/** * postcalendar_userapi_buildSubmitForm() * create event submit form */ function postcalendar_userapi_buildSubmitForm($args, $admin = false) { $_SESSION['category'] = ""; if (!PC_ACCESS_ADD) { return _POSTCALENDARNOAUTH; } extract($args); unset($args); //since we seem to clobber category $cat = $category; $output = new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); // set up Smarty $tpl = new pcSmarty(); $tpl->caching = false; $template_name = pnModGetVar(__POSTCALENDAR__, 'pcTemplate'); if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // Setup the correct config file path for the templates //================================================================= $modinfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__)); $modir = pnVarPrepForOS($modinfo['directory']); $modname = $modinfo['displayname']; $all_categories =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories'); //print_r($all_categories); unset($modinfo); $tpl->config_dir = "modules/{$modir}/pntemplates/{$template_name}/config/"; //================================================================= // PARSE MAIN //================================================================= $tpl->assign('webroot', $GLOBALS['web_root']); $tpl->assign_by_ref('TPL_NAME', $template_name); $tpl->assign('FUNCTION', pnVarCleanFromInput('func')); $tpl->assign_by_ref('ModuleName', $modname); $tpl->assign_by_ref('ModuleDirectory', $modir); $tpl->assign_by_ref('category', $all_categories); $tpl->assign('NewEventHeader', _PC_NEW_EVENT_HEADER); $tpl->assign('EventTitle', _PC_EVENT_TITLE); $tpl->assign('Required', _PC_REQUIRED); $tpl->assign('DateTimeTitle', _PC_DATE_TIME); $tpl->assign('AlldayEventTitle', _PC_ALLDAY_EVENT); $tpl->assign('TimedEventTitle', _PC_TIMED_EVENT); $tpl->assign('TimedDurationTitle', _PC_TIMED_DURATION); $tpl->assign('TimedDurationHoursTitle', _PC_TIMED_DURATION_HOURS); $tpl->assign('TimedDurationMinutesTitle', _PC_TIMED_DURATION_MINUTES); $tpl->assign('EventDescTitle', _PC_EVENT_DESC); //the double book variable comes from the eventdata array that is //passed here and extracted, injection is not an issue here if (is_numeric($double_book)) { $tpl->assign('double_book', $double_book); } //pennfirm begin patient info handling $ProviderID = pnVarCleanFromInput("provider_id"); if (is_numeric($ProviderID)) { $tpl->assign('ProviderID', $ProviderID); $tpl->assign('provider_id', $ProviderID); } elseif (is_numeric($event_userid) && $event_userid != 0) { $tpl->assign('ProviderID', $event_userid); $tpl->assign('provider_id', $event_userid); } else { if ($_SESSION['userauthorized'] == 1) { $tpl->assign('ProviderID', $_SESSION['authUserID']); } else { $tpl->assign('ProviderID', ""); } } $provinfo = getProviderInfo(); $tpl->assign('providers', $provinfo); $PatientID = pnVarCleanFromInput("patient_id"); // limit the number of results returned by getPatientPID // this helps to prevent the server from stalling on a request with // no PID and thousands of PIDs in the database -- JRM // the function getPatientPID($pid, $given, $orderby, $limit, $start) <-- defined in library/patient.inc $plistlimit = 500; if (is_numeric($PatientID)) { $tpl->assign('PatientList', getPatientPID(array('pid' => $PatientID, 'limit' => $plistlimit))); } elseif (is_numeric($event_pid)) { $tpl->assign('PatientList', getPatientPID(array('pid' => $event_pid, 'limit' => $plistlimit))); } else { $tpl->assign('PatientList', getPatientPID(array('limit' => $plistlimit))); } $tpl->assign('event_pid', $event_pid); $tpl->assign('event_aid', $event_aid); $tpl->assign('event_category', pnVarCleanFromInput("event_category")); if (empty($event_patient_name)) { $patient_data = getPatientData($event_pid, $given = "lname, fname"); $event_patient_name = $patient_data['lname'] . ", " . $patient_data['fname']; } $tpl->assign('patient_value', $event_patient_name); //================================================================= // PARSE INPUT_EVENT_TITLE //================================================================= $tpl->assign('InputEventTitle', 'event_subject'); $tpl->assign('ValueEventTitle', pnVarPrepForDisplay($event_subject)); //================================================================= // PARSE SELECT_DATE_TIME //================================================================= // It seems that with Mozilla at least, <select> fields that are disabled // do not get passed as form data. Therefore we ignore $double_book so // that the fields will not be disabled. -- Rod 2005-03-22 $output->SetOutputMode(_PNH_RETURNOUTPUT); if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata = $output->FormSelectMultiple('event_startday', $sel_data, 0, 1, "", "", false, ''); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata .= $output->FormSelectMultiple('event_startmonth', $sel_data, 0, 1, "", "", false, ''); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata = $output->FormSelectMultiple('event_startmonth', $sel_data, 0, 1, "", "", false, ''); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata .= $output->FormSelectMultiple('event_startday', $sel_data, 0, 1, "", "", false, ''); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_startyear)); $formdata .= $output->FormSelectMultiple('event_startyear', $sel_data, 0, 1, "", "", false, ''); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectDateTime', $formdata); $tpl->assign('InputAllday', 'event_allday'); $tpl->assign('ValueAllday', '1'); $tpl->assign('SelectedAllday', $event_allday == 1 ? 'checked' : ''); $tpl->assign('InputTimed', 'event_allday'); $tpl->assign('ValueTimed', '0'); $tpl->assign('SelectedTimed', $event_allday == 0 ? 'checked' : ''); $tpl->assign('STYLE', $GLOBALS['style']); //================================================================= // PARSE SELECT_END_DATE_TIME //================================================================= $output->SetOutputMode(_PNH_RETURNOUTPUT); //if there is no end date we want the box to read todays date instead of jan 01 1994 :) if ($event_endmonth == 0 && $event_endday == 0 && $event_endyear == 0) { $event_endmonth = $month; $event_endday = $day; $event_endyear = $year; } if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata = $output->FormSelectMultiple('event_endday', $sel_data, 0, 1, "", "", false, ''); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata .= $output->FormSelectMultiple('event_endmonth', $sel_data, 0, 1, "", "", false, ''); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata = $output->FormSelectMultiple('event_endmonth', $sel_data, 0, 1, "", "", false, ''); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata .= $output->FormSelectMultiple('event_endday', $sel_data, 0, 1, "", "", false, ''); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_endyear)); $formdata .= $output->FormSelectMultiple('event_endyear', $sel_data, 0, 1, "", "", false, ''); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectEndDate', $formdata); //================================================================= // PARSE SELECT_TIMED_EVENT //================================================================= $stimes = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildTimeSelect', array('hselected' => $event_starttimeh, 'mselected' => $event_starttimem)); $output->SetOutputMode(_PNH_RETURNOUTPUT); $timed_hours = $output->FormSelectMultiple('event_starttimeh', $stimes['h'], 0, 1, "", "", false, ''); $timed_minutes = $output->FormSelectMultiple('event_starttimem', $stimes['m'], 0, 1, "", "", false, ''); if (!_SETTING_TIME_24HOUR) { $ampm = array(); $ampm[0]['id'] = pnVarPrepForStore(_AM_VAL); $ampm[0]['name'] = pnVarPrepForDisplay(_PC_AM); $ampm[1]['id'] = pnVarPrepForStore(_PM_VAL); $ampm[1]['name'] = pnVarPrepForDisplay(_PC_PM); if ($event_startampm == "AM" || $event_startampm == _AM_VAL) { $ampm[0]['selected'] = 1; } else { $ampm[1]['selected'] = 1; } $timed_ampm = $output->FormSelectMultiple('event_startampm', $ampm, 0, 1, "", "", false, ''); } else { $timed_ampm = ''; } $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectTimedHours', $timed_hours); $tpl->assign('SelectTimedMinutes', $timed_minutes); $tpl->assign('SelectTimedAMPM', $timed_ampm); $tpl->assign('event_startday', $event_startday); $tpl->assign('event_startmonth', $event_startmonth); $tpl->assign('event_startyear', $event_startyear); $tpl->assign('event_starttimeh', $event_starttimeh); $tpl->assign('event_starttimem', $event_starttimem); $tpl->assign('event_startampm', $event_startampm); $tpl->assign('event_dur_hours', $event_dur_hours); $tpl->assign('event_dur_minutes', $event_dur_minutes); //================================================================= // PARSE SELECT_DURATION //================================================================= $event_dur_hours = (int) $event_dur_hours; for ($i = 0; $i <= 24; $i += 1) { $TimedDurationHours[$i] = array('value' => $i, 'selected' => $event_dur_hours == $i ? 'selected' : '', 'name' => sprintf('%02d', $i)); } $tpl->assign('TimedDurationHours', $TimedDurationHours); $tpl->assign('InputTimedDurationHours', 'event_dur_hours'); $found_time = false; for ($i = 0; $i < 60; $i += _SETTING_TIME_INCREMENT) { $TimedDurationMinutes[$i] = array('value' => $i, 'selected' => $event_dur_minutes == $i ? 'selected' : '', 'name' => sprintf('%02d', $i)); if ($TimedDurationMinutes[$i]['selected'] == 'selected') { $found_time = true; } } if (!$found_time) { $TimedDurationMinutes[$i] = array('value' => $event_dur_minutes, 'selected' => 'selected', 'name' => sprintf('%02d', $event_dur_minutes)); } $tpl->assign('TimedDurationMinutes', $TimedDurationMinutes); $tpl->assign('hidden_event_dur_minutes', $event_dur_minutes); $tpl->assign('InputTimedDurationMinutes', 'event_dur_minutes'); //================================================================= // PARSE INPUT_EVENT_DESC //================================================================= $tpl->assign('InputEventDesc', 'event_desc'); if (empty($pc_html_or_text)) { $display_type = substr($event_desc, 0, 6); if ($display_type == ':text:') { $pc_html_or_text = 'text'; $event_desc = substr($event_desc, 6); } elseif ($display_type == ':html:') { $pc_html_or_text = 'html'; $event_desc = substr($event_desc, 6); } else { $pc_html_or_text = 'text'; } unset($display_type); } $tpl->assign('ValueEventDesc', pnVarPrepForDisplay($event_desc)); $eventHTMLorText = "<select name=\"pc_html_or_text\">"; if ($pc_html_or_text == 'text') { $eventHTMLorText .= "<option value=\"text\" selected=\"selected\">" . _PC_SUBMIT_TEXT . "</option>"; } else { $eventHTMLorText .= "<option value=\"text\">" . _PC_SUBMIT_TEXT . "</option>"; } if ($pc_html_or_text == 'html') { $eventHTMLorText .= "<option value=\"html\" selected=\"selected\">" . _PC_SUBMIT_HTML . "</option>"; } else { $eventHTMLorText .= "<option value=\"html\">" . _PC_SUBMIT_HTML . "</option>"; } $eventHTMLorText .= "</select>"; $tpl->assign('EventHTMLorText', $eventHTMLorText); //================================================================= // PARSE select_event_topic_block //================================================================= $tpl->assign('displayTopics', _SETTING_DISPLAY_TOPICS); if ((bool) _SETTING_DISPLAY_TOPICS) { $a_topics =& postcalendar_userapi_getTopics(); $topics = array(); foreach ($a_topics as $topic) { array_push($topics, array('value' => $topic['id'], 'selected' => $topic['id'] == $event_topic ? 'selected' : '', 'name' => $topic['text'])); } unset($a_topics); // only show this if we have topics to show if (count($topics) > 0) { $tpl->assign('topics', $topics); $tpl->assign('EventTopicTitle', _PC_EVENT_TOPIC); $tpl->assign('InputEventTopic', 'event_topic'); } } //================================================================= // PARSE select_event_type_block //================================================================= $categories = array(); foreach ($all_categories as $category) { array_push($categories, array('value' => $category['id'], 'selected' => $category['id'] == $event_category ? 'selected' : '', 'name' => $category['name'], 'color' => $category['color'], 'desc' => $category['desc'])); } // only show this if we have categories to show // you should ALWAYS have at least one valid category if (count($categories) > 0) { $tpl->assign('categories', $categories); $tpl->assign('EventCategoriesTitle', _PC_EVENT_CATEGORY); $tpl->assign('InputEventCategory', 'event_category'); $tpl->assign('hidden_event_category', $event_category); } //================================================================= // PARSE event_sharing_block //================================================================= $data = array(); if (_SETTING_ALLOW_USER_CAL) { array_push($data, array(SHARING_PRIVATE, _PC_SHARE_PRIVATE)); array_push($data, array(SHARING_PUBLIC, _PC_SHARE_PUBLIC)); array_push($data, array(SHARING_BUSY, _PC_SHARE_SHOWBUSY)); } if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADMIN) || _SETTING_ALLOW_GLOBAL || !_SETTING_ALLOW_USER_CAL) { array_push($data, array(SHARING_GLOBAL, _PC_SHARE_GLOBAL)); } $sharing = array(); foreach ($data as $cell) { array_push($sharing, array('value' => $cell[0], 'selected' => (int) $event_sharing == $cell[0] ? 'selected' : '', 'name' => $cell[1])); } //pennfirm get list of providers from openemr code in calendar.inc $tpl->assign("user", getCalendarProviderInfo()); $tpl->assign('sharing', $sharing); $tpl->assign('EventSharingTitle', _PC_SHARING); $tpl->assign('InputEventSharing', 'event_sharing'); //================================================================= // location information //================================================================= $tpl->assign('EventLocationTitle', _PC_EVENT_LOCATION); $tpl->assign('InputLocation', 'event_location'); $tpl->assign('ValueLocation', pnVarPrepForDisplay($event_location)); $tpl->assign('EventStreetTitle', _PC_EVENT_STREET); $tpl->assign('InputStreet1', 'event_street1'); $tpl->assign('ValueStreet1', pnVarPrepForDisplay($event_street1)); $tpl->assign('InputStreet2', 'event_street2'); $tpl->assign('ValueStreet2', pnVarPrepForDisplay($event_street2)); $tpl->assign('EventCityTitle', _PC_EVENT_CITY); $tpl->assign('InputCity', 'event_city'); $tpl->assign('ValueCity', pnVarPrepForDisplay($event_city)); $tpl->assign('EventStateTitle', _PC_EVENT_STATE); $tpl->assign('InputState', 'event_state'); $tpl->assign('ValueState', pnVarPrepForDisplay($event_state)); $tpl->assign('EventPostalTitle', _PC_EVENT_POSTAL); $tpl->assign('InputPostal', 'event_postal'); $tpl->assign('ValuePostal', pnVarPrepForDisplay($event_postal)); //================================================================= // contact information //================================================================= $tpl->assign('EventContactTitle', _PC_EVENT_CONTACT); $tpl->assign('InputContact', 'event_contname'); $tpl->assign('ValueContact', pnVarPrepForDisplay($event_contname)); $tpl->assign('EventPhoneTitle', _PC_EVENT_PHONE); $tpl->assign('InputPhone', 'event_conttel'); $tpl->assign('ValuePhone', pnVarPrepForDisplay($event_conttel)); $tpl->assign('EventEmailTitle', _PC_EVENT_EMAIL); $tpl->assign('InputEmail', 'event_contemail'); $tpl->assign('ValueEmail', pnVarPrepForDisplay($event_contemail)); $tpl->assign('EventWebsiteTitle', _PC_EVENT_WEBSITE); $tpl->assign('InputWebsite', 'event_website'); $tpl->assign('ValueWebsite', pnVarPrepForDisplay($event_website)); $tpl->assign('EventFeeTitle', _PC_EVENT_FEE); $tpl->assign('InputFee', 'event_fee'); $tpl->assign('ValueFee', pnVarPrepForDisplay($event_fee)); //================================================================= // Repeating Information //================================================================= $tpl->assign('RepeatingHeader', _PC_REPEATING_HEADER); $tpl->assign('NoRepeatTitle', _PC_NO_REPEAT); $tpl->assign('RepeatTitle', _PC_REPEAT); $tpl->assign('RepeatOnTitle', _PC_REPEAT_ON); $tpl->assign('OfTheMonthTitle', _PC_OF_THE_MONTH); $tpl->assign('EndDateTitle', _PC_END_DATE); $tpl->assign('NoEndDateTitle', _PC_NO_END); $tpl->assign('InputNoRepeat', 'event_repeat'); $tpl->assign('ValueNoRepeat', '0'); $tpl->assign('SelectedNoRepeat', (int) $event_repeat == 0 ? 'checked' : ''); $tpl->assign('InputRepeat', 'event_repeat'); $tpl->assign('ValueRepeat', '1'); $tpl->assign('SelectedRepeat', (int) $event_repeat == 1 ? 'checked' : ''); unset($in); $in = array(_PC_EVERY, _PC_EVERY_OTHER, _PC_EVERY_THIRD, _PC_EVERY_FOURTH); $keys = array(REPEAT_EVERY, REPEAT_EVERY_OTHER, REPEAT_EVERY_THIRD, REPEAT_EVERY_FOURTH); $repeat_freq = array(); foreach ($in as $k => $v) { array_push($repeat_freq, array('value' => $keys[$k], 'selected' => $keys[$k] == $event_repeat_freq ? 'selected' : '', 'name' => $v)); } $tpl->assign('InputRepeatFreq', 'event_repeat_freq'); if (empty($event_repeat_freq) || $event_repeat_freq < 1) { $event_repeat_freq = 1; } $tpl->assign('InputRepeatFreqVal', $event_repeat_freq); $tpl->assign('repeat_freq', $repeat_freq); unset($in); $in = array(_PC_EVERY_DAY, _PC_EVERY_WORKDAY, _PC_EVERY_WEEK, _PC_EVERY_MONTH, _PC_EVERY_YEAR); $keys = array(REPEAT_EVERY_DAY, REPEAT_EVERY_WORK_DAY, REPEAT_EVERY_WEEK, REPEAT_EVERY_MONTH, REPEAT_EVERY_YEAR); $repeat_freq_type = array(); foreach ($in as $k => $v) { array_push($repeat_freq_type, array('value' => $keys[$k], 'selected' => $keys[$k] == $event_repeat_freq_type ? 'selected' : '', 'name' => $v)); } $tpl->assign('InputRepeatFreqType', 'event_repeat_freq_type'); $tpl->assign('repeat_freq_type', $repeat_freq_type); $tpl->assign('InputRepeatOn', 'event_repeat'); $tpl->assign('ValueRepeatOn', '2'); $tpl->assign('SelectedRepeatOn', (int) $event_repeat == 2 ? 'checked' : ''); unset($in); $in = array(_PC_EVERY_1ST, _PC_EVERY_2ND, _PC_EVERY_3RD, _PC_EVERY_4TH, _PC_EVERY_LAST); $keys = array(REPEAT_ON_1ST, REPEAT_ON_2ND, REPEAT_ON_3RD, REPEAT_ON_4TH, REPEAT_ON_LAST); $repeat_on_num = array(); foreach ($in as $k => $v) { array_push($repeat_on_num, array('value' => $keys[$k], 'selected' => $keys[$k] == $event_repeat_on_num ? 'selected' : '', 'name' => $v)); } $tpl->assign('InputRepeatOnNum', 'event_repeat_on_num'); $tpl->assign('repeat_on_num', $repeat_on_num); unset($in); $in = array(_PC_EVERY_SUN, _PC_EVERY_MON, _PC_EVERY_TUE, _PC_EVERY_WED, _PC_EVERY_THU, _PC_EVERY_FRI, _PC_EVERY_SAT); $keys = array(REPEAT_ON_SUN, REPEAT_ON_MON, REPEAT_ON_TUE, REPEAT_ON_WED, REPEAT_ON_THU, REPEAT_ON_FRI, REPEAT_ON_SAT); $repeat_on_day = array(); foreach ($in as $k => $v) { array_push($repeat_on_day, array('value' => $keys[$k], 'selected' => $keys[$k] == $event_repeat_on_day ? 'selected' : '', 'name' => $v)); } $tpl->assign('InputRepeatOnDay', 'event_repeat_on_day'); $tpl->assign('repeat_on_day', $repeat_on_day); unset($in); $in = array(_PC_OF_EVERY_MONTH, _PC_OF_EVERY_2MONTH, _PC_OF_EVERY_3MONTH, _PC_OF_EVERY_4MONTH, _PC_OF_EVERY_6MONTH, _PC_OF_EVERY_YEAR); $keys = array(REPEAT_ON_MONTH, REPEAT_ON_2MONTH, REPEAT_ON_3MONTH, REPEAT_ON_4MONTH, REPEAT_ON_6MONTH, REPEAT_ON_YEAR); $repeat_on_freq = array(); foreach ($in as $k => $v) { array_push($repeat_on_freq, array('value' => $keys[$k], 'selected' => $keys[$k] == $event_repeat_on_freq ? 'selected' : '', 'name' => $v)); } $tpl->assign('InputRepeatOnFreq', 'event_repeat_on_freq'); if (empty($event_repeat_on_freq) || $event_repeat_on_freq < 1) { $event_repeat_on_freq = 1; } $tpl->assign('InputRepeatOnFreqVal', $event_repeat_on_freq); $tpl->assign('repeat_on_freq', $repeat_on_freq); $tpl->assign('MonthsTitle', _PC_MONTHS); //================================================================= // PARSE INPUT_END_DATE //================================================================= $tpl->assign('InputEndOn', 'event_endtype'); $tpl->assign('ValueEndOn', '1'); $tpl->assign('SelectedEndOn', (int) $event_endtype == 1 ? 'checked' : ''); //================================================================= // PARSE INPUT_NO_END //================================================================= $tpl->assign('InputNoEnd', 'event_endtype'); $tpl->assign('ValueNoEnd', '0'); $tpl->assign('SelectedNoEnd', (int) $event_endtype == 0 ? 'checked' : ''); $qstring = preg_replace("/provider_id=[0-9]*[&]{0,1}/", "", $_SERVER['QUERY_STRING']); $tpl->assign('qstring', $qstring); $output->SetOutputMode(_PNH_RETURNOUTPUT); $authkey = $output->FormHidden('authid', pnSecGenAuthKey()); $output->SetOutputMode(_PNH_KEEPOUTPUT); $form_hidden = "<input type=\"hidden\" name=\"is_update\" value=\"{$is_update}\" />"; $form_hidden .= "<input type=\"hidden\" name=\"pc_event_id\" value=\"{$pc_event_id}\" />"; $form_hidden .= "<input type=\"hidden\" name=\"category\" value=\"{$cat}\" />"; if (isset($data_loaded)) { $form_hidden .= "<input type=\"hidden\" name=\"data_loaded\" value=\"{$data_loaded}\" />"; $tpl->assign('FormHidden', $form_hidden); } $form_submit = '<input type=hidden name="form_action" value="commit"/> ' . $authkey . '<input type="submit" name="submit" value="go">'; $tpl->assign('FormSubmit', $form_submit); // do not cache this page if ($admin) { $output->Text($tpl->fetch($template_name . '/admin/submit.html')); } elseif (pnVarCleanFromInput("no_nav") == 1) { $output->Text($tpl->fetch($template_name . '/user/submit_no_nav.html')); } else { $output->Text($tpl->fetch($template_name . '/user/submit.html')); } $output->Text(postcalendar_footer()); return $output->GetOutput(); }
/** * search events */ function postcalendar_user_search() { if (!(bool) PC_ACCESS_OVERVIEW) { return _POSTCALENDARNOAUTH; } $tpl = new pcSmarty(); $k = formData("pc_keywords", "R"); //from library/formdata.inc.php $k_andor = pnVarCleanFromInput('pc_keywords_andor'); $pc_category = pnVarCleanFromInput('pc_category'); $pc_facility = pnVarCleanFromInput('pc_facility'); $pc_topic = pnVarCleanFromInput('pc_topic'); $submit = pnVarCleanFromInput('submit'); $event_dur_hours = pnVarCleanFromInput('event_dur_hours'); $event_dur_minutes = pnVarCleanFromInput('event_dur_minutes'); $start = pnVarCleanFromInput('start'); $end = pnVarCleanFromInput('end'); // get list of categories for the user to choose from $categories = postcalendar_userapi_getCategories(); $cat_options = ''; foreach ($categories as $category) { $selected = ""; if ($pc_category == $category[id]) { $selected = " SELECTED "; } //modified 8/09 by BM to allow translation if applicable $cat_options .= "<option value=\"{$category['id']}\" {$selected}>" . xl_appt_category($category[name]) . "</option>"; } $tpl->assign_by_ref('CATEGORY_OPTIONS', $cat_options); $tpl->assign('event_dur_hours', $event_dur_hours); $tpl->assign('event_dur_minutes', $event_dur_minutes); // create default start and end dates for the search form if (isset($start) && $start != "") { $tpl->assign('DATE_START', $start); } else { $tpl->assign('DATE_START', date("m/d/Y")); } if (isset($end) && $end != "") { $tpl->assign('DATE_END', $end); } else { $tpl->assign('DATE_END', date("m/d/Y", strtotime("+7 Days", time()))); } // then override the setting if we have a value from the submitted form $ProviderID = pnVarCleanFromInput("provider_id"); if (is_numeric($ProviderID)) { $tpl->assign('ProviderID', $ProviderID); } elseif ($ProviderID == "_ALL_") { } else { $tpl->assign('ProviderID', ""); } $provinfo = getProviderInfo(); $tpl->assign('providers', $provinfo); // build a list of provider-options for the select box on the input form -- JRM $provider_options = "<option value='_ALL_' "; if ($ProviderID == "_ALL_") { $provider_options .= " SELECTED "; } $provider_options .= ">" . xl('All Providers') . "</option>"; foreach ($provinfo as $provider) { $selected = ""; // if we don't have a ProviderID chosen, pick the first one from the // pc_username Session variable if ($ProviderID == "") { // that variable stores the 'username' and not the numeric 'id' if ($_SESSION['pc_username'][0] == $provider['username']) { $selected = " SELECTED "; } } else { if ($ProviderID == $provider['id']) { $selected = " SELECTED "; } } $provider_options .= "<option value=\"" . $provider['id'] . "\" " . $selected . ">"; $provider_options .= $provider['lname'] . ", " . $provider['fname'] . "</option>"; } $tpl->assign_by_ref('PROVIDER_OPTIONS', $provider_options); // build a list of facility options for the select box on the input form -- JRM $facilities = getFacilities(); $fac_options = "<option value=''>" . xl('All Facilities') . "</option>"; foreach ($facilities as $facility) { $selected = ""; if ($facility['id'] == $pc_facility) { $selected = " SELECTED "; } $fac_options .= "<option value=\"" . $facility['id'] . "\" " . $selected . ">"; $fac_options .= $facility['name'] . "</option>"; } $tpl->assign_by_ref('FACILITY_OPTIONS', $fac_options); $PatientID = pnVarCleanFromInput("patient_id"); // limit the number of results returned by getPatientPID // this helps to prevent the server from stalling on a request with // no PID and thousands of PIDs in the database -- JRM // the function getPatientPID($pid, $given, $orderby, $limit, $start) <-- defined in library/patient.inc $plistlimit = 500; if (is_numeric($PatientID)) { $tpl->assign('PatientList', getPatientPID(array('pid' => $PatientID, 'limit' => $plistlimit))); } else { $tpl->assign('PatientList', getPatientPID(array('limit' => $plistlimit))); } $event_endday = pnVarCleanFromInput("event_endday"); $event_endmonth = pnVarCleanFromInput("event_endmonth"); $event_endyear = pnVarCleanFromInput("event_endyear"); $event_startday = pnVarCleanFromInput("event_startday"); $event_startmonth = pnVarCleanFromInput("event_startmonth"); $event_startyear = pnVarCleanFromInput("event_startyear"); if ($event_startday > $event_endday) { $event_endday = $event_startday; } if ($event_startmonth > $event_endmonth) { $event_endmonth = $event_startmonth; } if ($event_startyear > $event_endyear) { $event_endyear = $event_startyear; } $tpl->assign('patient_id', $PatientID); $tpl->assign('provider_id', $ProviderID); $tpl->assign("event_category", pnVarCleanFromInput("event_category")); $tpl->assign("event_subject", pnVarCleanFromInput("event_subject")); $output = new pnHTML(); $output->SetOutputMode(_PNH_RETURNOUTPUT); if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata = $output->FormSelectMultiple('event_startday', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata .= $output->FormSelectMultiple('event_startmonth', $sel_data); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata = $output->FormSelectMultiple('event_startmonth', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata .= $output->FormSelectMultiple('event_startday', $sel_data); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_startyear)); $formdata .= $output->FormSelectMultiple('event_startyear', $sel_data); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectDateTimeStart', $formdata); $output->SetOutputMode(_PNH_RETURNOUTPUT); if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata = $output->FormSelectMultiple('event_endday', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata .= $output->FormSelectMultiple('event_endmonth', $sel_data); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata = $output->FormSelectMultiple('event_endmonth', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata .= $output->FormSelectMultiple('event_endday', $sel_data); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_endyear)); $formdata .= $output->FormSelectMultiple('event_endyear', $sel_data); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectDateTimeEnd', $formdata); $output = null; if (_SETTING_DISPLAY_TOPICS) { $topics = postcalendar_userapi_getTopics(); $top_options = ''; foreach ($topics as $topic) { $top_options .= "<option value=\"{$topic['id']}\">{$topic['text']}</option>"; } $tpl->assign_by_ref('TOPIC_OPTIONS', $top_options); } //================================================================= // Find out what Template we're using //================================================================= $template_name = _SETTING_TEMPLATE; if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // Output the search form //================================================================= $tpl->assign('FORM_ACTION', pnModURL(__POSTCALENDAR__, 'user', 'search')); //================================================================= // Perform the search if we have data //================================================================= if (!empty($submit) && strtolower($submit) == "find first") { // not sure how we get here... $searchargs = array(); $searchargs['start'] = pnVarCleanFromInput("event_startmonth") . "/" . pnVarCleanFromInput("event_startday") . "/" . pnVarCleanFromInput("event_startyear"); $searchargs['end'] = pnVarCleanFromInput("event_endmonth") . "/" . pnVarCleanFromInput("event_endday") . "/" . pnVarCleanFromInput("event_endyear"); $searchargs['provider_id'] = pnVarCleanFromInput("provider_id"); $searchargs['faFlag'] = true; //print_r($searchargs); //echo "<br />"; //set defaults to current week if empty if ($searchargs['start'] == "//") { $searchargs['start'] = date("m/d/Y"); } if ($searchargs['end'] == "//") { $searchargs['end'] = date("m/d/Y", strtotime("+7 Days", strtotime($searchargs['start']))); } //print_r($searchargs); $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); //print_r($eventsByDate); $found = findFirstAvailable($eventsByDate); $tpl->assign('available_times', $found); //print_r($_POST); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } if (!empty($submit) && strtolower($submit) == "listapps") { // not sure how we get here... $searchargs = array(); $searchargs['start'] = date("m/d/Y"); $searchargs['end'] = date("m/d/Y", strtotime("+1 year", strtotime($searchargs['start']))); $searchargs['patient_id'] = pnVarCleanFromInput("patient_id"); $searchargs['listappsFlag'] = true; $sqlKeywords .= "(a.pc_pid = '" . pnVarCleanFromInput("patient_id") . "' )"; $searchargs['s_keywords'] = $sqlKeywords; //print_r($searchargs); $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); //print_r($eventsByDate); $tpl->assign('appointments', $eventsByDate); //print_r($_POST); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } elseif (!empty($submit)) { // we get here by searching via the PostCalendar search $sqlKeywords = ''; $keywords = explode(' ', $k); // build our search query foreach ($keywords as $word) { if (!empty($sqlKeywords)) { $sqlKeywords .= " {$k_andor} "; } $sqlKeywords .= '('; $sqlKeywords .= "pd.lname LIKE '%{$word}%' OR "; $sqlKeywords .= "pd.fname LIKE '%{$word}%' OR "; $sqlKeywords .= "u.lname LIKE '%{$word}%' OR "; $sqlKeywords .= "u.fname LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_title LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_hometext LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_location LIKE '%{$word}%'"; $sqlKeywords .= ') '; } if (!empty($pc_category)) { $s_category = "a.pc_catid = '{$pc_category}'"; } if (!empty($pc_topic)) { $s_topic = "a.pc_topic = '{$pc_topic}'"; } $searchargs = array(); if (!empty($sqlKeywords)) { $searchargs['s_keywords'] = $sqlKeywords; } if (!empty($s_category)) { $searchargs['s_category'] = $s_category; } if (!empty($s_topic)) { $searchargs['s_topic'] = $s_topic; } // some new search parameters introduced in the ajax_search form... JRM March 2008 // the ajax_search form has form parameters for 'start' and 'end' already built in // so use them if available $tmpDate = pnVarCleanFromInput("start"); if (isset($tmpDate) && $tmpDate != "") { $searchargs['start'] = pnVarCleanFromInput("start"); } else { $searchargs['start'] = "//"; } $tmpDate = pnVarCleanFromInput("end"); if (isset($tmpDate) && $tmpDate != "") { $searchargs['end'] = pnVarCleanFromInput("end"); } else { $searchargs['end'] = "//"; } // we can limit our search by provider -- JRM March 2008 if (isset($ProviderID) && $ProviderID != "") { // && $ProviderID != "_ALL_") { $searchargs['provider_id'] = array(); array_push($searchargs['provider_id'], $ProviderID); } $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); // we can limit our search by facility -- JRM March 2008 if (isset($pc_facility) && $pc_facility != "") { $searchargs['pc_facility'] = $pc_facility; } //print_r($eventsByDate); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } $tpl->caching = false; $tpl->assign('STYLE', $GLOBALS['style']); $pageSetup =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup'); if (pnVarCleanFromInput("no_nav") == 1) { $return = $pageSetup . $tpl->fetch($template_name . '/user/findfirst.html'); } elseif (pnVarCleanFromInput("no_nav") == 2) { $return = $pageSetup . $tpl->fetch($template_name . '/user/listapps.html'); } else { $return = $pageSetup . $tpl->fetch($template_name . '/user/search.html'); } return $return; }
function transmitCCD($data = array()) { $ccd = $data['ccd']; $recipient = $data['recipient']; $requested_by = $data['requested_by']; $xml_type = $data['xml_type']; if (UserService::valid($data[0]) == 'existingpatient') { try { $_SESSION['authProvider'] = 1; global $pid; //get patient name in Last_First format (used for CCDA filename) and //First Last for the message text. $patientData = getPatientPID(array("pid" => $pid)); if (empty($patientData[0]['lname'])) { $att_filename = ""; $patientName2 = ""; } else { //spaces are the argument delimiter for the phiMail API calls and must be removed $extension = $xml_type == 'CCDA' ? 'xml' : strtolower($xml_type); $att_filename = " " . str_replace(" ", "_", $xml_type . "_" . $patientData[0]['lname'] . "_" . $patientData[0]['fname']) . "." . $extension; $patientName2 = $patientData[0]['fname'] . " " . $patientData[0]['lname']; } $config_err = xl("Direct messaging is currently unavailable.") . " EC:"; if ($GLOBALS['phimail_enable'] == false) { return "{$config_err} 1"; } $fp = phimail_connect($err); if ($fp === false) { return "{$config_err} {$err}"; } $phimail_username = $GLOBALS['phimail_username']; $phimail_password = $GLOBALS['phimail_password']; $ret = phimail_write_expect_OK($fp, "AUTH {$phimail_username} {$phimail_password}\n"); if ($ret !== TRUE) { return "{$config_err} 4"; } $ret = phimail_write_expect_OK($fp, "TO {$recipient}\n"); if ($ret !== TRUE) { return xl("Delivery is not allowed to the specified Direct Address."); } $ret = fgets($fp, 1024); //ignore extra server data if ($requested_by == "patient") { $text_out = xl("Delivery of the attached clinical document was requested by the patient") . ($patientName2 == "" ? "." : ", " . $patientName2 . "."); } else { $text_out = xl("A clinical document is attached") . ($patientName2 == "" ? "." : " " . xl("for patient") . " " . $patientName2 . "."); } $text_len = strlen($text_out); phimail_write($fp, "TEXT {$text_len}\n"); $ret = @fgets($fp, 256); if ($ret != "BEGIN\n") { phimail_close($fp); return "{$config_err} 5"; } $ret = phimail_write_expect_OK($fp, $text_out); if ($ret !== TRUE) { return "{$config_err} 6"; } if (in_array($xml_type, array('CCR', 'CCDA', 'CDA'))) { $ccd = simplexml_load_string($ccd); $ccd_out = $ccd->saveXml(); $ccd_len = strlen($ccd_out); phimail_write($fp, "ADD " . ($xml_type == "CCR" ? $xml_type . ' ' : "CDA ") . $ccd_len . $att_filename . "\n"); //phimail_write($fp,"ADD " . (isset($xml_type) ? $xml_type . ' ' : "CDA ") . $ccd_len . $att_filename . "\n"); } else { if (strtolower($xml_type) == 'html' || strtolower($xml_type) == 'pdf') { $ccd_out = base64_decode($ccd); $message_length = strlen($ccd_out); $add_type = strtolower($xml_type) == 'html' ? 'TEXT' : 'RAW'; phimail_write($fp, "ADD " . $add_type . " " . $message_length . "" . $att_filename . "\n"); } } $ret = fgets($fp, 256); if ($ret != "BEGIN\n") { phimail_close($fp); return "{$config_err} 7"; } $ret = phimail_write_expect_OK($fp, $ccd_out); if ($ret !== TRUE) { return "{$config_err} 8"; } phimail_write($fp, "SEND\n"); $ret = fgets($fp, 256); phimail_close($fp); if ($requested_by == "patient") { $reqBy = "portal-user"; $sql = "SELECT id FROM users WHERE username='******'"; if (($r = sqlStatement($sql)) === FALSE || ($u = sqlFetchArray($r)) === FALSE) { $reqID = 1; //default if we don't have a service user } else { $reqID = $u['id']; } } else { $reqBy = $_SESSION['authUser']; $reqID = $_SESSION['authUserID']; } if (substr($ret, 5) == "ERROR") { //log the failure newEvent("transmit-ccd", $reqBy, $_SESSION['authProvider'], 0, $ret, $pid); return xl("The message could not be sent at this time."); } /** * If we get here, the message was successfully sent and the return * value $ret is of the form "QUEUED recipient message-id" which * is suitable for logging. */ $msg_id = explode(" ", trim($ret), 4); if ($msg_id[0] != "QUEUED" || !isset($msg_id[2])) { //unexpected response $ret = "UNEXPECTED RESPONSE: " . $ret; newEvent("transmit-ccd", $reqBy, $_SESSION['authProvider'], 0, $ret, $pid); return xl("There was a problem sending the message."); } newEvent("transmit-" . $xml_type, $reqBy, $_SESSION['authProvider'], 1, $ret, $pid); $adodb = $GLOBALS['adodb']['db']; // $sql="INSERT INTO direct_message_log (msg_type,msg_id,sender,recipient,status,status_ts,patient_id,user_id) " . // "VALUES ('S', ?, ?, ?, 'S', NOW(), ?, ?)"; // $res=@sqlStatement($sql,array($msg_id[2],$phimail_username,$recipient,$pid,$reqID)); return "SUCCESS"; } catch (Exception $e) { return 'Error: ' . $e->getMessage(); } } }