} else {
$esc_field_id = escape_sql_column_name($field_id, array('patient_data'));
sqlStatement("UPDATE patient_data SET `{$esc_field_id}` = ? WHERE pid = ?", array($value, $pid));
}
}
continue;
} else {
if ($source == 'E') {
// Save to shared_attributes. Can't delete entries for empty fields because with the P option
// it's important to know when a current empty value overrides a previous value.
sqlStatement("REPLACE INTO shared_attributes SET " . "pid = ?, encounter = ?, field_id = ?, last_update = NOW(), " . "user_id = ?, field_value = ?", array($pid, $encounter, $field_id, $_SESSION['authUserID'], $value));
continue;
} else {
if ($source == 'V') {
// Save to form_encounter.
$esc_field_id = escape_sql_column_name($field_id, array('form_encounter'));
sqlStatement("UPDATE form_encounter SET `{$esc_field_id}` = ? WHERE " . "pid = ? AND encounter = ?", array($value, $pid, $encounter));
continue;
}
}
}
// It's a normal form field, save to lbf_data.
if ($formid) {
// existing form
if ($value === '') {
$query = "DELETE FROM lbf_data WHERE " . "form_id = ? AND field_id = ?";
sqlStatement($query, array($formid, $field_id));
} else {
$query = "REPLACE INTO lbf_data SET field_value = ?, " . "form_id = ?, field_id = ?";
sqlStatement($query, array($value, $formid, $field_id));
}
}
}
}
// Compute list of column names for SELECT clause.
// Always includes pid because we need it for row identification.
//
$sellist = 'pid';
foreach ($aColumns as $colname) {
if ($colname == 'pid') {
continue;
}
$sellist .= ", ";
if ($colname == 'name') {
$sellist .= "lname, fname, mname";
} else {
$sellist .= "`" . escape_sql_column_name($colname, array('patient_data')) . "`";
}
}
// Get total number of rows in the table.
//
$row = sqlQuery("SELECT COUNT(id) AS count FROM patient_data");
$iTotal = $row['count'];
// Get total number of rows in the table after filtering.
//
$row = sqlQuery("SELECT COUNT(id) AS count FROM patient_data {$where}");
$iFilteredTotal = $row['count'];
// Build the output data array.
//
$out = array("sEcho" => intval($_GET['sEcho']), "iTotalRecords" => $iTotal, "iTotalDisplayRecords" => $iFilteredTotal, "aaData" => array());
$query = "SELECT {$sellist} FROM patient_data {$where} {$orderby} {$limit}";
$res = sqlStatement($query);
/**
* Function to set a specific plan activity for a specific patient
*
* @param string $plan id(string) of plan
* @param string $type plan filter (normal,cqm)
* @param string $setting activity of plan (yes,no,default)
* @param integer $patient_id pid of selected patient.
*/
function set_plan_activity_patient($plan, $type, $setting, $patient_id)
{
// Don't allow messing with the default plans here
if ($patient_id == "0") {
return;
}
// Convert setting
if ($setting == "on") {
$setting = 1;
} else {
if ($setting == "off") {
$setting = 0;
} else {
// $setting == "default"
$setting = NULL;
}
}
// Collect patient specific plan, if already exists.
$query = "SELECT * FROM `clinical_plans` WHERE `id` = ? AND `pid` = ?";
$patient_plan = sqlQueryCdrEngine($query, array($plan, $patient_id));
if (empty($patient_plan)) {
// Create a new patient specific plan with flags all set to default
$query = "INSERT into `clinical_plans` (`id`, `pid`) VALUES (?,?)";
sqlStatementCdrEngine($query, array($plan, $patient_id));
}
// Update patient specific row
$query = "UPDATE `clinical_plans` SET `" . escape_sql_column_name($type . "_flag", array("clinical_plans")) . "`= ? WHERE id = ? AND pid = ?";
sqlStatementCdrEngine($query, array($setting, $plan, $patient_id));
}
/**
* Get the data in an array for this form.
*
* First, we check the forms table to get the row id in the
* specific table. Then we get the row of data from the specific
* form_* table.
*
* @see \ESign\SignableIF::getData()
*/
public function getData()
{
// Use default standards based on formdir value
// Exceptions are specified in formdir_keys list
$row = sqlQuery("SELECT title FROM list_options WHERE list_id = ? AND option_id = ? AND activity = 1", array('formdir_keys', $this->_formDir));
if (isset($row['title'])) {
$excp = json_decode("{" . $row['title'] . "}");
}
$tbl = isset($excp->tbl) ? $excp->tbl : "form_" . $this->_formDir;
$id = isset($excp->id) ? $excp->id : 'id';
$limit = isset($excp->limit) ? $excp->limit : 1;
// Get form data based on key from forms table
$sql = sprintf("SELECT fd.* FROM %s fd\n \t\tINNER JOIN forms f ON fd.%s = f.form_id\n \t\tWHERE f.id = ?", escape_table_name($tbl), escape_sql_column_name($id, array($tbl)));
if ($limit != '*') {
$sql .= ' LIMIT ' . escape_limit($limit);
}
$rs = sqlStatement($sql, array($this->_formId));
if (sqlNumRows($rs) == 1) {
// maintain legacy hash
$frs = sqlFetchArray($rs);
} else {
$frs = array();
while ($fr = sqlFetchArray($rs)) {
array_push($frs, $fr);
}
}
return $frs;
}
