* @author Karl Englund <*****@*****.**>
* @link http://www.open-emr.org
*/
header("Content-Type:text/xml");
$ignoreAuth = true;
require_once 'classes.php';
include_once "{$srcdir}/onotes.inc";
$xml_string = "";
$xml_string .= "<officenote>";
$token = $_POST['token'];
$body = $_POST['body'];
if ($userId = validateToken($token)) {
$user = getUsername($userId);
$acl_allow = acl_check('admin', 'super', $user);
// $_SESSION['authUser'] used in addOnote() function.
$_SESSION['authUser'] = $user;
$_SESSION['authProvider'] = getAuthGroup($user);
if ($acl_allow) {
addOnote($body);
$xml_string .= "<status>0</status>\n";
$xml_string .= "<reason>Office Note Added Successfully</reason>\n";
} else {
$xml_string .= "<status>-2</status>\n";
$xml_string .= "<reason>You are not Authorized to perform this action</reason>\n";
}
} else {
$xml_string .= "<status>-2</status>";
$xml_string .= "<reason>Invalid Token</reason>";
}
$xml_string .= "</officenote>";
echo $xml_string;
//this code handles changing the state of activity tags when the user updates them through the interface
if (isset($mode)) {
if ($mode == "update") {
foreach ($_POST as $var => $val) {
if ($val == "true" || $val == "false") {
$id = str_replace("act", "", $var);
if ($val == "true") {
reappearOnote($id);
} elseif ($val == "false") {
disappearOnote($id);
}
//print "$id: $val > $act_state<br>\n";
}
}
} elseif ($mode == "new") {
addOnote($_POST["note"]);
}
}
?>
<html>
<head>
<link rel="stylesheet" href="<?php
echo $css_header;
?>
" type="text/css">
</head>
<body class="body_top">
<div id="officenotes_edit">
