diff --git a/app/Config/Filters.php b/app/Config/Filters.php
index eb46a1d..3d0aef8 100644
--- a/app/Config/Filters.php
+++ b/app/Config/Filters.php
@@ -57,7 +57,7 @@ class Filters extends BaseFilters
         'after' => [
             'pagecache',   // Web Page Caching
             'performance', // Performance Metrics
-            'toolbar',     // Debug Toolbar
+            //'toolbar',  // Debug Toolbar
         ],
     ];
 
@@ -76,6 +76,7 @@ class Filters extends BaseFilters
         'after' => [
             // 'honeypot',
             // 'secureheaders',
+			//'toolbar' => ['except' => ['api/*']]
         ],
     ];
 
diff --git a/app/Config/Routes.php b/app/Config/Routes.php
index 9930452..64fa7a0 100644
--- a/app/Config/Routes.php
+++ b/app/Config/Routes.php
@@ -8,4 +8,5 @@ use CodeIgniter\Router\RouteCollection;
 $routes->get('/', 'Pages::home');
 $routes->post('/api/requests/', 'API_Requests::requests');
 $routes->get('/api/requests/orm/(:any)', 'API_Requests::orm/$1');
-$routes->get('/api/results/(:any)', 'API_Results::results/$1');
+$routes->get('/api/results/(:any)', 'API_Results::results_send/$1');
+$routes->get('/api/results_preview/(:any)', 'API_Results::results_preview/$1');
diff --git a/app/Controllers/API_Requests.php b/app/Controllers/API_Requests.php
index c52144e..dd5e746 100644
--- a/app/Controllers/API_Requests.php
+++ b/app/Controllers/API_Requests.php
@@ -43,15 +43,14 @@ class API_Requests extends ResourceController {
 		
 		//reqdata
 		$reffid = $qdata['reference_id'];
-		$company_name = $qdata['company_name'];
+		$company = $qdata['company_name'];
 		$loc = $qdata['branch'];
 		
 		$visitnum = $qpat['visit_number'];
 		$visitdesc = $qpat['visit_description'];
-		$visitdt = $qpat['visit_date_time'];
-		$agent = $qpat['agent'];
-		$agentname = str_replace("'","''",$qpat['agent_name']);
 		$visittype = $qpat['visit_type'];
+		$visitdt = $qpat['visit_date_time'];
+		$agentname = str_replace("'","''",$qpat['agent_name']);
 		$doc = str_replace("'","''",$qpat['treating_doctor']);
 		
 		$createdt = $qdata['created'];
@@ -68,13 +67,15 @@ class API_Requests extends ResourceController {
 		$query = $db->query($sql);
 		$results = $query->getResultArray();
 		if(!isset($results[0])) { 
-			$sql = "INSERT INTO cmod.dbo.CM_TM_REQUESTS (REFFID, REQNUMBER, REQDESC, REQTYPE, REQDATE, AGENT, DOC, LOC, PATID, COMPANY, LOGDATE, BW, BH) 
-				VALUES ('$reffid', '$visitnum', '$visitdesc', '$visittype', '$visitdt', '$agentname', '$doc', '$loc', '$patid', '$company_name', '$createdt', '$bw', '$bh' )"; 
+			$sql = "INSERT INTO cmod.dbo.CM_TM_REQUESTS (REFFID, REQNUMBER, REQDATE, AGENT, DOC, LOC, PATID, COMPANY, LOGDATE, BW, BH, VISITDESC, VISITTYPE) 
+				VALUES ('$reffid', '$visitnum', '$visitdt', '$agentname', '$doc', '$loc', '$patid', '$company', '$createdt', '$bw', '$bh', '$visitdesc', '$visittype' )"; 
 			$db->query($sql);
 			$reqid = $db->insertID();
 		} else { 
 			$reqid = $results[0]['REQID'];
-			$sql = "UPDATE cmod.dbo.CM_TM_REQUESTS SET REQNUMBER='$visitnum', REQDESC='$visitdesc', REQTYPE='$visittype', REQDATE='$visitdt', AGENT='$agentname', DOC='$doc', LOC='$loc', PATID='$patid', LOGDATE='$createdt', BW='$bw', BH='$bh' where REQID='$reqid'"; 
+			$sql = "UPDATE cmod.dbo.CM_TM_REQUESTS SET REQNUMBER='$visitnum', REQDATE='$visitdt', AGENT='$agentname', DOC='$doc', LOC='$loc', PATID='$patid', 
+				COMPANY='$company',LOGDATE='$createdt', BW='$bw', BH='$bh', VISITDESC='$visitdesc', VISITTYPE='$visittype'
+				where REQID='$reqid'"; 
 			$db->query($sql);
 		}	
 		
@@ -119,7 +120,8 @@ class API_Requests extends ResourceController {
 	
 	public function orm($reqid) {
 		$db = \Config\Database::connect();
-		$sql = "select r.REFFID, r.LOC, p.PATNUMBER, p.FIRSTNAME, p.LASTNAME, p.BIRTHDATE, p.SEX, r.REQNUMBER, r.REQDATE, r.AGENT, r.DOC, r.BW, r.BH
+		$sql = "select r.REFFID, r.LOC, p.PATNUMBER, p.FIRSTNAME, p.LASTNAME, p.BIRTHDATE, p.SEX, p.PHONE, 
+			r.REQNUMBER, r.REQDATE, r.AGENT, r.DOC, r.BW, r.BH
 		from cmod.dbo.CM_TM_REQUESTS r
 		left join cmod.dbo.CM_TM_PATIENTS p on p.PATID=r.PATID
 		where r.REQID='$reqid'";
@@ -134,13 +136,14 @@ class API_Requests extends ResourceController {
 		$firstname = $res['FIRSTNAME'];
 		$lastname = $res['LASTNAME'];
 		$dob = $res['BIRTHDATE'];
-		$sex = $res['SEX'];
+		$sex = substr($res['SEX'],0,1);
 		$hosp = $res['REQNUMBER'];
 		$reqdate = $res['REQDATE'];
 		$time = Time::createFromFormat('Y-m-d\TH:i:s.u\Z', $reqdate, 'UTC'); //2024-10-19T00:47:06.424654Z
 		$agent = $res['AGENT'];
 		$bw = $res['BW'];
 		$bh = $res['BH'];
+		$phone = $res['PHONE'];
 		
 		// LOC
 		if($loc == "PBMC Bali") { 
@@ -154,8 +157,8 @@ class API_Requests extends ResourceController {
 		}
 		
 		$orm = "MSH|^~\&|PBMC|TM|TDNL||||ORM^O01^|||2.3||||\r";
-		$orm .= "PID|1||$patnumber^^^^PATNUMBER||$firstname^$lastname^^^^^L||$dob|$sex||^|^^||||||^||||||||||||||||\r";
-		$orm .= "PV1|||$loc^^^||||$doc|$doc||||||||||||||||||||||||||||||||||||$reqdate||||||||||\r";
+		$orm .= "PID|1||$patnumber^^^^PATNUMBER||$firstname^$lastname^^^^^L||$dob|$sex||^|^^||$phone^^TELEPHON||||^||||||||||||||||\r";
+		$orm .= "PV1|||$loc^^^||||$doc|$doc|||||||||||$hosp|||||||||||||||||||||||||$reqdate||||||||||\r";
 		
 		$sql = "select t.TESTSTATUS, m.LISCODE from cmod.dbo.CM_TM_TESTS t
 			left join cmod.dbo.CM_DICT_MAPPINGS m on m.HISCODE=t.HISCODE
diff --git a/app/Controllers/API_Results.php b/app/Controllers/API_Results.php
index d11626f..1f4a1e4 100644
--- a/app/Controllers/API_Results.php
+++ b/app/Controllers/API_Results.php
@@ -3,21 +3,17 @@
 namespace App\Controllers;
 
 use CodeIgniter\RESTful\ResourceController;
-use CodeIgniter\I18n\Time;
-use Ramsey\Uuid\Uuid;
 
 class API_Results extends ResourceController {
 
-	public function results($accessnumber) {
-		$TM_url = "https://api-transmedic1.transmedic.co.id/webhook/lis";
-		$TMBali_bearerToken = "4140|eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOm51bGwsImF1ZCI6IjEyNy4wLjAuMTo4MDAwIiwiaWF0IjoxNzM4MDYwNzcwLCJleHAiOjE3MzgxNDcxNzAsInN1YiI6bnVsbCwianRpIjoiMDcyODc4NmUtZGRiMy00OWQxLTlhOGEtYjFhNGM3ZTcwNWY5IiwiZGF0YSI6eyJ1c2VybmFtZSI6InBibWNfYmFsaSIsInBhc3N3b3JkIjoiSjhlMjlYakxtRENGdVFuayJ9fQ.nb8_SX2nGyq_5A5TmyVDNvuCm5wSovA1od9FcXhhvXw";
-		$TMSby_bearerToken = "4141|eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOm51bGwsImF1ZCI6IjEyNy4wLjAuMTo4MDAwIiwiaWF0IjoxNzM4MDYwODg5LCJleHAiOjE3MzgxNDcyODksInN1YiI6bnVsbCwianRpIjoiZjY2Njc5MmItOTc2OS00ODY3LThlNmItNTBmZDM0MGRjYWZhIiwiZGF0YSI6eyJ1c2VybmFtZSI6InBibWNfc3VyYWJheWEiLCJwYXNzd29yZCI6InBnY1dmZHdYM3FFdDl6YUMifX0.j3ncwI9bZtPIhn3-p6cl3A91nIrZrmQLSGmhVdqSVsY";
-		
+	public function create_json($accessnumber) {
 		$db = \Config\Database::connect();
-
-		$sql = "select r.HOSTORDERNUMBER, r.SP_HOSPNUMBER, cr.LOC, cr.COMPANY, cr.AGENT from SP_REQUESTS r
-			left join cmod.dbo.CM_TM_REQUESTS cr on cr.REFFID=r.HOSTORDERNUMBER
-			where r.SP_ACCESSNUMBER='$accessnumber'";
+		$sql = "select r.HOSTORDERNUMBER, r.SP_HOSPNUMBER, cr.LOC, cr.COMPANY, cr.AGENT, cr.VISITDESC, cr.VISITTYPE,
+	p.PATNUMBER, p.NAME, p.FIRSTNAME, p.BIRTHDATE, p.SEX, p.TELEPHON, r.COLLECTIONDATE, cr.AGENT, cr.DOC, cr.BW, cr.BH
+from SP_REQUESTS r
+	left join cmod.dbo.CM_TM_REQUESTS cr on cr.REFFID=r.HOSTORDERNUMBER
+	left join PATIENTS p on p.PATID=r.PATID
+where r.SP_ACCESSNUMBER='$accessnumber'";
 		$query = $db->query($sql);
 		$results = $query->getResultArray();
 
@@ -27,23 +23,55 @@ class API_Results extends ResourceController {
 		$payer_name = $results[0]['AGENT'];
 		$company = $results[0]['COMPANY'];
 		$createdt = gmdate('Y-m-d\TH:i:s.v\Z');
+		$patnumber = substr($results[0]['PATNUMBER'],-8);
+		$firstname = $results[0]['FIRSTNAME'];
+		$lastname = $results[0]['NAME'];
+		$dob = $results[0]['BIRTHDATE'];
+		$sex = $results[0]['SEX'];
+		$phone = $results[0]['TELEPHON'];
+		$visitdesc = $results[0]['VISITDESC'];
+		$visittype = $results[0]['VISITTYPE'];
+		$visitdt = $results[0]['COLLECTIONDATE'];
+		$agent = $results[0]['AGENT'];
+		if($agent != '') {$bagent = true;}
+		else {$bagent=false;}
+		$doctor = $results[0]['DOC'];
+		$bw = $results[0]['BW'];
+		$bh = $results[0]['BH'];
 		
-		if($location == 'PBMC Surabaya') { $token = $TMSby_bearerToken; }
-		else { $token = $TMBali_bearerToken; }
 		
-		$client = \Config\Services::curlrequest();
 		$json = [
 			"reference_id" => "$reffid",
 			"created" => "$createdt", 
 			"company_name" => $company,
 			"branch" => $location,
+			"patient" => [
+				"rm_number" => $patnumber,
+				"patient_first_name" => $firstname,
+				"patient_last_name" => $lastname,
+				"patient_dob" => $dob,
+				"patient_sex" => $sex,
+				"patient_phone" => $phone,
+				"visit_number" => $visitnumber,
+				"visit_description"=> $visitdesc,
+				"visit_date_time" => $visitdt,
+				"agent_name" => $agent,
+				"agent" => $bagent,
+				"treating_doctor" => $doctor,
+				"visit_type" => $visittype,
+				"anthropometry" => [
+					"weight" => $bw,
+					"height" => $bh, 
+				],
+			],
 			"test_results" => []
 		];
 
-		$sql = "select dc.CHAPID, t.DEPTH as depth_test, dc.FULLTEXT as chap_eng, dc.FULLTEXT as chap_ind, st.FULLTEXT as serum_type, cdt.TEXT1 as test_eng, cdt.TEXT2 as test_ind, 
-  cdt.UNIT as UNITTEXT, cdt.REFFTEXT, t.NOTPRINTABLE,
+		$sql = "select dc.CHAPID, t.DEPTH as depth_test, dc.FULLTEXT as chap_eng, dc.FULLTEXT as chap_ind, st.FULLTEXT as serum_type, 
+  cdt.TEXT1 as test_eng, cdt.TEXT2 as test_ind, cdt.UNIT as UNITTEXT, cdt.REFFTEXT, t.NOTPRINTABLE, cr.RESSTATUS,
   t.TESTORDER, t.RESTYPE as code_type, t.VALIDATIONINITIALS  as validator, dt.SHORTTEXT,
-  RESULT = case when t.RESVALUE is null then tx.FULLTEXT else t.RESVALUE end, ct.REFFTESTID, m.HISCODE, m.LISCODE, tub.TUBENAME, cr.REFRANGE, dt.TESTCODE, t.TESTORDER
+  RESULT = case when t.RESVALUE is null then tx.FULLTEXT else t.RESVALUE end, ct.REFFTESTID, m.HISCODE, m.LISCODE, 
+  tub.TUBENAME, cr.REFRANGE, dt.TESTCODE, t.TESTORDER, dt.UNITS
 from REQUESTS r 
 left join TESTS t on t.REQUESTID = r.REQUESTID 
 left join DICT_TESTS dt on dt.ENDVALIDDATE is null and t.TESTID=dt.TESTID
@@ -54,7 +82,8 @@ left join DICT_SAMPLES_TYPES st on st.SAMPTYPEID=ts.SAMPTYPEID
 left join cmod.dbo.CM_DICT_TESTS cdt on dt.TESTCODE=cdt.TESTCODE
 left join cmod.dbo.CM_RESULTS cr on cr.ACCESSNUMBER=r.ACCESSNUMBER and cr.TESTCODE=cdt.TESTCODE and cr.TESTCODE=dt.TESTCODE
 left join cmod.dbo.CM_DICT_MAPPINGS m on m.LISCODE=cr.TESTCODE
-left join cmod.dbo.CM_TM_TESTS ct on ct.HISCODE=m.HISCODE
+left join cmod.dbo.CM_TM_REQUESTS cq on cq.REFFID=r.EXTERNALORDERNUMBER
+left join cmod.dbo.CM_TM_TESTS ct on ct.HISCODE=m.HISCODE and ct.REQID=cq.REQID
 left join cmod.dbo.CM_DICT_TUBES tub on tub.TUBEID=m.TUBEID
 where r.ACCESSNUMBER='$accessnumber' ORDER BY t.TESTORDER";
         $query = $db->query($sql);
@@ -72,8 +101,16 @@ where r.ACCESSNUMBER='$accessnumber' ORDER BY t.TESTORDER";
 			$sampletype = $result['serum_type'];
 			$chapter = $result['chap_eng'];
 			$testresult = $result['RESULT'];
+			$unit = $result['UNITS'];
+			$unittext = $result['UNITTEXT'];
+			if($unittext != '') { $testunit = $unit; }
+			else { $testunit = $unittext; }
 			$refrange = $result['REFRANGE'];
 			$refftext = $result['REFFTEXT'];
+			$resstatus = $result['RESSTATUS'];
+			if($resstatus == 'F') { $testsum = 'APPROVE'; }
+			elseif($resstatus == 'C') { $testsum = 'PENDING'; }
+			else { $testsum = null; }
 			if($refftext != '') { $testreff = $refftext; }
 			else { $testreff = $refrange; }
 			if($liscode == '') {$liscode = $testcode;}
@@ -86,59 +123,69 @@ where r.ACCESSNUMBER='$accessnumber' ORDER BY t.TESTORDER";
 				"test_container"=> "$tubename",
 				"chapter_type"=> "$chapter", 
 				"test_result"=> "$testresult",
+				"test_unit"=> "$testunit",
 				"test_reff" => "$testreff",
-				"test_summary"=> "",
-				"subtest_results" => [],
+				"test_summary"=> "$testsum",
+				//"subtest_results" => [],
 			];
 			if ( $depth == 0 || $depth == '' ) { // depth 0
 				if(isset($d0)) { $d0++; } else { $d0 = 0; } 
 				$d1=0;
-				$json['data']['test_results'][] = $data;
+				$json['test_results'][] = $data;
 			} else if ($depth == 1) {  // depth 1 
 				if(isset($d1)) { $d1++; } 
 				$d2=0;
-				$json['data']['test_results'][$d0]['subtest_results'][] = $data;
+				$json['test_results'][$d0]['subtest_results'][] = $data;
 			} else if ($depth == 2) {  // depth 2
 				if(isset($d2)) { $d2++; } 
 				$d3=0;
-				$json['data']['test_results'][$d0]['subtest_results'][$d1]['subtest_results'][] = $data;
+				$json['test_results'][$d0]['subtest_results'][$d1]['subtest_results'][] = $data;
 			}
 		}
+		return $json;
+	}
+	
+	public function results_send($accessnumber) {
+		$TM_url = "https://api-transmedic1.transmedic.co.id/api/webhook/lis";
+		$TMBali_bearerToken = "4418|eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOm51bGwsImF1ZCI6ImFwaS10cmFuc21lZGljMS50cmFuc21lZGljLmNvLmlkIiwiaWF0IjoxNzM4MzE0NjU5LCJleHAiOjE3Mzg0MDEwNTksInN1YiI6bnVsbCwianRpIjoiMDBhNmUzN2ItNTA1Zi00ZDA0LWE1MjktMjU0NjE4ZGQ1ODE1IiwiZGF0YSI6eyJ1c2VybmFtZSI6InBibWNfYmFsaSIsInBhc3N3b3JkIjoiSjhlMjlYakxtRENGdVFuayJ9fQ.Zu5Ph4nbuJb9ySH4nv_7qABAzKLJxVspMM7PuzVda0k";
+		$TMSby_bearerToken = "4417|eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOm51bGwsImF1ZCI6ImFwaS10cmFuc21lZGljMS50cmFuc21lZGljLmNvLmlkIiwiaWF0IjoxNzM4MzE0NTYwLCJleHAiOjE3Mzg0MDA5NjAsInN1YiI6bnVsbCwianRpIjoiNWI5NDM4OGItOThlOC00ZTZkLTg3YzMtMGVjNTgzNDUzYWM3IiwiZGF0YSI6eyJ1c2VybmFtZSI6InBibWNfc3VyYWJheWEiLCJwYXNzd29yZCI6InBnY1dmZHdYM3FFdDl6YUMifX0.eXX5EDqyusZ3xNey20L5A6dKGgKmf73Bk7-UBLJu45o";
 		
-		$response = [
-			"headers" => [
-				"Content-Type" => "application/json",
-				"Authorization" => "Bearer $token",
-				"AppCode" => "2"
-			],
-			"data" => $json
-		];
-
-		return $this->respond($response,200);
+		$client = \Config\Services::curlrequest();
+		
+		$json = $this->create_json($accessnumber);
+		$location = $json['branch'];
+		if($location == 'PBMC Surabaya') { $token = $TMSby_bearerToken; }
+		else { $token = $TMBali_bearerToken; }
+		//return $this->respond($json,200);
+		
+		//print_r(json_encode($json));
 		
 		try { 
-			$response = $client->request('POST', $url, $response ) ;
+			$response = $client->request('POST', $TM_url, [
+				"headers" => [
+					"Content-Type" => "application/json",
+					"Authorization" => "Bearer $token",
+					"AppCode" => "2"
+				],
+				"body" => json_encode($json),
+				"verify" => false
+			]);
+			
             if ($response->getStatusCode() == 200) { 
-                $result = json_decode($response->getBody()); 
-                echo "<pre>";
-                print_r($result);
-                echo "</pre>";
+				print_r($response);
             } else {
-                // Handle errors
-                $error = [
-                  'status' => $response->getStatusCode(),
-                  'message' => $response->getReason(),
-                  'response' => $response->getBody()
-                ];
-                echo "<pre>";
-                print_r($error);
-                echo "</pre>";
-                log_message('error', 'API request failed: ' . $response->getStatusCode() . ' - ' . $response->getReason() . ' - Response: ' . $response->getBody());
+				print_r($response);
             }
-
+			
         } catch (\Exception $e) {
             echo "Error: " . $e->getMessage();
             log_message('error', 'API request exception: ' . $e->getMessage());
         }
     }
+	
+	public function results_preview($accessnumber) {
+		$json = $this->create_json($accessnumber);
+		return $this->respond($json);
+	}
+
 }
\ No newline at end of file
diff --git a/public/tokens/index.php b/public/tokens/index.php
new file mode 100644
index 0000000..b3d9bbc
--- /dev/null
+++ b/public/tokens/index.php
@@ -0,0 +1 @@
+<?php
diff --git a/public/tokens/pbmc_bali.txt b/public/tokens/pbmc_bali.txt
new file mode 100644
index 0000000..e69de29
diff --git a/public/tokens/pbmc_sby.txt b/public/tokens/pbmc_sby.txt
new file mode 100644
index 0000000..e69de29