function default_action()
{
$form_id = $this->form_id;
if (is_numeric($form_id)) {
$vitals = new FormVitals($form_id);
} else {
$vitals = new FormVitals();
}
$dbconn = $GLOBALS['adodb']['db'];
//Combined query for retrieval of vital information which is not deleted
$sql = "SELECT fv.*, fe.date AS encdate " . "FROM form_vitals AS fv, forms AS f, form_encounter AS fe WHERE " . "fv.id != {$form_id} and fv.pid = " . $GLOBALS['pid'] . " AND " . "f.formdir = 'vitals' AND f.deleted = 0 AND f.form_id = fv.id AND " . "fe.pid = f.pid AND fe.encounter = f.encounter " . "ORDER BY encdate DESC, fv.date DESC";
$result = $dbconn->Execute($sql);
// get the patient's current age
$patient_data = getPatientData($GLOBALS['pid']);
$patient_dob = $patient_data['DOB'];
$patient_age = getPatientAge($patient_dob);
$this->assign("patient_age", $patient_age);
$this->assign("patient_dob", $patient_dob);
$i = 1;
while ($result && !$result->EOF) {
$results[$i]['id'] = $result->fields['id'];
$results[$i]['encdate'] = substr($result->fields['encdate'], 0, 10);
$results[$i]['date'] = $result->fields['date'];
$results[$i]['activity'] = $result->fields['activity'];
$results[$i]['bps'] = $result->fields['bps'];
$results[$i]['bpd'] = $result->fields['bpd'];
$results[$i]['weight'] = $result->fields['weight'];
$results[$i]['height'] = $result->fields['height'];
$results[$i]['temperature'] = $result->fields['temperature'];
$results[$i]['temp_method'] = $result->fields['temp_method'];
$results[$i]['pulse'] = $result->fields['pulse'];
$results[$i]['respiration'] = $result->fields['respiration'];
$results[$i]['BMI'] = $result->fields['BMI'];
$results[$i]['BMI_status'] = $result->fields['BMI_status'];
$results[$i]['note'] = $result->fields['note'];
$results[$i]['waist_circ'] = $result->fields['waist_circ'];
$results[$i]['head_circ'] = $result->fields['head_circ'];
$results[$i++]['oxygen_saturation'] = $result->fields['oxygen_saturation'];
$result->MoveNext();
}
$this->assign("vitals", $vitals);
$this->assign("results", $results);
$this->assign("VIEW", true);
return $this->fetch($this->template_dir . $this->template_mod . "_new.html");
}
function default_action($form_id)
{
if (is_numeric($form_id)) {
$vitals = new FormVitals($form_id);
} else {
$vitals = new FormVitals();
}
$dbconn = $GLOBALS['adodb']['db'];
//Combined query for retrieval of vital information which is not deleted
$sql = "SELECT form_vitals.* from form_vitals,forms where form_vitals.id != {$form_id} and form_vitals.pid =" . $GLOBALS['pid'];
$sql .= " and forms.deleted!=1 and form_vitals.id=forms.form_id";
$sql .= " ORDER BY form_vitals.date DESC";
$result = $dbconn->Execute($sql);
// get the patient's current age
$patient_data = getPatientData($GLOBALS['pid']);
$patient_age = getPatientAge($patient_data['DOB']);
$this->assign("patient_age", $patient_age);
$i = 1;
while ($result && !$result->EOF) {
$results[$i]['id'] = $result->fields['id'];
$results[$i]['date'] = $result->fields['date'];
$results[$i]['activity'] = $result->fields['activity'];
$results[$i]['bps'] = $result->fields['bps'];
$results[$i]['bpd'] = $result->fields['bpd'];
$results[$i]['weight'] = $result->fields['weight'];
$results[$i]['height'] = $result->fields['height'];
$results[$i]['temperature'] = $result->fields['temperature'];
$results[$i]['temp_method'] = $result->fields['temp_method'];
$results[$i]['pulse'] = $result->fields['pulse'];
$results[$i]['respiration'] = $result->fields['respiration'];
$results[$i]['BMI'] = $result->fields['BMI'];
$results[$i]['BMI_status'] = $result->fields['BMI_status'];
$results[$i]['note'] = $result->fields['note'];
$results[$i]['waist_circ'] = $result->fields['waist_circ'];
$results[$i]['head_circ'] = $result->fields['head_circ'];
$results[$i++]['oxygen_saturation'] = $result->fields['oxygen_saturation'];
$result->MoveNext();
}
$this->assign("vitals", $vitals);
$this->assign("results", $results);
$this->assign("VIEW", true);
return $this->fetch($this->template_dir . $this->template_mod . "_new.html");
}
<?php
html_header_show();
?>
<link rel="stylesheet" href="<?php
echo $css_header;
?>
" type="text/css">
</head>
<body class="body_title">
<?php
$result = getPatientData($pid, "fname,lname,pid,pubpid,phone_home,pharmacy_id,DOB,DATE_FORMAT(DOB,'%Y%m%d') as DOB_YMD");
$provider_results = sqlQuery("select * from users where username=?", array($_SESSION["authUser"]));
$age = getPatientAge($result["DOB_YMD"]);
$info = 'ID: ' . $result['pubpid'];
if ($result['DOB']) {
$info .= ', ' . xl('DOB') . ': ' . $result['DOB'] . ', ' . xl('Age') . ': ' . $age;
}
if ($result['phone_home']) {
$info .= ', ' . xl('Home') . ': ' . $result['phone_home'];
}
if ($result['pharmacy_id']) {
$pharmacy = new Pharmacy($result['pharmacy_id']);
if ($pharmacy->get_phone()) {
$info .= ', ' . xl('Pharm') . ': ' . $pharmacy->get_phone();
}
}
//escape variables for output (to prevent xss attacks)
$patient_esc = htmlspecialchars($result["fname"] . " " . $result["lname"], ENT_NOQUOTES);
?>
][Count]='<?php
echo htmlspecialchars($rowresult4['billing_note'], ENT_QUOTES);
?>
';
Count++;
<?php
$enc_billing_note = $rowresult4['billing_note'];
}
?>
</script>
<?php
// Not sure why the next section seems to do nothing except post "To Encounter" button 2/17/09 JCH
$lhtml .= " <a class=\"link_submit\" " . "href=\"javascript:window.toencounter(" . $iter['enc_pid'] . ",'" . addslashes($name['pubpid']) . "','" . addslashes($ptname) . "'," . $iter['enc_encounter'] . ",'" . oeFormatShortDate($raw_encounter_date) . "',' " . xl('DOB') . ": " . oeFormatShortDate($name['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($name['DOB_YMD']) . "');\n top.window.parent.left_nav.setPatientEncounter(EncounterIdArray[" . $iter['enc_pid'] . "],EncounterDateArray[" . $iter['enc_pid'] . "], CalendarCategoryArray[" . $iter['enc_pid'] . "])\">[" . xlt('To Enctr') . " " . text(oeFormatShortDate($raw_encounter_date)) . "]</a>";
// Changed "To xxx" buttons to allow room for encounter date display 2/17/09 JCH
$lhtml .= " <a class=\"link_submit\" " . "href=\"javascript:window.topatient(" . $iter['enc_pid'] . ",'" . addslashes($name['pubpid']) . "','" . addslashes($ptname) . "'," . $iter['enc_encounter'] . ",'" . oeFormatShortDate($raw_encounter_date) . "',' " . xl('DOB') . ": " . oeFormatShortDate($name['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($name['DOB_YMD']) . "');\n top.window.parent.left_nav.setPatientEncounter(EncounterIdArray[" . $iter['enc_pid'] . "],EncounterDateArray[" . $iter['enc_pid'] . "], CalendarCategoryArray[" . $iter['enc_pid'] . "])\">[" . xlt('To Dems') . "]</a>";
$divnos = $divnos + 1;
$lhtml .= " <a onclick='divtoggle(\"spanid_{$divnos}\",\"divid_{$divnos}\");' class='small' id='aid_{$divnos}' href=\"JavaScript:void(0);" . "\">(<span id=spanid_{$divnos} class=\"indicator\">" . htmlspecialchars(xl('Expand'), ENT_QUOTES) . '</span>)<br></a>';
if ($GLOBALS['notes_to_display_in_Billing'] == 2 || $GLOBALS['notes_to_display_in_Billing'] == 3) {
$lhtml .= '<span style="margin-left: 20px; font-weight bold; color: red">' . text($billing_note) . '</span>';
}
if ($iter['id']) {
$lcount += 2;
$lhtml .= "<br />\n";
$lhtml .= " <span class=text>Bill: ";
$lhtml .= "<select name='claims[" . attr($this_encounter_id) . "][payer]' style='background-color:{$bgcolor}'>";
$query = "SELECT id.provider AS id, id.type, id.date, " . "ic.x12_default_partner_id AS ic_x12id, ic.name AS provider " . "FROM insurance_data AS id, insurance_companies AS ic WHERE " . "ic.id = id.provider AND " . "id.pid = ? AND " . "id.date <= ? " . "ORDER BY id.type ASC, id.date DESC";
$result = sqlStatement($query, array($iter['enc_pid'], $raw_encounter_date));
$count = 0;
$default_x12_partner = $iter['ic_x12id'];
$prevtype = '';
}
// Check authorization for pending review.
$reviewauth = acl_check('patients', 'sign');
if ($form_review and !$reviewauth and !$thisauth) {
die(xl('Not authorized'));
}
// Set pid for pending review.
if ($_GET['set_pid'] && $form_review) {
require_once "{$srcdir}/pid.inc";
require_once "{$srcdir}/patient.inc";
setpid($_GET['set_pid']);
$result = getPatientData($pid, "*, DATE_FORMAT(DOB,'%Y-%m-%d') as DOB_YMD");
?>
<script language='JavaScript'>
parent.left_nav.setPatient(<?php
echo "'" . addslashes($result['fname']) . " " . addslashes($result['lname']) . "',{$pid},'" . addslashes($result['pubpid']) . "','', ' " . xl('DOB') . ": " . oeFormatShortDate($result['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($result['DOB_YMD']) . "'";
?>
);
parent.left_nav.setRadio(window.name, 'orp');
</script>
<?php
}
if (!$form_batch && !$pid && !$form_review) {
die(xl('There is no current patient'));
}
function oresRawData($name, $index)
{
$s = isset($_POST[$name][$index]) ? $_POST[$name][$index] : '';
return trim(strip_escape_custom($s));
}
function oresData($name, $index)
// page2.css
//
include_once "../../../../interface/globals.php";
include_once $GLOBALS['fileroot'] . "/library/patient.inc";
$chartpath = $GLOBALS['fileroot'] . "/interface/forms/vitals/growthchart/";
$name = "";
$pid = $_GET['pid'];
if ($pid == "") {
// no pid? no graph for you.
echo "<p>" . xl('Missing PID.', '', '', ' ') . xl('Please close this window.') . "</p>";
exit;
}
$patient_data = "";
if (isset($pid) && is_numeric($pid)) {
$patient_data = getPatientData($pid, "fname, lname, sex, DATE_FORMAT(DOB,'%Y%m%d') as DOB");
$nowAge = getPatientAge($patient_data['DOB']);
$dob = $patient_data['DOB'];
$name = $patient_data['fname'] . " " . $patient_data['lname'];
}
// The first data point in the DATA set is significant. It tells date
// of the currently viewed vitals by the user. We will use this
// date to define which chart is displayed on the screen
$charttype = "2-20";
// default the chart-type to ages 2-20
$datapoints = explode('~', $_GET['data']);
if (isset($datapoints) && $datapoints != "") {
list($date, $height, $weight, $head_circ) = explode('-', $datapoints[0]);
if ($date != "") {
$charttype_date = $date;
}
$tmpAge = getPatientAgeInDays($patient_data['DOB'], $date);
</select>
</td>
</tr>
<?php
if ($noteid) {
// Get the related document IDs if any.
$tmp = sqlStatement("SELECT id1 FROM gprelations WHERE " . "type1 = ? AND type2 = ? AND id2 = ?", array('1', '6', $noteid));
if (sqlNumRows($tmp)) {
echo " <tr>\n";
echo " <td class='text'><b>";
echo xlt('Linked document') . ":</b>\n";
while ($gprow = sqlFetchArray($tmp)) {
$d = new Document($gprow['id1']);
$enc_list = sqlStatement("SELECT fe.encounter,fe.date,openemr_postcalendar_categories.pc_catname FROM form_encounter AS fe " . " left join openemr_postcalendar_categories on fe.pc_catid=openemr_postcalendar_categories.pc_catid WHERE fe.pid = ? order by fe.date desc", array($prow['pid']));
$str_dob = htmlspecialchars(xl("DOB") . ":" . $prow['DOB'] . " " . xl("Age") . ":" . getPatientAge($prow['DOB']));
$pname = $prow['fname'] . " " . $prow['lname'];
echo "<a href='javascript:void(0);' ";
echo "onClick=\"gotoReport(" . addslashes(attr($d->get_id())) . ",'" . addslashes(attr($pname)) . "'," . addslashes(attr($prow['pid'])) . "," . addslashes(attr($prow['pubpid'])) . ",'" . addslashes(attr($str_dob)) . "');\">";
echo text($d->get_url_file());
echo "</a>\n";
}
echo " </td>\n";
echo " </tr>\n";
}
// Get the related procedure order IDs if any.
$tmp = sqlStatement("SELECT id1 FROM gprelations WHERE " . "type1 = ? AND type2 = ? AND id2 = ?", array('2', '6', $noteid));
if (sqlNumRows($tmp)) {
echo " <tr>\n";
echo " <td class='text'><b>";
echo xlt('Linked procedure order') . ":</b>\n";
</div> <!-- end right column div -->
</td>
</tr>
</table>
</div> <!-- end main content div -->
<?php
if ($GLOBALS['concurrent_layout'] && $_GET['set_pid']) {
?>
<script language='JavaScript'>
top.window.parent.left_nav.setPatient(<?php
echo "'" . htmlspecialchars($result['fname'] . " " . $result['lname'], ENT_QUOTES) . "'," . htmlspecialchars($pid, ENT_QUOTES) . ",'" . htmlspecialchars($result['pubpid'], ENT_QUOTES) . "','', ' " . htmlspecialchars(xl('DOB') . ": " . oeFormatShortDate($result['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($result['DOB_YMD']), ENT_QUOTES) . "'";
?>
);
EncounterDateArray=new Array;
CalendarCategoryArray=new Array;
EncounterIdArray=new Array;
Count=0;
<?php
//Encounter details are stored to javacript as array.
$result4 = sqlStatement("SELECT fe.encounter,fe.date,openemr_postcalendar_categories.pc_catname FROM form_encounter AS fe " . " left join openemr_postcalendar_categories on fe.pc_catid=openemr_postcalendar_categories.pc_catid WHERE fe.pid = ? order by fe.date desc", array($pid));
if (sqlNumRows($result4) > 0) {
while ($rowresult4 = sqlFetchArray($result4)) {
?>
EncounterIdArray[Count]='<?php
echo htmlspecialchars($rowresult4['encounter'], ENT_QUOTES);
?>
function vitals_report($pid, $encounter, $cols, $id, $print = true)
{
$count = 0;
$data = formFetch("form_vitals", $id);
$patient_data = getPatientData($GLOBALS['pid']);
$patient_age = getPatientAge($patient_data['DOB']);
$vitals = "";
if ($data) {
$vitals .= "<table><tr>";
foreach ($data as $key => $value) {
if ($key == "id" || $key == "pid" || $key == "user" || $key == "groupname" || $key == "authorized" || $key == "activity" || $key == "date" || $value == "" || $value == "0000-00-00 00:00:00" || $value == "0.0") {
// skip certain data
continue;
}
if ($value == "on") {
$value = "yes";
}
$key = ucwords(str_replace("_", " ", $key));
//modified by BM 06-2009 for required translation
if ($key == "Temp Method" || $key == "BMI Status") {
if ($key == "BMI Status") {
if ($patient_age <= 20 || preg_match('/month/', $patient_age)) {
$value = "See Growth-Chart";
}
}
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . xl($value) . "</span></td>";
} elseif ($key == "Bps") {
$bps = $value;
if ($bpd) {
$vitals .= "<td><span class=bold>" . xl('Blood Pressure') . ": </span><span class=text>" . $bps . "/" . $bpd . "</span></td>";
} else {
continue;
}
} elseif ($key == "Bpd") {
$bpd = $value;
if ($bps) {
$vitals .= "<td><span class=bold>" . xl('Blood Pressure') . ": </span><span class=text>" . $bps . "/" . $bpd . "</span></td>";
} else {
continue;
}
} elseif ($key == "Weight") {
$convValue = number_format($value * 0.45359237, 2);
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>";
// show appropriate units
$mode = $GLOBALS['us_weight_format'];
if ($GLOBALS['units_of_measurement'] == 2) {
$vitals .= $convValue . " " . xl('kg') . " (" . US_weight($value, $mode) . ")";
} elseif ($GLOBALS['units_of_measurement'] == 3) {
$vitals .= US_weight($value, $mode);
} elseif ($GLOBALS['units_of_measurement'] == 4) {
$vitals .= $convValue . " " . xl('kg');
} else {
// = 1 or not set
$vitals .= US_weight($value, $mode) . " (" . $convValue . " " . xl('kg') . ")";
}
$vitals .= "</span></td>";
} elseif ($key == "Height" || $key == "Waist Circ" || $key == "Head Circ") {
$convValue = round(number_format($value * 2.54, 2), 1);
// show appropriate units
if ($GLOBALS['units_of_measurement'] == 2) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $convValue . " " . xl('cm') . " (" . $value . " " . xl('in') . ")</span></td>";
} elseif ($GLOBALS['units_of_measurement'] == 3) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('in') . "</span></td>";
} elseif ($GLOBALS['units_of_measurement'] == 4) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $convValue . " " . xl('cm') . "</span></td>";
} else {
// = 1 or not set
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('in') . " (" . $convValue . " " . xl('cm') . ")</span></td>";
}
} elseif ($key == "Temperature") {
$convValue = number_format(($value - 32) * 0.5556, 2);
// show appropriate units
if ($GLOBALS['units_of_measurement'] == 2) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $convValue . " " . xl('C') . " (" . $value . " " . xl('F') . ")</span></td>";
} elseif ($GLOBALS['units_of_measurement'] == 3) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('F') . "</span></td>";
} elseif ($GLOBALS['units_of_measurement'] == 4) {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $convValue . " " . xl('C') . "</span></td>";
} else {
// = 1 or not set
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('F') . " (" . $convValue . " " . xl('C') . ")</span></td>";
}
} elseif ($key == "Pulse" || $key == "Respiration" || $key == "Oxygen Saturation" || $key == "BMI") {
$value = number_format($value, 0);
if ($key == "Oxygen Saturation") {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('%') . "</span></td>";
} elseif ($key == "BMI") {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('kg/m^2') . "</span></td>";
} else {
//pulse and respirations
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . $value . " " . xl('per min') . "</span></td>";
}
} else {
$vitals .= "<td><span class=bold>" . xl($key) . ": </span><span class=text>" . text($value) . "</span></td>";
}
$count++;
if ($count == $cols) {
$count = 0;
$vitals .= "</tr><tr>\n";
}
}
$vitals .= "</tr></table>";
}
if ($print) {
echo $vitals;
} else {
return $vitals;
}
}
/**
* postcalendar_userapi_pcQueryEvents
* INPUT
* $args = Array of values possibly containing:
* $provider_id = array of provider ID numbers
*
* Returns an array containing the event's information
* @params array(key=>value)
* @params string key eventstatus
* @params int value -1 == hidden ; 0 == queued ; 1 == approved
* @return array $events[][]
*/
function &postcalendar_userapi_pcQueryEvents($args)
{
$end = '0000-00-00';
extract($args);
// echo "<!-- args = "; print_r($args); echo " -->\n"; // debugging
// $pc_username = pnVarCleanFromInput('pc_username');
$pc_username = $_SESSION['pc_username'];
// from Michael Brinson 2006-09-19
if (empty($pc_username) || is_array($pc_username)) {
$pc_username = "******";
}
//echo "DEBUG pc_username: $pc_username \n"; // debugging
$topic = pnVarCleanFromInput('pc_topic');
$category = pnVarCleanFromInput('pc_category');
if (!empty($pc_username) && strtolower($pc_username) != 'anonymous') {
if ($pc_username == '__PC_ALL__' || $pc_username == -1) {
$ruserid = -1;
} else {
$ruserid = getIDfromUser($pc_username);
}
}
if (!isset($eventstatus)) {
$eventstatus = 1;
}
// sanity check on eventstatus
if ((int) $eventstatus < -1 || (int) $eventstatus > 1) {
$eventstatus = 1;
}
if (!isset($start)) {
$start = Date_Calc::dateNow('%Y-%m-%d');
}
list($sy, $sm, $sd) = explode('-', $start);
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// link to the events tables
$table = $pntable['postcalendar_events'];
$cattable = $pntable['postcalendar_categories'];
$topictable = $pntable['postcalendar_topics'];
$sql = "SELECT DISTINCT a.pc_eid, a.pc_informant, a.pc_catid, " . "a.pc_title, a.pc_time, a.pc_hometext, a.pc_eventDate, a.pc_duration, " . "a.pc_endDate, a.pc_startTime, a.pc_recurrtype, a.pc_recurrfreq, " . "a.pc_recurrspec, a.pc_topic, a.pc_alldayevent, a.pc_location, " . "a.pc_conttel, a.pc_contname, a.pc_contemail, a.pc_website, a.pc_fee, " . "a.pc_sharing, a.pc_prefcatid, b.pc_catcolor, b.pc_catname, " . "b.pc_catdesc, a.pc_pid, a.pc_apptstatus, a.pc_aid, " . "concat(u.fname,' ',u.lname) as provider_name, " . "concat(pd.lname,', ',pd.fname) as patient_name, " . "concat(u2.fname, ' ', u2.lname) as owner_name, " . "DOB as patient_dob, a.pc_facility, pd.pubpid " . "FROM ( {$table} AS a ) " . "LEFT JOIN {$cattable} AS b ON b.pc_catid = a.pc_catid " . "LEFT JOIN users as u ON a.pc_aid = u.id " . "LEFT JOIN users as u2 ON a.pc_aid = u2.id " . "LEFT JOIN patient_data as pd ON a.pc_pid = pd.pid " . "WHERE a.pc_eventstatus = {$eventstatus} " . "AND ((a.pc_endDate >= '{$start}' AND a.pc_eventDate <= '{$end}') OR " . "(a.pc_endDate = '0000-00-00' AND a.pc_eventDate >= '{$start}' AND " . "a.pc_eventDate <= '{$end}')) ";
//==================================
//FACILITY FILTERING (lemonsoftware)(CHEMED)
if ($_SESSION['pc_facility']) {
$pc_facility = $_SESSION['pc_facility'];
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*
AND u.facility_id = $pc_facility
AND u2.facility_id = $pc_facility "; */
} else {
if ($pc_facility) {
// pc_facility could be provided in the search arguments -- JRM March 2008
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*.
" AND u.facility_id = $pc_facility".
" AND u2.facility_id = $pc_facility "; */
}
}
//EOS FACILITY FILTERING (lemonsoftware)
//==================================
// The above 3 lines replaced these:
// AND (a.pc_endDate >= '$start' OR a.pc_endDate = '0000-00-00')
// AND a.pc_eventDate <= '$end' ";
if (!empty($providerID)) {
$ruserid = $providerID;
}
// eliminate ruserid if we're trying to query by provider_id -- JRM
if (!empty($provider_id)) {
unset($ruserid);
}
if (isset($ruserid)) {
// get all events for the specified username
if ($ruserid == -1) {
$sql .= "AND (a.pc_sharing = '" . SHARING_BUSY . "' ";
$sql .= "OR a.pc_sharing = '" . SHARING_PUBLIC . "') ";
} else {
$sql .= "AND a.pc_aid IN (0, " . $ruserid . ") ";
}
} elseif (!pnUserLoggedIn()) {
// get all events for anonymous users
$sql .= "AND a.pc_sharing = '" . SHARING_GLOBAL . "' ";
} elseif (!empty($provider_id)) {
// get all events for a variety of provider IDs -- JRM
if ($provider_id[0] != "_ALL_") {
/**add all the events from the clinic provider id = 0*/
$sql .= "AND a.pc_aid in (0," . implode(",", $provider_id) . ") ";
}
} else {
// get all events for logged in user plus global events
$sql .= "AND (a.pc_aid IN (0," . $_SESSION['authUserID'] . ") OR a.pc_sharing = '" . SHARING_GLOBAL . "') ";
}
//======================================================================
// START SEARCH FUNCTIONALITY
//======================================================================
if (!empty($s_keywords)) {
$sql .= "AND ({$s_keywords}) ";
}
if (!empty($s_category)) {
$sql .= "AND ({$s_category}) ";
}
if (!empty($s_topic)) {
$sql .= "AND ({$s_topic}) ";
}
if (!empty($category)) {
$sql .= "AND (a.pc_catid = '" . pnVarPrepForStore($category) . "') ";
}
if (!empty($topic)) {
$sql .= "AND (a.pc_topic = '" . pnVarPrepForStore($topic) . "') ";
}
//======================================================================
// Search sort and limitation
//======================================================================
if (empty($sort)) {
$sql .= "GROUP BY a.pc_eid ORDER BY a.pc_time DESC";
} else {
$sql .= "GROUP BY a.pc_eid ORDER BY a.{$sort}";
}
//======================================================================
// END SEARCH FUNCTIONALITY
//======================================================================
//echo "<br>sq: $sql<br />";
// echo "<!-- " . $sql . " -->\n"; // debugging
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
die($dbconn->ErrorMsg());
}
// put the information into an array for easy access
$events = array();
// return an empty array if we don't have any results
if (!isset($result)) {
return $events;
}
for ($i = 0; !$result->EOF; $result->MoveNext()) {
// WHY are we using an array for intermediate storage??? -- Rod
// get the results from the query
if (isset($tmp)) {
unset($tmp);
}
$tmp = array();
list($tmp['eid'], $tmp['uname'], $tmp['catid'], $tmp['title'], $tmp['time'], $tmp['hometext'], $tmp['eventDate'], $tmp['duration'], $tmp['endDate'], $tmp['startTime'], $tmp['recurrtype'], $tmp['recurrfreq'], $tmp['recurrspec'], $tmp['topic'], $tmp['alldayevent'], $tmp['location'], $tmp['conttel'], $tmp['contname'], $tmp['contemail'], $tmp['website'], $tmp['fee'], $tmp['sharing'], $tmp['prefcatid'], $tmp['catcolor'], $tmp['catname'], $tmp['catdesc'], $tmp['pid'], $tmp['apptstatus'], $tmp['aid'], $tmp['provider_name'], $tmp['patient_name'], $tmp['owner_name'], $tmp['patient_dob'], $tmp['facility'], $tmp['pubpid']) = $result->fields;
// grab the name of the topic
$topicname = pcGetTopicName($tmp['topic']);
// get the user id of event's author
$cuserid = @$nuke_users[strtolower($tmp['uname'])];
// check the current event's permissions
// the user does not have permission to view this event
// if any of the following evaluate as false
if (!pnSecAuthAction(0, 'PostCalendar::Event', "{$tmp['title']}::{$tmp['eid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Category', "{$tmp['catname']}::{$tmp['catid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::User', "{$tmp['uname']}::{$cuserid}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Topic', "{$topicname}::{$tmp['topic']}", ACCESS_OVERVIEW)) {
continue;
} elseif ($tmp['sharing'] == SHARING_PRIVATE && $cuserid != $userid) {
continue;
}
// add event to the array if we passed the permissions check
// this is the common information
$events[$i]['intervals'] = $tmp['duration'] / 60 / $GLOBALS['day_calandar_interval'];
//sets the number of rows this event should span
$events[$i]['eid'] = $tmp['eid'];
$events[$i]['uname'] = $tmp['uname'];
$events[$i]['uid'] = $cuserid;
$events[$i]['catid'] = $tmp['catid'];
$events[$i]['time'] = $tmp['time'];
$events[$i]['eventDate'] = $tmp['eventDate'];
$events[$i]['duration'] = $tmp['duration'];
// there has to be a more intelligent way to do this
@(list($events[$i]['duration_hours'], $dmin) = @explode('.', $tmp['duration'] / 60 / 60));
$events[$i]['duration_minutes'] = substr(sprintf('%.2f', '.' . 60 * ($dmin / 100)), 2, 2);
//''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
$events[$i]['endDate'] = $tmp['endDate'];
$events[$i]['startTime'] = $tmp['startTime'];
$events[$i]['recurrtype'] = $tmp['recurrtype'];
$events[$i]['recurrfreq'] = $tmp['recurrfreq'];
$events[$i]['recurrspec'] = $tmp['recurrspec'];
$events[$i]['topic'] = $tmp['topic'];
$events[$i]['alldayevent'] = $tmp['alldayevent'];
$events[$i]['catcolor'] = $tmp['catcolor'];
// Modified 06-2009 by BM to translate the category if applicable
$events[$i]['catname'] = xl_appt_category($tmp['catname']);
$events[$i]['catdesc'] = $tmp['catdesc'];
$events[$i]['pid'] = $tmp['pid'];
$events[$i]['apptstatus'] = $tmp['apptstatus'];
$events[$i]['pubpid'] = $tmp['pubpid'];
$events[$i]['patient_name'] = $tmp['patient_name'];
$events[$i]['provider_name'] = $tmp['provider_name'];
$events[$i]['owner_name'] = $tmp['owner_name'];
$events[$i]['patient_dob'] = $tmp['patient_dob'];
$events[$i]['patient_age'] = getPatientAge($tmp['patient_dob']);
$events[$i]['facility'] = getFacility($tmp['facility']);
$events[$i]['sharing'] = $tmp['sharing'];
$events[$i]['prefcatid'] = $tmp['prefcatid'];
$events[$i]['aid'] = $tmp['aid'];
$events[$i]['topictext'] = $topicname;
$events[$i]['intervals'] = ceil($tmp['duration'] / 60 / $GLOBALS['calendar_interval']);
if ($events[$i]['intervals'] == 0) {
$events[$i]['intervals'] = 1;
}
// is this a public event to be shown as busy?
if ($tmp['sharing'] == SHARING_BUSY && $cuserid != $userid) {
// make it not display any information
$events[$i]['title'] = _USER_BUSY_TITLE;
$events[$i]['hometext'] = _USER_BUSY_MESSAGE;
$events[$i]['desc'] = _USER_BUSY_MESSAGE;
$events[$i]['conttel'] = '';
$events[$i]['contname'] = '';
$events[$i]['contemail'] = '';
$events[$i]['website'] = '';
$events[$i]['fee'] = '';
$events[$i]['location'] = '';
$events[$i]['street1'] = '';
$events[$i]['street2'] = '';
$events[$i]['city'] = '';
$events[$i]['state'] = '';
$events[$i]['postal'] = '';
} else {
$display_type = substr($tmp['hometext'], 0, 6);
if ($display_type == ':text:') {
$prepFunction = 'pcVarPrepForDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} elseif ($display_type == ':html:') {
$prepFunction = 'pcVarPrepHTMLDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} else {
$prepFunction = 'pcVarPrepHTMLDisplay';
}
unset($display_type);
$events[$i]['title'] = $prepFunction($tmp['title']);
$events[$i]['hometext'] = $prepFunction($tmp['hometext']);
$events[$i]['desc'] = $events[$i]['hometext'];
$events[$i]['conttel'] = $prepFunction($tmp['conttel']);
$events[$i]['contname'] = $prepFunction($tmp['contname']);
$events[$i]['contemail'] = $prepFunction($tmp['contemail']);
$events[$i]['website'] = $prepFunction(postcalendar_makeValidURL($tmp['website']));
$events[$i]['fee'] = $prepFunction($tmp['fee']);
$loc = unserialize($tmp['location']);
$events[$i]['location'] = $prepFunction($loc['event_location']);
$events[$i]['street1'] = $prepFunction($loc['event_street1']);
$events[$i]['street2'] = $prepFunction($loc['event_street2']);
$events[$i]['city'] = $prepFunction($loc['event_city']);
$events[$i]['state'] = $prepFunction($loc['event_state']);
$events[$i]['postal'] = $prepFunction($loc['event_postal']);
}
$i++;
}
unset($tmp);
$result->Close();
return $events;
}
if (!empty($followup)) {
echo "{$followup}({$thisenc})\n";
exit;
}
}
// end if $createvisit
// If this is a new pid, switch to it. Cloned from demographics.php.
// Currently this will only happen from players_report.php, but we try to be general.
if ($pid != $thispid) {
include_once "{$srcdir}/pid.inc";
setpid($thispid);
$prow = getPatientData($pid, "*, DATE_FORMAT(DOB,'%Y-%m-%d') as DOB_YMD");
?>
// The JavaScript part of switching to the new pid. Cloned from demographics.php.
top.left_nav.setPatient(<?php
echo "'" . addslashes($prow['fname'] . " " . $prow['lname']) . "'," . addslashes($pid) . ",'" . addslashes($prow['pubpid']) . "','', ' " . xls('DOB') . ": " . addslashes(oeFormatShortDate($prow['DOB_YMD'])) . " " . xls('Age') . ": " . addslashes(getPatientAge($prow['DOB_YMD'])) . "'";
?>
);
// TBD: ForceDual? Maybe load demographics.php into the top frame?
<?php
}
// End of pid switch logic.
if ($createvisit) {
// Write JavaScript to open the selected encounter as the active encounter.
// Logic cloned from encounters.php.
?>
top.left_nav.setEncounter('<?php
echo $today;
?>
', enc, 'RBot');
top.left_nav.loadFrame2('enc2', 'RBot', 'patient_file/encounter/encounter_top.php?set_encounter=' + enc);
$patient_id = $trow['pid'];
$refer_date = empty($trow['refer_date']) ? date('Y-m-d') : $trow['refer_date'];
} else {
if (empty($_REQUEST['patient_id'])) {
// If no transaction ID or patient ID, this will be a totally blank form.
$patient_id = 0;
$refer_date = '';
} else {
$patient_id = $_REQUEST['patient_id'] + 0;
$refer_date = date('Y-m-d');
}
$trow = array('id' => '', 'pid' => $patient_id, 'refer_date' => $refer_date);
}
if ($patient_id) {
$patdata = getPatientData($patient_id);
$patient_age = getPatientAge(str_replace('-', '', $patdata['DOB']));
} else {
$patdata = array('DOB' => '');
$patient_age = '';
}
$frrow = sqlQuery("SELECT * FROM users WHERE id = ?", array($trow['refer_from']));
if (empty($frrow)) {
$frrow = array();
}
$torow = sqlQuery("SELECT * FROM users WHERE id = ?", array($trow['refer_to']));
if (empty($torow)) {
$torow = array('organization' => '', 'street' => '', 'city' => '', 'state' => '', 'zip' => '', 'phone' => '');
}
$vrow = sqlQuery("SELECT * FROM form_vitals WHERE " . "pid = ? AND date <= ? " . "ORDER BY date DESC LIMIT 1", array($patient_id, $refer_date . " 23:59:59"));
if (empty($vrow)) {
$vrow = array('bps' => '', 'bpd' => '', 'weight' => '', 'height' => '');
# If not we will highlight their name in red.
# TBD: more checking here.
#
$res = sqlQuery("select count(*) as count from insurance_data where " . "pid = " . $iter['enc_pid'] . " and " . "type='primary' and " . "subscriber_lname is not null and " . "subscriber_lname != '' limit 1");
$namecolor = $res['count'] > 0 ? "black" : "#ff7777";
$bgcolor = "#" . ($encount & 1 ? "ddddff" : "ffdddd");
echo "<tr bgcolor='{$bgcolor}'><td colspan='8' height='5'></td></tr>\n";
$lcount = 1;
$rcount = 0;
$oldcode = "";
$ptname = $name['fname'] . " " . $name['lname'];
$raw_encounter_date = date("Y-m-d", strtotime($iter['enc_date']));
// Add Encounter Date to display with "To Encounter" button 2/17/09 JCH
$lhtml .= " <span class=bold><font color='{$namecolor}'>{$ptname}" . "</font></span><span class=small> (" . $iter['enc_pid'] . "-" . $iter['enc_encounter'] . ")</span>";
// Not sure why the next section seems to do nothing except post "To Encounter" button 2/17/09 JCH
$lhtml .= " <a class=\"link_submit\" " . "href=\"javascript:window.toencounter(" . $iter['enc_pid'] . ",'" . addslashes($name['pubpid']) . "','" . addslashes($ptname) . "'," . $iter['enc_encounter'] . ",'" . oeFormatShortDate($raw_encounter_date) . "',' " . xl('DOB') . ": " . oeFormatShortDate($name['DOB_YMD']) . " " . xl('Age') . ": " . getPatientAge($name['DOB_YMD']) . "')\">[" . xl('To Enctr') . " " . oeFormatShortDate($raw_encounter_date) . "]</a>";
// Changed "To xxx" buttons to allow room for encounter date display 2/17/09 JCH
$lhtml .= " <a class=\"link_submit\" " . "href=\"javascript:window.topatient(" . $iter['enc_pid'] . ")\">[" . xl('To Dems') . "]</a>";
if ($iter['id']) {
$lcount += 2;
$lhtml .= "<br />\n";
$lhtml .= " <span class=text>Bill: ";
$lhtml .= "<select name='claims[" . $this_encounter_id . "][payer]' style='background-color:{$bgcolor}'>";
$query = "SELECT id.provider AS id, id.type, id.date, " . "ic.x12_default_partner_id AS ic_x12id, ic.name AS provider " . "FROM insurance_data AS id, insurance_companies AS ic WHERE " . "ic.id = id.provider AND " . "id.pid = '" . mysql_escape_string($iter['enc_pid']) . "' AND " . "id.date <= '{$raw_encounter_date}' " . "ORDER BY id.type ASC, id.date DESC";
$result = sqlStatement($query);
$count = 0;
$default_x12_partner = $iter['ic_x12id'];
$prevtype = '';
while ($row = mysql_fetch_array($result)) {
if (strcmp($row['type'], $prevtype) == 0) {
continue;
