BE_CPONE/application/controllers/tools/Auth_patient.php

<?php

class Auth_patient extends MY_Controller
{
  function __construct()
  {
    parent::__construct();
  }
  function generate($mouID)
  {
    $this->db->trans_begin();
    $sql = "select distinct T_OrderHeaderCorporateID,
    T_OrderHeaderM_PatientID, M_PatientEmail,
    concat (
     ifnull(M_PatientPrefix,''),
     if(M_PatientPrefix is null,'',' '),
     M_PatientName,
     if(M_PatientSuffix is null,'',' '),
     ifnull(M_PatientSuffix,'')
    ) M_PatientName
    from 
    t_orderheader 
    join m_patient 
    on T_OrderHeaderIsActive = 'Y'
    and T_OrderHeaderMgm_McuID = ?
    and T_OrderHeaderM_PatientID = M_PatientID
    and M_PatientEmail <> ''";
    $qry = $this->db->query($sql, [$mouID]);
    if (!$qry) {
      echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
      exit;
    }
    $rows = $qry->result_array();
    $count = count($rows);
    if ($count == 0) {
      echo json_encode(["status" => "OK", "message" => "0 patient found"]);
      $this->db->trans_rollback();
      exit;
    }
    $sql = "select XAuthRandCode,XAuthRandID
    from x_auth_rand
    where XAuthRandIsUsed = 'N' limit 0,$count";
    $qry = $this->db->query($sql);
    if (!$qry) {
      echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
      $this->db->trans_rollback();
      exit;
    }
    $x_rows = $qry->result_array();
    if (count($x_rows) == 0) {
      echo json_encode(["status" => "ERR", "message" => "Random Auth already used up"]);
      $this->db->trans_rollback();
      exit;
    }
    $x_idx = array_map(function ($r) {
      return $r["XAuthRandID"];
    }, $x_rows);
    $s_idx = implode(",", $x_idx);
    $sql = "update x_auth_rand set XAuthRandIsUsed='P' where XAuthRandID in($s_idx)";
    $qry = $this->db->query($sql);
    if (!$qry) {
      echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
      $this->db->trans_rollback();
      exit;
    }
    $sql_c = "select AuthPatientID 
    from auth_patient
    where AuthPatientCorporateID =? and AuthPatientM_PatientID = ?";
    $sql_i = "insert into auth_patient(AuthPatientCorporateID,
    AuthPatientM_PatientID,AuthPatientEmail, AuthPatientPassword)
    values(?,?,?,?)";

    $sql_u = "update x_auth_rand set XAuthRandIsUsed = 'Y' where XAuthRandID=?";

    $sql_email = "insert into x_email_outbox(XEmailOutboxSubject,XEmailOutboxSender,XEmailOutboxRecipients,
    XEmailOutboxCc, XEmailOutboxIsHtml, XEmailOutboxBody) 
    values(?,?,?, ?,?,?)";

    $subject = "Pemberitahuan CpOne Akses";
    $sender = json_encode(["name" => "CpOne SAS", "email" => "sascpone@gmail.com"]);
    $tpl_body  = "<h4>Pemberitahuan CpOne Akses</h4>
    <br/>
    {NAME},<br/>
    Bersama ini kami ingin memberitahukan akses CpOne, sebagai berikut
    Laman :  https://devcpone.aplikasi.web.id/
    Username : {EMAIL}
    Password : {PASS}
    <br/>
    Terima Kasih.


    *) Email ini autogenerated by system.
    ";
    $total = 0;
    foreach ($rows as $idx => $r) {
      $corpID = $r["T_OrderHeaderCorporateID"];
      $patID = $r["T_OrderHeaderM_PatientID"];
      $email = $r["M_PatientEmail"];
      $qry = $this->db->query($sql_c, [$corpID, $patID]);
      if (!$qry) {
        echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
        $this->db->trans_rollback();
        exit;
      }
      $c_rows = $qry->result_array();
      if (count($c_rows) > 0) {
        continue;
      }
      $xid = $x_rows[$idx]["XAuthRandID"];
      $o_passwd = $this->one_salt . $x_rows[$idx]["XAuthRandCode"] . $this->one_salt;
      $passwd = md5($o_passwd);
      $qry = $this->db->query($sql_i, [$corpID, $patID, $email, $passwd]);
      if (!$qry) {
        echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
        $this->db->trans_rollback();
        exit;
      }
      $qry = $this->db->query($sql_u, [$xid]);
      if (!$qry) {
        echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
        $this->db->trans_rollback();
        exit;
      }
      $recipients = json_encode(["name" => $r["M_PatientName"], "email" => $r["M_PatientEmail"]]);
      $cc = json_encode([]);
      $body = str_replace("{NAME}", $r["M_PatientName"], $tpl_body);
      $body = str_replace("{EMAIL}", $r["M_PatientEmail"], $body);
      $body = str_replace("{PASS}", $x_rows[$idx]["XAuthRandCode"], $body);
      $qry = $this->db->query($sql_email, [$subject, $sender, $recipients, $cc, "Y", $body]);

      if (!$qry) {
        echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
        $this->db->trans_rollback();
        exit;
      }
      $total++;
    }
    $sql = "update x_auth_rand set XAuthRandIsUsed='N' where XAuthRandIsUsed = 'P'";
    $qry = $this->db->query($sql);
    if (!$qry) {
      echo json_encode(["status" => "ERR", "message" => print_r($this->db->error(), true)]);
      $this->db->trans_rollback();
      exit;
    }
    $this->db->trans_commit();
    echo json_encode(["status" => "OK", "message" => "$total added"]);
  }
}