function recurse_pages($pages, $spaces = 0, $layoutsBlocks = [], $pageWidgets = [], $pagesWidgets = [])
{
$data = '';
foreach ($pages as $page) {
// Блок
$currentBlock = array_get($pageWidgets, $page['id'] . '.0');
$currentPosition = array_get($pageWidgets, $page['id'] . '.1');
$data .= '<tr data-id="' . $page['id'] . '" data-parent-id="' . $page['parent_id'] . '">';
$data .= '<td>';
if (!empty($page['childs'])) {
$data .= '<div class="input-group">';
}
$data .= Form::select('blocks[' . $page['id'] . '][block]', [], $currentBlock, ['class' => 'widget-blocks form-control', 'data-layout' => $page['layout_file'], 'data-value' => $currentBlock]);
if (!empty($page['childs'])) {
$data .= "<div class=\"input-group-btn\">" . Form::button(NULL, ['data-icon' => 'level-down', 'class' => 'set_to_inner_pages btn btn-warning', 'title' => trans('widgets::core.button.select_childs')]) . '</div></div>';
}
$data .= '</td><td>';
$data .= Form::text('blocks[' . $page['id'] . '][position]', (int) $currentPosition, ['maxlength' => 4, 'size' => 4, 'class' => 'form-control text-right widget-position']);
$data .= '</td><td></td>';
if (acl_check('page::edit')) {
$data .= '<th>' . str_repeat("- ", $spaces) . link_to_route('backend.page.edit', $page['title'], [$page['id']]) . '</th>';
} else {
$data .= '<th>' . str_repeat("- ", $spaces) . $page['title'] . '</th>';
}
$data .= '</tr>';
if (!empty($page['childs'])) {
$data .= recurse_pages($page['childs'], $spaces + 5, $layoutsBlocks, $pageWidgets, $pagesWidgets);
}
}
return $data;
}
/**
* @param PagePartRepository $repository
*/
public function reorder(PagePartRepository $repository)
{
if (!acl_check('part::reorder')) {
return;
}
$ids = $this->getParameter('ids', []);
$repository->reorder($ids);
}
public function reorder()
{
if (!acl_check('parts.reorder')) {
return;
}
$ids = $this->getParameter('ids', []);
$part = new PagePart();
$part->reorder($ids);
}
/**
* @throws PluginContainerException
*/
public function changeStatus()
{
if (!acl_check('plugins::change_status')) {
throw new PermissionException('plugins::change_status');
}
$name = $this->getRequiredParameter('name');
$removeTable = $this->getParameter('remove_data');
if (is_null($plugin = PluginLoader::getPluginContainer($name))) {
throw new PluginContainerException("Plugin [{$name}] not found");
}
if (PluginLoader::isActivated($name)) {
PluginLoader::deactivatePlugin($name, (bool) $removeTable);
} else {
PluginLoader::activatePlugin($name);
}
$this->setContent($plugin);
}
/**
* @param ItemDecorator $page
* @param integer $priority
* @return $this
*/
public function addPage(ItemDecorator &$page, $priority = 1)
{
$priority = (int) $priority;
if (!acl_check($page->getPermissions())) {
return $this;
}
if (isset($page->priority)) {
$priority = (int) $page->priority;
}
if ($page instanceof Section) {
$this->sections[] = $page;
$page->setSection($this);
} else {
if (isset($this->pages[$priority])) {
while (isset($this->pages[$priority])) {
$priority++;
}
}
$this->pages[$priority] = $page;
}
$page->setSection($this);
return $this->update()->sort();
}
function lab_results_messages($set_pid, $rid, $provider_id = "")
{
if ($provider_id != "") {
$where = "AND id = '" . $provider_id . "'";
}
// Get all active users.
$rez = sqlStatement("select id, username from users where username != '' AND active = '1' {$where}");
for ($iter = 0; $row = sqlFetchArray($rez); $iter++) {
$result[$iter] = $row;
}
if (!empty($result)) {
foreach ($result as $user_detail) {
unset($thisauth);
// Make sure it is empty.
// Check user authorization. Only send the panding review message to authorised user.
// $thisauth = acl_check('patients', 'sign', $user_detail['username']);
// Route message to administrators if there is no provider match.
if ($provider_id == "") {
$thisauth = acl_check('admin', 'super', $user_detail['username']);
} else {
$thisauth = true;
}
if ($thisauth) {
// Send lab result message to the ordering provider when there is a new lab report.
$userauthorized = formData("userauthorized");
$pname = getPatientName($set_pid);
$link = "<a href='../../orders/orders_results.php?review=1&set_pid={$set_pid}'" . " onclick='return top.restoreSession()'>here</a>";
$note = "Patient {$pname}'s lab results have arrived. Please click {$link} to review them.<br/>";
$note_type = "Lab Results";
$message_status = "New";
// Add pnote.
$noteid = addPnote($set_pid, $note, $userauthorized, '1', $note_type, $user_detail['username']);
sqlQ("update pnotes set message_status='" . $message_status . "' where id = '{$noteid}'");
}
}
}
}
echo formatcyp($rowresult);
?>
</td>
</tr>
<?php
}
// End not csv export
}
// end details
$producttotal += $rowresult;
$grandtotal += $rowresult;
$productqty += $qty;
$grandqty += $qty;
}
// end function
if (!acl_check('acct', 'rep')) {
die(xl("Unauthorized access."));
}
$form_from_date = fixDate($_POST['form_from_date'], date('Y-m-d'));
$form_to_date = fixDate($_POST['form_to_date'], date('Y-m-d'));
$form_facility = $_POST['form_facility'];
if ($_POST['form_csvexport']) {
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=ippf_cyp_report.csv");
header("Content-Description: File Transfer");
// CSV headers:
if ($_POST['form_details']) {
echo '"Item",';
:
</td>
<td>
<?php
dropdown_facility(strip_escape_custom($form_facility), 'form_facility');
?>
</td>
<td class='label'>
<?php
xl('Provider', 'e');
?>
:
</td>
<td>
<?php
if (acl_check('acct', 'rep_a')) {
// Build a drop-down list of providers.
//
$query = "select id, lname, fname from users where " . "authorized = 1 order by lname, fname";
$res = sqlStatement($query);
echo " <select name='form_doctor'>\n";
echo " <option value=''>-- " . xl('All Providers', 'e') . " --\n";
while ($row = sqlFetchArray($res)) {
$provid = $row['id'];
echo " <option value='{$provid}'";
if ($provid == $_POST['form_doctor']) {
echo " selected";
}
echo ">" . $row['lname'] . ", " . $row['fname'] . "\n";
}
echo " </select>\n";
<tr>
<?php
$sensitivities = acl_get_sensitivities();
if ($sensitivities && count($sensitivities)) {
usort($sensitivities, "sensitivity_compare");
?>
<td class='bold' nowrap><?php
echo xlt('Sensitivity:');
?>
</td>
<td class='text'>
<select name='form_sensitivity'>
<?php
foreach ($sensitivities as $value) {
// Omit sensitivities to which this user does not have access.
if (acl_check('sensitivities', $value[1])) {
echo " <option value='" . attr($value[1]) . "'";
if ($viewmode && $result['sensitivity'] == $value[1]) {
echo " selected";
}
echo ">" . xlt($value[3]) . "</option>\n";
}
}
echo " <option value=''";
if ($viewmode && !$result['sensitivity']) {
echo " selected";
}
echo ">" . xlt('None') . "</option>\n";
?>
</select>
</td>
echo $row['abook_type'];
?>
");
});
</script>
<form method='post' name='theform' action='addrbook_edit.php?userid=<?php
echo $userid;
?>
'>
<center>
<table border='0' width='100%'>
<?php
if (acl_check('admin', 'practice')) {
// allow choose type option if have admin access
?>
<tr>
<td width='1%' nowrap><b><?php
xl('Type', 'e');
?>
:</b></td>
<td>
<?php
echo generate_select_list('form_abook_type', 'abook_type', $row['abook_type'], '', 'Unassigned', '', 'typeSelect(this.value)');
?>
</td>
</tr>
<?php
}
$esign = $esignApi->createFormESign($iter['id'], $formdir, $encounter);
echo "<tr>";
echo "<td style='border-bottom:1px solid'>";
// a link to edit the form
echo "<div class='form_header_controls'>";
// If the form is locked, it is no longer editable
if ($esign->isLocked()) {
echo "<a href=# class='css_button_small form-edit-button-locked' id='form-edit-button-" . attr($formdir) . "-" . attr($iter['id']) . "'><span>" . xlt('Locked') . "</span></a>";
} else {
echo "<a class='css_button_small form-edit-button' id='form-edit-button-" . attr($formdir) . "-" . attr($iter['id']) . "' target='" . "_parent" . "' href='{$rootdir}/patient_file/encounter/view_form.php?" . "formname=" . attr($formdir) . "&id=" . attr($iter['form_id']) . "' onclick='top.restoreSession()'>";
echo "<span>" . xlt('Edit') . "</span></a>";
}
if ($esign->isButtonViewable()) {
echo $esign->buttonHtml();
}
if (acl_check('admin', 'super')) {
if ($formdir != 'newpatient') {
// a link to delete the form from the encounter
echo "<a target='_parent'" . " href='{$rootdir}/patient_file/encounter/delete_form.php?" . "formname=" . $formdir . "&id=" . $iter['id'] . "&encounter=" . $encounter . "&pid=" . $pid . "' class='css_button_small' title='" . xl('Delete this form') . "' onclick='top.restoreSession()'><span>" . xl('Delete') . "</span></a>";
} else {
?>
<a href='javascript:;' class='css_button_small' style='color:gray'><span><?php
xl('Delete', 'e');
?>
</span></a><?php
}
}
echo "<div class='form_header'>";
// Figure out the correct author (encounter authors are the '$providerNameRes', while other
// form authors are the '$user['fname'] . " " . $user['lname']').
if ($formdir == 'newpatient') {
xl('Invoice Refno Pool', 'e');
?>
: </td>
<td class='text'>
<?php
echo generate_select_list('irnpool', 'irnpool', '', xl('Invoice reference number pool, if used'));
?>
</td>
</tr>
<?php
}
?>
<?php
// List the access control groups if phpgacl installed
if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
?>
<tr>
<td class='text'><?php
xl('Access Control', 'e');
?>
:</td>
<td><select name="access_group[]" multiple style="width:120px;">
<?php
$list_acl_groups = acl_get_group_title_list();
$default_acl_group = 'Administrators';
foreach ($list_acl_groups as $value) {
if ($default_acl_group == $value) {
// Modified 6-2009 by BM - Translate group name if applicable
echo " <option value='{$value}' selected>" . xl_gacl_group($value) . "</option>\n";
} else {
* @author Karl Englund <*****@*****.**>
* @link http://www.open-emr.org
*/
header("Content-Type:text/xml");
$ignoreAuth = true;
require_once 'classes.php';
$p_id = $_REQUEST['patientID'];
$token = $_REQUEST['token'];
$xml_array = array();
if ($userId = validateToken($token)) {
$user_data = getUserData($userId);
$user = $user_data['user'];
$emr = $user_data['emr'];
$username = $user_data['username'];
$password = $user_data['password'];
$acl_allow = acl_check('patientportal', 'portal', $username);
if ($acl_allow) {
$patient = getPatientData($p_id);
$xml_array['status'] = 0;
$xml_array['reason'] = "Success patient processing record";
if ($patient) {
$xml_array['Patient']['demographics'] = $patient;
$ethencity_query = "SELECT option_id, title FROM list_options WHERE list_id = 'ethnicity' AND `option_id` = ?";
$patientData = $patient["ethnicity"];
$ethencity_result = sqlQuery($ethencity_query, array($patientData));
if ($ethencity_result) {
$xml_array['Patient']['demographics']['ethnicityvalue'] = $ethencity_result['title'];
} else {
$xml_array['Patient']['demographics']['ethnicityvalue'] = '';
}
$p_insurance = getInsuranceData($p_id);
function echoProdLine($lino, $drug_id, $del = FALSE, $units = NULL, $fee = NULL, $sale_id = 0, $billed = FALSE)
{
global $code_types, $ndc_applies, $pid, $usbillstyle, $hasCharges;
$drow = sqlQuery("SELECT name FROM drugs WHERE drug_id = ?", array($drug_id));
$code_text = $drow['name'];
$fee = sprintf('%01.2f', $fee);
if (empty($units)) {
$units = 1;
}
$units = max(1, intval($units));
// We put unit price on the screen, not the total line item fee.
$price = $fee / $units;
$strike1 = $sale_id && $del ? "<strike>" : "";
$strike2 = $sale_id && $del ? "</strike>" : "";
echo " <tr>\n";
echo " <td class='billcell'>{$strike1}" . xlt("Product") . "{$strike2}";
echo "<input type='hidden' name='prod[" . attr($lino) . "][sale_id]' value='" . attr($sale_id) . "'>";
echo "<input type='hidden' name='prod[" . attr($lino) . "][drug_id]' value='" . attr($drug_id) . "'>";
echo "<input type='hidden' name='prod[" . attr($lino) . "][billed]' value='" . attr($billed) . "'>";
echo "</td>\n";
echo " <td class='billcell'>{$strike1}" . text($drug_id) . "{$strike2}</td>\n";
if (modifiers_are_used(true)) {
echo " <td class='billcell'> </td>\n";
}
if ($billed) {
if (fees_are_used()) {
echo " <td class='billcell' align='right'>" . text(oeFormatMoney($price)) . "</td>\n";
echo " <td class='billcell' align='center'>" . text($units) . "</td>\n";
}
if (justifiers_are_used()) {
echo " <td class='billcell' align='center'{$usbillstyle}> </td>\n";
// justify
}
echo " <td class='billcell' align='center'> </td>\n";
// provider
echo " <td class='billcell' align='center'{$usbillstyle}> </td>\n";
// note codes
echo " <td class='billcell' align='center'{$usbillstyle}> </td>\n";
// auth
echo " <td class='billcell' align='center'><input type='checkbox'" . " disabled /></td>\n";
} else {
if (fees_are_used()) {
echo " <td class='billcell' align='right'>" . "<input type='text' name='prod[" . attr($lino) . "][price]' " . "value='" . attr($price) . "' size='6'";
if (acl_check('acct', 'disc')) {
echo " style='text-align:right'";
} else {
echo " style='text-align:right;background-color:transparent' readonly";
}
echo "></td>\n";
echo " <td class='billcell' align='center'>";
echo "<input type='text' name='prod[" . attr($lino) . "][units]' " . "value='" . attr($units) . "' size='2' style='text-align:right'>";
echo "</td>\n";
}
if (justifiers_are_used()) {
echo " <td class='billcell'{$usbillstyle}> </td>\n";
// justify
}
echo " <td class='billcell' align='center'> </td>\n";
// provider
echo " <td class='billcell' align='center'{$usbillstyle}> </td>\n";
// note codes
echo " <td class='billcell' align='center'{$usbillstyle}> </td>\n";
// auth
echo " <td class='billcell' align='center'><input type='checkbox' name='prod[" . attr($lino) . "][del]' " . "value='1'" . ($del ? " checked" : "") . " /></td>\n";
}
echo " <td class='billcell'>{$strike1}" . text($code_text) . "{$strike2}</td>\n";
echo " </tr>\n";
if ($fee != 0) {
$hasCharges = true;
}
}
function generate_receipt($patient_id, $encounter = 0)
{
global $sl_err, $sl_cash_acc, $css_header, $details, $INTEGRATED_AR;
// Get details for what we guess is the primary facility.
$frow = sqlQuery("SELECT * FROM facility " . "ORDER BY billing_location DESC, accepts_assignment DESC, id LIMIT 1");
$patdata = getPatientData($patient_id, 'fname,mname,lname,pubpid,street,city,state,postal_code,providerID');
// Get the most recent invoice data or that for the specified encounter.
//
// Adding a provider check so that their info can be displayed on receipts
if ($INTEGRATED_AR) {
if ($encounter) {
$ferow = sqlQuery("SELECT id, date, encounter, provider_id FROM form_encounter " . "WHERE pid = ? AND encounter = ?", array($patient_id, $encounter));
} else {
$ferow = sqlQuery("SELECT id, date, encounter, provider_id FROM form_encounter " . "WHERE pid = ? " . "ORDER BY id DESC LIMIT 1", array($patient_id));
}
if (empty($ferow)) {
die(xlt("This patient has no activity."));
}
$trans_id = $ferow['id'];
$encounter = $ferow['encounter'];
$svcdate = substr($ferow['date'], 0, 10);
if ($GLOBALS['receipts_by_provider']) {
if (isset($ferow['provider_id'])) {
$encprovider = $ferow['provider_id'];
} else {
if (isset($patdata['providerID'])) {
$encprovider = $patdata['providerID'];
} else {
$encprovider = -1;
}
}
}
if ($encprovider) {
$providerrow = sqlQuery("SELECT fname, mname, lname, title, street, streetb, " . "city, state, zip, phone, fax FROM users WHERE id = ?", array($encprovider));
}
} else {
SLConnect();
//
$arres = SLQuery("SELECT * FROM ar WHERE " . "invnumber LIKE '{$patient_id}.%' " . "ORDER BY id DESC LIMIT 1");
if ($sl_err) {
die(text($sl_err));
}
if (!SLRowCount($arres)) {
die(xlt("This patient has no activity."));
}
$arrow = SLGetRow($arres, 0);
//
$trans_id = $arrow['id'];
//
// Determine the date of service. An 8-digit encounter number is
// presumed to be a date of service imported during conversion or
// associated with prescriptions only. Otherwise look it up in the
// form_encounter table.
//
$svcdate = "";
list($trash, $encounter) = explode(".", $arrow['invnumber']);
if (strlen($encounter) >= 8) {
$svcdate = substr($encounter, 0, 4) . "-" . substr($encounter, 4, 2) . "-" . substr($encounter, 6, 2);
} else {
if ($encounter) {
$tmp = sqlQuery("SELECT date FROM form_encounter WHERE " . "encounter = ?", array($encounter));
$svcdate = substr($tmp['date'], 0, 10);
}
}
}
// end not $INTEGRATED_AR
// Get invoice reference number.
$encrow = sqlQuery("SELECT invoice_refno FROM form_encounter WHERE " . "pid = ? AND encounter = ? LIMIT 1", array($patient_id, $encounter));
$invoice_refno = $encrow['invoice_refno'];
?>
<html>
<head>
<?php
html_header_show();
?>
<link rel='stylesheet' href='<?php
echo $css_header;
?>
' type='text/css'>
<title><?php
echo xlt('Receipt for Payment');
?>
</title>
<script type="text/javascript" src="../../library/dialog.js"></script>
<script language="JavaScript">
<?php
require $GLOBALS['srcdir'] . "/restoreSession.php";
?>
// Process click on Print button.
function printme() {
var divstyle = document.getElementById('hideonprint').style;
divstyle.display = 'none';
window.print();
return false;
}
// Process click on Delete button.
function deleteme() {
dlgopen('deleter.php?billing=<?php
echo attr("{$patient_id}.{$encounter}");
?>
', '_blank', 500, 450);
return false;
}
// Called by the deleteme.php window on a successful delete.
function imdeleted() {
window.close();
}
</script>
</head>
<body class="body_top">
<center>
<?php
if ($GLOBALS['receipts_by_provider'] && !empty($providerrow)) {
printProviderHeader($providerrow);
} else {
printFacilityHeader($frow);
}
echo xlt("Receipt Generated") . ":" . text(date(' F j, Y'));
if ($invoice_refno) {
echo " " . xlt("Invoice Number") . ": " . text($invoice_refno) . " " . xlt("Service Date") . ": " . text($svcdate);
}
?>
<br>
</b></p>
</center>
<p>
<?php
echo text($patdata['fname']) . ' ' . text($patdata['mname']) . ' ' . text($patdata['lname']);
?>
<br><?php
echo text($patdata['street']);
?>
<br><?php
echo text($patdata['city']) . ', ' . text($patdata['state']) . ' ' . text($patdata['postal_code']);
?>
<br>
</p>
<center>
<table cellpadding='5'>
<tr>
<td><b><?php
echo xlt('Date');
?>
</b></td>
<td><b><?php
echo xlt('Description');
?>
</b></td>
<td align='right'><b><?php
echo $details ? xlt('Price') : ' ';
?>
</b></td>
<td align='right'><b><?php
echo $details ? xlt('Qty') : ' ';
?>
</b></td>
<td align='right'><b><?php
echo xlt('Total');
?>
</b></td>
</tr>
<?php
$charges = 0.0;
if ($INTEGRATED_AR) {
// Product sales
$inres = sqlStatement("SELECT s.sale_id, s.sale_date, s.fee, " . "s.quantity, s.drug_id, d.name " . "FROM drug_sales AS s LEFT JOIN drugs AS d ON d.drug_id = s.drug_id " . "WHERE s.pid = ? AND s.encounter = ? " . "ORDER BY s.sale_id", array($patient_id, $encounter));
while ($inrow = sqlFetchArray($inres)) {
$charges += sprintf('%01.2f', $inrow['fee']);
receiptDetailLine($inrow['sale_date'], $inrow['name'], $inrow['fee'], $inrow['quantity']);
}
// Service and tax items
$inres = sqlStatement("SELECT * FROM billing WHERE " . "pid = ? AND encounter = ? AND " . "code_type != 'COPAY' AND activity = 1 " . "ORDER BY id", array($patient_id, $encounter));
while ($inrow = sqlFetchArray($inres)) {
$charges += sprintf('%01.2f', $inrow['fee']);
receiptDetailLine($svcdate, $inrow['code_text'], $inrow['fee'], $inrow['units']);
}
// Adjustments.
$inres = sqlStatement("SELECT " . "a.code, a.modifier, a.memo, a.payer_type, a.adj_amount, a.pay_amount, " . "s.payer_id, s.reference, s.check_date, s.deposit_date " . "FROM ar_activity AS a " . "LEFT JOIN ar_session AS s ON s.session_id = a.session_id WHERE " . "a.pid = ? AND a.encounter = ? AND " . "a.adj_amount != 0 " . "ORDER BY s.check_date, a.sequence_no", array($patient_id, $encounter));
while ($inrow = sqlFetchArray($inres)) {
$charges -= sprintf('%01.2f', $inrow['adj_amount']);
$payer = empty($inrow['payer_type']) ? 'Pt' : 'Ins' . $inrow['payer_type'];
receiptDetailLine($svcdate, $payer . ' ' . $inrow['memo'], 0 - $inrow['adj_amount'], 1);
}
} else {
// Request all line items with money belonging to the invoice.
$inres = SLQuery("SELECT * FROM invoice WHERE " . "trans_id = {$trans_id} AND sellprice != 0 ORDER BY id");
if ($sl_err) {
die($sl_err);
}
for ($irow = 0; $irow < SLRowCount($inres); ++$irow) {
$row = SLGetRow($inres, $irow);
$amount = sprintf('%01.2f', $row['sellprice'] * $row['qty']);
$charges += $amount;
$desc = preg_replace('/^.{1,6}:/', '', $row['description']);
receiptDetailLine($svcdate, $desc, $amount, $row['qty']);
}
}
// end not $INTEGRATED_AR
?>
<tr>
<td colspan='5'> </td>
</tr>
<tr>
<td><?php
echo text(oeFormatShortDate($svcdispdate));
?>
</td>
<td><b><?php
echo xlt('Total Charges');
?>
</b></td>
<td align='right'> </td>
<td align='right'> </td>
<td align='right'><?php
echo text(oeFormatMoney($charges, true));
?>
</td>
</tr>
<tr>
<td colspan='5'> </td>
</tr>
<?php
if ($INTEGRATED_AR) {
// Get co-pays.
$inres = sqlStatement("SELECT fee, code_text FROM billing WHERE " . "pid = ? AND encounter = ? AND " . "code_type = 'COPAY' AND activity = 1 AND fee != 0 " . "ORDER BY id", array($patient_id, $encounter));
while ($inrow = sqlFetchArray($inres)) {
$charges += sprintf('%01.2f', $inrow['fee']);
receiptPaymentLine($svcdate, 0 - $inrow['fee'], $inrow['code_text']);
}
// Get other payments.
$inres = sqlStatement("SELECT " . "a.code, a.modifier, a.memo, a.payer_type, a.adj_amount, a.pay_amount, " . "s.payer_id, s.reference, s.check_date, s.deposit_date " . "FROM ar_activity AS a " . "LEFT JOIN ar_session AS s ON s.session_id = a.session_id WHERE " . "a.pid = ? AND a.encounter = ? AND " . "a.pay_amount != 0 " . "ORDER BY s.check_date, a.sequence_no", array($patient_id, $encounter));
$payer = empty($inrow['payer_type']) ? 'Pt' : 'Ins' . $inrow['payer_type'];
while ($inrow = sqlFetchArray($inres)) {
$charges -= sprintf('%01.2f', $inrow['pay_amount']);
receiptPaymentLine($svcdate, $inrow['pay_amount'], $payer . ' ' . $inrow['reference']);
}
} else {
$chart_id_cash = SLQueryValue("select id from chart where accno = '{$sl_cash_acc}'");
if ($sl_err) {
die($sl_err);
}
if (!$chart_id_cash) {
die("There is no COA entry for cash account '{$sl_cash_acc}'");
}
//
// Request all cash entries belonging to the invoice.
$atres = SLQuery("SELECT * FROM acc_trans WHERE " . "trans_id = {$trans_id} AND chart_id = {$chart_id_cash} ORDER BY transdate");
if ($sl_err) {
die($sl_err);
}
//
for ($irow = 0; $irow < SLRowCount($atres); ++$irow) {
$row = SLGetRow($atres, $irow);
$amount = sprintf('%01.2f', $row['amount']);
// negative
$charges += $amount;
$rowsource = $row['source'];
if (strtolower($rowsource) == 'co-pay') {
$rowsource = '';
}
receiptPaymentLine($row['transdate'], 0 - $amount, $rowsource);
}
}
// end not $INTEGRATED_AR
?>
<tr>
<td colspan='5'> </td>
</tr>
<tr>
<td> </td>
<td><b><?php
echo xlt('Balance Due');
?>
</b></td>
<td colspan='2'> </td>
<td align='right'><?php
echo text(oeFormatMoney($charges, true));
?>
</td>
</tr>
</table>
</center>
<div id='hideonprint'>
<p>
<a href='#' onclick='return printme();'><?php
echo xlt('Print');
?>
</a>
<?php
if (acl_check('acct', 'disc')) {
?>
<a href='#' onclick='return deleteme();'><?php
echo xlt('Undo Checkout');
?>
</a>
<?php
}
?>
<?php
if ($details) {
?>
<a href='pos_checkout.php?details=0&ptid=<?php
echo attr($patient_id);
?>
&enc=<?php
echo attr($encounter);
?>
'><?php
echo xlt('Hide Details');
?>
</a>
<?php
} else {
?>
<a href='pos_checkout.php?details=1&ptid=<?php
echo attr($patient_id);
?>
&enc=<?php
echo attr($encounter);
?>
'><?php
echo xlt('Show Details');
?>
</a>
<?php
}
?>
</p>
</div>
</body>
</html>
<?php
if (!$INTEGRATED_AR) {
SLClose();
}
}
genTreeLink('RTop', 'tan', xl('Configure Tracks'));
}
?>
<?php
genTreeLink('RTop', 'pwd', xl('Password'));
?>
<?php
genMiscLink('RTop', 'prf', '0', xl('Preferences'), 'super/edit_globals.php?mode=user');
?>
<?php
if (acl_check('patients', 'docs')) {
genMiscLink('RTop', 'adm', '0', xl('New Documents'), '../controller.php?document&list&patient_id=00');
}
?>
<?php
if (acl_check('patients', 'docs')) {
genMiscLink('RTop', 'adm', '0', xl('Document Templates'), 'super/manage_document_templates.php');
}
?>
</ul>
</li>
<?php
}
// end not athletic team
?>
</ul>
<?php
} else {
<?php
// Copyright (C) 2009-2010 Rod Roark <*****@*****.**>
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
require_once "../globals.php";
require_once "{$srcdir}/acl.inc";
require_once "{$srcdir}/options.inc.php";
require_once "{$srcdir}/patient.inc";
require_once "{$srcdir}/erx_javascript.inc.php";
// Check authorization.
if (!acl_check('patients', 'demo', '', array('write', addonly))) {
die("Adding demographics is not authorized.");
}
$CPR = 4;
// cells per row
$searchcolor = empty($GLOBALS['layout_search_color']) ? '#ffff55' : $GLOBALS['layout_search_color'];
$WITH_SEARCH = $GLOBALS['full_new_patient_form'] == '1' || $GLOBALS['full_new_patient_form'] == '2';
$SHORT_FORM = $GLOBALS['full_new_patient_form'] == '2' || $GLOBALS['full_new_patient_form'] == '3';
function getLayoutRes()
{
global $SHORT_FORM;
return sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = 'DEM' AND uor > 0 AND field_id != '' " . ($SHORT_FORM ? "AND ( uor > 1 OR edit_options LIKE '%N%' ) " : "") . "ORDER BY group_name, seq");
}
// Determine layout field search treatment from its data type:
// 1 = text field
// 2 = select list
// 0 = not searchable
* along with this program. If not, see <http://opensource.org/licenses/gpl-3.0.html>;.
*
* @package OpenEMR
* @author Karl Englund <*****@*****.**>
* @link http://www.open-emr.org
*/
header("Content-Type:text/xml");
$ignoreAuth = true;
require_once 'classes.php';
$xml_array = array();
$token = $_POST['token'];
$noteIds = $_POST['noteIds'];
$active = $_POST['active'];
if ($userId = validateToken($token)) {
$username = getUsername($userId);
$acl_allow = acl_check('patients', 'notes', $username);
if ($acl_allow) {
$noteIds_array = explode(',', $noteIds);
foreach ($noteIds_array as $noteId) {
switch ($active) {
case 1:
reappearPnote($noteId);
break;
case 0:
disappearPnote($noteId);
break;
}
}
$xml_array['status'] = 0;
$xml_array['reason'] = 'The Patient notes has been updated';
} else {
// Copyright (C) 2007 Brady Miller <*****@*****.**>
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
//
// Allows acl(php-gacl) administration. Heavily ajax and
// javascript/jquery dependent. All ajax functions are called
// from adminacl_ajax.php
//
include_once "../globals.php";
include_once "{$srcdir}/acl.inc";
//ensure user has proper access
if (!acl_check('admin', 'acl')) {
echo "(" . xl('ACL Administration Not Authorized') . ")";
exit;
}
//ensure phpgacl is installed
if (!isset($phpgacl_location)) {
echo "(" . xl('PHP-gacl is not installed') . ")";
exit;
}
?>
<html>
<head>
<script type="text/JavaScript" src="../../library/js/jquery121.js"></script>
<script type="text/JavaScript" src="../../library/js/jquery.livequery101.js"></script>
<script type="text/JavaScript">
exit;
}
} else {
echo "<p>(" . htmlspecialchars(xl('History not authorized'), ENT_NOQUOTES) . ")</p>\n";
echo "</body>\n</html>\n";
exit;
}
$result = getHistoryData($pid);
if (!is_array($result)) {
newHistoryData($pid);
$result = getHistoryData($pid);
}
?>
<?php
if (acl_check('patients', 'med', '', array('write', 'addonly'))) {
?>
<div>
<span class="title"><?php
echo htmlspecialchars(xl('Patient History / Lifestyle'), ENT_NOQUOTES);
?>
</span>
</div>
<div id='namecontainer_history' class='namecontainer_history' style='float:left;margin-right:10px'>
<?php
echo htmlspecialchars(xl('for'), ENT_NOQUOTES);
?>
<span class="title"><a href="../summary/demographics.php" onclick="top.restoreSession()"><?php
echo htmlspecialchars(getPatientName($pid), ENT_NOQUOTES);
?>
</a></span>
Calendar.setup({inputField:"startdate", ifFormat:"%Y-%m-%d", button:"img_date"});
// jQuery stuff to make the page a little easier to use
$(document).ready(function(){
$(".oneresult").mouseover(function() { $(this).toggleClass("highlight"); });
$(".oneresult").mouseout(function() { $(this).toggleClass("highlight"); });
$(".oneresult a").mouseover(function () { $(this).toggleClass("blue_highlight"); $(this).children().toggleClass("blue_highlight"); });
$(".oneresult a").mouseout(function() { $(this).toggleClass("blue_highlight"); $(this).children().toggleClass("blue_highlight"); });
//$(".event").dblclick(function() { EditEvent(this); });
});
<?php
if (!$ckavail) {
if (acl_check('patients', 'appt', '', 'write')) {
if ($isProv) {
?>
if (confirm('<?php
echo addslashes(xl('Provider not available, use it anyway?'));
?>
')) {
<?php
} else {
?>
if (confirm('<?php
echo addslashes(xl('This appointment slot is already used, use it anyway?'));
?>
')) {
<?php
}
require_once "{$srcdir}/acl.inc";
require_once "{$srcdir}/formdata.inc.php";
require_once "{$srcdir}/options.inc.php";
require_once "{$srcdir}/formatting.inc.php";
require_once "../orders/lab_exchange_tools.php";
// Indicates if we are entering in batch mode.
$form_batch = empty($_GET['batch']) ? 0 : 1;
// Indicates if we are entering in review mode.
$form_review = empty($_GET['review']) ? 0 : 1;
// Check authorization.
$thisauth = acl_check('patients', 'med');
if (!$thisauth) {
die(xl('Not authorized'));
}
// Check authorization for pending review.
$reviewauth = acl_check('patients', 'sign');
if ($form_review and !$reviewauth and !$thisauth) {
die(xl('Not authorized'));
}
// Set pid for pending review.
if ($_GET['set_pid'] && $form_review) {
require_once "{$srcdir}/pid.inc";
require_once "{$srcdir}/patient.inc";
setpid($_GET['set_pid']);
$result = getPatientData($pid, "*, DATE_FORMAT(DOB,'%Y-%m-%d') as DOB_YMD");
?>
<script language='JavaScript'>
parent.left_nav.setPatient(<?php
echo "'" . addslashes($result['fname']) . " " . addslashes($result['lname']) . "',{$pid},'" . addslashes($result['pubpid']) . "','', ' " . xl('DOB') . ": " . oeFormatShortDate($result['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($result['DOB_YMD']) . "'";
?>
);
$bpd = $_POST['bpd'];
$weight = $_POST['weight'];
$height = $_POST['height'];
$temperature = $_POST['temperature'];
$temp_method = $_POST['temp_method'];
$pulse = $_POST['pulse'];
$respiration = $_POST['respiration'];
$note = $_POST['note'];
$BMI = $_POST['BMI'];
$BMI_status = $_POST['BMI_status'];
$waist_circ = $_POST['waist_circ'];
$head_circ = $_POST['head_circ'];
$oxygen_saturation = $_POST['oxygen_saturation'];
if ($userId = validateToken($token)) {
$user = getUsername($userId);
$acl_allow = acl_check('encounters', 'auth_a', $user);
if ($acl_allow) {
$strQuery = "UPDATE `form_vitals` SET \n `date`='" . add_escape_custom($date) . "',\n `pid`='" . add_escape_custom($patientId) . "',\n `user`='" . add_escape_custom($user) . "',\n `groupname`='" . add_escape_custom($groupname) . "',\n `authorized`='" . add_escape_custom($authorized) . "',\n `activity`='" . add_escape_custom($activity) . "',\n `bps`='" . add_escape_custom($bps) . "',\n `bpd`='" . add_escape_custom($bpd) . "',\n `weight`='" . add_escape_custom($weight) . "',\n `height`='" . add_escape_custom($height) . "',\n `temperature`='" . add_escape_custom($temperature) . "',\n `temp_method`='" . add_escape_custom($temp_method) . "',\n `pulse`='" . add_escape_custom($pulse) . "',\n `respiration`='" . add_escape_custom($respiration) . "',\n `note`='" . add_escape_custom($note) . "',\n `BMI`='" . add_escape_custom($BMI) . "',\n `BMI_status`='" . add_escape_custom($BMI_status) . "',\n `waist_circ`='" . add_escape_custom($waist_circ) . "',\n `head_circ`='" . add_escape_custom($head_circ) . "',\n `oxygen_saturation`='" . add_escape_custom($oxygen_saturation) . "' \n WHERE id = ?";
$result = sqlStatement($strQuery, array($vital_id));
if ($result !== FALSE) {
$xml_array['status'] = 0;
$xml_array['reason'] = 'Visit vital update successfully';
} else {
$xml_array['status'] = -1;
$xml_array['reason'] = 'Could not update isit vital';
}
} else {
$xml_string .= "<status>-2</status>\n";
$xml_string .= "<reason>You are not Authorized to perform this action</reason>\n";
}
} else {
$exp_days = $GLOBALS['password_expiration_days'];
$exp_date = date('Y-m-d', strtotime("+{$exp_days} days"));
}
$insertUserSQL = "insert into users set " . "username = '******'rumple')) . "', password = '******'NoLongerUsed' . "', fname = '" . trim(formData('fname')) . "', mname = '" . trim(formData('mname')) . "', lname = '" . trim(formData('lname')) . "', federaltaxid = '" . trim(formData('federaltaxid')) . "', state_license_number = '" . trim(formData('state_license_number')) . "', newcrop_user_role = '" . trim(formData('erxrole')) . "', physician_type = '" . trim(formData('physician_type')) . "', authorized = '" . trim(formData('authorized')) . "', info = '" . trim(formData('info')) . "', federaldrugid = '" . trim(formData('federaldrugid')) . "', upin = '" . trim(formData('upin')) . "', npi = '" . trim(formData('npi')) . "', taxonomy = '" . trim(formData('taxonomy')) . "', facility_id = '" . trim(formData('facility_id')) . "', specialty = '" . trim(formData('specialty')) . "', see_auth = '" . trim(formData('see_auth')) . "', cal_ui = '" . trim(formData('cal_ui')) . "', default_warehouse = '" . trim(formData('default_warehouse')) . "', irnpool = '" . trim(formData('irnpool')) . "', calendar = '" . $calvar . "', pwd_expiration_date = '" . trim("{$exp_date}") . "'";
$clearAdminPass = $_POST['adminPass'];
$clearUserPass = $_POST['stiltskin'];
$password_err_msg = "";
$prov_id = "";
$success = update_password($_SESSION['authId'], 0, $clearAdminPass, $clearUserPass, $password_err_msg, true, $insertUserSQL, trim(formData('rumple')), $prov_id);
error_log($password_err_msg);
$alertmsg .= $password_err_msg;
if ($success) {
//set the facility name from the selected facility_id
sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '" . trim(formData('facility_id')) . "' AND users.username = '******'rumple')) . "'");
sqlStatement("insert into groups set name = '" . trim(formData('groupname')) . "', user = '******'rumple')) . "'");
if (isset($phpgacl_location) && acl_check('admin', 'acl') && trim(formData('rumple'))) {
// Set the access control group of user
set_user_aro($_POST['access_group'], trim(formData('rumple')), trim(formData('fname')), trim(formData('mname')), trim(formData('lname')));
}
$ws = new WSProvider($prov_id);
}
} else {
$alertmsg .= xl('User', '', '', ' ') . trim(formData('rumple')) . xl('already exists.', '', ' ');
}
if ($_POST['access_group']) {
$bg_count = count($_POST['access_group']);
for ($i = 0; $i < $bg_count; $i++) {
if ($_POST['access_group'][$i] == "Emergency Login") {
$set_active_msg = 1;
}
}
}
$faxcount = $faxcount ? "({$faxcount})" : "";
?>
<td align="center" nowrap>
<a href="../fax/faxq.php" target="Main" class="menu" onclick="top.restoreSession()">
<?php
echo xl('Docs') . $faxcount;
?>
</a>
</td>
<?php
}
?>
<?php
if (acl_check('acct', 'rep') || acl_check('acct', 'eob') || acl_check('acct', 'bill')) {
?>
<td align="center" nowrap>
<a href="../billing/billing_report.php" target="Main" class="menu" onclick="top.restoreSession()">
<?php
xl('Billing', 'e');
?>
</a>
</td>
<?php
}
?>
<?php
if ($GLOBALS['athletic_team']) {
?>
if (empty($issue) || $irow['type'] == 'contraceptive') {
issue_ippf_con_form($issue, $thispid);
}
}
?>
<center>
<p>
<input type='submit' name='form_save' value='<?php
xl('Save', 'e');
?>
' />
<?php
if ($issue && acl_check('admin', 'super')) {
?>
<input type='button' value='<?php
xl('Delete', 'e');
?>
' style='color:red' onclick='deleteme()' />
<?php
}
?>
<input type='button' value='<?php
xl('Cancel', 'e');
?>
' onclick='closeme();' />
$fake_register_globals = false;
//
include_once "../../globals.php";
include_once "{$srcdir}/lists.inc";
include_once "{$srcdir}/acl.inc";
include_once "{$srcdir}/options.inc.php";
include_once "{$srcdir}/formdata.inc.php";
?>
<div id="patient_stats_summary">
<?php
$thisauth = acl_check('patients', 'med');
if ($thisauth) {
$tmp = getPatientData($pid, "squad");
if ($tmp['squad'] && !acl_check('squads', $tmp['squad'])) {
$thisauth = 0;
}
}
if (!$thisauth) {
echo "<p>(" . htmlspecialchars(xl('Issues not authorized'), ENT_NOQUOTES) . ")</p>\n";
echo "</body>\n</html>\n";
exit;
}
?>
<script type='text/javascript'>
function load_location( location ) {
top.restoreSession();
if ( !top.frames["RTop"] ) {
document.location=location;
if ($billing_view && $accounting_enabled && !$INTEGRATED_AR) {
SLConnect();
}
while ($result4 = sqlFetchArray($res4)) {
// $href = "javascript:window.toencounter(" . $result4['encounter'] . ")";
$reason_string = "";
$auth_sensitivity = true;
$raw_encounter_date = '';
$raw_encounter_date = date("Y-m-d", strtotime($result4["date"]));
$encounter_date = date("D F jS", strtotime($result4["date"]));
// if ($auth_notes_a || ($auth_notes && $result4['user'] == $_SESSION['authUser']))
$reason_string .= htmlspecialchars($result4["reason"], ENT_NOQUOTES) . "<br>\n";
// else
// $reason_string = "(No access)";
if ($result4['sensitivity']) {
$auth_sensitivity = acl_check('sensitivities', $result4['sensitivity']);
if (!$auth_sensitivity) {
$reason_string = "(" . htmlspecialchars(xl("No access"), ENT_NOQUOTES) . ")";
}
}
// This generates document lines as appropriate for the date order.
while ($drow && $raw_encounter_date && $drow['docdate'] > $raw_encounter_date) {
showDocument($drow);
$drow = sqlFetchArray($dres);
}
// Fetch all forms for this encounter, if the user is authorized to see
// this encounter's notes and this is the clinical view.
$encarr = array();
$encounter_rows = 1;
if (!$billing_view && $auth_sensitivity && ($auth_notes_a || $auth_notes && $result4['user'] == $_SESSION['authUser'])) {
$encarr = getFormByEncounter($pid, $result4['encounter'], "formdir, user, form_name, form_id, deleted");
<?php
// Copyright (C) 2007-2011 Rod Roark <*****@*****.**>
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
require_once "../globals.php";
require_once "{$srcdir}/acl.inc";
require_once "{$srcdir}/formdata.inc.php";
require_once "../../custom/code_types.inc.php";
$list_id = empty($_REQUEST['list_id']) ? 'language' : $_REQUEST['list_id'];
// Check authorization.
$thisauth = acl_check('admin', 'super');
if (!$thisauth) {
die(xl('Not authorized'));
}
// If we are saving, then save.
//
if ($_POST['formaction'] == 'save' && $list_id) {
$opt = $_POST['opt'];
if ($list_id == 'feesheet') {
// special case for the feesheet list
sqlStatement("DELETE FROM fee_sheet_options");
for ($lino = 1; isset($opt["{$lino}"]['category']); ++$lino) {
$iter = $opt["{$lino}"];
$category = formTrim($iter['category']);
$option = formTrim($iter['option']);
$codes = formTrim($iter['codes']);
if (strlen($category) > 0 && strlen($option) > 0) {
$sanitize_all_escapes = true;
$fake_register_globals = false;
require_once(dirname(__FILE__) . '/../globals.php');
require_once($GLOBALS["include_root"] . "/orders/single_order_results.inc.php");
// Check authorization.
$thisauth = acl_check('patients', 'med');
if (!$thisauth) die(xl('Not authorized'));
$orderid = intval($_GET['orderid']);
$finals_only = empty($_POST['form_showall']);
if (!empty($_POST['form_sign_list'])) {
if (!acl_check('patients', 'sign')) {
die(xl('Not authorized to sign results'));
}
// When signing results we are careful to sign only those reports that were
// in the sending form. While this will usually be all the reports linked to
// the order it's possible for a new report to come in while viewing these,
// and it would be very bad to sign results that nobody has seen!
$arrSign = explode(',', $_POST['form_sign_list']);
foreach ($arrSign as $id) {
sqlStatement("UPDATE procedure_report SET " .
"review_status = 'reviewed' WHERE " .
"procedure_report_id = ?", array($id));
}
}
// This mess generates a PDF report and sends it to the patient.
