$xml_array = array();
$token = $_POST['token'];
$noteIds = $_POST['noteIds'];
$active = $_POST['active'];
if ($userId = validateToken($token)) {
$username = getUsername($userId);
$acl_allow = acl_check('patients', 'notes', $username);
if ($acl_allow) {
$noteIds_array = explode(',', $noteIds);
foreach ($noteIds_array as $noteId) {
switch ($active) {
case 1:
reappearPnote($noteId);
break;
case 0:
disappearPnote($noteId);
break;
}
}
$xml_array['status'] = 0;
$xml_array['reason'] = 'The Patient notes has been updated';
} else {
$xml_string .= "<status>-2</status>\n";
$xml_string .= "<reason>You are not Authorized to perform this action</reason>\n";
}
} else {
$xml_array['status'] = -2;
$xml_array['reason'] = 'Invalid Token';
}
$xml = ArrayToXML::toXml($xml_array, 'PatientNotes');
echo $xml;
$active = 'all';
$activity_string_html = '';
$form_active = $form_inactive = '0';
}
}
// this code handles changing the state of activity tags when the user updates
// them through the interface
if (isset($mode)) {
if ($mode == "update") {
foreach ($_POST as $var => $val) {
if (strncmp($var, 'act', 3) == 0) {
$id = str_replace("act", "", $var);
if ($_POST["chk{$id}"]) {
reappearPnote($id);
} else {
disappearPnote($id);
}
if ($docid) {
setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk{$id}"]));
}
if ($orderid) {
setGpRelation(2, $orderid, 6, $id, !empty($_POST["lnk{$id}"]));
}
}
}
} elseif ($mode == "new") {
$note = $_POST['note'];
if ($noteid) {
updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']);
} else {
$noteid = addPnote($patient_id, $note, $userauthorized, '1', $_POST['form_note_type'], $_POST['assigned_to']);
