عيادة دكتور

# Clinic Management System (Dental Pro) Information

Summary

This is a PHP-based web application for managing a dental clinic. It features patient registration, appointment booking, a guest login mode with automatic expiration, an administrative dashboard for managing services and settings, and integration with PHPMailer for email notifications. The frontend uses Tailwind CSS, Swiper for carousels, and AOS for animations.

Structure

- **api/**: Contains PHP scripts for handling asynchronous requests (login, registration, appointment booking, settings management).

- **includes/**: Shared PHP components like database connection (`db.php`), mailer configuration (`mailer.php`), and common functions.

- **phpmailer/**: Local installation of the PHPMailer library for sending emails.

- **root**: Main page templates (`index.php`, `admin.php`, `dashboard.php`, `login.php`) and configuration files (`.htaccess`, `robots.txt`, `sitemap.xml`).

Language & Runtime

**Language**: PHP

**Version**: >= 5.5.0 (as required by PHPMailer)

**Database**: MySQL (accessed via PDO)

**Web Server**: Apache (configured via `.htaccess`)

Dependencies

**Main Dependencies**:

- **PHPMailer**: Used for sending system emails and OTPs.

- **Tailwind CSS**: Utility-first CSS framework (loaded via CDN).

- **Swiper.js**: Modern touch slider for the gallery and hero sections.

- **AOS (Animate On Scroll)**: For scroll animations.

- **SweetAlert2 & Toastify-js**: For interactive notifications and alerts.

- **Font Awesome**: Icon library.

Build & Installation

Since this is a standard PHP application, it does not require a complex build process.

1. **Database Setup**: Import the SQL schema into a MySQL database.

2. **Configuration**: Update `includes/db.php` with the correct database host, name, username, and password.

3. **Deployment**: Upload all files to an Apache web server with PHP support. Ensure `mod_rewrite` is enabled for `.htaccess` rules.

Main Files & Resources

- **index.php**: The main landing page for patients.

- **admin.php**: The central management dashboard for administrators and guest users.

- **includes/db.php**: Centralized database connection using PDO.

- **api/book_appointment.php**: Core logic for scheduling patient visits.

- **.htaccess**: Manages URL rewriting (hiding `.php` extensions), GZIP compression, and security headers (XSS protection, Frame-Options).

Usage & Operations

- **Guest Access**: The system supports a "Guest Login" feature (`api/guest_login.php`) that creates temporary user accounts with an expiration timestamp.

- **Security**: Implements CSRF-like protection via session checks, SQL injection prevention through PDO prepared statements, and secure cookie settings.

- **Branding**: Site branding and sections are dynamic, stored in the `site_settings` table and fetched in `index.php`.

Testing

**Validation**:

- Basic input sanitization is performed via a `sanitize()` helper function in `includes/db.php`.

- API responses are returned as JSON with success/error flags.

- Security headers in `.htaccess` provide browser-level protection.