A lightweight, portable General Clinic CRM built with PHP and flat-file JSON storage β no database required.
MediTrack is a self-hosted clinic appointment management system designed for general healthcare practices. Built for speed, portability, and simplicity β no MySQL, no setup complexity, just drop it on any PHP server and go.
π‘ Looking for the Dental version? Check out SmileCare Dental CRM β same philosophy, built specifically for dental clinics.
- π Patient Booking Form β Public-facing form capturing name, phone, email, date, time, department, patient type, and reason for visit
- π₯ Department Selection β General Physician, Pediatrics, Cardiology, Dermatology, Orthopedics, ENT, and more
- π New vs Returning Patient β Patient type tracking with visual badges in the admin panel
- π Secure Admin Panel β bcrypt-hashed password login with PHP session authentication
- π Dashboard β 4 stat cards (Today, Pending, Completed This Month, Total) in a clean 2Γ2 grid
- π Department Breakdown β CSS-only horizontal bar chart showing appointment volume per department
- π Appointments Manager β Full list with pagination, date/status/department filters, and detail view
- β‘ Status Workflow β Inline updates: Pending β Confirmed β Completed / Cancelled
- ποΈ Flat-File Storage β All data stored in JSON. Zero SQL setup needed
- π Directory Protection β Auto-generated
.htaccessblocks direct access to data files - π₯οΈ Sidebar Layout β Left sidebar admin navigation with charcoal dark theme
- π© Automated Notifications β Native PHP mail for confirmations, admin alerts, and 24h cron reminders
- π‘οΈ Security Built-In β CSRF token protection and brute-force rate limiting
- π€ Export Capabilities β Export appointments to CSV or
.ics(iCal format) - βοΈ Central Configuration β Easy configuration via
config.phpfor timezone, clinic name, etc.
| Token | Value |
|---|---|
| Primary | Deep Teal #0D6E6E |
| Accent | Soft Emerald #2ECC71 |
| Background | Warm Gray #F4F6F5 |
| Sidebar | Dark Charcoal #1A2B2B |
| Success | #27AE60 |
| Warning | #F39C12 |
| Danger | #E74C3C |
| Font | Plus Jakarta Sans (Google Fonts) |
| Border Radius | 12px (cards, buttons, rows) |
| Layer | Technology |
|---|---|
| Language | PHP (Server-Side Rendering) |
| Frontend | HTML5, Vanilla CSS, Google Fonts (Plus Jakarta Sans) |
| Storage | Flat-File JSON (appointments.json, meta.json) |
| Auth | PHP Native Sessions + bcrypt |
| Server | Apache / Any PHP 7.4+ host |
- PHP 7.4 or higher
- Apache or Nginx with PHP support
- No database required
- Clone the repository
git clone https://github.com/YOUR_USERNAME/meditrack-clinic-crm.git
cd meditrack-clinic-crm- Place in your server root
# XAMPP / WAMP β drop into htdocs/
# Live server β upload via FTP/SCP to public_html/- Set up Configuration
Copy the example configuration file and update it with your own credentials:
cp includes/config.example.php includes/config.php- Ensure the
data/directory is writable
chmod 755 data/The app auto-initializes
appointments.json,meta.json, and.htaccesson first run.
- Visit the app
http://localhost/meditrack-clinic-crm/ # Patient Booking Form
http://localhost/meditrack-clinic-crm/admin/ # Admin Login
| Field | Value |
|---|---|
| Username | Defined by you in config.php |
| Password | Defined by you in config.php |
β οΈ No default password is provided for security reasons.
- Copy
includes/config.example.phptoincludes/config.php- Generate a secure password hash via terminal:
php -r "echo password_hash('your_secure_password', PASSWORD_BCRYPT);"- Paste the generated hash into
includes/config.phpasADMIN_PASSWORD_HASH- Set your
ADMIN_USERNAMEin the same file.
meditrack-clinic-crm/
βββ assets/
β βββ style.css # Full stylesheet β teal theme, sidebar layout, badges
β βββ images/ # Screenshots for documentation
βββ data/
β βββ .htaccess # Auto-generated β blocks direct web access
β βββ appointments.json # All appointment records
β βββ meta.json # Auto-increment ID tracker
βββ includes/
β βββ auth.php # Session + require_login() middleware
β βββ config.example.php # Template for clinic settings & credentials
β βββ csrf.php # CSRF token generation and validation
β βββ mailer.php # Email sending functions for confirmations & alerts
β βββ rate_limit.php # Basic rate limiting for forms
β βββ storage.php # CRUD functions (JSON-based)
βββ admin/
β βββ login.php # Split-screen admin login page
β βββ logout.php # Session destroy
β βββ dashboard.php # Stats grid + department chart + recent appointments
β βββ appointments.php # Full list, filters (date/status/dept), detail view, actions
β βββ patients.php # Patient management view
β βββ settings.php # Admin settings view
β βββ export_csv.php # Export data to CSV
β βββ export_ical.php # Export data to iCal
βββ book.php # POST handler for booking form
βββ cron_reminders.php # Script to run via cron for 24h email reminders
βββ index.php # Public patient booking landing page
Each record in appointments.json contains:
{
"id": 1,
"name": "Sara Ahmed",
"phone": "+971501234567",
"email": "sara@example.com",
"date": "2025-07-15",
"time": "10:30",
"department": "Cardiology",
"patient_type": "new",
"reason": "Follow-up Visit",
"status": "Pending",
"created_at": "2025-06-10 14:22:00"
}Records without
departmentorpatient_type(from older imports) load safely β all functions handle missing fields gracefully.
- All user input sanitized with
htmlspecialchars()before rendering - Admin password stored as bcrypt hash β never plain text
data/directory protected from direct HTTP access via auto-generated.htaccess- Admin routes protected by session middleware (
require_login())
- Email confirmation to patient on booking
- Admin email alert on new submission
- CSRF token protection on all forms
- Appointment reminder via cron job + email
- iCal /
.icsexport for Google Calendar / Outlook -
config.phpfor clinic name, email, timezone, and available slots - Time slot conflict detection per department
- Internal admin notes per appointment
- Multi-clinic / multi-branch support
- Doctor-specific scheduling (assign appointments to a specific doctor)
Contributions are welcome! Fork the repo, open issues, or submit pull requests.
- Fork the project
- Create your feature branch (
git checkout -b feature/email-notifications) - Commit your changes (
git commit -m 'Add PHPMailer confirmation emails') - Push to the branch (
git push origin feature/email-notifications) - Open a Pull Request
This project is licensed under the MIT License.
Ahmed Ali
- GitHub: @ahmed-ali-codes
- LinkedIn: linkedin.com/in/ahmed-ali-jawad
- Agency: Ecotrustia Solutions
| Project | Description |
|---|---|
| SmileCare Dental CRM | Same stack, purpose-built for dental clinics |
Built with β€οΈ for general clinics and healthcare practices that need a clean, reliable, zero-dependency booking system.

