reappearPnote($id); } else { disappearPnote($id); } if ($docid) { setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk{$id}"])); } if ($orderid) { setGpRelation(2, $orderid, 6, $id, !empty($_POST["lnk{$id}"])); } } } } elseif ($mode == "new") { $note = $_POST['note']; if ($noteid) { updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']); } else { $noteid = addPnote($patient_id, $note, $userauthorized, '1', $_POST['form_note_type'], $_POST['assigned_to']); } if ($docid) { setGpRelation(1, $docid, 6, $noteid); } if ($orderid) { setGpRelation(2, $orderid, 6, $noteid); } $noteid = ''; } elseif ($mode == "delete") { if ($noteid) { deletePnote($noteid); newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "pnotes: id " . $noteid); }
?> <?php switch ($task) { case "add": // Add a new message for a specific patient; the message is documented in Patient Notes. // Add a new message; it's treated as a new note in Patient Notes. $note = $_POST['note']; $noteid = $_POST['noteid']; $form_note_type = $_POST['form_note_type']; $form_message_status = $_POST['form_message_status']; $reply_to = $_POST['reply_to']; $assigned_to_list = explode(';', $_POST['assigned_to']); foreach ($assigned_to_list as $assigned_to) { if ($noteid && $assigned_to != '-patient-') { updatePnote($noteid, $note, $form_note_type, $assigned_to, $form_message_status); $noteid = ''; } else { if ($noteid && $assigned_to == '-patient-') { // When $assigned_to == '-patient-' we don't update the current note, but // instead create a new one with the current note's body prepended and // attributed to the patient. This seems to be all for the patient portal. $row = getPnoteById($noteid); if (!$row) { die("getPnoteById() did not find id '" . text($noteid) . "'"); } $pres = sqlQuery("SELECT lname, fname " . "FROM patient_data WHERE pid = ?", array($reply_to)); $patientname = $pres['lname'] . ", " . $pres['fname']; $note .= "\n\n{$patientname} on " . $row['date'] . " wrote:\n\n"; $note .= $row['body']; }
* @link http://www.open-emr.org */ header("Content-Type:text/xml"); $ignoreAuth = true; require_once 'classes.php'; $xml_array = array(); $token = $_POST['token']; $noteId = $_POST['noteId']; $notes = $_POST['notes']; $title = $_POST['title']; $assigned_to = $_POST['assigned_to']; if ($userId = validateToken($token)) { $username = getUsername($userId); $acl_allow = acl_check('patients', 'notes', $username); if ($acl_allow) { $result = updatePnote($noteId, $notes, $title, $assigned_to); $xml_array['status'] = 0; $xml_array['reason'] = 'The Patient notes has been updated'; } else { $xml_string .= "<status>-2</status>\n"; $xml_string .= "<reason>You are not Authorized to perform this action</reason>\n"; } } else { $xml_array['status'] = -2; $xml_array['reason'] = 'Invalid Token'; } $xml = ArrayToXML::toXml($xml_array, 'PatientNotes'); echo $xml; ?>
if (!eventMatchesDay($erow, $date)) { continue; } $eid = 0 + $erow['pc_eid']; $duration = (int) ($erow['pc_duration'] / 60); $form_mins = formData("form_mins_{$eid}") + 0; $form_fitrel = empty($_POST["form_fitrel_{$eid}"]) ? 0 : 1; sqlStatement("DELETE FROM player_event WHERE pid = '{$plid}' AND " . "date = '{$date}' AND pc_eid = '{$eid}'"); if ($form_mins < $duration) { sqlStatement("INSERT INTO player_event SET " . "pid = '{$plid}', " . "date = '{$date}', " . "pc_eid = '{$eid}', " . "minutes = '{$form_mins}', " . "fitness_related = '{$form_fitrel}'"); } } // Add or append to the roster note. if ($form_note !== '') { if ($noteid) { updatePnote($noteid, $form_note, 'Roster', $form_to); } else { addPnote($plid, $form_note, $userauthorized, '1', 'Roster', $form_to, "{$date} 00:00:00"); } } // Close this window and refresh the roster display. echo "<html>\n<body>\n<script language='JavaScript'>\n"; if ($alertmsg) { echo " alert('{$alertmsg}');\n"; } echo " if (!opener.closed && opener.refreshme) opener.refreshme();\n"; echo " window.close();\n"; echo "</script>\n</body>\n</html>\n"; exit; } ?>
?> </a></td></tr></table><br> <?php switch ($task) { case "add": // Add a new message for a specific patient; the message is documented in Patient Notes. // Add a new message; it's treated as a new note in Patient Notes. $note = strip_escape_custom($_POST['note']); $noteid = formData("noteid"); $form_note_type = formData("form_note_type"); $assigned_to = formData("assigned_to"); $form_message_status = formData("form_message_status"); $reply_to = formData("reply_to"); $userauthorized = formData("userauthorized"); if ($noteid) { updatePnote($noteid, $note, $form_note_type, $assigned_to); sqlQuery("update pnotes set message_status='" . $form_message_status . "' where id = '" . $noteid . "'"); $noteid = ''; } else { $noteid = addPnote($reply_to, $note, $userauthorized, '1', $form_note_type, $assigned_to); sqlQuery("update pnotes set message_status='" . $form_message_status . "' where id = '{$noteid}'"); } break; case "save": // Update alert. $noteid = formData("noteid"); $form_message_status = formData("form_message_status"); sqlQuery("update pnotes set message_status='" . $form_message_status . "' where id = '" . $noteid . "'"); $task = "edit"; $note = formData("note"); $title = formData("form_note_type");