$relQ->insert($idPatient, $_POST["check"][$i]);
if ($relQ->isError()) {
if ($relQ->getDbErrno() == 1062) {
$relQ->clearErrors();
} else {
$relQ->close();
Error::query($relQ);
}
} else {
/**
* Record log process
*/
$recordQ->log("Query_Relative", "INSERT", array($idPatient, $_POST["check"][$i]));
}
}
$recordQ->close();
unset($recordQ);
$relQ->close();
unset($relQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(_("Relatives have been added."));
//$returnLocation = "../medical/relative_list.php?id_patient=" . $idPatient; // controlling var
$returnLocation = "../medical/relative_list.php";
// controlling var
header("Location: " . $returnLocation);
echo HTML::insertScript('md5.js');
echo HTML::insertScript('password.php');
}
if (isset($focusFormField) && !empty($focusFormField)) {
echo HTML::start('script', array('src' => '../js/focus.php?field=' . $focusFormField, 'type' => 'text/javascript'));
echo HTML::end('script');
}
echo HTML::end('head');
echo HTML::start('body');
require_once "../layout/component.php";
echo HTML::start('div', array('id' => 'wrap'));
echo HTML::start('div', array('id' => 'header'));
echo appLogo();
echo HTML::para(HTML::link(_("Skip over navigation"), '#main', null, array('accesskey' => 2)), array('id' => 'skip_navigation'));
echo shortcuts(isset($tab) ? $tab : null, isset($nav) ? $nav : null);
if (isset($tab)) {
echo menuBar($tab);
}
echo HTML::end('div');
// #header
echo HTML::rule();
echo HTML::start('div', array('id' => 'main'));
echo HTML::start('div', array('id' => 'content'));
if (defined("OPEN_DEMO") && OPEN_DEMO) {
echo Msg::info(_("This is a demo version"));
}
/**
* Display "public" message(s) from controller if available
*/
echo FlashMsg::get();
* Retrieving var (PGS)
*/
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("Beneficiário não cadastrado."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
/**
* Search database
*/
$historyQ = new Query_History();
if (!$historyQ->selectPersonal($idPatient)) {
$historyQ->close();
FlashMsg::add(_("Beneficiário não cadastrado."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$history = $historyQ->fetch();
if ($history) {
$formVar["id_patient"] = $history->getIdPatient();
$formVar["birth_growth"] = $history->getBirthGrowth();
$formVar["growth_sexuality"] = $history->getGrowthSexuality();
$formVar["feed"] = $history->getFeed();
$formVar["habits"] = $history->getHabits();
$formVar["peristaltic_conditions"] = $history->getPeristalticConditions();
$formVar["psychological"] = $history->getPsychological();
$formVar["children_complaint"] = $history->getChildrenComplaint();
$formVar["venereal_disease"] = $history->getVenerealDisease();
$formVar["accident_surgical_operation"] = $history->getAccidentSurgicalOperation();
require_once "../lib/Check.php";
/**
* Retrieving get vars
*/
$idUser = intval($_GET["id_user"]);
$login = Check::safeText($_GET["login"]);
$currentPage = isset($_GET["page"]) ? intval($_GET["page"]) : 1;
/**
* Search user accesses
*/
$accessQ = new Query_Page_Access();
$accessQ->setItemsPerPage(OPEN_ITEMS_PER_PAGE);
$accessQ->searchUser($idUser, $currentPage);
if ($accessQ->getRowCount() == 0) {
$accessQ->close();
FlashMsg::add(sprintf(_("No logs for user %s."), $login));
header("Location: " . $returnLocation);
exit;
}
/**
* Show page
*/
$title = _("Access Logs");
require_once "../layout/header.php";
/**
* Breadcrumb
*/
$links = array(_("Admin") => "../admin/index.php", _("Users") => $returnLocation, $title => "");
echo HTML::breadcrumb($links, "icon icon_user");
unset($links);
echo HTML::section(2, sprintf(_("Access Logs List for user %s"), $login) . ":");
$oldAbort = ignore_user_abort(true);
/**
* Update patient
*/
$patQ = new Query_Page_Patient();
if ($patQ->existName($pat->getFirstName(), $pat->getSurname1(), $pat->getSurname2(), $pat->getIdPatient())) {
$patQ->close();
FlashMsg::add(sprintf(_("O nome do beneficiário, %s, está em uso. As mudanças não terão efeito."), $patName), OPEN_MSG_WARNING);
header("Location: " . $returnLocation);
exit;
}
$patQ->update($pat);
$patQ->close();
unset($patQ);
unset($pat);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Patient", "UPDATE", array($idPatient));
$recordQ->close();
unset($recordQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(_("Beneficiário atualizado com sucesso."));
header("Location: " . $returnLocation);
if ($errorFound) {
Form::setSession(Check::safeArray($_POST), $formError);
$_SESSION['auth']['last_login'] = $loginSession;
if (isset($sessLoginAttempts)) {
$_SESSION['auth']['login_attempts'] = $sessLoginAttempts;
}
header("Location: ../auth/login_form.php");
exit;
}
/**
* Redirect to index page if suspended
*/
if (!$user->isActived()) {
$_SESSION = array();
// deregister all current session variables
FlashMsg::add(_("Your user account has been suspended. Contact with administrator to resolve this problem."), OPEN_MSG_WARNING);
header("Location: ../home/index.php");
exit;
}
/**
* Insert new session row with random token
*/
$sessionQ = new Query_Session();
$token = $sessionQ->getToken($user->getLogin());
$sessionQ->close();
unset($sessionQ);
/**
* Insert new user access
*/
$accessQ = new Query_Page_Access();
$accessQ->insert($user);
}
$problem = $problemQ->fetch();
if (!$problem) {
$problemQ->close();
Error::fetch($problemQ);
}
$wording = $problem->getWording();
$delProblemQ = new Query_DelProblem();
$delProblemQ->insert($problem, $_SESSION['auth']['user_id'], $_SESSION['auth']['login_session']);
unset($delProblemQ);
unset($problem);
}
/**
* Record log process (before deleting process)
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Problem", "DELETE", array($idProblem));
$recordQ->close();
unset($recordQ);
$problemQ->delete($idProblem);
$problemQ->close();
unset($problemQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("Medical problem, %s, has been deleted."), $wording));
header("Location: " . $returnLocation);
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Update problem
*/
$problemQ = new Query_Page_Problem();
$problemQ->update($problem);
if ($problem->getClosingDate(false)) {
FlashMsg::add(sprintf(_("Informações adicionais, %s, foram incluídos no prontuário do funcionário."), $problem->getWording()));
} else {
FlashMsg::add(sprintf(_("%s, dados atualizados."), $problem->getWording()));
}
$problemQ->close();
unset($problemQ);
unset($problem);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Problem", "UPDATE", array($idProblem));
$recordQ->close();
unset($recordQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
* Insert new patient
*/
$patQ = new Query_Page_Patient();
if ($patQ->existName($pat->getFirstName(), $pat->getSurname1(), $pat->getSurname2())) {
$patQ->close();
FlashMsg::add(sprintf(_("Beneficiário %s, está em uso. As mudanças não serão realizadas."), $patName), OPEN_MSG_WARNING);
header("Location: ../medical/patient_new_form.php");
exit;
}
$patQ->insert($pat);
$idPatient = $patQ->getLastId();
$patQ->close();
unset($patQ);
unset($pat);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Patient", "INSERT", array($idPatient));
$recordQ->close();
unset($recordQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(_("Beneficiário cadastrado."));
$returnLocation = "../medical/patient_view.php?id_patient=" . $idPatient;
header("Location: " . $returnLocation);
require_once "../model/Patient.php";
require_once "../model/Problem.php";
/**
* Retrieving vars (PGS)
*/
$idProblem = Check::postGetSessionInt('id_problem');
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("O beneficiário não existe."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$problem = new Problem($idProblem);
if (!$problem) {
FlashMsg::add(_("O registro procurado não existe."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
if ($problem->getClosingDate() != "" && $problem->getClosingDate() != '0000-00-00') {
$nav = "history";
}
/**
* Update session variables
*/
require_once "../lib/LastViewedPatient.php";
LastViewedPatient::add($idPatient, $patient->getName());
/**
* Show page
*/
$title = $problem->getWordingPreview();
$oldAbort = ignore_user_abort(true);
/**
* Update patient
*/
$patQ = new Query_Page_Patient();
if ($patQ->existName($pat->getFirstName(), $pat->getSurname1(), $pat->getSurname2(), $pat->getIdPatient())) {
$patQ->close();
FlashMsg::add(sprintf(_("Patient name, %s, is already in use. The changes have no effect."), $patName), OPEN_MSG_WARNING);
header("Location: " . $returnLocation);
exit;
}
$patQ->update($pat);
$patQ->close();
unset($patQ);
unset($pat);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Patient", "UPDATE", array($idPatient));
$recordQ->close();
unset($recordQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(_("Patient has been updated."));
header("Location: " . $returnLocation);
* Validate data
*/
$errorLocation = "../admin/theme_edit_form.php?key=" . intval($_POST["id_theme"]);
// controlling var
require_once "../model/Query/Theme.php";
$theme = new Theme();
$theme->setId($_POST["id_theme"]);
$_POST["id_theme"] = $theme->getId();
require_once "../admin/theme_validate_post.php";
/**
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Update theme
*/
$themeQ = new Query_Theme();
if ($themeQ->existCssFile($theme->getCssFile(), $theme->getId())) {
FlashMsg:
add(sprintf(_("Filename of theme, %s, already exists. The changes have no effect."), $theme->getName()));
} else {
$themeQ->update($theme);
FlashMsg::add(sprintf(_("Theme, %s, has been updated."), $theme->getName()));
}
$themeQ->close();
unset($themeQ);
unset($theme);
/**
* Redirect to $returnLocation to avoid reload problem
*/
header("Location: " . $returnLocation);
$set->setSessionTimeout($_POST["session_timeout"]);
$_POST["session_timeout"] = $set->getSessionTimeout();
$set->setItemsPerPage($_POST["items_per_page"]);
$_POST["items_per_page"] = $set->getItemsPerPage();
if (!$set->validateData()) {
$formError["session_timeout"] = $set->getSessionTimeoutError();
$formError["items_per_page"] = $set->getItemsPerPageError();
Form::setSession($_POST, $formError);
header("Location: ../admin/setting_edit_form.php");
exit;
}
/**
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Update app settings
*/
$setQ = new Query_Setting();
$setQ->update($set);
if (isset($_POST["id_theme"])) {
$setQ->updateTheme($_POST["id_theme"]);
}
$setQ->close();
unset($setQ);
unset($set);
/**
* Redirect to destiny to avoid reload problem
*/
FlashMsg::add(_("Data has been updated."));
header("Location: ../admin/setting_edit_form.php");
$relName = Check::safeText($_POST["name"]);
/**
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Delete relative
*/
$relQ = new Query_Relative();
/**
* Record log process (before deleting process)
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Relative", "DELETE", array($idPatient, $idRelative));
$recordQ->close();
unset($recordQ);
$relQ->delete($idPatient, $idRelative);
$relQ->close();
unset($relQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("Relative, %s, has been deleted."), $relName));
//$returnLocation = "../medical/relative_list.php?id_patient=" . $idPatient; // controlling var
$returnLocation = "../medical/relative_list.php";
// controlling var
header("Location: " . $returnLocation);
require_once "../model/Patient.php";
require_once "../model/Problem.php";
/**
* Retrieving vars (PGS)
*/
$idProblem = Check::postGetSessionInt('id_problem');
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("O beneficiário em questão não possui cadastro."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$problem = new Problem($idProblem);
if (!$problem) {
FlashMsg::add(_("Nenhum atendimento foi realizado até o momento."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$formVar["id_problem"] = $idProblem;
$formVar["id_patient"] = $idPatient;
$formVar["order_number"] = $problem->getOrderNumber();
$formVar["opening_date"] = $problem->getOpeningDate();
if (!isset($formError)) {
$formVar["last_update_date"] = $problem->getLastUpdateDate();
$formVar["id_member"] = $problem->getIdMember();
$formVar["closed_problem"] = $problem->getClosingDate() != "" && $problem->getClosingDate() != "0000-00-00" ? "checked" : "";
$formVar["meeting_place"] = $problem->getMeetingPlace();
$formVar["wording"] = $problem->getWording();
$formVar["subjective"] = $problem->getSubjective();
$formVar["objective"] = $problem->getObjective();
// remove redundant whitespace
$searchText = preg_replace("/[[:space:]]+/i", " ", $searchText);
// transform string in array of strings
$arraySearch = Search::explodeQuoted($searchText);
/**
* Search database
*/
$patQ = new Query_Page_Patient();
$patQ->setItemsPerPage(OPEN_ITEMS_PER_PAGE);
$patQ->search($searchType, $arraySearch, $currentPage, $logical, $limit);
/**
* No results message if no results returned from search.
*/
if ($patQ->getRowCount() == 0) {
$patQ->close();
FlashMsg::add(sprintf(_("No results found for '%s'."), $searchText));
header("Location: ../medical/patient_search_form.php");
exit;
}
/**
* Show patient view screen if only one result from query
*/
if ($patQ->getRowCount() == 1) {
$pat = $patQ->fetch();
$patQ->freeResult();
$patQ->close();
header("Location: ../medical/patient_view.php?id_patient=" . $pat->getIdPatient());
exit;
}
/**
* Show page
require_once "../model/Patient.php";
require_once "../model/Problem.php";
/**
* Retrieving vars (PGS)
*/
$idProblem = Check::postGetSessionInt('id_problem');
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$problem = new Problem($idProblem);
if (!$problem) {
FlashMsg::add(_("That medical problem does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
/**
* Show page
*/
$title = _("View Medical Tests");
$titlePage = $patient->getName() . ' [' . $problem->getWordingPreview() . '] (' . $title . ')';
require_once "../layout/header.php";
/**
* Breadcrumb
*/
$links = array(_("Medical Records") => "../medical/index.php", $patient->getName() => "../medical/patient_view.php", _("Medical Problems Report") => "../medical/problem_list.php", $problem->getWordingPreview() => "../medical/problem_view.php", $title => "");
echo HTML::breadcrumb($links, "icon icon_patient");
unset($links);
$idTest = Check::postGetSessionInt('id_test');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$problem = new Problem($idProblem);
if (!$problem) {
FlashMsg::add(_("That medical problem does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$test = new Test($idProblem, $idTest);
if (!$test) {
FlashMsg::add(_("That medical test does not exist"), OPEN_MSG_ERROR);
header("Location: ../medical/test_list.php");
exit;
}
/**
* Show page
*/
$title = _("Delete Medical Test");
$titlePage = $patient->getName() . ' [' . $problem->getWordingPreview() . '] (' . $title . ')';
require_once "../layout/header.php";
//$returnLocation = "../medical/test_list.php?id_problem=" . $idProblem . "&id_patient=" . $idPatient; // controlling var
$returnLocation = "../medical/test_list.php";
// controlling var
/**
* Breadcrumb
*/
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Update problem
*/
$problemQ = new Query_Page_Problem();
$problemQ->update($problem);
if ($problem->getClosingDate(false)) {
FlashMsg::add(sprintf(_("Medical problem, %s, has been added to closed medical problems list."), $problem->getWording()));
} else {
FlashMsg::add(sprintf(_("Medical problem, %s, has been updated."), $problem->getWording()));
}
$problemQ->close();
unset($problemQ);
unset($problem);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Page_Problem", "UPDATE", array($idProblem));
$recordQ->close();
unset($recordQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
$wording = Check::safeText($_POST["wording"]);
/**
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Delete relative
*/
$connQ = new Query_Connection();
/**
* Record log process (before deleting process)
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Connection", "DELETE", array($idProblem, $idConnection));
$recordQ->close();
unset($recordQ);
$connQ->delete($idProblem, $idConnection);
$connQ->close();
unset($connQ);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("Connection with medical problem, %s, has been deleted."), $wording));
// To header, without &
//$returnLocation = "../medical/connection_list.php?id_problem=" . $idProblem . "&id_patient=" . $idPatient;
$returnLocation = "../medical/connection_list.php";
header("Location: " . $returnLocation);
* Checking permissions
*/
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATOR);
require_once "../lib/Form.php";
Form::compareToken($returnLocation);
require_once "../lib/Check.php";
/**
* Retrieving post vars
*/
$idUser = intval($_POST["id_user"]);
/**
* Delete user
*/
require_once "../model/Query/User.php";
$userQ = new Query_User();
if (!$userQ->select($idUser)) {
$userQ->close();
FlashMsg::add(_("That user does not exist."), OPEN_MSG_ERROR);
header("Location: " . $returnLocation);
exit;
}
$user = $userQ->fetch();
$userQ->delete($idUser);
$userQ->close();
unset($userQ);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("User, %s, has been deleted."), $user->getLogin()));
header("Location: " . $returnLocation);
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Delete medical test
*/
$testQ = new Query_Test();
/**
* Record log process (before deleting process)
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Test", "DELETE", array($idTest));
$recordQ->close();
unset($recordQ);
$testQ->delete($idTest);
$testQ->close();
unset($testQ);
//@unlink($file); // do not remove the file because LORTAD
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("Medical test, %s, has been deleted."), $file));
// To header, without &
//$returnLocation = "../medical/test_list.php?id_problem=" . $idProblem . "&id_patient=" . $idPatient; // controlling var
$returnLocation = "../medical/test_list.php";
// controlling var
header("Location: " . $returnLocation);
*/
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATOR);
/**
* Validate data
*/
require_once "../model/Query/Staff.php";
$staff = new Staff();
require_once "../admin/staff_validate_post.php";
/**
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Insert new staff member
*/
$staffQ = new Query_Staff();
if ($staffQ->existLogin($staff->getLogin())) {
FlashMsg::add(sprintf(_("Login, %s, already exists. The changes have no effect."), $staff->getLogin()), OPEN_MSG_WARNING);
} else {
$staffQ->insert($staff);
$info = $staff->getFirstName() . " " . $staff->getSurname1() . " " . $staff->getSurname2();
FlashMsg::add(sprintf(_("Staff member, %s, has been added."), $info));
}
$staffQ->close();
unset($staffQ);
unset($staff);
/**
* Redirect to $returnLocation to avoid reload problem
*/
header("Location: " . $returnLocation);
/**
* Retrieving get vars
*/
$idTheme = intval($_GET["id_theme"]);
/**
* Checking for $formError to read data from database
*/
if (!isset($formError)) {
include_once "../model/Query/Theme.php";
/**
* Search database
*/
$themeQ = new Query_Theme();
if (!$themeQ->select($idTheme)) {
$themeQ->close();
FlashMsg::add(_("That theme does not exist."), OPEN_MSG_ERROR);
header("Location: " . $returnLocation);
exit;
}
$theme = $themeQ->fetch();
if ($theme) {
$formVar["id_theme"] = $idTheme;
$formVar["theme_name"] = $theme->getName();
$formVar["css_file"] = $theme->getCssFile();
$filename = "../css/" . $theme->getCssFile();
$fp = fopen($filename, 'r');
if ($fp) {
$formVar["css_rules"] = fread($fp, filesize($filename));
fclose($fp);
}
} else {
require_once "../model/Query/User.php";
$user = new User();
$user->setIdUser($_POST["id_user"]);
$user->setLogin($_POST["login"]);
$user->setPwd($_POST["md5"]);
$_POST["pwd"] = "";
$user->setPwd2($_POST["md5_confirm"]);
$_POST["pwd2"] = "";
if (!$user->validatePwd()) {
$formError["pwd"] = $user->getPwdError();
Form::setSession($_POST, $formError);
header("Location: " . $errorLocation);
exit;
}
/**
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Update user
*/
$userQ = new Query_User();
$userQ->resetPwd($user);
FlashMsg::add(sprintf(_("Password of user, %s, has been reset."), $user->getLogin()));
$userQ->close();
unset($userQ);
unset($user);
/**
* Redirect to $returnLocation to avoid reload problem
*/
header("Location: " . $returnLocation);
$test->setIdTest($_POST["id_test"]);
require_once "../medical/test_validate_post.php";
/**
* Destroy form values and errors
*/
Form::unsetSession();
/**
* Prevent user from aborting script
*/
$oldAbort = ignore_user_abort(true);
/**
* Update medical test
*/
$testQ = new Query_Test();
$testQ->update($test);
FlashMsg::add(sprintf(_("Medical test, %s, has been updated."), $test->getPathFilename(false)));
$testQ->close();
unset($testQ);
/**
* Record log process
*/
$recordQ = new Query_Page_Record();
$recordQ->log("Query_Test", "UPDATE", array($test->getIdTest()));
$recordQ->close();
unset($recordQ);
unset($test);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Retrieving var (PGS)
*/
$idPatient = Check::postGetSessionInt('id_patient');
$patient = new Patient($idPatient);
if ($patient->getName() == '') {
FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
/**
* Search database for problem
*/
$historyQ = new Query_History();
if (!$historyQ->selectPersonal($idPatient)) {
$historyQ->close();
FlashMsg::add(_("That patient does not exist."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
$history = $historyQ->fetch();
if (!$history) {
$historyQ->close();
Error::fetch($historyQ);
}
$historyQ->freeResult();
$historyQ->close();
unset($historyQ);
/**
* Show page
*/
$title = _("View Personal Antecedents");
/**
* void loginCheck(int $profilePage = OPEN_PROFILE_FREE, bool $inDemo = true)
*
* @param int $profilePage (optional) one of this values:
* OPEN_PROFILE_FREE
* OPEN_PROFILE_ADMINISTRATOR
* OPEN_PROFILE_ADMINISTRATIVE
* OPEN_PROFILE_DOCTOR
* @param bool $inDemo (optional) restricted in DEMO version?
* @return void
* @access public
* @see OPEN_DEMO
* @since 0.8
*/
function loginCheck($profilePage = OPEN_PROFILE_FREE, $inDemo = true)
{
/**
* Checking to see if we are in demo mode and if we should not execute this page
*/
if (!$inDemo && (defined("OPEN_DEMO") && OPEN_DEMO)) {
FlashMsg::add(_("This function is not available in this demo version of OpenClinic."));
// @fixme OPEN_APP_NAME
header("Location: ../home/index.php");
exit;
}
/**
* Disabling users control for demo
*/
if (defined("OPEN_DEMO") && OPEN_DEMO) {
$_SESSION['auth']['is_admin'] = true;
$_SESSION['auth']['is_administrative'] = true;
$_SESSION['auth']['is_doctor'] = true;
return;
}
// before possible login_form.php redirections
$_SESSION['auth']['return_page'] = $_SERVER['REQUEST_URI'];
/**
* Checking to see if session variables exist
*/
if (!isset($_SESSION['auth']['login_session']) || $_SESSION['auth']['login_session'] == "") {
header("Location: ../auth/login_form.php");
exit;
}
if (!isset($_SESSION['auth']['token']) || $_SESSION['auth']['token'] == "") {
header("Location: ../auth/login_form.php");
exit;
}
/**
* Checking if the request is from a different IP to previously
*/
if (isset($_SESSION['auth']['login_ip']) && $_SESSION['auth']['login_ip'] != $_SERVER['REMOTE_ADDR']) {
// This is possibly a session hijack attempt
include_once "../auth/logout.php";
exit;
}
/**
* Checking session validation
*
$chk = md5(
isset($_SERVER['HTTP_ACCEPT_CHARSET']) ? $_SERVER['HTTP_ACCEPT_CHARSET'] : $_SERVER['HTTP_ACCEPT']
. $_SERVER['HTTP_ACCEPT_ENCODING']
. $_SERVER['HTTP_ACCEPT_LANGUAGE']
. $_SERVER['HTTP_USER_AGENT']
);
if ($_SESSION['auth']['sign'] != $chk)
{
// This is possibly a session hijack attempt
include_once("../auth/logout.php");
exit();
}
/**
* Checking session table to see if token has timed out
*/
$sessQ = new Query_Session();
if (!$sessQ->validToken($_SESSION['auth']['login_session'], $_SESSION['auth']['token'])) {
$sessQ->close();
$_SESSION['auth']['invalid_token'] = true;
FlashMsg::add(_("Session timeout"));
header("Location: ../auth/login_form.php");
exit;
}
$sessQ->close();
unset($sessQ);
/**
* Here, the session is valid!
*/
if (isset($_SESSION['auth']['invalid_token'])) {
unset($_SESSION['auth']['invalid_token']);
}
session_regenerate_id();
// to avoid Session Fixation
/**
* Checking authorization for this page
* The session authorization flags were set at login in login.php
*/
if ($profilePage != OPEN_PROFILE_FREE && $profilePage != OPEN_PROFILE_ADMINISTRATOR && $profilePage != OPEN_PROFILE_DOCTOR && $profilePage != OPEN_PROFILE_ADMINISTRATIVE) {
FlashMsg::add(_("Invalid profile page"));
header("Location: ../auth/login_form.php");
exit;
}
if ($profilePage == OPEN_PROFILE_ADMINISTRATOR && !$_SESSION['auth']['is_admin'] || $profilePage == OPEN_PROFILE_ADMINISTRATIVE && !$_SESSION['auth']['is_administrative'] || $profilePage == OPEN_PROFILE_DOCTOR && !$_SESSION['auth']['is_doctor']) {
FlashMsg::add(_("You are not authorized to use this page."));
header("Location: ../home/index.php");
exit;
}
}
$problemQ = new Query_Page_Problem();
/**
* Record log process (before deleting process)
*/
$recordQ = new Query_Page_Record();
for ($i = 0; $i < $numRows; $i++) {
$recordQ->log("Query_Page_Problem", "DELETE", array($array[$i]->getIdProblem()));
}
$recordQ->close();
unset($recordQ);
for ($i = 0; $i < $numRows; $i++) {
$problemQ->delete($array[$i]->getIdProblem());
}
$problemQ->close();
unset($problemQ);
unset($array);
}
/**
* Update session variables
*/
require_once "../lib/LastViewedPatient.php";
LastViewedPatient::delete($idPatient);
/**
* Reset abort setting
*/
ignore_user_abort($oldAbort);
/**
* Redirect to $returnLocation to avoid reload problem
*/
FlashMsg::add(sprintf(_("Patient, %s, has been deleted."), $patName));
header("Location: " . $returnLocation);
*/
require_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATIVE);
/**
* Retrieving vars (PGS)
*/
$idPatient = Check::postGetSessionInt('id_patient');
/**
* Checking for $formError to read data from database
*/
if (!isset($formError)) {
include_once "../model/Patient.php";
$patient = new Patient($idPatient);
$patName = $patient->getName();
if ($patName == '') {
FlashMsg::add(_("Este beneficiário não está cadastrado."), OPEN_MSG_ERROR);
header("Location: ../medical/patient_search_form.php");
exit;
}
/**
* load up post vars
*/
$formVar["id_patient"] = $idPatient;
//$formVar["last_update_date"] = date("Y-m-d"); // automatic date (ISO format)
$formVar["id_member"] = $patient->getIdMember();
$formVar["nif"] = $patient->getNIF();
$formVar["first_name"] = $patient->getFirstName();
$formVar["surname1"] = $patient->getSurname1();
$formVar["surname2"] = $patient->getSurname2();
$formVar["address"] = $patient->getAddress();
$formVar["phone_contact"] = $patient->getPhone();
