From 35343920b58f4a88eba78695e46af33032d4a263 Mon Sep 17 00:00:00 2001
From: gerrykastogi <gerrykastogi@gmail.com>
Date: Mon, 16 May 2016 17:10:49 +0700
Subject: [PATCH] role rumah sakit

---
 bdgwebkit/User.php            | 7 +++++++
 bdgwebkit/staffPermohonan.php | 8 ++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/bdgwebkit/User.php b/bdgwebkit/User.php
index 586b082..9be5b97 100644
--- a/bdgwebkit/User.php
+++ b/bdgwebkit/User.php
@@ -49,6 +49,13 @@
 			return $user_data['role'];
 		}
 
+		// Getting RS name
+		public function get_RSid($id){
+			$result = mysql_query("SELECT idRumahsakit FROM pengguna WHERE id='$id'");
+			$user_data = mysql_fetch_array($result);
+			return $user_data['idRumahsakit'];
+		}
+
 		// Getting session
 		public function get_session(){
 			return $_SESSION['login'];
diff --git a/bdgwebkit/staffPermohonan.php b/bdgwebkit/staffPermohonan.php
index 446c3f6..49af4d2 100644
--- a/bdgwebkit/staffPermohonan.php
+++ b/bdgwebkit/staffPermohonan.php
@@ -332,7 +332,6 @@
                           die("Connection failed: " . $conn->connect_error);
                       } 
 
-
                       $search = "";
 
                       if (isset($_GET["search"])){
@@ -340,7 +339,12 @@
                         $value = $_GET["jenis"];
                         $sql = "SELECT * FROM `permohonan` WHERE `$value` LIKE '%$search%'";
                       } else {
-                        $sql = "SELECT * FROM permohonan";
+                        if($user->get_role($id) == "rumahSakit"){
+                          $RSid = $user->get_RSid($id);
+                          $sql = "SELECT * FROM permohonan WHERE idRumahsakit=$RSid";
+                        } else{
+                          $sql = "SELECT * FROM permohonan";
+                        }
                       }
   
                       $result = $conn->query($sql);
-- 
GitLab