInfo['obstelemed'] = $obstelemed; $userInfo['token'] = getToken('u',$codP,$name,$email); } //Listar Obras Sociales $resultInfo['code'] = 0; $resultInfo['data'] = array("userinfo" => $userInfo ); } else { $resultInfo['code'] = 1; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } else { $resultInfo['code'] = 2; //$resultInfo['errorDes'] = "Se pro recibido"; $resultInfo['errorDes'] = "Se produjo un error al actualizar el email del usuario"; } } function getValidarEmailFast($email, $pass,&$name, &$codP, &$idObS, &$nameObS, &$planObS, &$idPlanObS, &$dni, &$sexo, &$facn, &$tel,&$carnet,&$obsflag,&$validaemail,&$validatel,&$telarea,&$telnumero,&$obstelemed,&$validaPass,&$clienteBloqueado=false) { //$passVal = " AND lower(c.cli_passw) = '".mb_strtolower(md5(trim($pass)))."' "; $passVal = " c.cli_passw = '".md5(trim($pass))."' "; $emailVal = " AND lower(c.cli_email) = '".mb_strtolower(trim($email))."' "; if( $email === -3 ){ $emailVal = ""; } if( $pass === -3 ){ $passVal = ""; } if( !$GLOBALS['LOGIN_USER_PASS'] ) { $passVal = ""; } if( isset($GLOBALS['LOGIN_USER_MASTER_PASS']) && $GLOBALS['LOGIN_USER_MASTER_PASS'] && $pass == $GLOBALS['LOGIN_USER_MASTER_PASS'] ) { $passVal = ""; } if( !$GLOBALS['LOGIN_USER_EMAIL'] ) { $emailVal = ""; } $validarPrimerAcceso = false; if( false&&$GLOBALS['LOGIN_USER_PASS'] /*&& $pass === -3 */) { //Validar si es el primer acceso $sql = "SELECT TOP 1 cli_validapass FROM clientes WHERE cli_dni = '".addslashes($dni)."' ORDER BY cli_registracion"; //die($sql); debug($sql); //print_r("$sql");die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( $rs ) { $paciente = $GLOBALS['dbSQL']->getAll(); if( count($paciente)>0 ) { $validarPrimerAcceso = ((intval($paciente[0]["cli_validapass"])===1)?false:true); //print_r("r[".$validarPrimerAcceso."]");die; } } } if( $validarPrimerAcceso ) { $passVal = ""; } $sql = "SELECT TOP 1 c.cli_dni AS DNI , cli_codigo , c.cli_nombre AS PACIENTE , o.obs_denom AS OBRA_SOCIAL , p.obsp_denom AS PLAN_ , o.obs_codigo AS ID_OBRA_SOCIAL , c.obsp_cod , c.cli_email AS EMAIL , c.cli_fecnto AS FacN , c.cli_sexo AS Sexo , c.cli_tel AS Telefono , c.cli_carnet AS carnet , o.obs_lock , c.cli_revalidaweb AS ValEmail , c.cli_tel_cod_area AS TelArea , c.cli_tel_numero AS TelNro , c.cli_revalidawebtel AS ValTelefono , c.cli_validapass AS ValPass , (CASE WHEN o.obs_telemed IS NULL THEN 0 ELSE 1 END) AS ObsTelemed , c.cli_bloqueado FROM clientes AS c , obrasoc AS o , obsplan AS p WHERE ".$passVal." ".$emailVal." AND c.obs_codigo = o.obs_codigo AND p.obs_codigo = o.obs_codigo AND p.obsp_cod = c.obsp_cod ORDER BY cli_registracion"; //die($sql); debug($sql); $rs = $GLOBALS['dbSQL']->Query($sql); if ( $rs ) { $result = $GLOBALS['dbSQL']->getAll(); if( count($result)>0 ) { $codP = $result[0]['cli_codigo']; $dni = $result[0]['DNI']; $name = trim($result[0]['PACIENTE']); //$name = str_replace(" ",", ",$name); $nameObS = $result[0]['OBRA_SOCIAL']; $planObS = $result[0]['PLAN_']; $idObS = $result[0]['ID_OBRA_SOCIAL']; $idPlanObS = $result[0]['obsp_cod']; $email = $result[0]['EMAIL']; $sexo = $result[0]['Sexo']; $facn = $result[0]['FacN']; $tel = $result[0]['Telefono']; $carnet = $result[0]['carnet']; $obsflag = (intval($result[0]['obs_lock'])==1?true:false); $validaemail= (intval($result[0]['ValEmail'])==1?true:false); $telarea = $result[0]['TelArea']; $telnumero = $result[0]['TelNro']; $validatel = (intval($result[0]['ValTelefono'])==1?true:false); $obstelemed = $result[0]['ObsTelemed']; $validaPass = (intval($result[0]['ValPass'])==1?true:false); $clienteBloqueado= (intval($result[0]['cli_bloqueado'])==1?true:false); return $result; } } return false; } function getCustomerCodeByEmail($email,&$customerInfo=false) { $sql = "SELECT TOP 1 cli_codigo,cli_nombre FROM dbo.[clientes] WHERE ltrim(rtrim(lower([cli_email]))) = '" . mb_strtolower(trim($email)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); //print_r("c[".count($rs)."]");print_r("\n");die; if(is_array($rs)&&count($rs)>0){$customerInfo=$rs;return $rs[0]["cli_codigo"];} return false; } function getCustomerById($idCliente,&$customerInfo=false) { $sql = "SELECT * FROM dbo.clientes WHERE cli_codigo = '" . mb_strtolower(trim($idCliente)) ."'"; //print_r($sql);die; $rs = $GLOBALS['dbSQL']->Query($sql); if ( !$rs ) { return false; } $rs = $GLOBALS['dbSQL']->getAll(); //print_r("c[".count($rs)."]");print_r("\n");die; if(is_array($rs)&&count($rs)>0){$customerInfo=$rs;return $rs[0]["cli_codigo"];} return false; } ?>