Complete WordPress plugin for medical appointment booking with CNP authentication, multi-phone support, and comprehensive patient management.
- β CNP-based authentication (Romanian Personal ID)
- β Multi-authentication methods: Login with CNP, Email, or Phone
- β Multi-phone support: Users can add multiple phone numbers
- β 2FA Ready: TOTP (Google Authenticator) implementation ready
- β Rate limiting: Protection against brute force attacks
- β CNP masking: Privacy-compliant display (*********1234)
- β GDPR compliant: Secure data handling
- β Appointment booking: Intuitive React-based booking flow
- β Doctor management: Complete doctor profiles with specialties
- β Service management: Configurable medical services with duration and pricing
- β Schedule management: Doctor working hours and breaks
- β Calendar integration: Visual appointment calendar
- β Conflict detection: Automatic double-booking prevention
- β Patient: Book appointments, view own appointments
- β Receptionist: Manage all appointments, create patients
- β Medical Assistant: View appointments, manage patients
- β Doctor: View own appointments, manage schedule
- β Manager: Full access with analytics and reports
- β Romanian translations: Complete ro_RO translation
- β Translation ready: .pot file for additional languages
- β RTL support ready: Structure prepared for RTL languages
- β Authentication endpoints: Register, login, 2FA
- β Booking endpoints: Services, doctors, slots, appointments
- β Phone management: Add, remove, set primary phone
- β User management: Profile, settings, preferences
-
Upload Plugin
# Upload to your WordPress installation /wp-content/plugins/medical-booking-system/ -
Activate Plugin
- Go to WordPress Admin β Plugins
- Find "Medical Booking System"
- Click Activate
-
Initial Setup
- Database tables are created automatically
- User roles are configured automatically
- Default services are added
-
Configure Settings
- Go to Medical Booking β Settings
- Configure basic settings
- Add doctors and services
For Booking Form:
[mbs_booking]For Login/Register:
[mbs_auth]For Patient Dashboard:
[mbs_patient_dashboard]Comprehensive documentation is available in the docs/ folder:
| Document | Description |
|---|---|
| TODO.md | Development roadmap and task tracking |
| AUTHENTICATION.md | Complete authentication system guide |
| SETTINGS.md | Settings system and configuration guide |
| QUICK-START.md | 5-minute quick start guide |
| 2FA-IMPLEMENTATION.md | Two-factor authentication guide |
| PROJECT-PLAN.md | Detailed project architecture |
- π Authentication Setup
- βοΈ Settings Guide
- π Quick Start Guide
- π Development TODO
- π 2FA Implementation
- Backend: PHP 7.4+, WordPress 5.0+
- Frontend: React 18, Tailwind CSS
- Database: MySQL 5.6+ / MariaDB 10.0+
- Libraries:
- PHPGangsta/GoogleAuthenticator (2FA)
- Babel Standalone (JSX transformation)
- WordPress: 5.0 or higher
- PHP: 7.4 or higher
- MySQL: 5.6 or higher / MariaDB 10.0+
- PHP Extensions: mysqli, json, mbstring
- Apache Modules: mod_rewrite (for permalinks)
The plugin creates 10 custom tables:
| Table | Purpose |
|---|---|
wp_mbs_services |
Medical services |
wp_mbs_doctors |
Doctor profiles |
wp_mbs_doctor_services |
Doctor-service associations |
wp_mbs_doctor_schedules |
Working hours |
wp_mbs_doctor_breaks |
Breaks and holidays |
wp_mbs_patients |
Patient records |
wp_mbs_appointments |
Appointments |
wp_mbs_appointment_history |
Audit trail |
wp_mbs_notifications |
Email/SMS queue |
wp_mbs_settings |
Plugin settings |
wp_mbs_user_phones |
Multi-phone support |
Plus user metadata for CNP and 2FA.
POST /wp-json/mbs/v1/auth/register
POST /wp-json/mbs/v1/auth/login
GET /wp-json/mbs/v1/auth/me
GET /wp-json/mbs/v1/auth/phones
POST /wp-json/mbs/v1/auth/phones
DELETE /wp-json/mbs/v1/auth/phones/{id}
PUT /wp-json/mbs/v1/auth/phones/{id}/primary
GET /wp-json/mbs/v1/services
GET /wp-json/mbs/v1/doctors?serviceId={id}
GET /wp-json/mbs/v1/slots?doctorId={id}&date={date}&duration={min}
POST /wp-json/mbs/v1/appointments
GET /wp-json/mbs/v1/appointments
See AUTHENTICATION.md for detailed API documentation.
| Shortcode | Description | Example |
|---|---|---|
[mbs_booking] |
Appointment booking form | [mbs_booking] |
[mbs_auth] |
Login/Register form | [mbs_auth] |
[mbs_patient_dashboard] |
Patient's appointments | [mbs_patient_dashboard] |
- β Nonce verification: All AJAX/REST requests protected
- β SQL injection protection: Prepared statements only
- β XSS prevention: All output escaped
- β CSRF protection: WordPress nonce system
- β Rate limiting: 20 requests/minute per user/IP
- β CNP validation: Romanian CNP algorithm verification
- β Password hashing: WordPress native bcrypt
- β Capability checks: Role-based access control
Version: 1.1.0
Status: β
PRODUCTION READY for authentication system
Next Features: Booking flow finalization, admin UI, email notifications
- β Complete authentication system
- β Multi-authentication (CNP/Email/Phone)
- β Database structure
- β REST API foundation
- β React booking UI (basic)
- β Admin menu structure
- β User roles and capabilities
- π¨ Doctor schedule management
- π¨ Admin UI for doctors/services
- π¨ Email notifications
- π¨ Patient dashboard
- π¨ 2FA implementation
- π¨ Reporting and analytics
See docs/TODO.md for detailed roadmap.
This is a private/commercial plugin. For issues and feature requests, contact the development team.
This plugin is licensed under the GNU General Public License v2 or later.
Copyright (C) 2025 Medical Booking System
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
For support and customization requests, contact your development team.
See CHANGELOG.md for version history.
Made with β€οΈ for Romanian medical practices
Last updated: October 20, 2025