public static function batch_despatch($var, $func, $data_credentials) { global $pid; if (UserService::valid($data_credentials)) { require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($func == 'ar_responsible_party') { $patient_id = $pid; $encounter_id = $var['encounter']; $x['ar_responsible_party'] = ar_responsible_party($patient_id, $encounter_id); return UserService::function_return_to_xml($x); } elseif ($func == 'getInsuranceData') { $type = $var['type']; $given = $var['given']; $x = getInsuranceData($pid, $type, $given); return UserService::function_return_to_xml($x); } elseif ($func == 'generate_select_list') { $tag_name = $var['tag_name']; $list_id = $var['list_id']; $currvalue = $var['currvalue']; $title = $var['title']; $empty_name = $var['empty_name']; $class = $var['class']; $onchange = $var['onchange']; $x['generate_select_list'] = generate_select_list($tag_name, $list_id, $currvalue, $title, $empty_name, $class, $onchange); return UserService::function_return_to_xml($x); } elseif ($func == 'xl_layout_label') { $constant = $var['constant']; $x['xl_layout_label'] = xl_layout_label($constant); return UserService::function_return_to_xml($x); } elseif ($func == 'generate_form_field') { $frow = $var['frow']; $currvalue = $var['currvalue']; ob_start(); generate_form_field($frow, $currvalue); $x['generate_form_field'] = ob_get_contents(); ob_end_clean(); return UserService::function_return_to_xml($x); } elseif ($func == 'getInsuranceProviders') { $i = $var['i']; $provider = $var['provider']; $insurancei = getInsuranceProviders(); $x = $insurancei; return $x; } elseif ($func == 'get_layout_form_value') { $frow = $var['frow']; $_POST = $var['post_array']; $x['get_layout_form_value'] = get_layout_form_value($frow); return UserService::function_return_to_xml($x); } elseif ($func == 'updatePatientData') { $patient_data = $var['patient_data']; $create = $var['create']; updatePatientData($pid, $patient_data, $create); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'updateEmployerData') { $employer_data = $var['employer_data']; $create = $var['create']; updateEmployerData($pid, $employer_data, $create); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'newHistoryData') { newHistoryData($pid); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'newInsuranceData') { $_POST = $var[0]; foreach ($var as $key => $value) { if ($key >= 3) { $var[$key] = formData($value); } if ($key >= 1) { $parameters[$key] = $var[$key]; } } $parameters[12] = fixDate($parameters[12]); $parameters[27] = fixDate($parameters[27]); call_user_func_array('newInsuranceData', $parameters); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'generate_layout_validation') { $form_id = $var['form_id']; ob_start(); generate_layout_validation($form_id); $x = ob_get_clean(); return $x; } } else { throw new SoapFault("Server", "credentials failed"); } }
$data_type = $frow['data_type']; $field_id = $frow['field_id']; $table = 'patient_data'; if (isset($_POST["form_{$field_id}"])) { $newdata[$table][$field_id] = get_layout_form_value($frow); } } if (empty($ptid)) { $tmp = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data"); $ptid = empty($tmp['pid']) ? 1 : intval($tmp['pid']); if (empty($newdata['patient_data']['pubpid'])) { // pubpid for new patient defaults to pid. $newdata['patient_data']['pubpid'] = "{$ptid}"; } updatePatientData($ptid, $newdata['patient_data'], true); updateEmployerData($ptid, $newdata['employer_data'], true); newHistoryData($ptid); } else { $newdata['patient_data']['id'] = $_POST['db_id']; updatePatientData($ptid, $newdata['patient_data']); } // Finally, delete the request from the portal. $result = cms_portal_call(array('action' => 'delpost', 'postid' => $postid)); if ($result['errmsg']) { die(text($result['errmsg'])); } echo "<html><body><script language='JavaScript'>\n"; echo "if (top.restoreSession) top.restoreSession(); else opener.top.restoreSession();\n"; echo "document.location.href = 'list_requests.php';\n"; echo "</script></body></html>\n"; exit;
// trust that it's OK to clear any field that is defined in the layout but not returned // by the form. // $value = get_layout_form_value($frow); // If edit option P or Q, save to the appropriate different table and skip the rest. $source = $frow['source']; if ($source == 'D' || $source == 'H') { // Save to patient_data, employer_data or history_data. if ($source == 'H') { $new = array($field_id => $value); updateHistoryData($pid, $new); } else { if (strpos($field_id, 'em_') === 0) { $field_id = substr($field_id, 3); $new = array($field_id => $value); updateEmployerData($pid, $new); } else { $esc_field_id = escape_sql_column_name($field_id, array('patient_data')); sqlStatement("UPDATE patient_data SET `{$esc_field_id}` = ? WHERE pid = ?", array($value, $pid)); } } continue; } else { if ($source == 'E') { // Save to shared_attributes. Can't delete entries for empty fields because with the P option // it's important to know when a current empty value overrides a previous value. sqlStatement("REPLACE INTO shared_attributes SET " . "pid = ?, encounter = ?, field_id = ?, last_update = NOW(), " . "user_id = ?, field_value = ?", array($pid, $encounter, $field_id, $_SESSION['authUserID'], $value)); continue; } else { if ($source == 'V') { // Save to form_encounter.
public function update_audited_data($var) { $data_credentials = $var[0]; $validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events"); if (UserService::valid($data_credentials)) { $audit_master_id = $var['audit_master_id']; $res = sqlStatement("SELECT * FROM audit_master where id=? and approval_status='1' and type='3' ", array($audit_master_id)); if (sqlNumRows($res) > 0) { return; } $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=?", array($audit_master_id)); $tablecnt = sqlNumRows($res); while ($row = sqlFetchArray($res)) { $pid = $row['pid']; $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name'])); $table = $row['table_name']; $cnt = 0; foreach ($validtables as $value) { //Update will execute if and only if all tables are validtables if ($value == $table) { $cnt++; } } if ($cnt > 0) { while ($rowfield = sqlFetchArray($resfield)) { if ($table == 'patient_data') { $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'employer_data') { $newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'insurance_data') { $ins1_type = "primary"; $ins2_type = "secondary"; $ins3_type = "tertiary"; for ($i = 1; $i <= 3; $i++) { $newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value']; } } if ($table == 'openemr_postcalendar_events') { $newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value']; } } require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($table == 'patient_data') { $pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid)); $newdata['patient_data']['id'] = $pdrow['id']; updatePatientData($pid, $newdata['patient_data']); } elseif ($table == 'employer_data') { updateEmployerData($pid, $newdata['employer_data']); } elseif ($table == 'insurance_data') { for ($i = 1; $i <= 3; $i++) { newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment'])); } } elseif ($table == 'openemr_postcalendar_events') { sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')"); } } else { throw new SoapFault("Server", "Table Not Supported error message"); } } } else { throw new SoapFault("Server", "credentials failed"); } }
/** * Create a patient using whatever patient_data attributes are provided. */ function create_skeleton_patient($patient_data) { $employer_data = array(); $tmp = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data"); $ptid = empty($tmp['pid']) ? 1 : intval($tmp['pid']); if (!isset($patient_data['pubpid'])) { $patient_data['pubpid'] = $ptid; } updatePatientData($ptid, $patient_data, true); updateEmployerData($ptid, $employer_data, true); newHistoryData($ptid); return $ptid; }
$fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = 'DEM' AND uor > 0 AND field_id != '' " . "ORDER BY group_name, seq"); while ($frow = sqlFetchArray($fres)) { $data_type = $frow['data_type']; $field_id = $frow['field_id']; // $value = ''; $colname = $field_id; $table = 'patient_data'; if (strpos($field_id, 'em_') === 0) { $colname = substr($field_id, 3); $table = 'employer_data'; } // if (isset($_POST["form_$field_id"])) $value = $_POST["form_$field_id"]; $value = get_layout_form_value($frow); $newdata[$table][$colname] = $value; } updatePatientData($pid, $newdata['patient_data']); updateEmployerData($pid, $newdata['employer_data']); $i1dob = fixDate(formData("i1subscriber_DOB")); $i1date = fixDate(formData("i1effective_date"), date('Y-m-d')); newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment')); $i2dob = fixDate(formData("i2subscriber_DOB")); $i2date = fixDate(formData("i2effective_date"), date('Y-m-d')); newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment')); $i3dob = fixDate(formData("i3subscriber_DOB")); $i3date = fixDate(formData("i3effective_date"), date('Y-m-d')); newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment')); if ($GLOBALS['concurrent_layout']) { include_once "demographics.php"; } else { include_once "patient_summary.php"; }
public function update_audited_data($var) { $data_credentials = $var[0]; $last_insert_ids = array(); $validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events", "ar_session", "documents_legal_master", "documents_legal_detail", "patient_access_offsite"); if (UserService::valid($data_credentials)) { $audit_master_id = $var['audit_master_id']; $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=? ORDER BY ad.id", array($audit_master_id)); $tablecnt = sqlNumRows($res); while ($row = sqlFetchArray($res)) { if ($row['pid']) { $pid = $row['pid']; } $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name'])); $table = $row['table_name']; $cnt = 0; foreach ($validtables as $value) { //Update will execute if and only if all tables are validtables if ($value == $table) { $cnt++; } } if ($cnt > 0) { while ($rowfield = sqlFetchArray($resfield)) { if ($rowfield['field_name'] == 'pid') { continue; } if ($table == 'patient_data') { $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'employer_data') { $newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'insurance_data') { $ins1_type = "primary"; $ins2_type = "secondary"; $ins3_type = "tertiary"; for ($i = 1; $i <= 3; $i++) { $newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value']; } } if ($table == 'openemr_postcalendar_events') { $newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'ar_session') { $newdata['ar_session'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'documents_legal_master') { $newdata['documents_legal_master'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'documents_legal_detail') { $newdata['documents_legal_detail'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'patient_access_offsite') { $newdata['patient_access_offsite'][$rowfield['field_name']] = $rowfield['field_value']; if ($rowfield['field_name'] == 'portal_pwd') { $newdata['patient_access_offsite']['pass_id'] = $rowfield['id']; } } } require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($table == 'patient_data') { $pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid)); if ($pdrow['id']) { $newdata['patient_data']['id'] = $pdrow['id']; updatePatientData($pid, $newdata['patient_data']); } else { $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data"); $pid = $prow['pid']; $newdata['patient_data']['pubpid'] = $pid; updatePatientData($pid, $newdata['patient_data'], true); } } elseif ($table == 'employer_data') { updateEmployerData($pid, $newdata['employer_data']); } elseif ($table == 'insurance_data') { for ($i = 1; $i <= 3; $i++) { newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment'])); } } elseif ($table == 'openemr_postcalendar_events') { sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')"); } elseif ($table == 'ar_session') { sqlInsert("INSERT INTO ar_session ( " . "payer_id, user_id, reference, check_date, pay_total, modified_time, payment_type, description, post_to_date, patient_id, payment_method" . ") VALUES ( " . "'" . add_escape_custom($newdata['ar_session']['payer_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['user_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['reference']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['pay_total']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['payment_type']) . "', " . "'" . add_escape_custom($newdata['ar_session']['description']) . "', " . "NOW(), " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['ar_session']['payment_method']) . "')"); } elseif ($table == 'documents_legal_master') { $master_doc_id = sqlInsert("INSERT INTO documents_legal_master ( " . "dlm_category,dlm_subcategory,dlm_document_name,dlm_filepath,dlm_facility,dlm_provider,dlm_sign_height,dlm_sign_width,dlm_filename,dlm_effective_date,dlm_version,content,dlm_savedsign,dlm_review,dlm_upload_type" . ") VALUES ( " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_category']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_subcategory']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_document_name']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filepath'] . "/{$pid}") . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_height']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_width']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_effective_date']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_version']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_savedsign']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_review']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_upload_type']) . "')"); $last_insert_ids['dlm_id'] = $master_doc_id; } elseif ($table == 'documents_legal_detail') { if ($master_doc_id) { $mdoc_id = $master_doc_id; } else { $mdoc_id = $newdata['documents_legal_detail']['dld_master_docid']; } $last_insert_ids['dld_id'] = sqlInsert("INSERT INTO documents_legal_detail ( " . "dld_pid,dld_facility,dld_provider,dld_encounter,dld_master_docid,dld_signed,dld_signed_time,dld_filepath,dld_filename,dld_signing_person,dld_sign_level,dld_content,dld_file_for_pdf_generation,dld_denial_reason,dld_moved,dld_patient_comments" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_encounter']) . "', " . "'" . add_escape_custom($mdoc_id) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed_time']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filepath']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signing_person']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_sign_level']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_file_for_pdf_generation']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_denial_reason']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_moved']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_patient_comments']) . "')"); } elseif ($table == 'patient_access_offsite') { $query = sqlStatement("SELECT * FROM patient_access_offsite WHERE portal_username = '******'patient_access_offsite']['portal_username'] . "'"); if (sqlNumRows($query) == 0) { sqlInsert("INSERT INTO patient_access_offsite ( " . "pid,portal_username,portal_pwd,portal_pwd_status" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_username']) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_pwd']) . "', " . "0)"); sqlQuery("UPDATE audit_details SET field_value = ? WHERE id = ?", array($this->generatePassword(), $newdata['patient_access_offsite']['pass_id'])); } } } else { throw new SoapFault("Server", "Table Not Supported error message"); } } return $last_insert_ids; } else { throw new SoapFault("Server", "credentials failed"); } }