Example #1
0
function approveTheRefund()
{
    //update the record in the DB as Approved
    global $db;
    $now = date("Y-m-d H:i:s");
    $current_user_dept_id = "";
    $department_name = "";
    $accouting_approval = "";
    $billing_approval = "";
    $query = "SELECT dept_id from users WHERE user_id='{$_SESSION['userid']}'";
    $result = mysqli_query($db, $query);
    while ($row = mysqli_fetch_array($result)) {
        $current_user_dept_id = $row['dept_id'];
    }
    $query = "SELECT name from departments WHERE dept_id={$current_user_dept_id}";
    $result = mysqli_query($db, $query);
    while ($row = @mysqli_fetch_array($result)) {
        $department_name = $row['name'];
    }
    if ($department_name == "Accounting") {
        $billing_initial_approval = 0;
        $billing_final_approval = 0;
        $accounting_approval = 0;
        $queryCheckStatus = "SELECT accounting_approval,billing_initial_approval,billing_final_approval WHERE refund_id = {$_POST['refund_id']} ";
        $resultCheckStatus = mysqli_query($db, $queryCheckStatus);
        while ($rowCheckStatus = @mysqli_fetch_array($resultCheckStatus)) {
            $billing_initial_approval = $rowCheckStatus['billing_initial_approval'];
            $billing_final_approval = $rowCheckStatus['billing_final_approval'];
            $accounting_approval = $rowCheckStatus['accounting_approval'];
        }
        if (!$accounting_approval) {
            $query = "UPDATE refund \n\t\t\t\t\t\t\tSET status='ACCOUNTING APPROVED',\n\t\t\t\t\t\t\tmodfied_by={$_SESSION['userid']}, \n\t\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\t\taccounting_approval=1,\n\t\t\t\t\t\t\tvoided =0 \n\t\t\t\t\t\tWHERE refund_id = {$_POST['refund_id']} ";
            $result = mysqli_query($db, $query);
            //execute the update
            //TRACK CHANGES
            if ($billing_initial_approval) {
                //WAS IN THIS STAGE BEFORE THE ABOVE UPDATE
                $status_before = 'ACCOUNTING APPROVAL';
                $status_after = 'ACCOUNTING APPROVED';
                trackRefundChanges($status_before, $status_after);
                //$queryStatusChange = "INSERT INTO refund_changes (refund_id, status_before, status_after, date, name) VALUES ('{$_POST['refund_id']}','ACCOUNTING APPROVAL','ACCOUNTING APPROVED','{$now}','{$_SESSION['userid']}'";
                //$result = mysqli_query($db,$queryStatusChange);
            }
            //TRACK THE CHANGES
            echo 'the result was <br>';
            echo $query;
        }
        //select info to build up email for creator notification of rejection//////////////////////////////////////////////////////////////////////////////////////
        $created_by = "";
        $status = "";
        $is_urgent = "";
        $payable_to = "";
        $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = {$_POST['refund_id']} ";
        $result = mysqli_query($db, $query);
        while ($row = mysqli_fetch_array($result)) {
            $created_by = $row['created_by'];
            $is_urgent = $row['urgent'];
            $payable_to = $row['payable'];
        }
        $queryUsername = "******";
        $resultUsername = mysqli_query($db, $queryUsername);
        $rowUsername = mysqli_fetch_array($resultUsername);
        $to = $rowUsername['username'] . '@chcb.org';
        //send notification that a refund has been accounting approved: call mail_presets
        //RULE: ON Accounting Approval:
        //IF urgent status email both creator and Erika, otherwise just email Erika///////////////////////////////////////////
        //Email Three people from PAR1 -->Laura W., E.B., and Kim F. //
        if ($is_urgent) {
            //verify that this works as intended
            //$last_id = mysqli_insert_id($db);
            $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been approved by accounting, and is awaiting PAR1 Completion. <br>  This refund was marked as URGENT.";
            mail_presets($to, $status);
            //creator
            mail_presets("*****@*****.**", $status);
            //email erika (ebrown@chcb.org)
            //email PAR1 recipients
            mail_presets("*****@*****.**", $status);
            //email
            mail_presets("*****@*****.**", $status);
            //email
        } else {
            //$last_id = mysqli_insert_id($db);
            $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been approved by accounting,and is awaiting PAR1 Completion.";
            mail_presets($to, $status);
            //creator
            mail_presets("*****@*****.**", $status);
            //email erika (ebrown@chcb.org)
            //email PAR1 recipients
            mail_presets("*****@*****.**", $status);
            //email
            mail_presets("*****@*****.**", $status);
            //email
            //email PAR1 three recipients
        }
        //END Send Emails Upon Accounting Approval ////////////////////////////////////////////////////////////////////////////////////////
    } elseif (trim($department_name) == "Billing") {
        $billing_initial_approval = 0;
        $accounting_approval = 0;
        $billing_final_approval = 0;
        $current_status = "";
        $refund_amt = 0;
        $queryCheckStatus = "SELECT amount,status,accounting_approval, billing_initial_approval,billing_final_approval FROM refund WHERE refund_id = '{$_POST['refund_id']}' ";
        $resultCheckStatus = mysqli_query($db, $queryCheckStatus);
        while ($rowCheckStatus = @mysqli_fetch_array($resultCheckStatus)) {
            $billing_initial_approval = $rowCheckStatus['billing_initial_approval'];
            $accounting_approval = $rowCheckStatus['accounting_approval'];
            $billing_final_approval = $rowCheckStatus['billing_final_approval'];
            $status = $rowCheckStatus['status'];
            $refund_amt = $rowCheckStatus['amount'];
        }
        //THREE MAJOR USE CASES: ///////////////////////////////////////////////////////////////////////////////////////////////////////////
        //BILLING:
        //IF THE STATUS WAS MARKED AS 'NEW' YOU NOW MARK IT AS: 'ACCOUNTING APPROVAL'
        //IF THE STATUS WAS MARKED AS 'ACCOUNTING APPROVED'
        //--> IF AMT <= 500 MARK AS 'COMPLETED' (BUT check that all: $billing_initial_approval,$accounting_approval, and $billing_final_approval are set)
        //--> IF AMT > 500 MARK AS 'BILLING APPROVED'
        //IF THE STATUS WAS MARKED AS BILLING APPROVED
        //UPDATE THE STATUS AS COMPLETED (BUT check that all: $billing_initial_approval,$accounting_approval, and $billing_final_approval are set)
        //IF THE STATUS WAS MARKED AS 'NEW' YOU NOW MARK IT AS: 'ACCOUNTING APPROVAL'
        if ($status == 'NEW') {
            $created_by = "";
            $status = "";
            $is_urgent = "";
            $payable_to = "";
            $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = '{$_POST['refund_id']}' ";
            $result = mysqli_query($db, $query);
            //	echo 'the new query is <br>';
            //	echo $query;
            while ($row = mysqli_fetch_array($result)) {
                $created_by = $row['created_by'];
                $is_urgent = $row['urgent'];
                $payable_to = $row['payable'];
            }
            $queryUsername = "******";
            $resultUsername = mysqli_query($db, $queryUsername);
            $rowUsername = mysqli_fetch_array($resultUsername);
            $to = $rowUsername['username'] . '@chcb.org';
            //send to accounting approval and mark as billing initially approved
            $query = "UPDATE refund \n\t\t\t\t\t\t\tSET status='ACCOUNTING APPROVAL',\n\t\t\t\t\t\t\tmodified_by={$_SESSION['userid']}, \n\t\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\t\tbilling_initial_approval=1,\n\t\t\t\t\t\t\tvoided =0 \n\t\t\t\t\t\tWHERE refund_id = '{$_POST['refund_id']}' ";
            $result = mysqli_query($db, $query);
            //execute the update
            //TRACK CHANGES
            $status_before = $status;
            $status_after = 'ACCOUNTING APPROVAL';
            trackRefundChanges($status_before, $status_after);
            //TRACK THE CHANGES
            ////////
            $status = "A Refund for " . $_POST['payable'] . " with a Refund ID " . $_POST['refund_id'] . " has initial approval by PAR2. <br> ";
            $from = "Patient Refund <*****@*****.**>";
            $subject = "Updated Patient Refund Request";
            $body = "Hello,\n\n patient refund request # {$_POST['refund_id']} has been updated. Please login to the Patient Refund web application to review.";
            $body .= "<br>Status: " . $status;
            echo 'the from field is <br>';
            echo $from;
            echo '<br>';
            echo 'the to field is <br>';
            echo $to;
            echo '<br>';
            echo 'the subject is <br>';
            echo $subject;
            echo '<br>';
            echo 'the body of the email is something to the effect of: <br>';
            echo $body;
            echo '<br>';
            /////////
            if ($is_urgent) {
                //verify that this works as intended
                //$last_id = mysqli_insert_id($db);
                $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has initial approval by PAR2. <br> It has been marked as URGENT. ";
                mail_presets($to, $status);
                //creator
                mail_presets("*****@*****.**", $status);
                //email erika (ebrown@chcb.org)
                //email PAR1 recipients
                mail_presets("*****@*****.**", $status);
                //email
                mail_presets("*****@*****.**", $status);
                //email
            } else {
                //$last_id = mysqli_insert_id($db);
                $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has initial approval by PAR2. <br> ";
                mail_presets($to, $status);
                //creator
                mail_presets("*****@*****.**", $status);
                //email erika (ebrown@chcb.org)
                //email PAR1 recipients
                mail_presets("*****@*****.**", $status);
                //email
                mail_presets("*****@*****.**", $status);
                //email
            }
        } elseif ($status == 'ACCOUNTING APPROVED') {
            //IF accounting approved, then billers can only have two possible actions <500 or not
            //mark as completed if meets conditions
            //$billing_initial_approval $accounting_approval $billing_final_approval
            if ($refund_amt <= 500 && billing_initial_approval && $accounting_approval && $billing_final_approval) {
                //if($refund_amt<=500){
                $query = "UPDATE refund \n\t\t\t\t\t\t\tSET status='COMPLETED',\n\t\t\t\t\t\t\tmodified_by={$_SESSION['userid']}, \n\t\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\t\tvoided =0 \n\t\t\t\t\t\tWHERE refund_id = {$_POST['refund_id']} ";
                $result = mysqli_query($db, $query);
                //execute the update
                //TRACK CHANGES
                $status_before = $status;
                $status_after = 'COMPLETED';
                trackRefundChanges($_POST, $status_before, $status_after);
                //TRACK THE CHANGES
                //SEND OFF THE APPROPRIATE NOTIFICATION EMAILS
                //select info to build up email for creator notification//////////////////////////////////////////////////////////////////////////////////////
                $created_by = "";
                $status = "";
                $is_urgent = "";
                $payable_to = "";
                $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = {$_POST['refund_id']} ";
                $result = mysqli_query($db, $query);
                while ($row = mysqli_fetch_array($result)) {
                    $created_by = $row['created_by'];
                    $is_urgent = $row['urgent'];
                    $payable_to = $row['payable'];
                }
                $queryUsername = "******";
                $resultUsername = mysqli_query($db, $queryUsername);
                $rowUsername = mysqli_fetch_array($resultUsername);
                $to = $rowUsername['username'] . '@chcb.org';
                //send notification that a refund has been billing approved: call mail_presets
                //RULE: ON Billing Approval:
                //IF urgent status email both creator and Erika, otherwise just email Erika///////////////////////////////////////////
                //Email Three people from PAR1 -->Laura W., E.B., and Kim F. //
                if ($is_urgent) {
                    //verify that this works as intended
                    //$last_id = mysqli_insert_id($db);
                    $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been approved by billing and is now marked as completed. <br>  This refund was marked as URGENT.";
                    mail_presets($to, $status);
                    //creator
                    mail_presets("*****@*****.**", $status);
                    //email erika (ebrown@chcb.org)
                    //email PAR1 recipients
                    mail_presets("*****@*****.**", $status);
                    //email
                    mail_presets("*****@*****.**", $status);
                    //email
                } else {
                    //$last_id = mysqli_insert_id($db);
                    $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been approved by billing and is now marked as completed.";
                    mail_presets($to, $status);
                    //creator
                    mail_presets("*****@*****.**", $status);
                    //email erika (ebrown@chcb.org)
                    //email PAR1 recipients
                    mail_presets("*****@*****.**", $status);
                    //email
                    mail_presets("*****@*****.**", $status);
                    //email
                }
            } else {
                //if greater than 500, update with second approval
                //status is set as BILLING APPROVED as soon as either PAR2 verifies and accounting,
                //or PAR2 double verifies and accounting
                $query = "UPDATE refund \n\t\t\t\t\t\t\tSET status='BILLING APPROVED',\n\t\t\t\t\t\t\tmodified_by={$_SESSION['userid']}, \n\t\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\t\tbilling_final_approval=1,\n\t\t\t\t\t\t\tvoided =0 \n\t\t\t\t\t\tWHERE refund_id = {$_POST['refund_id']} ";
                $result = mysqli_query($db, $query);
                //execute the update
                //TRACK CHANGES
                $status_before = $status;
                $status_after = 'BILLING APPROVED';
                trackRefundChanges($status_before, $status_after);
                //TRACK THE CHANGES
                //SEND OFF THE APPROPRIATE NOTIFICATION EMAILS
                //select info to build up email for creator notification//////////////////////////////////////////////////////////////////////////////////////
                $created_by = "";
                $status = "";
                $is_urgent = "";
                $payable_to = "";
                $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = {$_POST['refund_id']} ";
                $result = mysqli_query($db, $query);
                while ($row = mysqli_fetch_array($result)) {
                    $created_by = $row['created_by'];
                    $is_urgent = $row['urgent'];
                    $payable_to = $row['payable'];
                }
                $queryUsername = "******";
                $resultUsername = mysqli_query($db, $queryUsername);
                $rowUsername = mysqli_fetch_array($resultUsername);
                $to = $rowUsername['username'] . '@chcb.org';
                //send notification that a refund has been billing approved: call mail_presets
                //RULE: ON Billing Approval:
                //IF urgent status email both creator and Erika, otherwise just email Erika///////////////////////////////////////////
                //Email Three people from PAR1 -->Laura W., E.B., and Kim F. //
                if ($is_urgent) {
                    //verify that this works as intended
                    //$last_id = mysqli_insert_id($db);
                    $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has received dual approval by Billing and is awaiting final completion by PAR1. <br>  This refund was marked as URGENT.";
                    mail_presets($to, $status);
                    //creator
                    mail_presets("*****@*****.**", $status);
                    //email erika (ebrown@chcb.org)
                    //email PAR1 recipients
                    mail_presets("*****@*****.**", $status);
                    //email
                    mail_presets("*****@*****.**", $status);
                    //email
                } else {
                    //$last_id = mysqli_insert_id($db);
                    $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " received dual approval by Billing and is awaiting final completion by PAR1.";
                    mail_presets($to, $status);
                    //creator
                    mail_presets("*****@*****.**", $status);
                    //email erika (ebrown@chcb.org)
                    //email PAR1 recipients
                    mail_presets("*****@*****.**", $status);
                    //email
                    mail_presets("*****@*****.**", $status);
                    //email
                }
            }
            //end else amount > 500
        } elseif ($status == 'BILLING APPROVED') {
            //if status is billing approved and you are a biller the only possible action is to complete
            //contingent on all other approvals
            if (billing_initial_approval && $accounting_approval && $billing_final_approval) {
                $query = "UPDATE refund \n\t\t\t\t\t\t\t\t\tSET status='COMPLETED',\n\t\t\t\t\t\t\t\t\tmodified_by={$_SESSION['userid']}, \n\t\t\t\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\t\t\t\tvoided =0 \n\t\t\t\t\t\t\t\tWHERE refund_id = {$_POST['refund_id']} ";
                $result = mysqli_query($db, $query);
                //execute the update
            }
            //TRACK CHANGES
            $status_before = $status;
            $status_after = 'COMPLETED';
            trackRefundChanges($status_before, $status_after);
            //TRACK THE CHANGES
            //SEND OFF THE APPROPRIATE NOTIFICATION EMAILS
            //select info to build up email for creator notification of rejection//////////////////////////////////////////////////////////////////////////////////////
            $created_by = "";
            $status = "";
            $is_urgent = "";
            $payable_to = "";
            $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = {$_POST['refund_id']} ";
            $result = mysqli_query($db, $query);
            while ($row = mysqli_fetch_array($result)) {
                $created_by = $row['created_by'];
                $is_urgent = $row['urgent'];
                $payable_to = $row['payable'];
            }
            $queryUsername = "******";
            $resultUsername = mysqli_query($db, $queryUsername);
            $rowUsername = mysqli_fetch_array($resultUsername);
            $to = $rowUsername['username'] . '@chcb.org';
            //send notification that a refund has been accounting approved: call mail_presets
            //RULE: ON Billing Approval:
            //IF urgent status email both creator and Erika, otherwise just email Erika///////////////////////////////////////////
            //Email Three people from PAR1 -->Laura W., E.B., and Kim F. //
            if ($is_urgent) {
                //verify that this works as intended
                //$last_id = mysqli_insert_id($db);
                $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been marked as completed by billing. <br>  This refund was marked as URGENT.";
                mail_presets($to, $status);
                //creator
                mail_presets("*****@*****.**", $status);
                //email erika (ebrown@chcb.org)
                //email PAR1 recipients
                mail_presets("*****@*****.**", $status);
                //email
                mail_presets("*****@*****.**", $status);
                //email
            } else {
                //$last_id = mysqli_insert_id($db);
                $status = "The Refund for " . $payable_to . " with a Refund ID of " . $_POST['refund_id'] . " has been marked as completed by billing.";
                mail_presets($to, $status);
                //creator
                mail_presets("*****@*****.**", $status);
                //email erika (ebrown@chcb.org)
                //email PAR1 recipients
                mail_presets("*****@*****.**", $status);
                //email
                mail_presets("*****@*****.**", $status);
                //email
            }
        }
        //THREE MAJOR USE CASES: ///////////////////////////////////////////////////////////////////////////////////////////////////////////
    } else {
        //this means they are an admin with either Approver or SuperUser status, either way they have override approval abilities for purposes of this app
        //haven't fully flushed out this use case
        $query = "UPDATE refund \n\t\t\t\t\t\tSET status='APPROVED', \n\t\t\t\t\t\tmodified_by={$_SESSION['userid']}, \n\t\t\t\t\t\tmodified_dt='{$now}',\n\t\t\t\t\t\tvoided =0\t\t\t\t\n\t\t\t\t\tWHERE refund_id = {$_POST['refund_id']} ";
    }
    $result = mysqli_query($db, $query);
    if (@mysqli_error($result)) {
        print mysqli_error($result);
    }
    //START Derek Hack////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    //Hack inserted because app previously wasn't immediately displaying changes, forces a refresh of page if the form has been submitted.
    //Refresh the page if you just edited a refund, but before you hit the back to refunds page
    //Refresh the page if you just edited a refund, but before you hit the back to refunds page
    if (isset($_POST['_app_submit']) && $_POST['Approve'] == "approve") {
        //include 'dump_all_page_contents.php';
        //build up the redirect string to redirect to the edit page of the refund you are currently editing (needs to reference correct refund_id)
        //format:
        //?refund_id=3&action=delete
        $refresh_id = "?refund_id=";
        $refresh_id .= $_POST['refund_id'];
        $refresh_id .= "&action=approve";
        Header('Location: ' . $_SERVER['PHP_SELF'] . $refresh_id);
    }
    //END Derek Hack//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    //show successful void message
    print '<h3 align="center"> Refund for  ' . $_POST['payable'] . ' has been successfully Approved!</h3>';
    print '<h4 align="center"><a href="index.php">Return to Refunds Page</a></h4>';
    //echo "I'm about to approve you.";
    //die();
}
Example #2
0
     //show successful void message
     print '<h3 align="center"> Refund for  ' . $_POST['payable'] . ' has been successfully voided!</h3>';
     print '<h4 align="center"><a href="refunds.php">Return to Refunds Page</a></h4>';
     //echo "I'm about to void you.";
     //die();
 } elseif (isset($_POST['_rej_submit']) && $_POST['_rej_submit'] != "" && $_POST['_rej_submit'] != NULL) {
     $now = date("Y-m-d H:i:s");
     $query_status = "SELECT status FROM refund WHERE refund_id={$_POST['refund_id']}";
     $result_status = mysqli_query($db, $query_status);
     $rowquery_status = mysqli_fetch_array($result_status);
     $query_reject = "UPDATE refund SET \n\t\t\t\tstatus='REJECTED', \n\t\t\t\tmodified_by='{$_SESSION['userid']}', \n\t\t\t\tmodified_dt='{$now}',\n\t\t\t\trejected =1 \n\t\t\t\tWHERE refund_id = '{$_POST['refund_id']}' ";
     $result_reject = mysqli_query($db, $query_reject);
     //TRACK CHANGES
     $status_before = $rowquery_status['status'];
     $status_after = 'REJECTED';
     trackRefundChanges($status_before, $status_after);
     //TRACK THE CHANGES
     if (@mysqli_error($result_reject)) {
         print mysqli_error($result_reject);
     }
     //select info to build up email for creator notification of rejection//////////////////////////////////////////////////////////////////////////////////////
     $created_by = "";
     $status = "";
     $is_urgent = "";
     $payable_to = "";
     $query = "SELECT created_by,urgent,payable FROM refund WHERE refund_id = {$_POST['refund_id']} ";
     $result = mysqli_query($db, $query);
     while ($row = mysqli_fetch_array($result)) {
         $created_by = $row['created_by'];
         $is_urgent = $row['urgent'];
         $payable_to = $row['payable'];