include_once($_SERVER['DOCUMENT_ROOT'] . 'inc/mysql_connect.inc');
include_once($_SERVER['DOCUMENT_ROOT'] . 'inc/subs.inc');
if($task == "register") {
$md5_password = md5($password);
$sql = "select * from user where login=" . strnull($login);
$res = mysql_query($sql,$mysql_conn);
$user_row = mysql_fetch_assoc($res);
if($user_row) {
$msg = "Invalid username or password. Please try again or contact Iridex for help.";
} else {
$sql = "insert into contact (first_name,last_name,email,home_phone,work_phone,cell_phone,address1,address2,city,state";
$sql .= ",country,zipcode,title) values (" . strnull($first_name) . "," . strnull($last_name) . "," . strnull($email) . "," . strnull($home_phone) . "," . strnull($work_phone) . "," . strnull($cell_phone) . ",";
$sql .= strnull($address1) . "," . strnull($address2) . "," . strnull($city) . "," . strnull($state) . "," . strnull($country) . "," . strnull($zipcode) . "," . strnull($title) . ")";
if(!$res = mysql_query($sql,$mysql_conn)) {
die("Failed to insert contact record
$sql
");
} else {
$contact_id = mysql_insert_id();
$sql = "insert into user (login,md5_password,contact_id,hide_flag,password) values (" . strnull($login) . "," . strnull(md5($password)) . "," . $contact_id . ",'Y'," . strnull($password) . ")";
if(!$res = mysql_query($sql,$mysql_conn)) {
echo mysql_errno() . ": " . mysql_error(). "\n";
die("Failed to insert new admin.
$sql"); } else { $user_id = mysql_insert_id(); $sql = "insert into doctor (practice_name,user_id,contact_id,status,specialty_other,create_date,is_guest) values ( " . strnull($practice_name) . "," . $user_id . "," . $contact_id . ",'pending'," . strnull($specialty_other) . ",now(), " . (($is_guest)?'1':'0') . ")"; if(!$res = mysql_query($sql,$mysql_conn)) { die("Failed to insert new doctor.
$sql
" . mysql_error()); } else { $doctor_id = mysql_insert_id(); $sql = "select p.* from product p"; $res = mysql_query($sql,$mysql_conn); while($dp_row = mysql_fetch_assoc($res)) { if($_POST['doctor_product_' . $dp_row['PRODUCT_ID']] == 'Y') { $sql = "insert into doctor_product (doctor_id,product_id) values ($doctor_id," . $dp_row['PRODUCT_ID'] . ")"; $res2 = mysql_query($sql,$mysql_conn); } } $sql = "select s.* from specialty s"; $res = mysql_query($sql,$mysql_conn); while($specialty_row = mysql_fetch_assoc($res)) { if($_POST['doctor_specialty_' . $specialty_row['SPECIALTY_ID']] == 'Y') { $sql = "insert into doctor_specialty (doctor_id,specialty_id) values ($doctor_id," . $specialty_row['SPECIALTY_ID'] . ")"; $res2 = mysql_query($sql,$mysql_conn); } } } } } $subject = "Iridex Physician Portal - New Physician Registration"; $from = "From: portal@iridex.com\r\n"; $email_content = "A physician has registered a new account on the physicial portal. Login: " . $login . " First Name: " . $first_name . " Last Name: " . $last_name . " "; if($add_to_locator) { $email_content .= "THIS USER WOULD LIKE TO BE ADDED TO THE PHYSICIAN LOCATOR"; } mail('wsib2bmarketingleads@gmail.com',$subject,$email_content,$headers); $msg = "Thank you for registering! Your account is being reviewed by customer support and we will email you upon approval."; header('Location: login.html?msg=' . urlencode($msg)); exit; } } ?>
Please sign up to receive important information regarding MicroPulse, new clinical informaiton and resources.