public function valid($credentials)
{
$timminus = date("Y-m-d H:m", strtotime(date("Y-m-d H:m")) - 7200) . ":00";
sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)", array($timminus));
sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?", array($timminus));
global $pid;
$ok = 0;
$okE = 0;
$okN = 0;
$okO = 0;
$okP = 0;
$tim = strtotime(gmdate("Y-m-d H:m"));
$res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?", array($credentials[3]));
if (sqlNumRows($res)) {
if ($GLOBALS['validated_offsite_portal'] != true) {
return false;
}
} else {
$grpID = sqlInsert("INSERT INTO audit_master SET type=5");
sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ", array($credentials[3], $grpID));
}
if (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim) . $credentials[3]) == $credentials[2]) {
$ok = 1;
} elseif (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim - 3600) . $credentials[3]) == $credentials[2]) {
$ok = 1;
} elseif (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim + 3600) . $credentials[3]) == $credentials[2]) {
$ok = 1;
}
if ($credentials[1] == $GLOBALS['portal_offsite_username'] && $ok == 1 && $GLOBALS['portal_offsite_enable'] == 1 || $GLOBALS['validated_offsite_portal'] == true) {
$prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?", array($credentials[6]));
if ($credentials[4] == 'existingpatient') {
if (UserService::validcredential($credentials) === 2) {
$okE = 2;
} elseif (UserService::validcredential($credentials) == true) {
$okE = 1;
} else {
return false;
}
} elseif ($credentials[4] == 'oemruser') {
if ($credentials[9]) {
$prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?", array($credentials[9]));
}
$okO = 1;
} elseif ($credentials[4] == 'newpatient') {
if (UserService::validcredential($credentials) === 2) {
$okN = 3;
} elseif (UserService::validcredential($credentials)) {
$okN = 2;
} else {
$okN = 1;
$prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
}
}
if ($okE == 1 || $okN == 2 || $okN == 1 || $okO == 1) {
$pid = $prow['pid'];
$GLOBALS['pid'] = $prow['pid'];
} elseif ($okE == 2 || $okN == 3) {
$arow = sqlQuery("\n\t\t\t\tSELECT \n\t\t\t\t\tad.audit_master_id \n\t\t\t\tFROM\n\t\t\t\t\taudit_details ad \n\t\t\t\t\tJOIN audit_details ad2 \n\t\t\t\t\t\tON ad2.audit_master_id = ad.audit_master_id \n\t\t\t\t\t\tAND ad2.table_name = 'patient_access_offsite' \n\t\t\t\t\t\tAND ad2.field_name = 'portal_pwd' \n\t\t\t\tWHERE ad.table_name = 'patient_access_offsite' \n\t\t\t\t\tAND ad.field_name = 'portal_username' \n\t\t\t\t\tAND ad.field_value = ?\n\t\t\t", array($credentials[6]));
$auditmasterid = $arow['audit_master_id'];
$GLOBALS['auditmasterid'] = $arow['audit_master_id'];
$pid = 0;
$GLOBALS['pid'] = 0;
}
$_GET['site'] = $credentials[0];
if ($okE) {
if ($okE == 1) {
$portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?", array($pid));
} elseif ($okE == 2) {
$portal = sqlQuery("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\tIF(COUNT(*),'yes','no') AS allow_patient_portal\n\t\t\t\t\tFROM\n\t\t\t\t\t\taudit_master am \n\t\t\t\t\t\tJOIN audit_details ad \n\t\t\t\t\t\t\tON ad.audit_master_id = am.id \n\t\t\t\t\t\t\tAND ad.table_name = 'patient_access_offsite' \n\t\t\t\t\t\t\tAND ad.field_name = 'portal_username' \n\t\t\t\t\tWHERE am.approval_status = 1 \n\t\t\t\t\t\tAND ad.field_value = ?\n\t\t\t\t", array($credentials[6]));
}
if (strtolower($portal['allow_patient_portal']) != 'yes') {
return false;
}
}
$GLOBALS['validated_offsite_portal'] = true;
if ($okO) {
return 'oemruser';
} elseif ($okE == 1) {
return 'existingpatient';
} elseif ($okE == 2) {
return 'newpatienttoapprove';
} elseif ($okN == 1 || $okN == 2) {
return 'newpatient';
} elseif ($okN == 3) {
return 'newpatienttoapprove';
}
return false;
} else {
return false;
}
}
public function valid($credentials)
{
$timminus = date("Y-m-d H:m", strtotime(date("Y-m-d H:m")) - 7200) . ":00";
sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)", array($timminus));
sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?", array($timminus));
global $pid;
$ok = 0;
$okE = 0;
$okN = 0;
$okO = 0;
$okP = 0;
$tim = strtotime(gmdate("Y-m-d H:m"));
$res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?", array($credentials[3]));
if (sqlNumRows($res)) {
if ($GLOBALS['validated_offsite_portal'] != true) {
return false;
}
} else {
$grpID = sqlInsert("INSERT INTO audit_master SET type=5");
sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ", array($credentials[3], $grpID));
}
if (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim) . $credentials[3]) == $credentials[2]) {
$ok = 1;
} elseif (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim - 3600) . $credentials[3]) == $credentials[2]) {
$ok = 1;
} elseif (sha1($GLOBALS['portal_offsite_password'] . date("Y-m-d H", $tim + 3600) . $credentials[3]) == $credentials[2]) {
$ok = 1;
}
if ($credentials[1] == $GLOBALS['portal_offsite_username'] && $ok == 1 && $GLOBALS['portal_offsite_enable'] == 1 || $GLOBALS['validated_offsite_portal'] == true) {
$prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?", array($credentials[6]));
if ($credentials[4] == 'existingpatient') {
if (UserService::validcredential($credentials)) {
$okE = 1;
} else {
return false;
}
} elseif ($credentials[4] == 'oemruser') {
if ($credentials[9]) {
$prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?", array($credentials[9]));
}
$okO = 1;
} elseif ($credentials[4] == 'newpatient') {
if (UserService::validcredential($credentials)) {
$okN = 2;
} else {
$okN = 1;
$prow = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data");
}
}
if ($okE == 1 || $okN == 2 || $okN == 1 || $okO == 1) {
$pid = $prow['pid'];
$GLOBALS['pid'] = $prow['pid'];
}
$_GET['site'] = $credentials[0];
if ($okE == 1) {
$portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?", array($pid));
if (strtolower($portal['allow_patient_portal']) != 'yes') {
return false;
}
}
$GLOBALS['validated_offsite_portal'] = true;
if ($okO) {
return 'oemruser';
} elseif ($okE) {
return 'existingpatient';
} elseif ($okN) {
return 'newpatient';
}
return false;
} else {
return false;
}
}
