// Faking it here makes things easier. // Also note that some fields like SSN and most of the subscriber employer // items have been omitted because they are not relevant for claims. // $insurance_layout = array(array('field_id' => 'type', 'title' => 'Type', 'uor' => '2', 'data_type' => '1', 'list_id' => 'insurance_types', 'edit_options' => ''), array('field_id' => 'date', 'title' => 'Effective Date', 'uor' => '2', 'data_type' => '4', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'provider', 'title' => 'Provider', 'uor' => '2', 'data_type' => '16', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'plan_name', 'title' => 'Plan Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'policy_number', 'title' => 'Policy Number', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'group_number', 'title' => 'Group Number', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_employer', 'title' => 'Group Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_lname', 'title' => 'Subscriber Last Name', 'uor' => '2', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_fname', 'title' => 'Subscriber First Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_mname', 'title' => 'Subscriber Middle Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_DOB', 'title' => 'Subscriber DOB', 'uor' => '2', 'data_type' => '4', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_sex', 'title' => 'Subscriber Sex', 'uor' => '2', 'data_type' => '1', 'list_id' => 'sex', 'edit_options' => ''), array('field_id' => 'subscriber_relationship', 'title' => 'Subscriber Relationship', 'uor' => '2', 'data_type' => '1', 'list_id' => 'sub_relation', 'edit_options' => ''), array('field_id' => 'subscriber_street', 'title' => 'Subscriber Street', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_city', 'title' => 'Subscriber City', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_state', 'title' => 'Subscriber State', 'uor' => '1', 'data_type' => '1', 'list_id' => 'state', 'edit_options' => ''), array('field_id' => 'subscriber_postal_code', 'title' => 'Subscriber Zip', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_phone', 'title' => 'Subscriber Phone', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => '')); $postid = intval($_REQUEST['postid']); if ($_POST['bn_save']) { $newdata = array(); $ptid = intval($_POST['ptid']); foreach ($insurance_layout as $frow) { $data_type = $frow['data_type']; $field_id = $frow['field_id']; // newInsuranceData() does not escape for mysql so we have to do it here. $newdata[$field_id] = add_escape_custom(get_layout_form_value($frow)); } newInsuranceData($ptid, $newdata['type'], $newdata['provider'], $newdata['policy_number'], $newdata['group_number'], $newdata['plan_name'], $newdata['subscriber_lname'], $newdata['subscriber_mname'], $newdata['subscriber_fname'], $newdata['subscriber_relationship'], '', fixDate($newdata['subscriber_DOB']), $newdata['subscriber_street'], $newdata['subscriber_postal_code'], $newdata['subscriber_city'], $newdata['subscriber_state'], '', $newdata['subscriber_phone'], $newdata['subscriber_employer'], '', '', '', '', '', '', $newdata['subscriber_sex'], fixDate($newdata['date']), 'TRUE', ''); // Finally, delete the request from the portal. $result = cms_portal_call(array('action' => 'delpost', 'postid' => $postid)); if ($result['errmsg']) { die(text($result['errmsg'])); } echo "<html><body><script language='JavaScript'>\n"; echo "if (top.restoreSession) top.restoreSession(); else opener.top.restoreSession();\n"; echo "document.location.href = 'list_requests.php';\n"; echo "</script></body></html>\n"; exit; } // Get the portal request data. if (!$postid) { die(xlt('Request ID is missing!')); }
if ($primary_insurace_data) { updateInsuranceData($primary_insurace_data['id'], $p_insurace_data); } else { newInsuranceData($patientId, $type = "primary", $p_insurance_company, $policy_number = $p_insurance_id, $group_number = $p_group_number, $plan_name = $p_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $p_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $p_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE"); } $s_insurace_data = array('provider' => $s_insurance_company, 'group_number' => $s_group_number, 'plan_name' => $s_plan_name, 'subscriber_employer' => $s_subscriber_employer_status, 'subscriber_relationship' => $s_subscriber_relationship, 'policy_number' => $s_insurance_id); if ($secondary_insurace_data) { updateInsuranceData($secondary_insurace_data['id'], $s_insurace_data); } else { newInsuranceData($patientId, $type = "secondary", $s_insurance_company, $policy_number = $s_insurance_id, $group_number = $s_group_number, $plan_name = $s_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $s_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $s_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE"); } $o_insurace_data = array('provider' => $o_insurance_company, 'group_number' => $o_group_number, 'plan_name' => $o_plan_name, 'subscriber_employer' => $o_subscriber_employer_status, 'subscriber_relationship' => $o_subscriber_relationship, 'policy_number' => $o_insurance_id); if ($other_insurace_data) { updateInsuranceData($other_insurace_data['id'], $o_insurace_data); } else { newInsuranceData($patientId, $type = "tertiary", $o_insurance_company, $policy_number = $o_insurance_id, $group_number = $o_group_number, $plan_name = $o_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $o_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $o_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE"); } if ($image_data) { $id = 1; $type = "file_url"; $size = ''; $date = date('Y-m-d H:i:s'); $url = ''; $mimetype = 'image/jpeg'; $hash = ''; $patient_id = $patientId; $ext = 'png'; // $cat_title = 'Patient Profile Image'; $cat_title = 'Patient Photograph'; $strQuery2 = "SELECT id from `categories` WHERE name LIKE ?"; $result3 = sqlQuery($strQuery2, array($cat_title));
// =================== // DBC SYSTEM WAS REMOVED $form_sex = trim($_POST["sex"]); $form_dob = trim($_POST["DOB"]); $form_street = ''; $form_city = ''; $form_postcode = ''; $form_countrycode = ''; // EOS DBC // =================== newPatientData($_POST["db_id"], $_POST["title"], $form_fname, $form_lname, $form_mname, $form_sex, $form_dob, $form_street, $form_postcode, $form_city, "", $form_countrycode, "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "{$mypubpid}", $pid, "", "", "", "", "", "", "", "", 0, 0, "", "", "", $_POST['regdate']); newEmployerData($pid); newHistoryData($pid); newInsuranceData($pid, "primary"); newInsuranceData($pid, "secondary"); newInsuranceData($pid, "tertiary"); // Set referral source separately because we don't want it messed // with later by newPatientData(). if ($refsource = trim($_POST["refsource"])) { sqlQuery("UPDATE patient_data SET referral_source = '{$refsource}' " . "WHERE pid = '{$pid}'"); } } ?> <html> <body> <script language="Javascript"> <?php if ($alertmsg) { echo "alert('{$alertmsg}');\n"; } if ($GLOBALS['concurrent_layout']) {
public function update_audited_data($var) { $data_credentials = $var[0]; $validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events"); if (UserService::valid($data_credentials)) { $audit_master_id = $var['audit_master_id']; $res = sqlStatement("SELECT * FROM audit_master where id=? and approval_status='1' and type='3' ", array($audit_master_id)); if (sqlNumRows($res) > 0) { return; } $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=?", array($audit_master_id)); $tablecnt = sqlNumRows($res); while ($row = sqlFetchArray($res)) { $pid = $row['pid']; $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name'])); $table = $row['table_name']; $cnt = 0; foreach ($validtables as $value) { //Update will execute if and only if all tables are validtables if ($value == $table) { $cnt++; } } if ($cnt > 0) { while ($rowfield = sqlFetchArray($resfield)) { if ($table == 'patient_data') { $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'employer_data') { $newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'insurance_data') { $ins1_type = "primary"; $ins2_type = "secondary"; $ins3_type = "tertiary"; for ($i = 1; $i <= 3; $i++) { $newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value']; } } if ($table == 'openemr_postcalendar_events') { $newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value']; } } require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($table == 'patient_data') { $pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid)); $newdata['patient_data']['id'] = $pdrow['id']; updatePatientData($pid, $newdata['patient_data']); } elseif ($table == 'employer_data') { updateEmployerData($pid, $newdata['employer_data']); } elseif ($table == 'insurance_data') { for ($i = 1; $i <= 3; $i++) { newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment'])); } } elseif ($table == 'openemr_postcalendar_events') { sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')"); } } else { throw new SoapFault("Server", "Table Not Supported error message"); } } } else { throw new SoapFault("Server", "credentials failed"); } }
$newdata[$tblname][$colname] = $value; } updatePatientData($pid, $newdata['patient_data'], true); updateEmployerData($pid, $newdata['employer_data'], true); $i1dob = fixDate(formData("i1subscriber_DOB")); $i1date = fixDate(formData("i1effective_date")); // sqlStatement("unlock tables"); // end table lock newHistoryData($pid); newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment')); $i2dob = fixDate(formData("i2subscriber_DOB")); $i2date = fixDate(formData("i2effective_date")); newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment')); $i3dob = fixDate(formData("i3subscriber_DOB")); $i3date = fixDate(formData("i3effective_date")); newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment')); ?> <html> <body> <script language="Javascript"> <?php if ($alertmsg) { echo "alert('{$alertmsg}');\n"; } echo "window.location='{$rootdir}/patient_file/summary/demographics.php?" . "set_pid={$pid}&is_new=1';\n"; ?> </script> </body> </html>
function create_patient(&$medics, &$errors) { $alertmsg = ""; $patient_pid = get_patientid($medics); $pubpid = trim($medics->pubpid); // ID must be valid or 'NEWPATIENT' if (empty($pubpid)) { array_push($errors, "Patient ID '{$pubpid}' missing, patient skipped! "); return $alertmsg; } if ($pubpid != 'NEWPATIENT') { // 1. validate patient $patient_pid = 0; $query = "SELECT pid FROM patient_data WHERE pubpid LIKE '{$pubpid}'"; $res = sqlStatement($query); $row = sqlFetchArray($res); if ($row) { $patient_pid = $row['pid']; if (sqlFetchArray($res)) { array_push($errors, "Patient ID '{$pubpid}' is ambiguous, patient skipped! "); return $alertmsg; } else { // array_push( $errors, "Patient ID '$pubpid' exists, updates/new encounters only. "); } } } // 2. validate insurance provider - REMOVED // 3. validate billing provider $tmp = array(); $tmp = fetchProviderInfo($medics); if (!array($tmp)) { array_push($errors, "Provider '{$tmp}' not found, patient skipped!"); return $alertmsg; } $patient_provider_id = $tmp['id']; $patient_provider_name = $tmp['username']; $patient_provider_facility = $tmp['facility_id']; // 4. get facility from // Move to function $row = sqlQuery("SELECT id, name, pos_code FROM facility WHERE id = '{$patient_provider_facility}'"); if (!$row['id']) { array_push($errors, "Facility '{$tmp}' not found, patient skipped! "); return $alertmsg; } $patient_facility_id = $row['id']; $patient_facility_name = $row['name']; $patient_facility_pos = $row['pos_code']; // 5. insert patient data if (!$patient_pid) { // Insert into patient_data. // $row = sqlQuery("SELECT max(pid)+1 AS pid FROM patient_data"); $patient_pid = $row['pid'] ? $row['pid'] : 1; // Combine street lines $patient_street = $medics->street . ' ' . $medics->street2; // Build array newPatientData('', '', form2db($medics->fname), form2db($medics->lname), form2db($medics->mname), sex($medics->sex), form2db($medics->dob), form2db($patient_street), '', '', '', form2db($medics->zip), form2db($medics->city), form2db($medics->state), '', '', '', form2db($medics->phone_home), form2db($medics->phone_alternate), '', '', '', '', '', '', '', form2db($medics->ethnicity), '', '', '', '', '', '0000-00-00 00:00:00', $patient_pid, $patient_pid, '', '', '', '', '', '', form2db($medics->hippa_notice), form2db($medics->hippa_notice), '', '', '', form2db($medics->hippa_notice), '', $dos = fixDate($medics->fromdate)); // Insert dummy row for employer_data. newEmployerData($patient_pid); // Update or Instest subscriber ins data if ($medics->pubpid == 'NEWPATIENT' || !empty($medics->policy_id)) { newInsuranceData($patient_pid, 'primary', $insurance_company_id, form2db($medics->policy_id), '', '', form2db($medics->lname), form2db($medics->mname), form2db($medics->fname), 'self', '', fixDate($medics->dob), form2db($medics->street), form2db($medics->zip), form2db($medics->city), form2db($medics->state), '', form2db($medics->phone_home), '', '', '', '', '', '', '', sex($medics->sex), fixDate($medics->eff_date)); } $tmp = $medics->lname . ',' . $medics->fname; $alertmsg .= "New Patient Added: '{$patient_pid}' / '{$tmp}' <br>\n"; } $medics->pid = $patient_pid; $history = array('history_father' => form2db($medics->familyinformation->father), 'history_mother' => form2db($medics->familyinformation->mother), 'history_spouse' => form2db($medics->familyinformation->spouse), 'history_siblings' => form2db($medics->familyinformation->siblings), 'history_offspring' => form2db($medics->familyinformation->offspring), 'relatives_cancer' => form2db($medics->medical->relativesexperience->cancer), 'relatives_tuberculosis' => form2db($medics->medical->relativesexperience->tuberculosis), 'relatives_diabetes' => form2db($medics->medical->relativesexperience->diabetes), 'relatives_high_blood_pressure' => form2db($medics->medical->relativesexperience->highbloodpressure), 'relatives_heart_problems' => form2db($medics->medical->relativesexperience->heartproblems), 'relatives_stroke' => form2db($medics->medical->relativesexperience->stroke), 'relatives_epilepsy' => form2db($medics->medical->relativesexperience->epilepsy), 'relatives_mental_illness' => form2db($medics->medical->relativesexperience->mentalillness), 'relatives_suicide' => form2db($medics->medical->relativesexperience->suicide), 'usertext12' => form2db($medics->medical->relativesexperience->other), 'coffee' => form2db($medics->medical->lifestyleusage->coffee), 'tobacco' => form2db($medics->medical->lifestyleusage->tobacco), 'alcohol' => form2db($medics->medical->lifestyleusage->alcohol), 'sleep_patterns' => form2db($medics->medical->lifestyleusage->sleep), 'exercise_patterns' => form2db($medics->medical->lifestyleusage->exercise), 'seatbelt_use' => form2db($medics->medical->lifestyleusage->seatbelt), 'counseling' => form2db($medics->medical->lifestyleusage->counseling), 'hazardous_activities' => form2db($medics->medical->lifestyleusage->hazardactivities), 'usertext13' => form2db($medics->medical->lifestyleusage->urinaryincontinence), 'usertext14' => form2db($medics->medical->lifestyleusage->fallhistory), 'additional_history' => form2db($medics->medical->lifestyleusage->other) . " " . form2db($medics->medical->lifestyleusage->generalnotes)); // Insert/Update into history_data. if ($medics->pubpid == 'NEWPATIENT') { newHistoryData($patient_pid, $history); } else { updateHistoryData($patient_pid, $history); } // Add or Update History data add_update_history($medics, $patient_pid, $errors); // Create or update an issue for each historical medication. // foreach ($medics->medical->medications->medication as $medication) { if (isempty($medication->name)) { continue; } $meds = array(); $meds['title'] = form2db($medication->name); $meds['dosage'] = form2db($medication->dosage); $meds['frequency'] = form2db($medication->frequency); $meds['duration'] = form2db($medication->duration); // TBD does not exsist in MEDICS $meds['id'] = form2db($medication->id); if (!isempty($meds['id'])) { $row = sqlQuery("SELECT id FROM lists WHERE id = " . $meds['id']); if (!$row) { create_issue($patient_pid, 'medication', $meds); } else { update_issue($patient_pid, 'medication', $meds); } } else { create_issue($patient_pid, 'medication', $meds); } } return $alertmsg; }
function setInsurance($pid, $ainsurance, $asubscriber, $seq) { $iwhich = $seq == '2' ? "secondary" : ($seq == '3' ? "tertiary" : "primary"); newInsuranceData($pid, $iwhich, $ainsurance["provider{$seq}"], $ainsurance["policy{$seq}"], $ainsurance["group{$seq}"], $ainsurance["name{$seq}"], $asubscriber["lname{$seq}"], $asubscriber["mname{$seq}"], $asubscriber["fname{$seq}"], $asubscriber["relationship{$seq}"], $asubscriber["ss{$seq}"], fixDate($asubscriber["dob{$seq}"]), $asubscriber["street{$seq}"], $asubscriber["zip{$seq}"], $asubscriber["city{$seq}"], $asubscriber["state{$seq}"], $asubscriber["country{$seq}"], $asubscriber["phone{$seq}"], $asubscriber["employer{$seq}"], $asubscriber["employer_street{$seq}"], $asubscriber["employer_city{$seq}"], $asubscriber["employer_zip{$seq}"], $asubscriber["employer_state{$seq}"], $asubscriber["employer_country{$seq}"], $ainsurance["copay{$seq}"], $asubscriber["sex{$seq}"]); }
public function update_audited_data($var) { $data_credentials = $var[0]; $last_insert_ids = array(); $validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events", "ar_session", "documents_legal_master", "documents_legal_detail", "patient_access_offsite"); if (UserService::valid($data_credentials)) { $audit_master_id = $var['audit_master_id']; $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=? ORDER BY ad.id", array($audit_master_id)); $tablecnt = sqlNumRows($res); while ($row = sqlFetchArray($res)) { if ($row['pid']) { $pid = $row['pid']; } $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name'])); $table = $row['table_name']; $cnt = 0; foreach ($validtables as $value) { //Update will execute if and only if all tables are validtables if ($value == $table) { $cnt++; } } if ($cnt > 0) { while ($rowfield = sqlFetchArray($resfield)) { if ($rowfield['field_name'] == 'pid') { continue; } if ($table == 'patient_data') { $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'employer_data') { $newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'insurance_data') { $ins1_type = "primary"; $ins2_type = "secondary"; $ins3_type = "tertiary"; for ($i = 1; $i <= 3; $i++) { $newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value']; } } if ($table == 'openemr_postcalendar_events') { $newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'ar_session') { $newdata['ar_session'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'documents_legal_master') { $newdata['documents_legal_master'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'documents_legal_detail') { $newdata['documents_legal_detail'][$rowfield['field_name']] = $rowfield['field_value']; } if ($table == 'patient_access_offsite') { $newdata['patient_access_offsite'][$rowfield['field_name']] = $rowfield['field_value']; if ($rowfield['field_name'] == 'portal_pwd') { $newdata['patient_access_offsite']['pass_id'] = $rowfield['id']; } } } require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($table == 'patient_data') { $pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid)); if ($pdrow['id']) { $newdata['patient_data']['id'] = $pdrow['id']; updatePatientData($pid, $newdata['patient_data']); } else { $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data"); $pid = $prow['pid']; $newdata['patient_data']['pubpid'] = $pid; updatePatientData($pid, $newdata['patient_data'], true); } } elseif ($table == 'employer_data') { updateEmployerData($pid, $newdata['employer_data']); } elseif ($table == 'insurance_data') { for ($i = 1; $i <= 3; $i++) { newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment'])); } } elseif ($table == 'openemr_postcalendar_events') { sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')"); } elseif ($table == 'ar_session') { sqlInsert("INSERT INTO ar_session ( " . "payer_id, user_id, reference, check_date, pay_total, modified_time, payment_type, description, post_to_date, patient_id, payment_method" . ") VALUES ( " . "'" . add_escape_custom($newdata['ar_session']['payer_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['user_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['reference']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['pay_total']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['payment_type']) . "', " . "'" . add_escape_custom($newdata['ar_session']['description']) . "', " . "NOW(), " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['ar_session']['payment_method']) . "')"); } elseif ($table == 'documents_legal_master') { $master_doc_id = sqlInsert("INSERT INTO documents_legal_master ( " . "dlm_category,dlm_subcategory,dlm_document_name,dlm_filepath,dlm_facility,dlm_provider,dlm_sign_height,dlm_sign_width,dlm_filename,dlm_effective_date,dlm_version,content,dlm_savedsign,dlm_review,dlm_upload_type" . ") VALUES ( " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_category']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_subcategory']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_document_name']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filepath'] . "/{$pid}") . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_height']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_width']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_effective_date']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_version']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_savedsign']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_review']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_upload_type']) . "')"); $last_insert_ids['dlm_id'] = $master_doc_id; } elseif ($table == 'documents_legal_detail') { if ($master_doc_id) { $mdoc_id = $master_doc_id; } else { $mdoc_id = $newdata['documents_legal_detail']['dld_master_docid']; } $last_insert_ids['dld_id'] = sqlInsert("INSERT INTO documents_legal_detail ( " . "dld_pid,dld_facility,dld_provider,dld_encounter,dld_master_docid,dld_signed,dld_signed_time,dld_filepath,dld_filename,dld_signing_person,dld_sign_level,dld_content,dld_file_for_pdf_generation,dld_denial_reason,dld_moved,dld_patient_comments" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_encounter']) . "', " . "'" . add_escape_custom($mdoc_id) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed_time']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filepath']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signing_person']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_sign_level']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_file_for_pdf_generation']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_denial_reason']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_moved']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_patient_comments']) . "')"); } elseif ($table == 'patient_access_offsite') { $query = sqlStatement("SELECT * FROM patient_access_offsite WHERE portal_username = '******'patient_access_offsite']['portal_username'] . "'"); if (sqlNumRows($query) == 0) { sqlInsert("INSERT INTO patient_access_offsite ( " . "pid,portal_username,portal_pwd,portal_pwd_status" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_username']) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_pwd']) . "', " . "0)"); sqlQuery("UPDATE audit_details SET field_value = ? WHERE id = ?", array($this->generatePassword(), $newdata['patient_access_offsite']['pass_id'])); } } } else { throw new SoapFault("Server", "Table Not Supported error message"); } } return $last_insert_ids; } else { throw new SoapFault("Server", "credentials failed"); } }