clqms-be/app/Controllers/Patient.php

<?php
namespace App\Controllers;

use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Controller;
use App\Models\PatientModel;

class Patient extends Controller {
    use ResponseTrait;

    protected $db;
    protected $model;
    protected $rules;

    public function __construct() {
        $this->db = \Config\Database::connect();
        $this->model = new PatientModel();
        $this->rules = [
            'PatientID'         => 'required|max_length[50]',
            'AlternatePID'      => 'permit_empty|max_length[50]',
            'NameFirst'         => 'required|min_length[1]|max_length[255]',
            'EmailAddress1'     => 'required',
            'Gender'            => 'required',
            'Birthdate'         => 'required',
            "PatIdt.Identifier" => 'max_length[255]'
        ];
    }

    public function index() {
        $filters = [
            'InternalPID' => $this->request->getVar('InternalPID'),
            'PatientID'   => $this->request->getVar('PatientID'),
            'Name'        => $this->request->getVar('Name'),
            'Birthdate'   => $this->request->getVar('Birthdate'),
        ];

        try {
            $rows = $this->model->getPatients($filters);
            return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
        } catch (\Exception $e) {
            return $this->failServerError('Exception : '.$e->getMessage());
        }
    }

    public function show($InternalPID = null) {
        try {
            $rows = $this->model->getPatient($InternalPID);
            if (empty($rows)) { return $this->respond([ 'status'  => 'success', 'message' => "data not found." ], 200); }
            return $this->respond([ 'status'  => 'success', 'message' => "data fetched successfully", 'data' => $rows ], 200);
        } catch (\Exception $e) {
            return $this->failServerError('Something went wrong: ' . $e->getMessage());
        }
    }

    public function create() {
        $input = $this->request->getJSON(true);
        if (!$this->validateData($input, $this->rules)) { return $this->validationError('patient', $this->validator->getErrors()); }
        try {
            $InternalPID = $this->model->createPatient($input);
            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $InternalPID created successfully" ]);
        } catch (\Exception $e) {
            return $this->failServerError('Something went wrong: ' . $e->getMessage());
        }
    }

    private function validationError(string $context, array $errors) {
        return $this->respond([
            'status'  => 'error',
            'message' => "Validation failed ({$context})",
            'errors'  => $errors
        ], 400);
    }

    public function update() {
        $input = $this->request->getJSON(true);
        if (!$this->validateData($input, $this->rules)) { return $this->validationError('patient', $this->validator->getErrors()); }
        try {
            $InternalPID = $this->model->updatePatient($input);
            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $InternalPID update successfully" ]);
        } catch (\Exception $e) {
            return $this->failServerError('Something went wrong: ' . $e->getMessage());
        }
    }
    
    public function delete() {
        try {
            $input = $this->request->getJSON(true);
            $InternalPID = $input["InternalPID"];

            // Mencegah Inputan 0, [], null, sql injection
            if (empty($InternalPID) || !ctype_digit((string) $InternalPID)) {
                return $this->respond([
                    'status' => 'error',
                    'message' => "Patient ID must be a valid integer."
                ], 400);
            }

            $patient = $this->db->table('patient')->where('InternalPID', $InternalPID)->get()->getRow();

            if (!$patient) {
                return $this->failNotFound("Patient ID with {$InternalPID} not found.");
            }

            $this->db->table('patient')->where('InternalPID', $InternalPID)->update(['DelDate' => date('Y-m-d H:i:s')]);

            return $this->respondDeleted([
                'status' => 'success',
                'message' => "Patient ID with {$InternalPID} deleted successfully."
            ]);
 
        } catch (\Exception $e) {
            return $this->failServerError("Internal server error: " . $e->getMessage());
        }
    }

    public function patientCheck() {
        try {
            $PatientID = $this->request->getVar('PatientID');
            $EmailAddress1 = $this->request->getVar('EmailAddress1');

            if ($PatientID!=null){
                $tableName = 'PatientID';
                $searchName = $PatientID;
            }

            if ($EmailAddress1!=null){
                $tableName = 'EmailAddress1';
                $searchName = $EmailAddress1;
            }

            $patient = $this->db->table('patient')
                ->where($tableName, $searchName)
                ->get()
                ->getRowArray();

            if (!$patient) {
                return $this->respond([
                    'status'  => 'success',
                    'message' => "$tableName not found.",
                    'data'    => true,
                ], 200);
            }

            return $this->respond([
                'status'  => 'success',
                'message' => "$tableName already exists.",
                'data'    => false,
            ], 200);


        } catch (\Exception $e) {
            // Error Server Mengembalikan 500
            return $this->failServerError('Something went wrong.'.$e->getMessage());
        }
    }

}