function graphsGetValues($name) { global $is_lbf, $pid, $table; if ($is_lbf) { // Like below, but for LBF data. $values = sqlStatement("SELECT " . "ld.field_value AS " . add_escape_custom($name) . ", " . "UNIX_TIMESTAMP(f.date) as unix_date " . "FROM forms AS f, lbf_data AS ld WHERE " . "f.pid = ? AND " . "f.formdir = ? AND " . "f.deleted = 0 AND " . "ld.form_id = f.form_id AND " . "ld.field_id = ? AND " . "ld.field_value != '0' " . "ORDER BY f.date", array($pid, $table, $name)); } else { // Collect the pertinent info and ranges // (Note am skipping values of zero, this could be made to be // optional in the future when using lab values) $values = SqlStatement("SELECT " . add_escape_custom($name) . ", " . "UNIX_TIMESTAMP(date) as unix_date " . "FROM " . add_escape_custom($table) . " " . "WHERE " . add_escape_custom($name) . " != 0 " . "AND pid = ? ORDER BY date", array($pid)); } return $values; }
function insert_language_log($lang_desc, $lang_code, $cons_name, $def) { // set up the mysql collation string to ensure case is sensitive in the mysql queries if (!$disable_utf8_flag) { $case_sensitive_collation = "COLLATE utf8_bin"; } else { $case_sensitive_collation = "COLLATE latin_bin"; } if ($cons_name == '') { // NEW LANGUAGE // (ensure not a repeat log entry) $sql = "SELECT * FROM lang_custom WHERE constant_name='' AND lang_description=? " . $case_sensitive_collation; $res_test = SqlStatement($sql, array($lang_desc)); if (!SqlFetchArray($res_test)) { $sql = "INSERT INTO lang_custom SET lang_code=?, lang_description=?"; SqlStatement($sql, array($lang_code, $lang_desc)); } } elseif ($lang_desc == '') { // NEW CONSTANT // (ensure not a repeat entry) $sql = "SELECT * FROM lang_custom WHERE lang_description='' AND constant_name=? " . $case_sensitive_collation; $res_test = SqlStatement($sql, array($cons_name)); if (!SqlFetchArray($res_test)) { $sql = "INSERT INTO lang_custom SET constant_name=?"; SqlStatement($sql, array($cons_name)); } } else { // FULL ENTRY // (ensure not a repeat log entry) $sql = "SELECT * FROM lang_custom WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation . " AND definition=? " . $case_sensitive_collation; $res_test = SqlStatement($sql, array($lang_desc, $cons_name, $def)); if (!SqlFetchArray($res_test)) { // either modify already existing log entry or create a new one $sql = "SELECT * FROM lang_custom WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation; $res_test2 = SqlStatement($sql, array($lang_desc, $cons_name)); if (SqlFetchArray($res_test2)) { // modify existing log entry(s) $sql = "UPDATE lang_custom SET definition=? WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation; SqlStatement($sql, array($def, $lang_desc, $cons_name)); } else { // create new log entry $sql = "INSERT INTO lang_custom (lang_description,lang_code,constant_name,definition) VALUES (?,?,?,?)"; SqlStatement($sql, array($lang_desc, $lang_code, $cons_name, $def)); } } } }
function xl($constant, $mode = 'r', $prepend = '', $append = '') { // set language id if (!empty($_SESSION['language_choice'])) { $lang_id = $_SESSION['language_choice']; } else { $lang_id = 1; } if ($lang_id == 1 && !empty($GLOBALS['skip_english_translation'])) { // language id = 1, so no need to translate $string = $constant; } else { // TRANSLATE // first, clean lines // convert new lines to spaces and remove windows end of lines $patterns = array('/\\n/', '/\\r/'); $replace = array(' ', ''); $constant = preg_replace($patterns, $replace, $constant); // second, attempt translation $sql = "SELECT * FROM lang_definitions JOIN lang_constants ON " . "lang_definitions.cons_id = lang_constants.cons_id WHERE " . "lang_id='{$lang_id}' AND constant_name = '" . add_escape_custom($constant) . "' LIMIT 1"; $res = SqlStatement($sql); $row = SqlFetchArray($res); $string = $row['definition']; if ($string == '') { $string = "{$constant}"; } // remove dangerous characters $patterns = array('/\\n/', '/\\r/', '/"/', "/'/"); $replace = array(' ', '', '`', '`'); $string = preg_replace($patterns, $replace, $string); } $string = "{$prepend}" . "{$string}" . "{$append}"; if ($mode == 'e') { echo $string; } else { return $string; } }
$defaultLangID = 1; $defaultLangName = "English"; } // set session variable to default so login information appears in default language $_SESSION['language_choice'] = $defaultLangID; // collect languages if showing language menu if ($GLOBALS['language_menu_login']) { // sorting order of language titles depends on language translation options. $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice']; if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) { $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id"; $res3 = SqlStatement($sql); } else { // Use and sort by the translated language name. $sql = "SELECT ll.lang_id, " . "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " . "ll.lang_description " . "FROM lang_languages AS ll " . "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " . "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " . "ld.lang_id = '{$mainLangID}' " . "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id"; $res3 = SqlStatement($sql); } for ($iter = 0; $row = sqlFetchArray($res3); $iter++) { $result3[$iter] = $row; } if (count($result3) == 1) { //default to english if only return one language echo "<input type='hidden' name='languageChoice' value='1' />\n"; } } else { echo "<input type='hidden' name='languageChoice' value='" . $defaultLangID . "' />\n"; } ?> <table width="100%" height="90%"> <td align='center' valign='middle' width='34%'>
$modifier = trim($iter['mod']); if (!$cod0 && $code_types[$code_type]['fee'] == 1) { $mod0 = $modifier; $cod0 = $code; $ct0 = $code_type; } $units = max(1, intval(trim($iter['units']))); $fee = sprintf('%01.2f', (0 + trim($iter['price'])) * $units); if ($code_type == 'COPAY') { if ($id == '') { //adding new copay from fee sheet into ar_session and ar_activity tables if ($fee < 0) { $fee = $fee * -1; } $session_id = idSqlStatement("INSERT INTO ar_session(payer_id,user_id,pay_total,payment_type,description," . "patient_id,payment_method,adjustment_code,post_to_date) VALUES('0',?,?,'patient','COPAY',?,'','patient_payment',now())", array($_SESSION['authId'], $fee, $pid)); SqlStatement("INSERT INTO ar_activity (pid,encounter,code_type,code,modifier,payer_type,post_time,post_user,session_id," . "pay_amount,account_code) VALUES (?,?,?,?,?,0,now(),?,?,?,'PCP')", array($pid, $encounter, $ct0, $cod0, $mod0, $_SESSION['authId'], $session_id, $fee)); } else { //editing copay saved to ar_session and ar_activity if ($fee < 0) { $fee = $fee * -1; } $session_id = $id; $res_amount = sqlQuery("SELECT pay_amount FROM ar_activity WHERE pid=? AND encounter=? AND session_id=?", array($pid, $encounter, $session_id)); if ($fee != $res_amount['pay_amount']) { sqlStatement("UPDATE ar_session SET user_id=?,pay_total=?,modified_time=now(),post_to_date=now() WHERE session_id=?", array($_SESSION['authId'], $fee, $session_id)); sqlStatement("UPDATE ar_activity SET code_type=?, code=?, modifier=?, post_user=?, post_time=now()," . "pay_amount=?, modified_time=now() WHERE pid=? AND encounter=? AND account_code='PCP' AND session_id=?", array($ct0, $cod0, $mod0, $_SESSION['authId'], $fee, $pid, $encounter, $session_id)); } } if (!$cod0) { $copay_update = TRUE; $update_session_id = $session_id;
} else { $def = $row['definition']; } $stringTemp .= '<td>' . htmlspecialchars($def, ENT_NOQUOTES) . '</td>'; $row = SqlFetchArray($res); // jump one to get the second language selected if ($row['def_id'] == '' or $row['def_id'] == 'NULL') { $cons_name = "cons_id[" . $row['cons_id'] . "]"; if ($lang_filter_def == '%') { $isShow = true; } // if there is a previous definition } else { $cons_name = "def_id[" . $row['def_id'] . "]"; $sql = "SELECT definition FROM lang_definitions WHERE def_id=? AND definition LIKE ?"; $res2 = SqlStatement($sql, array($row['def_id'], $lang_filter_def)); if (SqlFetchArray($res2)) { $isShow = true; } } $stringTemp .= '<td><INPUT TYPE="text" size="50" NAME="' . htmlspecialchars($cons_name, ENT_QUOTES) . '" value="' . htmlspecialchars($row['definition'], ENT_QUOTES) . '">'; $stringTemp .= '</td></tr>'; if ($isShow) { //definition filter passed, so show echo $stringTemp; $isResults = true; } } echo '<INPUT TYPE="hidden" name="lang_id" value="' . htmlspecialchars($lang_id, ENT_QUOTES) . '">'; } if ($isResults) {
public function save(&$bill, &$prod, $main_provid = NULL, $main_supid = NULL, $default_warehouse = NULL, $mark_as_closed = false) { global $code_types; if (isset($main_provid) && $main_supid == $main_provid) { $main_supid = 0; } $copay_update = FALSE; $update_session_id = ''; $ct0 = ''; // takes the code type of the first fee type code type entry from the fee sheet, against which the copay is posted $cod0 = ''; // takes the code of the first fee type code type entry from the fee sheet, against which the copay is posted $mod0 = ''; // takes the modifier of the first fee type code type entry from the fee sheet, against which the copay is posted if (is_array($bill)) { foreach ($bill as $iter) { // Skip disabled (billed) line items. if (!empty($iter['billed'])) { continue; } $id = $iter['id']; $code_type = $iter['code_type']; $code = $iter['code']; $del = !empty($iter['del']); $units = empty($iter['units']) ? 1 : intval($iter['units']); $price = empty($iter['price']) ? 0 : 0 + trim($iter['price']); $pricelevel = empty($iter['pricelevel']) ? '' : $iter['pricelevel']; $modifier = empty($iter['mod']) ? '' : trim($iter['mod']); $justify = empty($iter['justify']) ? '' : trim($iter['justify']); $notecodes = empty($iter['notecodes']) ? '' : trim($iter['notecodes']); $provid = empty($iter['provid']) ? 0 : intval($iter['provid']); $fee = sprintf('%01.2f', $price * $units); if (!$cod0 && $code_types[$code_type]['fee'] == 1) { $mod0 = $modifier; $cod0 = $code; $ct0 = $code_type; } if ($code_type == 'COPAY') { if ($fee < 0) { $fee = $fee * -1; } if (!$id) { // adding new copay from fee sheet into ar_session and ar_activity tables $session_id = idSqlStatement("INSERT INTO ar_session " . "(payer_id, user_id, pay_total, payment_type, description, patient_id, payment_method, " . "adjustment_code, post_to_date) " . "VALUES ('0',?,?,'patient','COPAY',?,'','patient_payment',now())", array($_SESSION['authId'], $fee, $this->pid)); sqlBeginTrans(); $sequence_no = sqlQuery("SELECT IFNULL(MAX(sequence_no),0) + 1 AS increment FROM ar_activity WHERE " . "pid = ? AND encounter = ?", array($this->pid, $this->encounter)); SqlStatement("INSERT INTO ar_activity (pid, encounter, sequence_no, code_type, code, modifier, " . "payer_type, post_time, post_user, session_id, " . "pay_amount, account_code) VALUES (?,?,?,?,?,?,0,now(),?,?,?,'PCP')", array($this->pid, $this->encounter, $sequence_no['increment'], $ct0, $cod0, $mod0, $_SESSION['authId'], $session_id, $fee)); sqlCommitTrans(); } else { // editing copay saved to ar_session and ar_activity $session_id = $id; $res_amount = sqlQuery("SELECT pay_amount FROM ar_activity WHERE pid=? AND encounter=? AND session_id=?", array($this->pid, $this->encounter, $session_id)); if ($fee != $res_amount['pay_amount']) { sqlStatement("UPDATE ar_session SET user_id=?,pay_total=?,modified_time=now(),post_to_date=now() WHERE session_id=?", array($_SESSION['authId'], $fee, $session_id)); sqlStatement("UPDATE ar_activity SET code_type=?, code=?, modifier=?, post_user=?, post_time=now()," . "pay_amount=?, modified_time=now() WHERE pid=? AND encounter=? AND account_code='PCP' AND session_id=?", array($ct0, $cod0, $mod0, $_SESSION['authId'], $fee, $this->pid, $this->encounter, $session_id)); } } if (!$cod0) { $copay_update = TRUE; $update_session_id = $session_id; } continue; } # Code to create justification for all codes based on first justification if ($GLOBALS['replicate_justification'] == '1') { if ($justify != '') { $autojustify = $justify; } } if ($GLOBALS['replicate_justification'] == '1' && $justify == '' && check_is_code_type_justify($code_type)) { $justify = $autojustify; } if ($justify) { $justify = str_replace(',', ':', $justify) . ':'; } $auth = "1"; $ndc_info = ''; if (!empty($iter['ndcnum'])) { $ndc_info = 'N4' . trim($iter['ndcnum']) . ' ' . $iter['ndcuom'] . trim($iter['ndcqty']); } // If the item is already in the database... if ($id) { if ($del) { $this->logFSMessage(xl('Service deleted')); deleteBilling($id); } else { $tmp = sqlQuery("SELECT * FROM billing WHERE id = ? AND (billed = 0 or billed is NULL) AND activity = 1", array($id)); if (!empty($tmp)) { $tmparr = array('code' => $code, 'authorized' => $auth); if (isset($iter['units'])) { $tmparr['units'] = $units; } if (isset($iter['price'])) { $tmparr['fee'] = $fee; } if (isset($iter['pricelevel'])) { $tmparr['pricelevel'] = $pricelevel; } if (isset($iter['mod'])) { $tmparr['modifier'] = $modifier; } if (isset($iter['provid'])) { $tmparr['provider_id'] = $provid; } if (isset($iter['ndcnum'])) { $tmparr['ndc_info'] = $ndc_info; } if (isset($iter['justify'])) { $tmparr['justify'] = $justify; } if (isset($iter['notecodes'])) { $tmparr['notecodes'] = $notecodes; } foreach ($tmparr as $key => $value) { if ($tmp[$key] != $value) { if ('fee' == $key) { $this->logFSMessage(xl('Price changed')); } if ('units' == $key) { $this->logFSMessage(xl('Quantity changed')); } if ('provider_id' == $key) { $this->logFSMessage(xl('Service provider changed')); } sqlStatement("UPDATE billing SET `{$key}` = ? WHERE id = ?", array($value, $id)); } } } } } else { if (!$del) { $this->logFSMessage(xl('Service added')); $code_text = lookup_code_descriptions($code_type . ":" . $code); addBilling($this->encounter, $code_type, $code, $code_text, $this->pid, $auth, $provid, $modifier, $units, $fee, $ndc_info, $justify, 0, $notecodes, $pricelevel); } } } } // end for // if modifier is not inserted during loop update the record using the first // non-empty modifier and code if ($copay_update == TRUE && $update_session_id != '' && $mod0 != '') { sqlStatement("UPDATE ar_activity SET code_type = ?, code = ?, modifier = ?" . " WHERE pid = ? AND encounter = ? AND account_code = 'PCP' AND session_id = ?", array($ct0, $cod0, $mod0, $this->pid, $this->encounter, $update_session_id)); } // Doing similarly to the above but for products. if (is_array($prod)) { foreach ($prod as $iter) { // Skip disabled (billed) line items. if (!empty($iter['billed'])) { continue; } $drug_id = $iter['drug_id']; $selector = empty($iter['selector']) ? '' : $iter['selector']; $sale_id = $iter['sale_id']; // present only if already saved $units = max(1, intval(trim($iter['units']))); $price = empty($iter['price']) ? 0 : 0 + trim($iter['price']); $pricelevel = empty($iter['pricelevel']) ? '' : $iter['pricelevel']; $fee = sprintf('%01.2f', $price * $units); $del = !empty($iter['del']); $rxid = 0; $warehouse_id = empty($iter['warehouse']) ? '' : $iter['warehouse']; $somechange = false; // If the item is already in the database... if ($sale_id) { $tmprow = sqlQuery("SELECT ds.prescription_id, ds.quantity, ds.inventory_id, ds.fee, " . "ds.sale_date, di.warehouse_id " . "FROM drug_sales AS ds " . "LEFT JOIN drug_inventory AS di ON di.inventory_id = ds.inventory_id " . "WHERE ds.sale_id = ?", array($sale_id)); $rxid = 0 + $tmprow['prescription_id']; if ($del) { if (!empty($tmprow)) { // Delete this sale and reverse its inventory update. $this->logFSMessage(xl('Product deleted')); sqlStatement("DELETE FROM drug_sales WHERE sale_id = ?", array($sale_id)); if (!empty($tmprow['inventory_id'])) { sqlStatement("UPDATE drug_inventory SET on_hand = on_hand + ? WHERE inventory_id = ?", array($tmprow['quantity'], $tmprow['inventory_id'])); } } if ($rxid) { sqlStatement("DELETE FROM prescriptions WHERE id = ?", array($rxid)); } } else { // Modify the sale and adjust inventory accordingly. if (!empty($tmprow)) { foreach (array('quantity' => $units, 'fee' => $fee, 'pricelevel' => $pricelevel, 'selector' => $selector, 'sale_date' => $this->visit_date) as $key => $value) { if ($tmprow[$key] != $value) { $somechange = true; if ('fee' == $key) { $this->logFSMessage(xl('Price changed')); } if ('pricelevel' == $key) { $this->logFSMessage(xl('Price level changed')); } if ('selector' == $key) { $this->logFSMessage(xl('Template selector changed')); } if ('quantity' == $key) { $this->logFSMessage(xl('Quantity changed')); } sqlStatement("UPDATE drug_sales SET `{$key}` = ? WHERE sale_id = ?", array($value, $sale_id)); if ($key == 'quantity' && $tmprow['inventory_id']) { sqlStatement("UPDATE drug_inventory SET on_hand = on_hand - ? WHERE inventory_id = ?", array($units - $tmprow['quantity'], $tmprow['inventory_id'])); } } } if ($tmprow['inventory_id'] && $warehouse_id && $warehouse_id != $tmprow['warehouse_id']) { // Changing warehouse. Requires deleting and re-adding the sale. // Not setting $somechange because this alone does not affect a prescription. $this->logFSMessage(xl('Warehouse changed')); sqlStatement("DELETE FROM drug_sales WHERE sale_id = ?", array($sale_id)); sqlStatement("UPDATE drug_inventory SET on_hand = on_hand + ? WHERE inventory_id = ?", array($units, $tmprow['inventory_id'])); $tmpnull = null; $sale_id = sellDrug($drug_id, $units, $fee, $this->pid, $this->encounter, empty($iter['rx']) ? 0 : $rxid, $this->visit_date, '', $warehouse_id, false, $tmpnull, $pricelevel, $selector); } } // Delete Rx if $rxid and flag not set. if ($GLOBALS['gbl_auto_create_rx'] && $rxid && empty($iter['rx'])) { sqlStatement("UPDATE drug_sales SET prescription_id = 0 WHERE sale_id = ?", array($sale_id)); sqlStatement("DELETE FROM prescriptions WHERE id = ?", array($rxid)); } } } else { if (!$del) { $somechange = true; $this->logFSMessage(xl('Product added')); $tmpnull = null; $sale_id = sellDrug($drug_id, $units, $fee, $this->pid, $this->encounter, 0, $this->visit_date, '', $warehouse_id, false, $tmpnull, $pricelevel, $selector); if (!$sale_id) { die(xlt("Insufficient inventory for product ID") . " \"" . text($drug_id) . "\"."); } } } // If a prescription applies, create or update it. if (!empty($iter['rx']) && !$del && ($somechange || empty($rxid))) { // If an active rx already exists for this drug and date we will // replace it, otherwise we'll make a new one. if (empty($rxid)) { $rxid = ''; } // Get default drug attributes; prefer the template with the matching selector. $drow = sqlQuery("SELECT dt.*, " . "d.name, d.form, d.size, d.unit, d.route, d.substitute " . "FROM drugs AS d, drug_templates AS dt WHERE " . "d.drug_id = ? AND dt.drug_id = d.drug_id " . "ORDER BY (dt.selector = ?) DESC, dt.quantity, dt.dosage, dt.selector LIMIT 1", array($drug_id, $selector)); if (!empty($drow)) { $rxobj = new Prescription($rxid); $rxobj->set_patient_id($this->pid); $rxobj->set_provider_id(isset($main_provid) ? $main_provid : $this->provider_id); $rxobj->set_drug_id($drug_id); $rxobj->set_quantity($units); $rxobj->set_per_refill($units); $rxobj->set_start_date_y(substr($this->visit_date, 0, 4)); $rxobj->set_start_date_m(substr($this->visit_date, 5, 2)); $rxobj->set_start_date_d(substr($this->visit_date, 8, 2)); $rxobj->set_date_added($this->visit_date); // Remaining attributes are the drug and template defaults. $rxobj->set_drug($drow['name']); $rxobj->set_unit($drow['unit']); $rxobj->set_dosage($drow['dosage']); $rxobj->set_form($drow['form']); $rxobj->set_refills($drow['refills']); $rxobj->set_size($drow['size']); $rxobj->set_route($drow['route']); $rxobj->set_interval($drow['period']); $rxobj->set_substitute($drow['substitute']); // $rxobj->persist(); // Set drug_sales.prescription_id to $rxobj->get_id(). $oldrxid = $rxid; $rxid = 0 + $rxobj->get_id(); if ($rxid != $oldrxid) { sqlStatement("UPDATE drug_sales SET prescription_id = ? WHERE sale_id = ?", array($rxid, $sale_id)); } } } } } // end for // Set default and/or supervising provider for the encounter. if (isset($main_provid) && $main_provid != $this->provider_id) { $this->logFSMessage(xl('Default provider changed')); sqlStatement("UPDATE form_encounter SET provider_id = ? WHERE pid = ? AND encounter = ?", array($main_provid, $this->pid, $this->encounter)); $this->provider_id = $main_provid; } if (isset($main_supid) && $main_supid != $this->supervisor_id) { sqlStatement("UPDATE form_encounter SET supervisor_id = ? WHERE pid = ? AND encounter = ?", array($main_supid, $this->pid, $this->encounter)); $this->supervisor_id = $main_supid; } // Save-and-Close is currently specific to Family Planning but might be more // generally useful. It provides the ability to mark an encounter as billed // directly from the Fee Sheet, if there are no charges. if ($mark_as_closed) { $tmp1 = sqlQuery("SELECT SUM(ABS(fee)) AS sum FROM drug_sales WHERE " . "pid = ? AND encounter = ? AND billed = 0", array($this->pid, $this->encounter)); $tmp2 = sqlQuery("SELECT SUM(ABS(fee)) AS sum FROM billing WHERE " . "pid = ? AND encounter = ? AND billed = 0 AND activity = 1", array($this->pid, $this->encounter)); if ($tmp1['sum'] + $tmp2['sum'] == 0) { sqlStatement("update drug_sales SET billed = 1 WHERE " . "pid = ? AND encounter = ? AND billed = 0", array($this->pid, $this->encounter)); sqlStatement("UPDATE billing SET billed = 1, bill_date = NOW() WHERE " . "pid = ? AND encounter = ? AND billed = 0 AND activity = 1", array($this->pid, $this->encounter)); } else { // Would be good to display an error message here... they clicked // Save and Close but the close could not be done. However the // framework does not provide an easy way to do that. } } }
/** * Function to migrate the Clickoptions settings (if exist) from the codebase into the database. * Note this function is only run once in the sql upgrade script (from 4.1.1 to 4.1.2) if the * issue_types sql table does not exist. */ function clickOptionsMigrate() { // If the clickoptions.txt file exist, then import it. if (file_exists(dirname(__FILE__) . "/../sites/" . $_SESSION['site_id'] . "/clickoptions.txt")) { $file_handle = fopen(dirname(__FILE__) . "/../sites/" . $_SESSION['site_id'] . "/clickoptions.txt", "rb"); $seq = 10; $prev = ''; echo "Importing clickoption setting<br>"; while (!feof($file_handle)) { $line_of_text = fgets($file_handle); if (preg_match('/^#/', $line_of_text)) { continue; } if ($line_of_text == "") { continue; } $parts = explode('::', $line_of_text); $parts[0] = trim(str_replace("\r\n", "", $parts[0])); $parts[1] = trim(str_replace("\r\n", "", $parts[1])); if ($parts[0] != $prev) { $sql1 = "INSERT INTO list_options (`list_id`,`option_id`,`title`) VALUES (?,?,?)"; SqlStatement($sql1, array('lists', $parts[0] . '_issue_list', ucwords(str_replace("_", " ", $parts[0])) . ' Issue List')); $seq = 10; } $sql2 = "INSERT INTO list_options (`list_id`,`option_id`,`title`,`seq`) VALUES (?,?,?,?)"; SqlStatement($sql2, array($parts[0] . '_issue_list', $parts[1], $parts[1], $seq)); $seq = $seq + 10; $prev = $parts[0]; } fclose($file_handle); } }
$defaultLangID = 1; $defaultLangName = "English"; } // set session variable to default so login information appears in default language $_SESSION['language_choice'] = $defaultLangID; // collect languages if showing language menu if ($GLOBALS['language_menu_login']) { // sorting order of language titles depends on language translation options. $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice']; if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) { $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id"; $res3 = SqlStatement($sql); } else { // Use and sort by the translated language name. $sql = "SELECT ll.lang_id, " . "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " . "ll.lang_description " . "FROM lang_languages AS ll " . "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " . "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " . "ld.lang_id = ? " . "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id"; $res3 = SqlStatement($sql, array($mainLangID)); } for ($iter = 0; $row = sqlFetchArray($res3); $iter++) { $result3[$iter] = $row; } if (count($result3) == 1) { //default to english if only return one language $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n"; } } else { $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='" . htmlspecialchars($defaultLangID, ENT_QUOTES) . "' />\n"; } } ?> <html>
//definition is different echo htmlspecialchars(xl('Following is a new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR>"; if (!$checkOnly) { //add new definition $sql = "UPDATE `lang_definitions` SET `definition`=? WHERE `def_id`=? LIMIT 1"; SqlStatement($sql, array($row['definition'], $def_id)); echo htmlspecialchars(xl('Synchronized new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR><BR>"; } $difference = 1; } } else { echo htmlspecialchars(xl('Following is a new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR>"; if (!$checkOnly) { //add new definition $sql = "INSERT INTO lang_definitions (cons_id,lang_id,definition) VALUES (?,?,?)"; SqlStatement($sql, array($constant_id, $language_id, $row['definition'])); echo htmlspecialchars(xl('Synchronized new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR><BR>"; } $difference = 1; } } if (!$difference) { echo htmlspecialchars(xl('The translation tables are synchronized.'), ENT_NOQUOTES); } } ?> <TABLE> <FORM name="manage_form" METHOD=POST ACTION="?m=manage" onsubmit="return top.restoreSession()"> <TR> <TD><INPUT TYPE="submit" name="check" value="<?php
if ($_POST['constant_name'] == "") { echo htmlspecialchars(xl('Constant name is blank'), ENT_NOQUOTES) . '<br>'; $err = 'y'; } $sql = "SELECT * FROM lang_constants WHERE constant_name=? limit 1"; $res = SqlQuery($sql, array($_POST['constant_name'])); if ($res) { echo htmlspecialchars(xl('Data Alike is already in database, please change constant name'), ENT_NOQUOTES) . '<br>'; $err = 'y'; } if ($err == 'y') { $val_constant = $_POST['constant_name']; } else { //insert into the main table $sql = "INSERT INTO lang_constants SET constant_name=?"; SqlStatement($sql, array($_POST['constant_name'])); //insert into the log table - to allow persistant customizations insert_language_log('', '', $_POST['constant_name'], ''); echo htmlspecialchars(xl('Constant', '', '', ' ') . $_POST['constant_name'] . xl('added', '', ' '), ENT_NOQUOTES) . '<br>'; } // echo "$sql here "; } ?> <TABLE> <FORM name="cons_form" METHOD=POST ACTION="?m=constant" onsubmit="return top.restoreSession()"> <TR> <TD><?php echo htmlspecialchars(xl('constant name'), ENT_NOQUOTES); ?> </TD>
// // // A copy of the GNU General Public License is included along with this program: // openemr/interface/login/GnuGPL.html // For more information write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // // Author: Eldho Chacko <*****@*****.**> // Jacob T Paul <*****@*****.**> // // +------------------------------------------------------------------------------+ //SANITIZE ALL ESCAPES $sanitize_all_escapes = true; // //STOP FAKE REGISTER GLOBALS $fake_register_globals = false; // include_once '../../interface/globals.php'; $sql = "select distinct tu_user_id from template_users"; $rs = SqlStatement($sql); while ($row = SqlFetchArray($rs)) { $sql = "select * from template_users join customlists on cl_list_slno=tu_template_id where\n cl_deleted=0 and tu_user_id=?"; $rs2 = SqlStatement($sql, array($row['tu_user_id'])); while ($row2 = SqlFetchArray($rs2)) { $sql = "select cl_list_slno from customlists where cl_deleted=0 and cl_list_id=?"; $rs3 = SqlStatement($sql, array($row2['cl_list_slno'])); while ($row3 = SqlFetchArray($rs3)) { SqlStatement("insert into template_users (tu_template_id,tu_user_id) values(?,?)", array($row3['cl_list_slno'], $row['tu_user_id'])); } } }
if (sqlNumRows($values) < 2) { exit; } // If blood pressure, then collect the other reading to allow graphing both in same graph $isBP = 0; if ($name == "bps" || $name == "bpd") { // Set BP flag and collect other pressure reading $isBP = 1; if ($name == "bps") { $name_alt = "bpd"; } if ($name == "bpd") { $name_alt = "bps"; } // Collect the pertinent vitals and ranges. $values_alt = SqlStatement("SELECT " . add_escape_custom($name_alt) . ", " . "UNIX_TIMESTAMP(date) as unix_date " . "FROM " . add_escape_custom($table) . " " . "WHERE pid=? ORDER BY date", array($pid)); $ranges_alt = SqlQuery("SELECT MAX(CONVERT(" . add_escape_custom($name_alt) . ",SIGNED)) AS " . "max_" . add_escape_custom($name_alt) . ", " . "MAX(UNIX_TIMESTAMP(date)) as max_date, " . "MIN(UNIX_TIMESTAMP(date)) as min_date " . "FROM " . add_escape_custom($table) . " " . "WHERE pid=?", array($pid)); } // Prepare look and feel of data points $s = new scatter_line('#DB1750', 2); $def = new hollow_dot(); $def->size(4)->halo_size(3)->tooltip('#val#<br>#date:Y-m-d H:i#'); $s->set_default_dot_style($def); if ($isBP) { //set up the other blood pressure line $s_alt = new scatter_line('#0000FF', 2); $s_alt->set_default_dot_style($def); } // Prepare and insert data $data = array(); while ($row = sqlFetchArray($values)) {
echo htmlspecialchars(xl("Code must be two letter lowercase"), ENT_NOQUOTES) . '<br>'; $err = 'y'; } $sql = "SELECT * FROM lang_languages WHERE lang_code LIKE ? or lang_description LIKE ? limit 1"; $res = SqlQuery($sql, array("%" . $_POST['lang_code'] . "%", "%" . $_POST['lang_name'])); if ($res) { echo htmlspecialchars(xl("Data Alike is already in database, please change code and/or description"), ENT_NOQUOTES) . '<br>'; $err = 'y'; } if ($err == 'y') { $val_lang_code = $_POST['lang_code']; $val_lang_name = $_POST['lang_name']; } else { //insert into the main table $sql = "INSERT INTO lang_languages SET lang_code=?, lang_description=?"; SqlStatement($sql, array($_POST['lang_code'], $_POST['lang_name'])); //insert into the log table - to allow persistant customizations insert_language_log($_POST['lang_name'], $_POST['lang_code'], '', ''); echo htmlspecialchars(xl('Language definition added'), ENT_NOQUOTES) . '<br>'; } } ?> <TABLE> <FORM name="lang_form" METHOD=POST ACTION="?m=language" onsubmit="return top.restoreSession()"> <TR> <TD><?php echo htmlspecialchars(xl('Language Code'), ENT_NOQUOTES); ?> :</TD> <TD><INPUT TYPE="text" NAME="lang_code" size="2" maxlength="2" value="<?php
$user = getUsername($userId); $acl_allow = acl_check('acct', 'bill', $user); $_SESSION['authProvider'] = getAuthGroup($user); $_SESSION['authId'] = $userId; if ($acl_allow) { if ($code_type == 'COPAY') { $strQuery3 = "INSERT INTO ar_session(payer_id,user_id,pay_total,payment_type,description," . "patient_id,payment_method,adjustment_code,post_to_date)" . "VALUES('0',?,?,'patient','COPAY',?,'','patient_payment',now())"; $session_id = idSqlStatement($strQuery3, array($auth, $fee, $patientId)); $getCode = "SELECT * FROM `billing` WHERE pid = ? AND encounter = ? ORDER BY `billing`.`encounter` ASC LIMIT 1"; $res = sqlQuery($getCode, array($patientId, $visit_id)); if ($res) { $cod0 = $res['code']; $ct0 = $res['code_type']; $mod0 = $res['modifier']; $strQuery4 = "INSERT INTO ar_activity (pid,encounter,code_type,code,modifier,payer_type," . "post_time,post_user,session_id,pay_amount,account_code) " . "VALUES (?,?,?,?,?,0,now(),?,?,?,'PCP')"; $result3 = SqlStatement($strQuery4, array($patientId, $visit_id, $ct0, $cod0, $mod0, $auth, $session_id, $fee)); } } else { addBilling($visit_id, $code_type, $code, $code_text, $patientId, $auth, $provider_id, $modifier, $units, $fee, $ndc_info, $justify, 0, $noteCodes); } $strQuery1 = 'UPDATE `patient_data` SET'; $strQuery1 .= ' pricelevel = "' . add_escape_custom($priceLevel) . '"'; $strQuery1 .= ' WHERE pid = ?'; $result1 = sqlStatement($strQuery1, array($patientId)); $strQuery2 = 'UPDATE `form_encounter` SET'; $strQuery2 .= ' provider_id = "' . add_escape_custom($provider_id) . '",'; $strQuery2 .= ' supervisor_id = "' . add_escape_custom($supervisor_id) . '"'; $strQuery2 .= ' WHERE pid = ?' . ' AND encounter = ?'; $result2 = sqlStatement($strQuery2, array($patientId, $visit_id)); if ($result1 && $result2) { $xml_string .= "<status>0</status>";