/**
* postcalendar_userapi_pcQueryEvents
* INPUT
* $args = Array of values possibly containing:
* $provider_id = array of provider ID numbers
*
* Returns an array containing the event's information
* @params array(key=>value)
* @params string key eventstatus
* @params int value -1 == hidden ; 0 == queued ; 1 == approved
* @return array $events[][]
*/
function &postcalendar_userapi_pcQueryEvents($args)
{
$end = '0000-00-00';
extract($args);
// echo "<!-- args = "; print_r($args); echo " -->\n"; // debugging
// $pc_username = pnVarCleanFromInput('pc_username');
$pc_username = $_SESSION['pc_username'];
// from Michael Brinson 2006-09-19
if (empty($pc_username) || is_array($pc_username)) {
$pc_username = "******";
}
//echo "DEBUG pc_username: $pc_username \n"; // debugging
$topic = pnVarCleanFromInput('pc_topic');
$category = pnVarCleanFromInput('pc_category');
if (!empty($pc_username) && strtolower($pc_username) != 'anonymous') {
if ($pc_username == '__PC_ALL__' || $pc_username == -1) {
$ruserid = -1;
} else {
$ruserid = getIDfromUser($pc_username);
}
}
if (!isset($eventstatus)) {
$eventstatus = 1;
}
// sanity check on eventstatus
if ((int) $eventstatus < -1 || (int) $eventstatus > 1) {
$eventstatus = 1;
}
if (!isset($start)) {
$start = Date_Calc::dateNow('%Y-%m-%d');
}
list($sy, $sm, $sd) = explode('-', $start);
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// link to the events tables
$table = $pntable['postcalendar_events'];
$cattable = $pntable['postcalendar_categories'];
$topictable = $pntable['postcalendar_topics'];
$sql = "SELECT DISTINCT a.pc_eid, a.pc_informant, a.pc_catid, " . "a.pc_title, a.pc_time, a.pc_hometext, a.pc_eventDate, a.pc_duration, " . "a.pc_endDate, a.pc_startTime, a.pc_recurrtype, a.pc_recurrfreq, " . "a.pc_recurrspec, a.pc_topic, a.pc_alldayevent, a.pc_location, " . "a.pc_conttel, a.pc_contname, a.pc_contemail, a.pc_website, a.pc_fee, " . "a.pc_sharing, a.pc_prefcatid, b.pc_catcolor, b.pc_catname, " . "b.pc_catdesc, a.pc_pid, a.pc_apptstatus, a.pc_aid, " . "concat(u.fname,' ',u.lname) as provider_name, " . "concat(pd.lname,', ',pd.fname) as patient_name, " . "concat(u2.fname, ' ', u2.lname) as owner_name, " . "DOB as patient_dob, a.pc_facility, pd.pubpid " . "FROM ( {$table} AS a ) " . "LEFT JOIN {$cattable} AS b ON b.pc_catid = a.pc_catid " . "LEFT JOIN users as u ON a.pc_aid = u.id " . "LEFT JOIN users as u2 ON a.pc_aid = u2.id " . "LEFT JOIN patient_data as pd ON a.pc_pid = pd.pid " . "WHERE a.pc_eventstatus = {$eventstatus} " . "AND ((a.pc_endDate >= '{$start}' AND a.pc_eventDate <= '{$end}') OR " . "(a.pc_endDate = '0000-00-00' AND a.pc_eventDate >= '{$start}' AND " . "a.pc_eventDate <= '{$end}')) ";
//==================================
//FACILITY FILTERING (lemonsoftware)(CHEMED)
if ($_SESSION['pc_facility']) {
$pc_facility = $_SESSION['pc_facility'];
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*
AND u.facility_id = $pc_facility
AND u2.facility_id = $pc_facility "; */
} else {
if ($pc_facility) {
// pc_facility could be provided in the search arguments -- JRM March 2008
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*.
" AND u.facility_id = $pc_facility".
" AND u2.facility_id = $pc_facility "; */
}
}
//EOS FACILITY FILTERING (lemonsoftware)
//==================================
// The above 3 lines replaced these:
// AND (a.pc_endDate >= '$start' OR a.pc_endDate = '0000-00-00')
// AND a.pc_eventDate <= '$end' ";
if (!empty($providerID)) {
$ruserid = $providerID;
}
// eliminate ruserid if we're trying to query by provider_id -- JRM
if (!empty($provider_id)) {
unset($ruserid);
}
if (isset($ruserid)) {
// get all events for the specified username
if ($ruserid == -1) {
$sql .= "AND (a.pc_sharing = '" . SHARING_BUSY . "' ";
$sql .= "OR a.pc_sharing = '" . SHARING_PUBLIC . "') ";
} else {
$sql .= "AND a.pc_aid IN (0, " . $ruserid . ") ";
}
} elseif (!pnUserLoggedIn()) {
// get all events for anonymous users
$sql .= "AND a.pc_sharing = '" . SHARING_GLOBAL . "' ";
} elseif (!empty($provider_id)) {
// get all events for a variety of provider IDs -- JRM
if ($provider_id[0] != "_ALL_") {
/**add all the events from the clinic provider id = 0*/
$sql .= "AND a.pc_aid in (0," . implode(",", $provider_id) . ") ";
}
} else {
// get all events for logged in user plus global events
$sql .= "AND (a.pc_aid IN (0," . $_SESSION['authUserID'] . ") OR a.pc_sharing = '" . SHARING_GLOBAL . "') ";
}
//======================================================================
// START SEARCH FUNCTIONALITY
//======================================================================
if (!empty($s_keywords)) {
$sql .= "AND ({$s_keywords}) ";
}
if (!empty($s_category)) {
$sql .= "AND ({$s_category}) ";
}
if (!empty($s_topic)) {
$sql .= "AND ({$s_topic}) ";
}
if (!empty($category)) {
$sql .= "AND (a.pc_catid = '" . pnVarPrepForStore($category) . "') ";
}
if (!empty($topic)) {
$sql .= "AND (a.pc_topic = '" . pnVarPrepForStore($topic) . "') ";
}
//======================================================================
// Search sort and limitation
//======================================================================
if (empty($sort)) {
$sql .= "GROUP BY a.pc_eid ORDER BY a.pc_time DESC";
} else {
$sql .= "GROUP BY a.pc_eid ORDER BY a.{$sort}";
}
//======================================================================
// END SEARCH FUNCTIONALITY
//======================================================================
//echo "<br>sq: $sql<br />";
// echo "<!-- " . $sql . " -->\n"; // debugging
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
die($dbconn->ErrorMsg());
}
// put the information into an array for easy access
$events = array();
// return an empty array if we don't have any results
if (!isset($result)) {
return $events;
}
for ($i = 0; !$result->EOF; $result->MoveNext()) {
// WHY are we using an array for intermediate storage??? -- Rod
// get the results from the query
if (isset($tmp)) {
unset($tmp);
}
$tmp = array();
list($tmp['eid'], $tmp['uname'], $tmp['catid'], $tmp['title'], $tmp['time'], $tmp['hometext'], $tmp['eventDate'], $tmp['duration'], $tmp['endDate'], $tmp['startTime'], $tmp['recurrtype'], $tmp['recurrfreq'], $tmp['recurrspec'], $tmp['topic'], $tmp['alldayevent'], $tmp['location'], $tmp['conttel'], $tmp['contname'], $tmp['contemail'], $tmp['website'], $tmp['fee'], $tmp['sharing'], $tmp['prefcatid'], $tmp['catcolor'], $tmp['catname'], $tmp['catdesc'], $tmp['pid'], $tmp['apptstatus'], $tmp['aid'], $tmp['provider_name'], $tmp['patient_name'], $tmp['owner_name'], $tmp['patient_dob'], $tmp['facility'], $tmp['pubpid']) = $result->fields;
// grab the name of the topic
$topicname = pcGetTopicName($tmp['topic']);
// get the user id of event's author
$cuserid = @$nuke_users[strtolower($tmp['uname'])];
// check the current event's permissions
// the user does not have permission to view this event
// if any of the following evaluate as false
if (!pnSecAuthAction(0, 'PostCalendar::Event', "{$tmp['title']}::{$tmp['eid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Category', "{$tmp['catname']}::{$tmp['catid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::User', "{$tmp['uname']}::{$cuserid}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Topic', "{$topicname}::{$tmp['topic']}", ACCESS_OVERVIEW)) {
continue;
} elseif ($tmp['sharing'] == SHARING_PRIVATE && $cuserid != $userid) {
continue;
}
// add event to the array if we passed the permissions check
// this is the common information
$events[$i]['intervals'] = $tmp['duration'] / 60 / $GLOBALS['day_calandar_interval'];
//sets the number of rows this event should span
$events[$i]['eid'] = $tmp['eid'];
$events[$i]['uname'] = $tmp['uname'];
$events[$i]['uid'] = $cuserid;
$events[$i]['catid'] = $tmp['catid'];
$events[$i]['time'] = $tmp['time'];
$events[$i]['eventDate'] = $tmp['eventDate'];
$events[$i]['duration'] = $tmp['duration'];
// there has to be a more intelligent way to do this
@(list($events[$i]['duration_hours'], $dmin) = @explode('.', $tmp['duration'] / 60 / 60));
$events[$i]['duration_minutes'] = substr(sprintf('%.2f', '.' . 60 * ($dmin / 100)), 2, 2);
//''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
$events[$i]['endDate'] = $tmp['endDate'];
$events[$i]['startTime'] = $tmp['startTime'];
$events[$i]['recurrtype'] = $tmp['recurrtype'];
$events[$i]['recurrfreq'] = $tmp['recurrfreq'];
$events[$i]['recurrspec'] = $tmp['recurrspec'];
$events[$i]['topic'] = $tmp['topic'];
$events[$i]['alldayevent'] = $tmp['alldayevent'];
$events[$i]['catcolor'] = $tmp['catcolor'];
// Modified 06-2009 by BM to translate the category if applicable
$events[$i]['catname'] = xl_appt_category($tmp['catname']);
$events[$i]['catdesc'] = $tmp['catdesc'];
$events[$i]['pid'] = $tmp['pid'];
$events[$i]['apptstatus'] = $tmp['apptstatus'];
$events[$i]['pubpid'] = $tmp['pubpid'];
$events[$i]['patient_name'] = $tmp['patient_name'];
$events[$i]['provider_name'] = $tmp['provider_name'];
$events[$i]['owner_name'] = $tmp['owner_name'];
$events[$i]['patient_dob'] = $tmp['patient_dob'];
$events[$i]['patient_age'] = getPatientAge($tmp['patient_dob']);
$events[$i]['facility'] = getFacility($tmp['facility']);
$events[$i]['sharing'] = $tmp['sharing'];
$events[$i]['prefcatid'] = $tmp['prefcatid'];
$events[$i]['aid'] = $tmp['aid'];
$events[$i]['topictext'] = $topicname;
$events[$i]['intervals'] = ceil($tmp['duration'] / 60 / $GLOBALS['calendar_interval']);
if ($events[$i]['intervals'] == 0) {
$events[$i]['intervals'] = 1;
}
// is this a public event to be shown as busy?
if ($tmp['sharing'] == SHARING_BUSY && $cuserid != $userid) {
// make it not display any information
$events[$i]['title'] = _USER_BUSY_TITLE;
$events[$i]['hometext'] = _USER_BUSY_MESSAGE;
$events[$i]['desc'] = _USER_BUSY_MESSAGE;
$events[$i]['conttel'] = '';
$events[$i]['contname'] = '';
$events[$i]['contemail'] = '';
$events[$i]['website'] = '';
$events[$i]['fee'] = '';
$events[$i]['location'] = '';
$events[$i]['street1'] = '';
$events[$i]['street2'] = '';
$events[$i]['city'] = '';
$events[$i]['state'] = '';
$events[$i]['postal'] = '';
} else {
$display_type = substr($tmp['hometext'], 0, 6);
if ($display_type == ':text:') {
$prepFunction = 'pcVarPrepForDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} elseif ($display_type == ':html:') {
$prepFunction = 'pcVarPrepHTMLDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} else {
$prepFunction = 'pcVarPrepHTMLDisplay';
}
unset($display_type);
$events[$i]['title'] = $prepFunction($tmp['title']);
$events[$i]['hometext'] = $prepFunction($tmp['hometext']);
$events[$i]['desc'] = $events[$i]['hometext'];
$events[$i]['conttel'] = $prepFunction($tmp['conttel']);
$events[$i]['contname'] = $prepFunction($tmp['contname']);
$events[$i]['contemail'] = $prepFunction($tmp['contemail']);
$events[$i]['website'] = $prepFunction(postcalendar_makeValidURL($tmp['website']));
$events[$i]['fee'] = $prepFunction($tmp['fee']);
$loc = unserialize($tmp['location']);
$events[$i]['location'] = $prepFunction($loc['event_location']);
$events[$i]['street1'] = $prepFunction($loc['event_street1']);
$events[$i]['street2'] = $prepFunction($loc['event_street2']);
$events[$i]['city'] = $prepFunction($loc['event_city']);
$events[$i]['state'] = $prepFunction($loc['event_state']);
$events[$i]['postal'] = $prepFunction($loc['event_postal']);
}
$i++;
}
unset($tmp);
$result->Close();
return $events;
}
echo '<form method="POST" action="map-i.php">
<DIV style="position:absolute; top : 480px ; left : 950px ; ">
<button type="button" onclick="clickIcon(8)" data-toggle="modal" data-target="#myModal" name="TC3"><img src="doushisha_icon.png" width="30px" height="30px" border="0"></button>
</DIV>
</form>';
break;
case 5:
break;
case 6:
break;
default:
break;
}
}
$event = getevent($db);
$facility = getFacility($db);
function getEventFromFacility($pdo, $fac_id)
{
$sql = "SELECT * FROM event WHERE `fac_id` = :fac_id";
$statement = $pdo->prepare($sql);
$statement->bindValue(':fac_id', $fac_id, PDO::PARAM_INT);
$statement->execute();
if ($rows = $statement->fetch(PDO::FETCH_ASSOC)) {
return $rows;
} else {
return false;
}
}
function getEventNum($pdo)
{
$sql = "SELECT id FROM event ORDER BY `id` DESC LIMIT 1";
}
$frrow = sqlQuery("SELECT * FROM users WHERE id = ?", array($trow['refer_from']));
if (empty($frrow)) {
$frrow = array();
}
$torow = sqlQuery("SELECT * FROM users WHERE id = ?", array($trow['refer_to']));
if (empty($torow)) {
$torow = array('organization' => '', 'street' => '', 'city' => '', 'state' => '', 'zip' => '', 'phone' => '');
}
$vrow = sqlQuery("SELECT * FROM form_vitals WHERE " . "pid = ? AND date <= ? " . "ORDER BY date DESC LIMIT 1", array($patient_id, $refer_date . " 23:59:59"));
if (empty($vrow)) {
$vrow = array('bps' => '', 'bpd' => '', 'weight' => '', 'height' => '');
}
// $facrow = sqlQuery("SELECT name, facility_npi FROM facility ORDER BY " .
// "service_location DESC, billing_location DESC, id ASC LIMIT 1");
$facrow = getFacility(-1);
// Make some items HTML-friendly if they are empty.
if (empty($trow['id'])) {
$trow['id'] = ' ';
}
if (empty($patient_id)) {
$patient_id = ' ';
}
if (empty($facrow['facility_npi'])) {
$facrow['facility_npi'] = ' ';
}
$s = '';
$fh = fopen($template_file, 'r');
while (!feof($fh)) {
$s .= fread($fh, 8192);
}
