function MainMenuAppointments()
{
if (!freemed::acl('schedule', 'view')) {
return false;
}
// Decide if this user is a physician or not...
if (!is_object($GLOBALS['this_user'])) {
$GLOBALS['this_user'] = CreateObject('org.freemedsoftware.core.User');
}
if ($GLOBALS['this_user']->isPhysician()) {
// If physician, give links to daily and weekly
// schedules, as well as a total of appointments
// Get day that is one week from today
$begin_date = date("Y-m-d");
$end_date = $begin_date;
for ($day = 1; $day < 7; $day++) {
$end_date = freemed_get_date_next($end_date);
}
// Figure out appointments for today
$day_count = $GLOBALS['sql']->queryOne("SELECT COUNT(*) AS day_count FROM scheduler WHERE " . "caldateof='" . $begin_date . "' AND " . "calphysician='" . $GLOBALS['this_user']->getPhysician() . "'");
// Figure out appointments for this week
$week_count = $GLOBALS['sql']->queryOne("SELECT COUNT(*) AS week_count FROM scheduler WHERE " . "caldateof >= '" . $begin_date . "' AND " . "caldateof <= '" . $end_date . "' AND " . "calphysician='" . $GLOBALS['this_user']->getPhysician() . "'");
return array(__("Patient Scheduler"), sprintf(__("You have %s%d appointment(s) today%s and %s%d appointment(s) this week%s."), "<a href=\"physician_day_view.php?physician=" . urlencode($GLOBALS['this_user']->getPhysician()) . "\">", $day_count, "</a>", "<a href=\"physician_week_view.php?physician=" . urlencode($GLOBALS['this_user']->getPhysician()) . "\">", $week_count, "</a>"), "img/calendar_icon.png");
} else {
// If not a physician, give number of appointments
// for the current facility if there is one
$day_count = $GLOBALS['sql']->query("SELECT COUNT(*) AS day_count FROM scheduler WHERE " . "caldateof = '" . date('Y-m-d') . "' " . (HTTP_Session2::get('default_facility') ? "AND calfacility='" . addslashes(HTTP_Session2::get('default_facility')) . "' " : ""));
// Figure out appointments for this week
return array(__("Patient Scheduler"), sprintf(__("There are %s appointments scheduled for today."), "<b>{$day_count}</b>"), "img/calendar_icon.png");
}
}
public function GetDefaultFacility()
{
if (HTTP_Session2::get('facility_id')) {
$defaultDFacility['id'] = HTTP_Session2::get('facility_id') . "";
$defaultDFacility['facility'] = $this->get_field(HTTP_Session2::get('facility_id'), 'psrname');
return $defaultDFacility;
}
}
public function getStationsByType($type)
{
switch ($type) {
case 'dosing':
case 'label':
case 'signature':
case 'vitals':
$c = $type . "_enabled = 1";
break;
default:
return NULL;
break;
}
$q = "SELECT id AS Id, location AS ds_location, name as D_name from shimstation WHERE {$c} AND facility=" . (int) HTTP_Session2::get('facility_id') . " AND ip='" . $_SERVER['REMOTE_ADDR'] . "';";
syslog(LOG_INFO, $q);
return $GLOBALS['sql']->queryAll($q);
}
protected function add_post($id, $data)
{
if ($data['pnotesbillable'] != '') {
$q = "SELECT id,covtype from coverage WHERE covpatient = " . $GLOBALS['sql']->quote($data['pnotespat']) . " AND covstatus =1 ORDER BY covtype ASC LIMIT 1";
$cov = $GLOBALS['sql']->queryRow($q);
//return $cov['id']+0;
if (function_exists('json_decode')) {
$pnotesbillables = json_decode($data['pnotesbillable']);
} else {
$json = CreateObject('net.php.pear.Services_JSON');
$pnotesbillables = $json->decode($data['pnotesbillable']);
}
foreach ($pnotesbillables as $k => $v) {
foreach ($v as $key => $val) {
if ($key == 'proccode') {
$proccode = $val;
} else {
if ($key == 'diagcode') {
$diagcode = $val;
}
}
}
//return $proccode.":".$diagcode;
$proc = CreateObject('org.freemedsoftware.module.ProcedureModule');
$fee = $proc->CalculateCharge($cov, 1, $proccode, $data['pnotesdoc'], $data['pnotespat']);
$proc_data = array("procpatient" => $data['pnotespat'], "procphysician" => $data['pnotesdoc'], "procdiag1" => $diagcode, "proccpt" => $proccode, "procunits" => "1", "procpos" => HTTP_Session2::get('facility_id'), "proccharges" => $fee, "procbalorig" => $fee, "procbalcurrent" => $fee, "proccurcovid" => $cov['id'] + 0, "proccurcovtp" => $cov['covtype'] + 0, "procbillable" => "1", "procdt" => $data['pnotesdt']);
if ($cov['covtype'] + 0 == 1) {
$proc_data['proccov1'] = $cov['id'];
} else {
if ($cov['covtype'] + 0 == 2) {
$proc_data['proccov2'] = $cov['id'];
} else {
if ($cov['covtype'] + 0 == 3) {
$proc_data['proccov3'] = $cov['id'];
} else {
if ($cov['covtype'] + 0 == 4) {
$proc_data['proccov4'] = $cov['id'];
}
}
}
}
$proc->add($proc_data);
}
}
}
function IsValid($credentials)
{
syslog(LOG_INFO, "isvalid");
if (!isset($credentials['username'])) {
return false;
}
// Find this user
$r = $GLOBALS['sql']->queryRow("SELECT * FROM user " . "WHERE username = '******'username']) . "'");
// If the user isn't found, false
if (!$r['id']) {
return false;
}
if (LOGLEVEL < 1 || (LOG_HIPAA || LOG_LOGIN)) {
syslog(LOG_INFO, "FreeMED.Authentication_Basic| verify_auth login attempt {$user} ");
}
$db_pass = $r['userpassword'];
// Check password
if ($credentials['password'] == $r['userpassword']) {
// Set session vars
unset($r['userpassword']);
HTTP_Session2::set('authdata', array("username" => $credentials['username'], "user" => $r['id'], "user_record" => $r));
// Set ipaddr for SESSION_PROTECTION
HTTP_Session2::set('ipaddr', $_SERVER['REMOTE_ADDR']);
// Authorize
if (LOGLEVEL < 1 || LOG_ERRORS || (LOG_HIPAA || LOG_LOGIN)) {
syslog(LOG_INFO, "FreeMED.Authentication_Basic| verify_auth successful login");
}
$log = freemed::log_object();
$log->SystemLog(LOG__SECURITY, 'Authentication', get_class($this), "Successfully logged in");
return true;
} else {
// check password
// Failed password check
HTTP_Session2::set('authdata', null);
HTTP_Session2::set('ipaddr', null);
if (LOGLEVEL < 1 || LOG_ERRORS || (LOG_HIPAA || LOG_LOGIN)) {
syslog(LOG_INFO, "FreeMED.Authentication_Basic| verify_auth failed login");
}
$log = freemed::log_object();
$log->SystemLog(LOG__SECURITY, 'Authentication', get_class($this), "Failed login");
return false;
}
// end check password
}
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include_once dirname(__FILE__) . '/php-gettext/gettext.inc';
include_once dirname(__FILE__) . '/iso-set.php';
if (!defined('SESSION_DISABLE')) {
LoadObjectDependency('net.php.pear.HTTP_Session2');
$lang = HTTP_Session2::get('language', DEFAULT_LANGUAGE);
} else {
$lang = DEFAULT_LANGUAGE;
}
$locale_dir = dirname(dirname(__FILE__)) . '/locale';
$__domains = array('freemed', UI);
_setlocale(LC_MESSAGES, $lang);
$GLOBALS['ISOSET'] = language2isoset($lang);
foreach ($__domains as $_v) {
_bindtextdomain($_v, $locale_dir);
_bind_textdomain_codeset($_v, language2isoset($lang));
_textdomain($_v);
}
function get_translation_matrix($domain)
{
global $default_domain;
function menu_notify()
{
// Check to see if we're the person who is supposed to be
// notified. If not, die out right now.
$supposed = freemed::config_value('uffax_user');
$authdata = HTTP_Session2::get('authdata');
if (!(strpos($supposed, ',') === false)) {
// Handle array
$found = false;
foreach (explode(',', $supposed) as $s) {
if ($s == $authdata['user']) {
$found = true;
}
}
if (!$found) {
return false;
}
} else {
if ($supposed > 0 and $supposed != $authdata['user']) {
return false;
}
}
// Decide if we have any "unfiled documents" in the system
$query = "SELECT COUNT(*) AS unfiled FROM " . $this->table_name;
$unfiled = $GLOBALS['sql']->queryOne($query);
if ($unfiled > 0) {
return array(sprintf(__("You have %d unfiled documents"), $unfiled), "module_loader.php?module=" . urlencode(get_class($this)) . "&action=display");
} else {
// For now, we're just going to return nothing so that
// the box doesn't show up
return false;
}
}
/**
* Replicate session data to specified target
*
* @param string $target Target to replicate to
* @param string $id Id of record to replicate,
* if not specified current session id will be used
*
* @return boolean
*/
public function replicate($target, $id = null)
{
if (is_null($id)) {
$id = HTTP_Session2::id();
}
// Check if table row already exists
$query = sprintf("SELECT COUNT(id) FROM %s WHERE id = %s", $target, $this->_db->quoteSmart(md5($id)));
$result = $this->_db->getOne($query);
if (DB::isError($result)) {
new DB_Error($result->code, PEAR_ERROR_DIE);
return false;
}
// Insert new row into target table
if (0 == intval($result)) {
$query = "INSERT INTO {$target} SELECT * FROM";
$query .= " " . $this->options['table'];
$query .= " WHERE id = " . $this->_db->quoteSmart(md5($id));
} else {
// Update existing row
$query = "UPDATE {$target} dst,";
$query .= " " . $this->options['table'];
$query .= " src SET dst.expiry = src.expiry,";
$query .= " dst.data = src.data";
$query .= " WHERE dst.id = src.id";
$query .= " AND src.id = " . $this->_db->quoteSmart(md5($id));
}
$result = $this->_db->query($query);
if (DB::isError($result)) {
new DB_Error($result->code, PEAR_ERROR_DIE);
return false;
}
return true;
}
/**
* Perform a vote action
*
* Runs the 'vote_template' template to get a confirmation on the vote and
* adds the vote if confirmed.
*
* @param int $id The poll id
* @param int $answer The answer id
* @return bool true on success or false on errors
*/
protected function actionVote($id, $answer)
{
$expiration = @HTTP_Session2::get($this->id . '.expiration');
$voting = @HTTP_Session2::get($this->id . '.voting');
if ($voting && time() < $expiration) {
TIP::notifyError('double');
return false;
}
if (is_null($row =& $this->fromRow($id, false))) {
return false;
}
if (is_null($answer_label = $this->getField('answer' . $answer))) {
TIP::notifyError('wrongparams');
$this->endView();
return false;
}
if (@TIP::getGet('process', 'int') == 1) {
if (!$voting) {
TIP::notifyError('nocookies');
$this->endView();
return false;
}
$old_row = $row;
++$row['votes' . $answer];
$this->_onDataRow($row);
$this->data->updateRow($row, $old_row);
HTTP_Session2::set($this->id . '.voting', false);
HTTP_Session2::set($this->id . '.expiration', strtotime($this->expiration));
$this->appendToPage($this->view_template);
} else {
HTTP_Session2::set($this->id . '.voting', true);
$this->appendToPage($this->vote_template);
}
$this->endView();
return true;
}
/**
* Sets user-defined session storage functions
*
* Sets the user-defined session storage functions which are used
* for storing and retrieving data associated with a session.
* This is most useful when a storage method other than
* those supplied by PHP sessions is preferred.
* i.e. Storing the session data in a local database.
*
* @param string $container Name of the container (e.g. DB, MDB, ...).
* @param array $container_options Options, most likely an array.
*
* @return void
* @see session_set_save_handler()
*/
static function setContainer($container, $container_options = null)
{
$container_class = 'HTTP_Session2_Container_' . $container;
$container_classfile = 'HTTP/Session2/Container/' . $container . '.php';
if (!class_exists($container_class)) {
include_once $container_classfile;
}
if (!class_exists($container_class)) {
throw new HTTP_Session2_Exception("Container class, {$container_class}, does not exist", self::ERR_UNKNOWN_CONTAINER);
}
self::$container = new $container_class($container_options);
self::$container->set();
}
private function _validate()
{
if ($this->action == TIP_FORM_ACTION_DELETE || $this->action == TIP_FORM_ACTION_CUSTOM) {
// Special case: GET driven form
$this->_form->freeze();
return TIP::getGet('process', 'int') == 1;
}
// Add element and form rules
isset($this->validator) && $this->_form->addFormRule($this->validator);
foreach (array_keys($this->fields) as $id) {
if ($this->_form->elementExists($id)) {
$this->_addGuessedRules($id);
$this->_addCustomRules($id);
}
}
$stage_id = $this->id . '.stage';
$last_stage = HTTP_Session2::get($stage_id);
if (!$this->_form->isSubmitted() || isset($last_stage) && $last_stage < $this->_stage) {
HTTP_Session2::set($stage_id, $this->_stage);
$valid = false;
} elseif (is_null($last_stage)) {
// No last stage defined
TIP::notifyError('double');
$valid = null;
} else {
// Validation
$this->_form->applyFilter('__ALL__', array('TIP', 'extendedTrim'));
$valid = $this->_form->validate();
}
// Perform uploads (if needed)
if (is_callable(array('HTML_QuickForm_attachment', 'doUploads'))) {
HTML_QuickForm_attachment::doUploads($this->_form);
}
return $valid;
}
function ValidSession()
{
// Associate "SESSION" with proper session variable
$PHP_SELF = $_SERVER['PHP_SELF'];
// Check for authdata array
if (is_array(HTTP_Session2::get('authdata'))) {
// Check to see if ipaddr is set or not...
if (!SESSION_PROTECTION) {
return true;
} else {
if (!empty(HTTP_Session2::get('ipaddr'))) {
if (HTTP_Session2::get('ipaddr') == $_SERVER['REMOTE_ADDR']) {
// We're already authorized
return true;
} else {
// IP address has changed, ERROR
HTTP_Session2::set('ipaddr', null);
syslog(LOG_INFO, "Authentication Layer| IP address changed for session");
return false;
}
// end checking ipaddr
} else {
// Force check if no ip address is present. This
// should get around null IPs getting set by
// accident without compromising security.
return false;
}
// end if isset ipaddr
}
// end checking for SESSION_PROTECTION
}
// end checking for authdata in session
// If all else fails, return false
return false;
}
/**
* Check if the picture is contained by the specified bounding box
*
* @param array $value Value as returned by HTML_QuickForm_captcha::getValue()
* @return bool true if the captcha matches, false otherwise
* @access public
*/
function _ruleCaptcha($value)
{
$old = HTTP_Session2::get('_HTML_QuickForm_captcha');
return $value == $old;
}
public static function check_access_for_patient($patient_number, $_user = 0)
{
if ($_user == 0) {
// Grab authdata
$_authdata = HTTP_Session2::get('authdata', array());
$user = $_authdata['user'];
} else {
$user = $_user;
}
//eventually logging should include different messages for all returns here...
// Root has all access...
if ($user == 1) {
return true;
}
// Grab auth information from db
$f_user = $GLOBALS['sql']->get_link('user', $user);
// Get data records in question for the user
$f_fac = $f_user["userfac"];
$f_phy = $f_user["userphy"];
$f_phygrp = $f_user["userphygrp"];
// Retrieve patient record
$f_pat = $GLOBALS['sql']->get_link('patient', $patient_number);
// check for universal access
if (fm_value_in_string($f_fac, "-1") or fm_value_in_string($f_phy, "-1") or fm_value_in_string($f_phygrp, "-1")) {
return true;
}
// Check for physician in any physician fields
if ($f_pat["ptpcp"] > 0 and fm_value_in_string($f_phy, $f_pat["ptpcp"])) {
return true;
}
if ($f_pat["ptphy1"] > 0 and fm_value_in_string($f_phy, $f_pat["ptphy1"])) {
return true;
}
if ($f_pat["ptphy2"] > 0 and fm_value_in_string($f_phy, $f_pat["ptphy2"])) {
return true;
}
if ($f_pat["ptphy3"] > 0 and fm_value_in_string($f_phy, $f_pat["ptphy3"])) {
return true;
}
if ($f_pat["ptdoc"] > 0 and fm_value_in_string($f_phy, $f_pat["ptdoc"])) {
return true;
}
// Default to false
return false;
}
public function SessionPopulate()
{
syslog(LOG_INFO, "SessionPopulate called");
if (!$this->LoggedIn()) {
return false;
}
syslog(LOG_INFO, "SessionPopulate called, proceeding");
$u = freemed::user_cache();
// Pull user options
$r = $u->local_record;
$s = unserialize($r['usermanageopt']);
if ($s) {
$r['usermanageopt'] = $s;
}
$authdata = HTTP_Session2::get('authdata');
$authdata['user_record'] = $r;
HTTP_Session2::set('authdata', $authdata);
return true;
}
/**
* Replicate session data to specified target
*
* @param string $target The target (table) to replicate to.
* @param string $id Id of record to replicate,
* if not specified current session id will be used
*
* @return boolean
* @throws HTTP_Session2_Exception To carry any MDB2 related error out.
*/
public function replicate($target, $id = null)
{
if ($id === null) {
$id = HTTP_Session2::id();
}
// Check if table row already exists
$query = "SELECT COUNT(id) FROM {$target}";
$query .= " WHERE id = " . $this->db->quote(md5($id), 'text');
$result = $this->db->queryOne($query);
if (MDB2::isError($result)) {
throw new HTTP_Session2_Exception($result->getDebugInfo(), $result->getCode());
}
// Insert new row into dest table
if (0 == intval($result)) {
$query = sprintf("INSERT INTO %s SELECT * FROM %s WHERE id = %s", $target, $this->options['table'], $this->db->quote(md5($id), 'text'));
} else {
// Update existing row
$query = "UPDATE {$target} dst, " . $this->options['table'];
$query .= " src SET dst.expiry = src.expiry,";
$query .= " dst.data = src.data";
$query .= " WHERE dst.id = src.id";
$query .= " AND src.id = " . $this->db->quote(md5($id), 'text');
}
$result = $this->db->query($query);
if (MDB2::isError($result)) {
throw new HTTP_Session2_Exception($result->getDebugInfo(), $result->getCode());
}
return true;
}
protected function mod_pre(&$data)
{
$data['user'] = freemed::user_cache()->user_number;
$data['facility'] = HTTP_Session2::get('facility_id');
}
/**
* セッション破棄
*
* @return void
*/
public function destroy()
{
HTTP_Session2::destroy();
}
/**
* Logout the current user
*
* Performs the logout option for the current user. The row data of the
* user to login must be present in the '_row' internal property.
*
* @return bool true on success or false on errors
*/
protected function logout()
{
require_once 'HTTP/Session2.php';
HTTP_Session2::destroy();
$this->_row = null;
$this->_updateCookie();
$this->_refreshUser();
return true;
}
/**
* Start the session
*/
public static function startSession()
{
require_once 'HTTP/Session2.php';
$user_id = TIP::getUserId();
if ($user_id) {
// For a logged in user, use the special TIP container
HTTP_Session2::useCookies(false);
HTTP_Session2::setContainer('TIP');
HTTP_Session2::start('TIP_Session', $user_id);
} else {
// For anonymous users, cookie with an automatic session id is used
HTTP_Session2::useCookies(true);
HTTP_Session2::start('TIP_Session');
}
HTTP_Session2::setExpire(time() + 3600 * 4);
if (HTTP_Session2::isExpired()) {
HTTP_Session2::destroy();
TIP::notifyInfo('session');
}
}
private function _startSession()
{
// Start the session
TIP::startSession();
$this->_session_started = true;
// Set $_referer
$request = HTTP_Session2::get('request');
$referer = HTTP_Session2::get('referer');
if (is_null($request)) {
// Entry page or new session: the referer is the main page
$this->_referer = null;
} elseif ($this->_request['uri'] == $referer['uri']) {
// Current URI equals to the old referer URI: probably a back action
$this->_referer = null;
} elseif ($this->_request['module'] != $request['module'] || $this->_request['action'] != $request['action']) {
// New action: the referer is the previous request
$this->_referer = $request;
} else {
// Same action: leave the old referer
$this->_referer = $referer;
}
if (!is_array($this->_referer)) {
$this->_referer = array('uri' => TIP::getHome(), 'module' => null, 'action' => null);
$this->_referer['action'] = null;
}
$this->keys['REFERER'] = $this->_referer['uri'];
// Store request and referer
HTTP_Session2::set('referer', $this->_referer);
HTTP_Session2::set('request', $this->_request);
// Profiler initialization in "admin" mode
if ($this->keys['IS_ADMIN']) {
require_once 'Benchmark/Profiler.php';
$GLOBALS['_tip_profiler'] = new Benchmark_Profiler();
$GLOBALS['_tip_profiler']->start();
}
}
}
//----- Gettext and language settings
if (isset($_REQUEST['_l'])) {
// Handle template language changes
HTTP_Session2::set('language', $_REQUEST['_l']);
} elseif (HTTP_Session2::get('language')) {
// Pull from cookie (do nothing)
} else {
// Use the default
HTTP_Session2::set('language', DEFAULT_LANGUAGE);
}
$GLOBALS['freemed']['__language'] = HTTP_Session2::get('language');
// Set default facility from parameter if it exists
if (isset($_REQUEST['_f'])) {
// Handle template language changes
HTTP_Session2::set('default_facility', $_REQUEST['_f'] + 0);
}
// Load ACL routines
if (!defined('SKIP_SQL_INIT')) {
include_once dirname(__FILE__) . "/acl.php";
}
}
// ***************************************************************
// Load Gettext routines
include_once dirname(__FILE__) . "/i18n.php";
include_once dirname(__FILE__) . "/API.php";
// API functions
include_once dirname(__FILE__) . "/macros.php";
// macros/contants
//----- Create Log target
openlog("freemed", LOG_PID | LOG_PERROR, LOG_LOCAL0);
