if ($field_id == 'pubpid') { $where .= " AND {$field_id} LIKE '{$value}'"; } else { $where .= " AND {$field_id} LIKE '{$value}%'"; } } echo "<input type='hidden' name='{$field_id}' value='{$value}' />\n"; } } $sql = "SELECT {$given} FROM patient_data " . "WHERE {$where} ORDER BY {$orderby} LIMIT {$fstart}, {$sqllimit}"; $rez = sqlStatement($sql); $result = array(); while ($row = sqlFetchArray($rez)) { $result[] = $row; } _set_patient_inc_count($sqllimit, count($result), $where); } else { $patient = formData("patient", "R"); $findBy = $_REQUEST['findBy']; $searchFields = $_REQUEST['searchFields']; echo "<input type='hidden' name='patient' value='{$patient}' />\n"; echo "<input type='hidden' name='findBy' value='{$findBy}' />\n"; if ($findBy == "Last") { $result = getPatientLnames("{$patient}", $given, $orderby, $sqllimit, $fstart); } else { if ($findBy == "ID") { $result = getPatientId("{$patient}", $given, "id ASC, " . $orderby, $sqllimit, $fstart); } else { if ($findBy == "DOB") { $result = getPatientDOB("{$patient}", $given, "DOB ASC, " . $orderby, $sqllimit, $fstart); } else {
$relevance .= " + ( " . add_escape_custom($fldname) . " LIKE ? )"; array_push($sqlBindArray, $value); } $where .= " OR " . add_escape_custom($fldname) . " LIKE ?"; array_push($sqlBindArray, $value); array_push($sqlBindArraySpecial, $value); echo "<input type='hidden' name='" . htmlspecialchars($key, ENT_QUOTES) . "' value='" . htmlspecialchars($value, ENT_QUOTES) . "' />\n"; ++$numfields; } $sql = "SELECT *, ( {$relevance} ) AS relevance, " . "DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS " . "FROM patient_data WHERE {$where} " . "ORDER BY relevance DESC, lname, fname, mname " . "LIMIT " . add_escape_custom($fstart) . ", " . add_escape_custom($MAXSHOW) . ""; $rez = sqlStatement($sql, $sqlBindArray); $result = array(); while ($row = sqlFetchArray($rez)) { $result[] = $row; } _set_patient_inc_count($MAXSHOW, count($result), $where, $sqlBindArraySpecial); ?> </form> <table border='0' cellpadding='5' cellspacing='0' width='100%'> <tr> <td class='text'> </td> <td class='text' align='center'> <?php if ($message) { echo "<font color='red'><b>" . htmlspecialchars($message, ENT_NOQUOTES) . "</b></font>\n"; } ?>
} } // If a non-empty service code was given, then restrict to patients who // have been provided that service. Since the code is used in a LIKE // clause, % and _ wildcards are supported. if ($search_service_code) { $where .= " AND ( SELECT COUNT(*) FROM billing AS b WHERE " . "b.pid = patient_data.pid AND " . "b.activity = 1 AND " . "b.code_type != 'COPAY' AND " . "b.code LIKE ? " . ") > 0"; array_push($sqlBindArray, $search_service_code); } $sql = "SELECT {$given} FROM patient_data " . "WHERE {$where} ORDER BY {$orderby} LIMIT {$fstart}, {$sqllimit}"; $rez = sqlStatement($sql, $sqlBindArray); $result = array(); while ($row = sqlFetchArray($rez)) { $result[] = $row; } _set_patient_inc_count($sqllimit, count($result), $where, $sqlBindArray); } else { $patient = $_REQUEST['patient']; $findBy = $_REQUEST['findBy']; $searchFields = $_REQUEST['searchFields']; echo "<input type='hidden' name='patient' value='" . htmlspecialchars($patient, ENT_QUOTES) . "' />\n"; echo "<input type='hidden' name='findBy' value='" . htmlspecialchars($findBy, ENT_QUOTES) . "' />\n"; if ($findBy == "Last") { $result = getPatientLnames("{$patient}", $given, $orderby, $sqllimit, $fstart); } else { if ($findBy == "ID") { $result = getPatientId("{$patient}", $given, "id ASC, " . $orderby, $sqllimit, $fstart); } else { if ($findBy == "DOB") { $result = getPatientDOB("{$patient}", $given, "DOB ASC, " . $orderby, $sqllimit, $fstart); } else {
if ($fldname == 'pubpid') { $relevance .= " + 1000 * ( {$fldname} LIKE '{$avalue}' )"; } else { $relevance .= " + ( {$fldname} LIKE '{$avalue}' )"; } $where .= " OR {$fldname} LIKE '{$avalue}'"; echo "<input type='hidden' name='{$key}' value='{$hvalue}' />\n"; ++$numfields; } $sql = "SELECT *, ( {$relevance} ) AS relevance, " . "DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS " . "FROM patient_data WHERE {$where} " . "ORDER BY relevance DESC, lname, fname, mname " . "LIMIT {$fstart}, {$MAXSHOW}"; $rez = sqlStatement($sql); $result = array(); while ($row = sqlFetchArray($rez)) { $result[] = $row; } _set_patient_inc_count($MAXSHOW, count($result), $where); ?> </form> <table border='0' cellpadding='5' cellspacing='0' width='100%'> <tr> <td class='text'> </td> <td class='text' align='center'> <?php if ($message) { echo "<font color='red'><b>{$message}</b></font>\n"; } ?>