function myGetValue($fldname)
{
$val = formData($fldname, 'G', true);
if ($val == 'undefined') {
$val = '';
}
return $val;
}
function lab_results_messages($set_pid, $rid, $provider_id = "")
{
if ($provider_id != "") {
$where = "AND id = '" . $provider_id . "'";
}
// Get all active users.
$rez = sqlStatement("select id, username from users where username != '' AND active = '1' {$where}");
for ($iter = 0; $row = sqlFetchArray($rez); $iter++) {
$result[$iter] = $row;
}
if (!empty($result)) {
foreach ($result as $user_detail) {
unset($thisauth);
// Make sure it is empty.
// Check user authorization. Only send the panding review message to authorised user.
// $thisauth = acl_check('patients', 'sign', $user_detail['username']);
// Route message to administrators if there is no provider match.
if ($provider_id == "") {
$thisauth = acl_check('admin', 'super', $user_detail['username']);
} else {
$thisauth = true;
}
if ($thisauth) {
// Send lab result message to the ordering provider when there is a new lab report.
$userauthorized = formData("userauthorized");
$pname = getPatientName($set_pid);
$link = "<a href='../../orders/orders_results.php?review=1&set_pid={$set_pid}'" . " onclick='return top.restoreSession()'>here</a>";
$note = "Patient {$pname}'s lab results have arrived. Please click {$link} to review them.<br/>";
$note_type = "Lab Results";
$message_status = "New";
// Add pnote.
$noteid = addPnote($set_pid, $note, $userauthorized, '1', $note_type, $user_detail['username']);
sqlQ("update pnotes set message_status='" . $message_status . "' where id = '{$noteid}'");
}
}
}
}
<?php
// Copyright (C) 2009 Rod Roark <*****@*****.**>
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
require_once "../../globals.php";
require_once "{$srcdir}/acl.inc";
require_once "{$srcdir}/options.inc.php";
require_once "{$srcdir}/patient.inc";
$CPR = 4;
// cells per row
// The form name is passed to us as a GET parameter.
$formname = formData('formname', 'G');
$tmp = sqlQuery("SELECT title FROM list_options WHERE " . "list_id = 'lbfnames' AND option_id = '{$formname}' LIMIT 1");
$formtitle = $tmp['title'];
$fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = '{$formname}' AND uor > 0 " . "ORDER BY group_name, seq");
?>
<html>
<head>
<?php
html_header_show();
?>
<style>
body, td {
font-family: Arial, Helvetica, sans-serif;
font-weight: normal;
font-size: 9pt;
<?php
include_once "../globals.php";
require_once "{$srcdir}/formdata.inc.php";
$_SESSION["encounter"] = "";
// Fetching the password expiration date
if ($GLOBALS['password_expiration_days'] != 0) {
$is_expired = false;
$q = formData('authUser', 'P');
$result = sqlStatement("select pwd_expiration_date from users where username = '******'");
$current_date = date("Y-m-d");
$pwd_expires_date = $current_date;
if ($row = sqlFetchArray($result)) {
$pwd_expires_date = $row['pwd_expiration_date'];
}
// Displaying the password expiration message (starting from 7 days before the password gets expired)
$pwd_alert_date = date("Y-m-d", strtotime($pwd_expires_date . "-7 days"));
if (strtotime($pwd_alert_date) != "" && strtotime($current_date) >= strtotime($pwd_alert_date) && (!isset($_SESSION['expiration_msg']) or $_SESSION['expiration_msg'] == 0)) {
$is_expired = true;
$_SESSION['expiration_msg'] = 1;
// only show the expired message once
}
}
if ($GLOBALS['athletic_team']) {
$frame1url = "../reports/players_report.php?embed=1";
} else {
if ($is_expired) {
$frame1url = "pwd_expires_alert.php";
//php file which display's password expiration message.
} elseif (isset($_GET['mode']) && $_GET['mode'] == "loadcalendar") {
$frame1url = "calendar/index.php?pid=" . $_GET['pid'];
");
f.form_adreviewed.focus();
return false;
}
return true;
}
$(document).ready(function(){
$("#cancel").click(function() { window.close(); });
});
</script>
</head>
<body class="body_top">
<?php
if ($_POST['form_yesno']) {
sqlQuery("UPDATE patient_data SET completed_ad='" . formData('form_yesno', 'P', true) . "', ad_reviewed='" . formData('form_adreviewed', 'P', true) . "' where pid='{$pid}'");
// Close this window and refresh the calendar display.
echo "<html>\n<body>\n<script language='JavaScript'>\n";
echo " if (!opener.closed && opener.refreshme) opener.refreshme();\n";
echo " window.close();\n";
echo "</script>\n</body>\n</html>\n";
exit;
}
$sql = "select completed_ad, ad_reviewed from patient_data where pid='{$pid}'";
$myrow = sqlQuery($sql);
if ($myrow) {
$form_completedad = $myrow['completed_ad'];
$form_adreviewed = $myrow['ad_reviewed'];
}
?>
<span class="title"><?php
function DOBandEncounter()
{
global $event_date, $info_msg;
// Save new DOB if it's there.
$patient_dob = trim($_POST['form_dob']);
if ($patient_dob && $_POST['form_pid']) {
sqlStatement("UPDATE patient_data SET DOB = '{$patient_dob}' WHERE " . "pid = '" . $_POST['form_pid'] . "'");
}
// Auto-create a new encounter if appropriate.
//
if ($GLOBALS['auto_create_new_encounters'] && $_POST['form_apptstatus'] == '@' && $event_date == date('Y-m-d')) {
$tmprow = sqlQuery("SELECT count(*) AS count FROM form_encounter WHERE " . "pid = '" . $_POST['form_pid'] . "' AND date = '{$event_date} 00:00:00'");
if ($tmprow['count'] == 0) {
$tmprow = sqlQuery("SELECT username, facility, facility_id FROM users WHERE id = '" . $_POST['form_provider'] . "'");
$username = $tmprow['username'];
$facility = $tmprow['facility'];
// $facility_id = $tmprow['facility_id'];
// use the session facility if it is set, otherwise the one from the provider.
$facility_id = $_SESSION['pc_facility'] ? $_SESSION['pc_facility'] : $tmprow['facility_id'];
$conn = $GLOBALS['adodb']['db'];
$encounter = $conn->GenID("sequences");
addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET " . "date = '{$event_date}', " . "onset_date = '{$event_date}', " . "reason = '" . formData("form_comments") . "', " . "facility = '{$facility}', " . "facility_id = '" . (int) $_POST['facility'] . "', " . "billing_facility = '" . (int) $_POST['billing_facility'] . "', " . "provider_id = '" . (int) $_POST['form_provider'] . "', " . "pid = '" . $_POST['form_pid'] . "', " . "encounter = '{$encounter}'"), "newpatient", $_POST['form_pid'], "1", "NOW()", $username);
$info_msg .= "New encounter {$encounter} was created. ";
}
}
}
{
$output = array();
$query = sqlStatement("SELECT " . implode(',', $fieldnames) . " FROM list_options where list_id = ? AND activity = 1 order by seq", array($list_id));
while ($ll = sqlFetchArray($query)) {
foreach ($fieldnames as $val) {
$output[$ll['option_id']][$val] = $ll[$val];
}
}
return $output;
}
$formid = formData('id', 'G') + 0;
// If Save or Transmit was clicked, save the info.
//
if ($_POST['bn_save'] || $_POST['bn_xmit']) {
$ppid = formData('form_lab_id') + 0;
$sets = "date_ordered = " . QuotedOrNull(formData('form_date_ordered')) . ", " . "provider_id = " . (formData('form_provider_id') + 0) . ", " . "lab_id = " . $ppid . ", " . "date_collected = " . QuotedOrNull(formData('form_date_collected')) . ", " . "order_priority = '" . formData('form_order_priority') . "', " . "order_status = '" . formData('form_order_status') . "', " . "clinical_hx = '" . formData('form_clinical_hx') . "', " . "patient_instructions = '" . formData('form_patient_instructions') . "', " . "patient_id = '" . $pid . "', " . "encounter_id = '" . $encounter . "', " . "history_order= '" . formData('form_history_order') . "'";
// If updating an existing form...
//
if ($formid) {
$query = "UPDATE procedure_order SET {$sets} " . "WHERE procedure_order_id = '{$formid}'";
sqlStatement($query);
} else {
$query = "INSERT INTO procedure_order SET {$sets}";
$formid = sqlInsert($query);
addForm($encounter, "Procedure Order", $formid, "procedure_order", $pid, $userauthorized);
}
// Remove any existing procedures and their answers for this order and
// replace them from the form.
sqlStatement("DELETE FROM procedure_answers WHERE procedure_order_id = ?", array($formid));
sqlStatement("DELETE FROM procedure_order_code WHERE procedure_order_id = ?", array($formid));
for ($i = 0; isset($_POST['form_proc_type'][$i]); ++$i) {
}
}
function end_group()
{
global $last_group;
if (strlen($last_group) > 0) {
end_row();
echo " </table>\n";
// No div for an empty group name.
if (strlen($last_group) > 1) {
echo "</div>\n";
}
}
}
$formname = formData('formname', 'G');
$formid = 0 + formData('id', 'G');
// Get title and number of history columns for this form.
$tmp = sqlQuery("SELECT title, option_value FROM list_options WHERE " . "list_id = 'lbfnames' AND option_id = '{$formname}'");
$formtitle = $tmp['title'];
$formhistory = 0 + $tmp['option_value'];
$newid = 0;
// If Save was clicked, save the info.
//
if ($_POST['bn_save']) {
$sets = "";
$fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = '{$formname}' AND uor > 0 AND field_id != '' AND " . "edit_options != 'H' " . "ORDER BY group_name, seq");
while ($frow = sqlFetchArray($fres)) {
$field_id = $frow['field_id'];
$value = get_layout_form_value($frow);
if ($formid) {
// existing form
public static function batch_despatch($var, $func, $data_credentials)
{
global $pid;
if (UserService::valid($data_credentials)) {
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($func == 'ar_responsible_party') {
$patient_id = $pid;
$encounter_id = $var['encounter'];
$x['ar_responsible_party'] = ar_responsible_party($patient_id, $encounter_id);
return UserService::function_return_to_xml($x);
} elseif ($func == 'getInsuranceData') {
$type = $var['type'];
$given = $var['given'];
$x = getInsuranceData($pid, $type, $given);
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_select_list') {
$tag_name = $var['tag_name'];
$list_id = $var['list_id'];
$currvalue = $var['currvalue'];
$title = $var['title'];
$empty_name = $var['empty_name'];
$class = $var['class'];
$onchange = $var['onchange'];
$x['generate_select_list'] = generate_select_list($tag_name, $list_id, $currvalue, $title, $empty_name, $class, $onchange);
return UserService::function_return_to_xml($x);
} elseif ($func == 'xl_layout_label') {
$constant = $var['constant'];
$x['xl_layout_label'] = xl_layout_label($constant);
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_form_field') {
$frow = $var['frow'];
$currvalue = $var['currvalue'];
ob_start();
generate_form_field($frow, $currvalue);
$x['generate_form_field'] = ob_get_contents();
ob_end_clean();
return UserService::function_return_to_xml($x);
} elseif ($func == 'getInsuranceProviders') {
$i = $var['i'];
$provider = $var['provider'];
$insurancei = getInsuranceProviders();
$x = $insurancei;
return $x;
} elseif ($func == 'get_layout_form_value') {
$frow = $var['frow'];
$_POST = $var['post_array'];
$x['get_layout_form_value'] = get_layout_form_value($frow);
return UserService::function_return_to_xml($x);
} elseif ($func == 'updatePatientData') {
$patient_data = $var['patient_data'];
$create = $var['create'];
updatePatientData($pid, $patient_data, $create);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'updateEmployerData') {
$employer_data = $var['employer_data'];
$create = $var['create'];
updateEmployerData($pid, $employer_data, $create);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'newHistoryData') {
newHistoryData($pid);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'newInsuranceData') {
$_POST = $var[0];
foreach ($var as $key => $value) {
if ($key >= 3) {
$var[$key] = formData($value);
}
if ($key >= 1) {
$parameters[$key] = $var[$key];
}
}
$parameters[12] = fixDate($parameters[12]);
$parameters[27] = fixDate($parameters[27]);
call_user_func_array('newInsuranceData', $parameters);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_layout_validation') {
$form_id = $var['form_id'];
ob_start();
generate_layout_validation($form_id);
$x = ob_get_clean();
return $x;
}
} else {
throw new SoapFault("Server", "credentials failed");
}
}
/**
* search events
*/
function postcalendar_user_search()
{
if (!(bool) PC_ACCESS_OVERVIEW) {
return _POSTCALENDARNOAUTH;
}
$tpl = new pcSmarty();
$k = formData("pc_keywords", "R");
//from library/formdata.inc.php
$k_andor = pnVarCleanFromInput('pc_keywords_andor');
$pc_category = pnVarCleanFromInput('pc_category');
$pc_facility = pnVarCleanFromInput('pc_facility');
$pc_topic = pnVarCleanFromInput('pc_topic');
$submit = pnVarCleanFromInput('submit');
$event_dur_hours = pnVarCleanFromInput('event_dur_hours');
$event_dur_minutes = pnVarCleanFromInput('event_dur_minutes');
$start = pnVarCleanFromInput('start');
$end = pnVarCleanFromInput('end');
// get list of categories for the user to choose from
$categories = postcalendar_userapi_getCategories();
$cat_options = '';
foreach ($categories as $category) {
$selected = "";
if ($pc_category == $category[id]) {
$selected = " SELECTED ";
}
//modified 8/09 by BM to allow translation if applicable
$cat_options .= "<option value=\"{$category['id']}\" {$selected}>" . xl_appt_category($category[name]) . "</option>";
}
$tpl->assign_by_ref('CATEGORY_OPTIONS', $cat_options);
$tpl->assign('event_dur_hours', $event_dur_hours);
$tpl->assign('event_dur_minutes', $event_dur_minutes);
// create default start and end dates for the search form
if (isset($start) && $start != "") {
$tpl->assign('DATE_START', $start);
} else {
$tpl->assign('DATE_START', date("m/d/Y"));
}
if (isset($end) && $end != "") {
$tpl->assign('DATE_END', $end);
} else {
$tpl->assign('DATE_END', date("m/d/Y", strtotime("+7 Days", time())));
}
// then override the setting if we have a value from the submitted form
$ProviderID = pnVarCleanFromInput("provider_id");
if (is_numeric($ProviderID)) {
$tpl->assign('ProviderID', $ProviderID);
} elseif ($ProviderID == "_ALL_") {
} else {
$tpl->assign('ProviderID', "");
}
$provinfo = getProviderInfo();
$tpl->assign('providers', $provinfo);
// build a list of provider-options for the select box on the input form -- JRM
$provider_options = "<option value='_ALL_' ";
if ($ProviderID == "_ALL_") {
$provider_options .= " SELECTED ";
}
$provider_options .= ">" . xl('All Providers') . "</option>";
foreach ($provinfo as $provider) {
$selected = "";
// if we don't have a ProviderID chosen, pick the first one from the
// pc_username Session variable
if ($ProviderID == "") {
// that variable stores the 'username' and not the numeric 'id'
if ($_SESSION['pc_username'][0] == $provider['username']) {
$selected = " SELECTED ";
}
} else {
if ($ProviderID == $provider['id']) {
$selected = " SELECTED ";
}
}
$provider_options .= "<option value=\"" . $provider['id'] . "\" " . $selected . ">";
$provider_options .= $provider['lname'] . ", " . $provider['fname'] . "</option>";
}
$tpl->assign_by_ref('PROVIDER_OPTIONS', $provider_options);
// build a list of facility options for the select box on the input form -- JRM
$facilities = getFacilities();
$fac_options = "<option value=''>" . xl('All Facilities') . "</option>";
foreach ($facilities as $facility) {
$selected = "";
if ($facility['id'] == $pc_facility) {
$selected = " SELECTED ";
}
$fac_options .= "<option value=\"" . $facility['id'] . "\" " . $selected . ">";
$fac_options .= $facility['name'] . "</option>";
}
$tpl->assign_by_ref('FACILITY_OPTIONS', $fac_options);
$PatientID = pnVarCleanFromInput("patient_id");
// limit the number of results returned by getPatientPID
// this helps to prevent the server from stalling on a request with
// no PID and thousands of PIDs in the database -- JRM
// the function getPatientPID($pid, $given, $orderby, $limit, $start) <-- defined in library/patient.inc
$plistlimit = 500;
if (is_numeric($PatientID)) {
$tpl->assign('PatientList', getPatientPID(array('pid' => $PatientID, 'limit' => $plistlimit)));
} else {
$tpl->assign('PatientList', getPatientPID(array('limit' => $plistlimit)));
}
$event_endday = pnVarCleanFromInput("event_endday");
$event_endmonth = pnVarCleanFromInput("event_endmonth");
$event_endyear = pnVarCleanFromInput("event_endyear");
$event_startday = pnVarCleanFromInput("event_startday");
$event_startmonth = pnVarCleanFromInput("event_startmonth");
$event_startyear = pnVarCleanFromInput("event_startyear");
if ($event_startday > $event_endday) {
$event_endday = $event_startday;
}
if ($event_startmonth > $event_endmonth) {
$event_endmonth = $event_startmonth;
}
if ($event_startyear > $event_endyear) {
$event_endyear = $event_startyear;
}
$tpl->assign('patient_id', $PatientID);
$tpl->assign('provider_id', $ProviderID);
$tpl->assign("event_category", pnVarCleanFromInput("event_category"));
$tpl->assign("event_subject", pnVarCleanFromInput("event_subject"));
$output = new pnHTML();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
if (_SETTING_USE_INT_DATES) {
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday));
$formdata = $output->FormSelectMultiple('event_startday', $sel_data);
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth));
$formdata .= $output->FormSelectMultiple('event_startmonth', $sel_data);
} else {
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth));
$formdata = $output->FormSelectMultiple('event_startmonth', $sel_data);
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday));
$formdata .= $output->FormSelectMultiple('event_startday', $sel_data);
}
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_startyear));
$formdata .= $output->FormSelectMultiple('event_startyear', $sel_data);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$tpl->assign('SelectDateTimeStart', $formdata);
$output->SetOutputMode(_PNH_RETURNOUTPUT);
if (_SETTING_USE_INT_DATES) {
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday));
$formdata = $output->FormSelectMultiple('event_endday', $sel_data);
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth));
$formdata .= $output->FormSelectMultiple('event_endmonth', $sel_data);
} else {
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth));
$formdata = $output->FormSelectMultiple('event_endmonth', $sel_data);
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday));
$formdata .= $output->FormSelectMultiple('event_endday', $sel_data);
}
$sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_endyear));
$formdata .= $output->FormSelectMultiple('event_endyear', $sel_data);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$tpl->assign('SelectDateTimeEnd', $formdata);
$output = null;
if (_SETTING_DISPLAY_TOPICS) {
$topics = postcalendar_userapi_getTopics();
$top_options = '';
foreach ($topics as $topic) {
$top_options .= "<option value=\"{$topic['id']}\">{$topic['text']}</option>";
}
$tpl->assign_by_ref('TOPIC_OPTIONS', $top_options);
}
//=================================================================
// Find out what Template we're using
//=================================================================
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name)) {
$template_name = 'default';
}
//=================================================================
// Output the search form
//=================================================================
$tpl->assign('FORM_ACTION', pnModURL(__POSTCALENDAR__, 'user', 'search'));
//=================================================================
// Perform the search if we have data
//=================================================================
if (!empty($submit) && strtolower($submit) == "find first") {
// not sure how we get here...
$searchargs = array();
$searchargs['start'] = pnVarCleanFromInput("event_startmonth") . "/" . pnVarCleanFromInput("event_startday") . "/" . pnVarCleanFromInput("event_startyear");
$searchargs['end'] = pnVarCleanFromInput("event_endmonth") . "/" . pnVarCleanFromInput("event_endday") . "/" . pnVarCleanFromInput("event_endyear");
$searchargs['provider_id'] = pnVarCleanFromInput("provider_id");
$searchargs['faFlag'] = true;
//print_r($searchargs);
//echo "<br />";
//set defaults to current week if empty
if ($searchargs['start'] == "//") {
$searchargs['start'] = date("m/d/Y");
}
if ($searchargs['end'] == "//") {
$searchargs['end'] = date("m/d/Y", strtotime("+7 Days", strtotime($searchargs['start'])));
}
//print_r($searchargs);
$eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs);
//print_r($eventsByDate);
$found = findFirstAvailable($eventsByDate);
$tpl->assign('available_times', $found);
//print_r($_POST);
$tpl->assign('SEARCH_PERFORMED', true);
$tpl->assign('A_EVENTS', $eventsByDate);
}
if (!empty($submit) && strtolower($submit) == "listapps") {
// not sure how we get here...
$searchargs = array();
$searchargs['start'] = date("m/d/Y");
$searchargs['end'] = date("m/d/Y", strtotime("+1 year", strtotime($searchargs['start'])));
$searchargs['patient_id'] = pnVarCleanFromInput("patient_id");
$searchargs['listappsFlag'] = true;
$sqlKeywords .= "(a.pc_pid = '" . pnVarCleanFromInput("patient_id") . "' )";
$searchargs['s_keywords'] = $sqlKeywords;
//print_r($searchargs);
$eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs);
//print_r($eventsByDate);
$tpl->assign('appointments', $eventsByDate);
//print_r($_POST);
$tpl->assign('SEARCH_PERFORMED', true);
$tpl->assign('A_EVENTS', $eventsByDate);
} elseif (!empty($submit)) {
// we get here by searching via the PostCalendar search
$sqlKeywords = '';
$keywords = explode(' ', $k);
// build our search query
foreach ($keywords as $word) {
if (!empty($sqlKeywords)) {
$sqlKeywords .= " {$k_andor} ";
}
$sqlKeywords .= '(';
$sqlKeywords .= "pd.lname LIKE '%{$word}%' OR ";
$sqlKeywords .= "pd.fname LIKE '%{$word}%' OR ";
$sqlKeywords .= "u.lname LIKE '%{$word}%' OR ";
$sqlKeywords .= "u.fname LIKE '%{$word}%' OR ";
$sqlKeywords .= "a.pc_title LIKE '%{$word}%' OR ";
$sqlKeywords .= "a.pc_hometext LIKE '%{$word}%' OR ";
$sqlKeywords .= "a.pc_location LIKE '%{$word}%'";
$sqlKeywords .= ') ';
}
if (!empty($pc_category)) {
$s_category = "a.pc_catid = '{$pc_category}'";
}
if (!empty($pc_topic)) {
$s_topic = "a.pc_topic = '{$pc_topic}'";
}
$searchargs = array();
if (!empty($sqlKeywords)) {
$searchargs['s_keywords'] = $sqlKeywords;
}
if (!empty($s_category)) {
$searchargs['s_category'] = $s_category;
}
if (!empty($s_topic)) {
$searchargs['s_topic'] = $s_topic;
}
// some new search parameters introduced in the ajax_search form... JRM March 2008
// the ajax_search form has form parameters for 'start' and 'end' already built in
// so use them if available
$tmpDate = pnVarCleanFromInput("start");
if (isset($tmpDate) && $tmpDate != "") {
$searchargs['start'] = pnVarCleanFromInput("start");
} else {
$searchargs['start'] = "//";
}
$tmpDate = pnVarCleanFromInput("end");
if (isset($tmpDate) && $tmpDate != "") {
$searchargs['end'] = pnVarCleanFromInput("end");
} else {
$searchargs['end'] = "//";
}
// we can limit our search by provider -- JRM March 2008
if (isset($ProviderID) && $ProviderID != "") {
// && $ProviderID != "_ALL_") {
$searchargs['provider_id'] = array();
array_push($searchargs['provider_id'], $ProviderID);
}
$eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs);
// we can limit our search by facility -- JRM March 2008
if (isset($pc_facility) && $pc_facility != "") {
$searchargs['pc_facility'] = $pc_facility;
}
//print_r($eventsByDate);
$tpl->assign('SEARCH_PERFORMED', true);
$tpl->assign('A_EVENTS', $eventsByDate);
}
$tpl->caching = false;
$tpl->assign('STYLE', $GLOBALS['style']);
$pageSetup =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup');
if (pnVarCleanFromInput("no_nav") == 1) {
$return = $pageSetup . $tpl->fetch($template_name . '/user/findfirst.html');
} elseif (pnVarCleanFromInput("no_nav") == 2) {
$return = $pageSetup . $tpl->fetch($template_name . '/user/listapps.html');
} else {
$return = $pageSetup . $tpl->fetch($template_name . '/user/search.html');
}
return $return;
}
require_once "../../globals.php";
require_once "{$srcdir}/api.inc";
require_once "{$srcdir}/forms.inc";
require_once "{$srcdir}/formdata.inc.php";
if (!$encounter) {
// comes from globals.php
die(xlt("Internal error: we do not seem to be in an encounter!"));
}
if ($_POST["off_work_from"] == "0000-00-00" || $_POST["off_work_from"] == "") {
$_POST["is_unable_to_work"] = "0";
$_POST["off_work_to"] = "";
} else {
$_POST["is_unable_to_work"] = "1";
}
if ($_POST["hospitalization_date_from"] == "0000-00-00" || $_POST["hospitalization_date_from"] == "") {
$_POST["is_hospitalized"] = "0";
$_POST["hospitalization_date_to"] = "";
} else {
$_POST["is_hospitalized"] = "1";
}
$id = formData('id', 'G') + 0;
$sets = "pid = {$_SESSION["pid"]},\n groupname = '" . $_SESSION["authProvider"] . "',\n user = '******',\n authorized = {$userauthorized}, activity=1, date = NOW(),\n employment_related = '" . formData("employment_related") . "',\n auto_accident = '" . formData("auto_accident") . "',\n accident_state = '" . formData("accident_state") . "',\n other_accident = '" . formData("other_accident") . "',\n outside_lab = '" . formData("outside_lab") . "',\n medicaid_referral_code = '" . formData("medicaid_referral_code") . "',\n epsdt_flag = '" . formData("epsdt_flag") . "',\n provider_id = '" . formData("provider_id") . "',\n provider_qualifier_code = '" . formData("provider_qualifier_code") . "',\n lab_amount = '" . formData("lab_amount") . "',\n is_unable_to_work = '" . formData("is_unable_to_work") . "',\n date_initial_treatment = '" . formData("date_initial_treatment") . "',\n off_work_from = '" . formData("off_work_from") . "',\n off_work_to = '" . formData("off_work_to") . "',\n is_hospitalized = '" . formData("is_hospitalized") . "',\n hospitalization_date_from = '" . formData("hospitalization_date_from") . "',\n hospitalization_date_to = '" . formData("hospitalization_date_to") . "',\n medicaid_resubmission_code = '" . formData("medicaid_resubmission_code") . "',\n medicaid_original_reference = '" . formData("medicaid_original_reference") . "',\n prior_auth_number = '" . formData("prior_auth_number") . "',\n replacement_claim = '" . formData("replacement_claim") . "',\n icn_resubmission_number = '" . formData("icn_resubmission_number") . "',\n box_14_date_qual = '" . formData("box_14_date_qual") . "',\n box_15_date_qual = '" . formData("box_15_date_qual") . "',\n comments = '" . formData("comments") . "'";
if (empty($id)) {
$newid = sqlInsert("INSERT INTO form_misc_billing_options SET {$sets}");
addForm($encounter, "Misc Billing Options", $newid, "misc_billing_options", $pid, $userauthorized);
} else {
sqlStatement("UPDATE form_misc_billing_options SET {$sets} WHERE id = {$id}");
}
formHeader("Redirecting....");
formJump();
formFooter();
function AjaxDropDownCode()
{
if ($_REQUEST["ajax_mode"] == "set") {
$CountIndex = 1;
$StringForAjax = "<div id='AjaxContainerInsurance'><table width='552' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='50'>" . htmlspecialchars(xl('Code'), ENT_QUOTES) . "</td>\n\t\t<td width='300'>" . htmlspecialchars(xl('Name'), ENT_QUOTES) . "</td>\n\t <td width='200'>" . htmlspecialchars(xl('Address'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});PlaceValues(event,' ','')\" onclick=\"PutTheValuesClick(' ','')\">\n\t\t\t<td colspan='3' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>";
$insurance_text_ajax = formData('insurance_text_ajax', '', true);
$res = sqlStatement("SELECT insurance_companies.id,name,city,state,country FROM insurance_companies\n\t\t\tleft join addresses on insurance_companies.id=addresses.foreign_id where name like '{$insurance_text_ajax}%' or insurance_companies.id like '{$insurance_text_ajax}%' ORDER BY name");
while ($row = sqlFetchArray($res)) {
if ($CountIndex % 2 == 1) {
$bgcolor = '#ddddff';
} else {
$bgcolor = '#ffdddd';
}
$CountIndex++;
$Id = $row['id'];
$Name = $row['name'];
$City = $row['city'];
$State = $row['state'];
$Country = $row['country'];
$Address = $City . ', ' . $State . ', ' . $Country;
$StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\tonkeydown='ProcessKeyForColoring(event,{$CountIndex});PlaceValues(event,\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")'\n\t\t\t onclick='PutTheValuesClick(\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")'>\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#'>" . htmlspecialchars($Id) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($Name) . "</a></td>\n\t\t <td><a href='#'>" . htmlspecialchars($Address) . "</a></td>\n</tr>";
}
$StringForAjax .= "</table></div>";
echo strlen($_REQUEST['insurance_text_ajax']) . '~`~`' . $StringForAjax;
die;
}
//===============================================================================
if ($_REQUEST["ajax_mode"] == "set_patient") {
//From 2 areas this ajax is called.So 2 pairs of functions are used.
//PlaceValues==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
//PutTheValuesClick==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
//PlaceValuesDistribute==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
//PutTheValuesClickDistribute==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
if (isset($_REQUEST['patient_code']) && $_REQUEST['patient_code'] != '') {
$patient_code = formData('patient_code', '', true);
if (isset($_REQUEST['submit_or_simple_type']) && $_REQUEST['submit_or_simple_type'] == 'Simple') {
$StringToAppend = "PutTheValuesClickPatient";
$StringToAppend2 = "PlaceValuesPatient";
} else {
$StringToAppend = "PutTheValuesClickDistribute";
$StringToAppend2 = "PlaceValuesDistribute";
}
$patient_code_complete = $_REQUEST['patient_code'];
//we need the spaces here
} elseif (isset($_REQUEST['insurance_text_ajax']) && $_REQUEST['insurance_text_ajax'] != '') {
$patient_code = formData('insurance_text_ajax', '', true);
$StringToAppend = "PutTheValuesClick";
$StringToAppend2 = "PlaceValues";
$patient_code_complete = $_REQUEST['insurance_text_ajax'];
//we need the spaces here
}
$CountIndex = 1;
$StringForAjax = "<div id='AjaxContainerPatient'><table width='452' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='50'>" . htmlspecialchars(xl('Code'), ENT_QUOTES) . "</td>\n\t\t<td width='100'>" . htmlspecialchars(xl('Last Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('First Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('Middle Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('Date of Birth'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,' ','')\" onclick=\"{$StringToAppend}(' ','')\">\n\t\t\t<td colspan='5' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>\n\n\t ";
$res = sqlStatement("SELECT pid as id,fname,lname,mname,DOB FROM patient_data\n\t\t\t where fname like '{$patient_code}%' or lname like '{$patient_code}%' or mname like '{$patient_code}%' or \n\t\t\t CONCAT(lname,' ',fname,' ',mname) like '{$patient_code}%' or pid like '{$patient_code}%' ORDER BY lname");
while ($row = sqlFetchArray($res)) {
if ($CountIndex % 2 == 1) {
$bgcolor = '#ddddff';
} else {
$bgcolor = '#ffdddd';
}
$CountIndex++;
$Id = $row['id'];
$fname = $row['fname'];
$lname = $row['lname'];
$mname = $row['mname'];
$Name = $lname . ' ' . $fname . ' ' . $mname;
$DOB = oeFormatShortDate($row['DOB']);
$StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\t onkeydown='ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")' onclick=\"{$StringToAppend}('" . addslashes($Id) . "','" . htmlspecialchars(addslashes($Name), ENT_QUOTES) . "')\">\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#' >" . htmlspecialchars($Id) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($lname) . "</a></td>\n\t\t <td><a href='#'>" . htmlspecialchars($fname) . "</a></td>\n <td><a href='#'>" . htmlspecialchars($mname) . "</a></td>\n <td><a href='#'>" . htmlspecialchars($DOB) . "</a></td>\n </tr>";
}
$StringForAjax .= "</table></div>";
echo strlen($patient_code_complete) . '~`~`' . $StringForAjax;
die;
}
//===============================================================================
if ($_REQUEST["ajax_mode"] == "encounter") {
//PlaceValuesEncounter==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
//PutTheValuesClickEncounter==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box.
if (isset($_REQUEST['encounter_patient_code'])) {
$patient_code = formData('encounter_patient_code', '', true);
$StringToAppend = "PutTheValuesClickEncounter";
$StringToAppend2 = "PlaceValuesEncounter";
}
$CountIndex = 1;
$StringForAjax = "<div id='AjaxContainerEncounter'><table width='202' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='100'>" . htmlspecialchars(xl('Encounter'), ENT_QUOTES) . "</td>\n\t\t<td width='100'>" . htmlspecialchars(xl('Date'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,' ','')\" onclick=\"{$StringToAppend}(' ','')\">\n\t\t\t<td colspan='2' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>\n\n\t ";
$res = sqlStatement("SELECT date,encounter FROM form_encounter\n\t\t\t where pid ='{$patient_code}' ORDER BY encounter");
while ($row = sqlFetchArray($res)) {
if ($CountIndex % 2 == 1) {
$bgcolor = '#ddddff';
} else {
$bgcolor = '#ffdddd';
}
$CountIndex++;
$Date = $row['date'];
$Date = split(' ', $Date);
$Date = oeFormatShortDate($Date[0]);
$Encounter = $row['encounter'];
$StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,'" . htmlspecialchars($Encounter, ENT_QUOTES) . "','" . htmlspecialchars($Date, ENT_QUOTES) . "')\" onclick=\"{$StringToAppend}('" . htmlspecialchars($Encounter, ENT_QUOTES) . "','" . htmlspecialchars($Date, ENT_QUOTES) . "')\">\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#' >" . htmlspecialchars($Encounter) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($Date) . "</a></td>\n </tr>";
}
$StringForAjax .= "</table></div>";
echo $StringForAjax;
die;
}
}
<td width="45" align="left" class="text"> <?php
echo htmlspecialchars(xl('Patient'), ENT_QUOTES) . ':';
?>
</td>
<td width="265"><input type="hidden" id="hidden_ajax_patient_close_value" value="<?php
echo $Message == '' ? htmlspecialchars($NameNew) : '';
?>
" />
<input name='patient_code' style="width:265px" id='patient_code' class="text" onKeyDown="PreventIt(event)"
value="<?php
echo $Message == '' ? htmlspecialchars($NameNew) : '';
?>
" autocomplete="off" /></td> <!--onKeyUp="ajaxFunction(event,'patient','edit_payment.php');" -->
<td width="55" colspan="2" style="padding-left:5px;" ><div class="text" name="patient_name" id="patient_name"
style="border:1px solid black; ; padding-left:5px; width:55px; height:17px;"><?php
echo $Message == '' ? htmlspecialchars(formData('hidden_patient_code')) : '';
?>
</div>
</td>
<td width="84" class="text"> <input type="radio" name="RadioPaid" onClick="SearchOnceMore()" <?php
echo $_REQUEST['RadioPaid'] == 'Non_Paid' || $_REQUEST['RadioPaid'] == '' ? 'checked' : '';
?>
value="Non_Paid" id="Non_Paid" /><?php
echo htmlspecialchars(xl('Non Paid'), ENT_QUOTES);
?>
</td>
<td width="168" class="text"><input type="radio" name="RadioPaid" onClick="SearchOnceMore()"
<?php
echo $_REQUEST['RadioPaid'] == 'Show_Primary_Complete' ? 'checked' : '';
?>
value="Show_Primary_Complete"
require_once "{$srcdir}/forms.inc";
require_once "{$srcdir}/sql.inc";
require_once "{$srcdir}/encounter.inc";
require_once "{$srcdir}/acl.inc";
require_once "{$srcdir}/formatting.inc.php";
require_once "{$srcdir}/formdata.inc.php";
$conn = $GLOBALS['adodb']['db'];
$date = formData('form_date');
$onset_date = formData('form_onset_date');
$sensitivity = formData('form_sensitivity');
$pc_catid = formData('pc_catid');
$facility_id = formData('facility_id');
$billing_facility = formData('billing_facility');
$reason = formData('reason');
$mode = formData('mode');
$referral_source = formData('form_referral_source');
$facilityresult = sqlQuery("select name FROM facility WHERE id = {$facility_id}");
$facility = $facilityresult['name'];
if ($GLOBALS['concurrent_layout']) {
$normalurl = "patient_file/encounter/encounter_top.php";
} else {
$normalurl = "{$rootdir}/patient_file/encounter/patient_encounter.php";
}
$nexturl = $normalurl;
if ($mode == 'new') {
$provider_id = $userauthorized ? $_SESSION['authUserID'] : 0;
$encounter = $conn->GenID("sequences");
addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET " . "date = '{$date}', " . "onset_date = '{$onset_date}', " . "reason = '{$reason}', " . "facility = '{$facility}', " . "pc_catid = '{$pc_catid}', " . "facility_id = '{$facility_id}', " . "billing_facility = '{$billing_facility}', " . "sensitivity = '{$sensitivity}', " . "referral_source = '{$referral_source}', " . "pid = '{$pid}', " . "encounter = '{$encounter}', " . "provider_id = '{$provider_id}'"), "newpatient", $pid, $userauthorized, $date);
} else {
if ($mode == 'update') {
$id = $_POST["id"];
<tr>
<td><a href="#" onClick="javascript:return Validate();" class="css_button"><span><?php
echo htmlspecialchars(xl('Process ERA File'), ENT_QUOTES);
?>
</span></a></td>
</tr>
</table></td>
</tr>
<tr height="5">
<td align="left" ></td>
<td colspan="3" align="left" ></td>
</tr>
</table>
</td></tr>
</table>
</td>
</tr>
</table>
<input type="hidden" name="after_value" id="after_value" value="<?php
echo htmlspecialchars($alertmsg, ENT_QUOTES);
?>
"/>
<input type="hidden" name="hidden_type_code" id="hidden_type_code" value="<?php
echo formData('hidden_type_code');
?>
"/>
<input type='hidden' name='ajax_mode' id='ajax_mode' value='' />
</form>
</body>
</html>
} else {
break;
}
}
//=========
//INSERTION of new entries,continuation of modification.
//=========
for ($CountRow = $CountIndexAbove + 1; $CountRow <= $CountIndexAbove + $CountIndexBelow; $CountRow++) {
if (isset($_POST["HiddenEncounter{$CountRow}"])) {
DistributionInsert($CountRow, $created_time, $user_id);
} else {
break;
}
}
if ($_REQUEST['global_amount'] == 'yes') {
sqlStatement("update ar_session set global_amount=" . trim(formData("HidUnappliedAmount")) * 1 . " where session_id ='{$payment_id}'");
}
if ($_POST["mode"] == "FinishPayments") {
$Message = 'Finish';
}
$_POST["mode"] = "searchdatabase";
$Message = 'Modify';
}
}
//==============================================================================
//Search Code
//===============================================================================
$payment_id = $payment_id * 1 > 0 ? $payment_id : $_REQUEST['payment_id'];
$ResultSearchSub = sqlStatement("SELECT distinct encounter,code_type,code,modifier, pid from ar_activity where session_id ='{$payment_id}' order by pid,encounter,code,modifier");
//==============================================================================
$DateFormat = DateFormatRead();
$sigline['embossed'] = "<div class='signature'>" . " _____________________________________________________<br/>" . "Signature" . "</div>\n";
$sigline['signed'] = "<div class='sig'>" . "<img src='./sig.jpg'>" . "</div>\n";
$query = sqlStatement("select fname,lname,street,city,state,postal_code,phone_home,DATE_FORMAT(DOB,'%m/%d/%y') as DOB from patient_data where pid =" . $_SESSION['pid']);
if ($result = mysql_fetch_array($query, MYSQL_ASSOC)) {
$patient_name = $result['fname'] . ' ' . $result['lname'];
$patient_address = $result['street'];
$patient_city = $result['city'];
$patient_state = $result['state'];
$patient_zip = $result['postal_code'];
$patient_phone = $result['phone_home'];
$patient_dob = $result['DOB'];
}
//update user information if selected from form
if ($_POST['update']) {
// OPTION update practice inf
$query = "update users set " . "fname = '" . formData('practice_fname') . "', " . "lname = '" . formData('practice_lname') . "', " . "title = '" . formData('practice_title') . "', " . "street = '" . formData('practice_address') . "', " . "city = '" . formData('practice_city') . "', " . "state = '" . formData('practice_state') . "', " . "zip = '" . formData('practice_zip') . "', " . "phone = '" . formData('practice_phone') . "', " . "fax = '" . formData('practice_fax') . "', " . "federaldrugid = '" . formData('practice_dea') . "' " . "where id =" . $_SESSION['authUserID'];
sqlInsert($query);
}
//get user information
$query = sqlStatement("select * from users where id =" . $_SESSION['authUserID']);
if ($result = mysql_fetch_array($query, MYSQL_ASSOC)) {
$physician_name = $result['fname'] . ' ' . $result['lname'] . ', ' . $result['title'];
$practice_fname = $result['fname'];
$practice_lname = $result['lname'];
$practice_title = $result['title'];
$practice_address = $result['street'];
$practice_city = $result['city'];
$practice_state = $result['state'];
$practice_zip = $result['zip'];
$practice_phone = $result['phone'];
$practice_fax = $result['fax'];
function DistributionInsert($CountRow, $created_time, $user_id)
{
//Function inserts the distribution.Payment,Adjustment,Deductable,Takeback & Follow up reasons are inserted as seperate rows.
//It automatically pushes to next insurance for billing.
//In the screen a drop down of Ins1,Ins2,Ins3,Pat are given.The posting can be done for any level.
$Affected = 'no';
if (isset($_POST["Payment{$CountRow}"]) && $_POST["Payment{$CountRow}"] * 1 > 0) {
if (trim(formData('type_name')) == 'insurance') {
if (trim(formData("HiddenIns{$CountRow}")) == 1) {
$AccountCode = "IPP";
}
if (trim(formData("HiddenIns{$CountRow}")) == 2) {
$AccountCode = "ISP";
}
if (trim(formData("HiddenIns{$CountRow}")) == 3) {
$AccountCode = "ITP";
}
} elseif (trim(formData('type_name')) == 'patient') {
$AccountCode = "PP";
}
sqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . trim(formData("Payment{$CountRow}")) . "', adj_amount = '" . 0 . "', account_code = '" . "{$AccountCode}" . "'");
$Affected = 'yes';
}
if (isset($_POST["AdjAmount{$CountRow}"]) && $_POST["AdjAmount{$CountRow}"] * 1 != 0) {
if (trim(formData('type_name')) == 'insurance') {
$AdjustString = "Ins adjust Ins" . trim(formData("HiddenIns{$CountRow}"));
$AccountCode = "IA";
} elseif (trim(formData('type_name')) == 'patient') {
$AdjustString = "Pt adjust";
$AccountCode = "PA";
}
idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . trim(formData("AdjAmount{$CountRow}")) . "', memo = '" . "{$AdjustString}" . "', account_code = '" . "{$AccountCode}" . "'");
$Affected = 'yes';
}
if (isset($_POST["Deductible{$CountRow}"]) && $_POST["Deductible{$CountRow}"] * 1 > 0) {
idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . 0 . "', memo = '" . "Deductable \$" . trim(formData("Deductible{$CountRow}")) . "', account_code = '" . "Deduct" . "'");
$Affected = 'yes';
}
if (isset($_POST["Takeback{$CountRow}"]) && $_POST["Takeback{$CountRow}"] * 1 > 0) {
idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . trim(formData("Takeback{$CountRow}")) * -1 . "', adj_amount = '" . 0 . "', account_code = '" . "Takeback" . "'");
$Affected = 'yes';
}
if (isset($_POST["FollowUp{$CountRow}"]) && $_POST["FollowUp{$CountRow}"] == 'y') {
idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . 0 . "', follow_up = '" . "y" . "', follow_up_note = '" . trim(formData("FollowUpReason{$CountRow}")) . "'");
$Affected = 'yes';
}
if ($Affected == 'yes') {
if (trim(formData('type_name')) != 'patient') {
$ferow = sqlQuery("select last_level_closed from form_encounter where \n\t\tpid ='" . trim(formData('hidden_patient_code')) . "' and encounter='" . trim(formData("HiddenEncounter{$CountRow}")) . "'");
//multiple charges can come.
if ($ferow['last_level_closed'] < trim(formData("HiddenIns{$CountRow}"))) {
sqlStatement("update form_encounter set last_level_closed='" . trim(formData("HiddenIns{$CountRow}")) . "' where \n\t\t\tpid ='" . trim(formData('hidden_patient_code')) . "' and encounter='" . trim(formData("HiddenEncounter{$CountRow}")) . "'");
//last_level_closed gets increased.
//-----------------------------------
// Determine the next insurance level to be billed.
$ferow = sqlQuery("SELECT date, last_level_closed " . "FROM form_encounter WHERE " . "pid = '" . trim(formData('hidden_patient_code')) . "' AND encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "'");
$date_of_service = substr($ferow['date'], 0, 10);
$new_payer_type = 0 + $ferow['last_level_closed'];
if ($new_payer_type <= 3 && !empty($ferow['last_level_closed']) || $new_payer_type == 0) {
++$new_payer_type;
}
$new_payer_id = arGetPayerID(trim(formData('hidden_patient_code')), $date_of_service, $new_payer_type);
if ($new_payer_id > 0) {
arSetupSecondary(trim(formData('hidden_patient_code')), trim(formData("HiddenEncounter{$CountRow}")), 0);
}
//-----------------------------------
}
}
}
}
echo $form_review;
?>
'
onsubmit='return validate(this)'>
<table>
<tr>
<td class='text'>
<?php
if ($form_batch) {
$form_from_date = formData('form_from_date', 'P', true);
$form_to_date = formData('form_to_date', 'P', true);
if (empty($form_to_date)) {
$form_to_date = $form_from_date;
}
$form_proc_type = formData('form_proc_type') + 0;
if (!$form_proc_type) {
$form_proc_type = -1;
}
$form_proc_type_desc = '';
if ($form_proc_type > 0) {
$ptrow = sqlQuery("SELECT name FROM procedure_type WHERE " . "procedure_type_id = '{$form_proc_type}'");
$form_proc_type_desc = $ptrow['name'];
}
?>
<?php
xl('Procedure', 'e');
?>
:
<input type='text' size='30' name='form_proc_type_desc'
value='<?php
$res = SqlStatement($sql, array($key));
$row = SqlFetchArray($res);
insert_language_log($row['lang_description'], $row['lang_code'], $row['constant_name'], $value);
$go = 'yes';
}
}
}
if ($go == 'yes') {
echo htmlspecialchars(xl("New Definition set added"), ENT_NOQUOTES);
}
}
if ($_POST['edit']) {
if ($_POST['language_select'] == '') {
exit(htmlspecialchars(xl("Please select a language"), ENT_NOQUOTES));
}
$lang_id = (int) formData('language_select');
$lang_filter = isset($_POST['filter_cons']) ? $_POST['filter_cons'] : '';
$lang_filter .= '%';
$lang_filter_def = isset($_POST['filter_def']) ? $_POST['filter_def'] : '';
$lang_filter_def .= '%';
$bind_sql_array = array();
array_push($bind_sql_array, $lang_filter);
$sql = "SELECT lc.cons_id, lc.constant_name, ld.def_id, ld.definition, ld.lang_id " . "FROM lang_definitions AS ld " . "RIGHT JOIN ( lang_constants AS lc, lang_languages AS ll ) ON " . "( lc.cons_id = ld.cons_id AND ll.lang_id = ld.lang_id ) " . "WHERE lc.constant_name " . $case_insensitive_collation . " LIKE ? AND ( ll.lang_id = 1 ";
if ($lang_id != 1) {
array_push($bind_sql_array, $lang_id);
$sql .= "OR ll.lang_id=? ";
$what = "SELECT * from lang_languages where lang_id=? LIMIT 1";
$res = SqlStatement($what, array($lang_id));
$row = SqlFetchArray($res);
$lang_name = $row['lang_description'];
}
if ($check_sum) {
?>
<th id="sortby_checksum" class="text" title="<?php
xl('Sort by Checksum', 'e');
?>
"><?php
xl('Checksum', 'e');
?>
</th>
<?php
}
?>
</tr>
<?php
$eventname = formData('eventname', 'G');
$type_event = formData('type_event', 'G');
?>
<input type=hidden name=event value=<?php
echo $eventname . "-" . $type_event;
?>
>
<?php
$tevent = "";
$gev = "";
if ($eventname != "" && $type_event != "") {
$getevent = $eventname . "-" . $type_event;
}
if ($eventname == "" && $type_event != "") {
$tevent = $type_event;
} else {
if ($type_event == "" && $eventname != "") {
<?php
// Copyright (C) 2008 Jason Morrill <*****@*****.**>
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This file use is used specifically to look up drug names when
// writing a prescription. See the file:
// templates/prescriptions/general_edit.html
// for additional information
//
// Important - Ensure that display_errors=Off in php.ini settings.
//
include_once "../../interface/globals.php";
include_once "{$GLOBALS['srcdir']}/sql.inc";
include_once "{$GLOBALS['srcdir']}/formdata.inc.php";
$q = formData("q", "G", true);
if (!$q) {
return;
}
$limit = $_GET['limit'];
$sql = "select drug_id, name from drugs where " . " name like ('" . $q . "%')" . " order by name " . " limit " . $limit;
$rez = sqlStatement($sql);
while ($row = sqlFetchArray($rez)) {
echo $row['name'] . "|" . $row['drug_id'] . "\n";
}
} else {
if ($_POST["mode"] == "new_group") {
$res = sqlStatement("select distinct name, user from groups");
for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
$result[$iter] = $row;
}
$doit = 1;
foreach ($result as $iter) {
if ($doit == 1 && $iter["name"] == trim(formData('groupname')) && $iter["user"] == trim(formData('rumple'))) {
$doit--;
}
}
if ($doit == 1) {
sqlStatement("insert into groups set name = '" . trim(formData('groupname')) . "', user = '******'rumple')) . "'");
} else {
$alertmsg .= "User " . trim(formData('rumple')) . " is already a member of group " . trim(formData('groupname')) . ". ";
}
}
}
}
if (isset($_GET["mode"])) {
/*******************************************************************
// This is the code to delete a user. Note that the link which invokes
// this is commented out. Somebody must have figured it was too dangerous.
//
if ($_GET["mode"] == "delete") {
$res = sqlStatement("select distinct username, id from users where id = '" .
$_GET["id"] . "'");
for ($iter = 0; $row = sqlFetchArray($res); $iter++)
$result[$iter] = $row;
if ($_GET["ssi_relayhealth"]) {
$tqvar = formData('ssi_relayhealth', 'G');
sqlStatement("update users set ssi_relayhealth = '{$tqvar}' where id = {$_GET["id"]}");
}
$tqvar = $_GET["authorized"] ? 1 : 0;
$actvar = $_GET["active"] ? 1 : 0;
$calvar = $_GET["calendar"] ? 1 : 0;
sqlStatement("UPDATE users SET authorized = {$tqvar}, active = {$actvar}, " . "calendar = {$calvar}, see_auth = '" . $_GET['see_auth'] . "' WHERE " . "id = {$_GET["id"]}");
if ($_GET["comments"]) {
$tqvar = formData('comments', 'G');
sqlStatement("update users set info = '{$tqvar}' where id = {$_GET["id"]}");
}
if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
// Set the access control group of user
$user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id"]}"));
set_user_aro($_GET['access_group'], $user_data["username"], formData('fname', 'G'), formData('mname', 'G'), formData('lname', 'G'));
}
$ws = new WSProvider($_GET['id']);
/*Dont move usergroup_admin (1).php just close window
// On a successful update, return to the users list.
include("usergroup_admin.php");
exit(0);
*/
echo '
<script type="text/javascript">
<!--
parent.$.fn.fancybox.close();
//-->
</script>
';
} else {
$where .= " AND {$field_id} LIKE '{$value}%'";
}
}
echo "<input type='hidden' name='{$field_id}' value='{$value}' />\n";
}
}
$sql = "SELECT {$given} FROM patient_data " . "WHERE {$where} ORDER BY {$orderby} LIMIT {$fstart}, {$sqllimit}";
$rez = sqlStatement($sql);
$result = array();
while ($row = sqlFetchArray($rez)) {
$result[] = $row;
}
_set_patient_inc_count($sqllimit, count($result), $where);
} else {
$patient = formData("patient", "R");
$findBy = $_REQUEST['findBy'];
$searchFields = $_REQUEST['searchFields'];
echo "<input type='hidden' name='patient' value='{$patient}' />\n";
echo "<input type='hidden' name='findBy' value='{$findBy}' />\n";
if ($findBy == "Last") {
$result = getPatientLnames("{$patient}", $given, $orderby, $sqllimit, $fstart);
} else {
if ($findBy == "ID") {
$result = getPatientId("{$patient}", $given, "id ASC, " . $orderby, $sqllimit, $fstart);
} else {
if ($findBy == "DOB") {
$result = getPatientDOB("{$patient}", $given, "DOB ASC, " . $orderby, $sqllimit, $fstart);
} else {
if ($findBy == "SSN") {
$result = getPatientSSN("{$patient}", $given, "ss ASC, " . $orderby, $sqllimit, $fstart);
$newdata[$tblname][$colname] = $value;
}
updatePatientData($pid, $newdata['patient_data'], true);
updateEmployerData($pid, $newdata['employer_data'], true);
$i1dob = fixDate(formData("i1subscriber_DOB"));
$i1date = fixDate(formData("i1effective_date"));
// sqlStatement("unlock tables");
// end table lock
newHistoryData($pid);
newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment'));
$i2dob = fixDate(formData("i2subscriber_DOB"));
$i2date = fixDate(formData("i2effective_date"));
newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment'));
$i3dob = fixDate(formData("i3subscriber_DOB"));
$i3date = fixDate(formData("i3effective_date"));
newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment'));
?>
<html>
<body>
<script language="Javascript">
<?php
if ($alertmsg) {
echo "alert('{$alertmsg}');\n";
}
echo "window.location='{$rootdir}/patient_file/summary/demographics.php?" . "set_pid={$pid}&is_new=1';\n";
?>
</script>
</body>
</html>
function invalue($name)
{
$fld = formData($name, "P", true);
return "'{$fld}'";
}
<?php
require_once "../globals.php";
require_once "../../library/acl.inc";
require_once "{$srcdir}/sql.inc";
require_once "{$srcdir}/formdata.inc.php";
$alertmsg = '';
/* Inserting New facility */
if (isset($_POST["mode"]) && $_POST["mode"] == "facility" && $_POST["newmode"] != "admin_facility") {
$insert_id = sqlInsert("INSERT INTO facility SET " . "name = '" . trim(formData('facility')) . "', " . "phone = '" . trim(formData('phone')) . "', " . "fax = '" . trim(formData('fax')) . "', " . "street = '" . trim(formData('street')) . "', " . "city = '" . trim(formData('city')) . "', " . "state = '" . trim(formData('state')) . "', " . "postal_code = '" . trim(formData('postal_code')) . "', " . "country_code = '" . trim(formData('country_code')) . "', " . "federal_ein = '" . trim(formData('federal_ein')) . "', " . "website = '" . trim(formData('website')) . "', " . "email = '" . trim(formData('email')) . "', " . "color = '" . trim(formData('ncolor')) . "', " . "service_location = '" . trim(formData('service_location')) . "', " . "billing_location = '" . trim(formData('billing_location')) . "', " . "accepts_assignment = '" . trim(formData('accepts_assignment')) . "', " . "pos_code = '" . trim(formData('pos_code')) . "', " . "domain_identifier = '" . trim(formData('domain_identifier')) . "', " . "attn = '" . trim(formData('attn')) . "', " . "tax_id_type = '" . trim(formData('tax_id_type')) . "', " . "primary_business_entity = '" . trim(formData('primary_business_entity')) . "', " . "facility_npi = '" . trim(formData('facility_npi')) . "'," . "facility_code = '" . trim(formData('facility_id')) . "'");
}
/* Editing existing facility */
if ($_POST["mode"] == "facility" && $_POST["newmode"] == "admin_facility") {
sqlStatement("update facility set\n\t\tname='" . trim(formData('facility')) . "',\n\t\tphone='" . trim(formData('phone')) . "',\n\t\tfax='" . trim(formData('fax')) . "',\n\t\tstreet='" . trim(formData('street')) . "',\n\t\tcity='" . trim(formData('city')) . "',\n\t\tstate='" . trim(formData('state')) . "',\n\t\tpostal_code='" . trim(formData('postal_code')) . "',\n\t\tcountry_code='" . trim(formData('country_code')) . "',\n\t\tfederal_ein='" . trim(formData('federal_ein')) . "',\n\t\twebsite='" . trim(formData('website')) . "',\n\t\temail='" . trim(formData('email')) . "',\n\t\tcolor='" . trim(formData('ncolor')) . "',\n\t\tservice_location='" . trim(formData('service_location')) . "',\n\t\tbilling_location='" . trim(formData('billing_location')) . "',\n\t\taccepts_assignment='" . trim(formData('accepts_assignment')) . "',\n\t\tpos_code='" . trim(formData('pos_code')) . "',\n\t\tdomain_identifier='" . trim(formData('domain_identifier')) . "',\n\t\tfacility_npi='" . trim(formData('facility_npi')) . "',\n\t\tattn='" . trim(formData('attn')) . "' ,\n\t\tprimary_business_entity='" . trim(formData('primary_business_entity')) . "' ,\n\t\ttax_id_type='" . trim(formData('tax_id_type')) . "' ,\n facility_code = '" . trim(formData('facility_id')) . "'\n\twhere id='" . trim(formData('fid')) . "'");
}
?>
<html>
<head>
<link rel="stylesheet" href="<?php
echo $css_header;
?>
" type="text/css">
<link rel="stylesheet" type="text/css" href="<?php
echo $GLOBALS['webroot'];
?>
/library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" />
<script type="text/javascript" src="<?php
echo $GLOBALS['webroot'];
?>
/library/dialog.js"></script>
<script type="text/javascript" src="<?php
?>
</table>
</td>
</tr>
<?php
}
//if ($_POST["mode"] == "SearchPayment")
?>
</table>
</td>
</tr>
</table>
<input type='hidden' name='mode' id='mode' value='' />
<input type='hidden' name='ajax_mode' id='ajax_mode' value='' />
<input type="hidden" name="hidden_type_code" id="hidden_type_code" value="<?php
echo htmlspecialchars(formData('hidden_type_code'));
?>
"/>
<input type='hidden' name='DeletePaymentId' id='DeletePaymentId' value='' />
<input type='hidden' name='SortFieldOld' id='SortFieldOld' value='<?php
echo htmlspecialchars($PaymentSortBy);
?>
' />
<input type='hidden' name='Sort' id='Sort' value='<?php
echo htmlspecialchars($Sort);
?>
' />
<input type="hidden" name="after_value" id="after_value" value="<?php
echo htmlspecialchars($Message);
?>
"/>
$msg = invoice_add_line_item($invoice_info, 'COPAY', $paydesc, $form_source, 0 - $amount);
if ($msg) {
die($msg);
}
}
}
if (!$INTEGRATED_AR) {
$msg = invoice_post($invoice_info);
if ($msg) {
die($msg);
}
}
// If applicable, set the invoice reference number.
$invoice_refno = '';
if (isset($_POST['form_irnumber'])) {
$invoice_refno = formData('form_irnumber', 'P', true);
} else {
$invoice_refno = add_escape_custom(updateInvoiceRefNumber());
}
if ($invoice_refno) {
sqlStatement("UPDATE form_encounter " . "SET invoice_refno = '{$invoice_refno}' " . "WHERE pid = '{$form_pid}' AND encounter = '{$form_encounter}'");
}
generate_receipt($form_pid, $form_encounter);
exit;
}
// If an encounter ID was given, then we must generate a receipt.
//
if (!empty($_GET['enc'])) {
generate_receipt($pid, $_GET['enc']);
exit;
}
