// Faking it here makes things easier.
// Also note that some fields like SSN and most of the subscriber employer
// items have been omitted because they are not relevant for claims.
//
$insurance_layout = array(array('field_id' => 'type', 'title' => 'Type', 'uor' => '2', 'data_type' => '1', 'list_id' => 'insurance_types', 'edit_options' => ''), array('field_id' => 'date', 'title' => 'Effective Date', 'uor' => '2', 'data_type' => '4', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'provider', 'title' => 'Provider', 'uor' => '2', 'data_type' => '16', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'plan_name', 'title' => 'Plan Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'policy_number', 'title' => 'Policy Number', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'group_number', 'title' => 'Group Number', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_employer', 'title' => 'Group Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_lname', 'title' => 'Subscriber Last Name', 'uor' => '2', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_fname', 'title' => 'Subscriber First Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_mname', 'title' => 'Subscriber Middle Name', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_DOB', 'title' => 'Subscriber DOB', 'uor' => '2', 'data_type' => '4', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_sex', 'title' => 'Subscriber Sex', 'uor' => '2', 'data_type' => '1', 'list_id' => 'sex', 'edit_options' => ''), array('field_id' => 'subscriber_relationship', 'title' => 'Subscriber Relationship', 'uor' => '2', 'data_type' => '1', 'list_id' => 'sub_relation', 'edit_options' => ''), array('field_id' => 'subscriber_street', 'title' => 'Subscriber Street', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_city', 'title' => 'Subscriber City', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_state', 'title' => 'Subscriber State', 'uor' => '1', 'data_type' => '1', 'list_id' => 'state', 'edit_options' => ''), array('field_id' => 'subscriber_postal_code', 'title' => 'Subscriber Zip', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''), array('field_id' => 'subscriber_phone', 'title' => 'Subscriber Phone', 'uor' => '1', 'data_type' => '2', 'list_id' => '', 'edit_options' => ''));
$postid = intval($_REQUEST['postid']);
if ($_POST['bn_save']) {
$newdata = array();
$ptid = intval($_POST['ptid']);
foreach ($insurance_layout as $frow) {
$data_type = $frow['data_type'];
$field_id = $frow['field_id'];
// newInsuranceData() does not escape for mysql so we have to do it here.
$newdata[$field_id] = add_escape_custom(get_layout_form_value($frow));
}
newInsuranceData($ptid, $newdata['type'], $newdata['provider'], $newdata['policy_number'], $newdata['group_number'], $newdata['plan_name'], $newdata['subscriber_lname'], $newdata['subscriber_mname'], $newdata['subscriber_fname'], $newdata['subscriber_relationship'], '', fixDate($newdata['subscriber_DOB']), $newdata['subscriber_street'], $newdata['subscriber_postal_code'], $newdata['subscriber_city'], $newdata['subscriber_state'], '', $newdata['subscriber_phone'], $newdata['subscriber_employer'], '', '', '', '', '', '', $newdata['subscriber_sex'], fixDate($newdata['date']), 'TRUE', '');
// Finally, delete the request from the portal.
$result = cms_portal_call(array('action' => 'delpost', 'postid' => $postid));
if ($result['errmsg']) {
die(text($result['errmsg']));
}
echo "<html><body><script language='JavaScript'>\n";
echo "if (top.restoreSession) top.restoreSession(); else opener.top.restoreSession();\n";
echo "document.location.href = 'list_requests.php';\n";
echo "</script></body></html>\n";
exit;
}
// Get the portal request data.
if (!$postid) {
die(xlt('Request ID is missing!'));
}
if ($primary_insurace_data) {
updateInsuranceData($primary_insurace_data['id'], $p_insurace_data);
} else {
newInsuranceData($patientId, $type = "primary", $p_insurance_company, $policy_number = $p_insurance_id, $group_number = $p_group_number, $plan_name = $p_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $p_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $p_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE");
}
$s_insurace_data = array('provider' => $s_insurance_company, 'group_number' => $s_group_number, 'plan_name' => $s_plan_name, 'subscriber_employer' => $s_subscriber_employer_status, 'subscriber_relationship' => $s_subscriber_relationship, 'policy_number' => $s_insurance_id);
if ($secondary_insurace_data) {
updateInsuranceData($secondary_insurace_data['id'], $s_insurace_data);
} else {
newInsuranceData($patientId, $type = "secondary", $s_insurance_company, $policy_number = $s_insurance_id, $group_number = $s_group_number, $plan_name = $s_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $s_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $s_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE");
}
$o_insurace_data = array('provider' => $o_insurance_company, 'group_number' => $o_group_number, 'plan_name' => $o_plan_name, 'subscriber_employer' => $o_subscriber_employer_status, 'subscriber_relationship' => $o_subscriber_relationship, 'policy_number' => $o_insurance_id);
if ($other_insurace_data) {
updateInsuranceData($other_insurace_data['id'], $o_insurace_data);
} else {
newInsuranceData($patientId, $type = "tertiary", $o_insurance_company, $policy_number = $o_insurance_id, $group_number = $o_group_number, $plan_name = $o_plan_name, $subscriber_lname = "", $subscriber_mname = "", $subscriber_fname = "", $subscriber_relationship = $o_subscriber_relationship, $subscriber_ss = "", $subscriber_DOB = "", $subscriber_street = "", $subscriber_postal_code = "", $subscriber_city = "", $subscriber_state = "", $subscriber_country = "", $subscriber_phone = "", $subscriber_employer = $o_subscriber_employer_status, $subscriber_employer_street = "", $subscriber_employer_city = "", $subscriber_employer_postal_code = "", $subscriber_employer_state = "", $subscriber_employer_country = "", $copay = "", $subscriber_sex = "", $effective_date = "0000-00-00", $accept_assignment = "TRUE");
}
if ($image_data) {
$id = 1;
$type = "file_url";
$size = '';
$date = date('Y-m-d H:i:s');
$url = '';
$mimetype = 'image/jpeg';
$hash = '';
$patient_id = $patientId;
$ext = 'png';
// $cat_title = 'Patient Profile Image';
$cat_title = 'Patient Photograph';
$strQuery2 = "SELECT id from `categories` WHERE name LIKE ?";
$result3 = sqlQuery($strQuery2, array($cat_title));
// ===================
// DBC SYSTEM WAS REMOVED
$form_sex = trim($_POST["sex"]);
$form_dob = trim($_POST["DOB"]);
$form_street = '';
$form_city = '';
$form_postcode = '';
$form_countrycode = '';
// EOS DBC
// ===================
newPatientData($_POST["db_id"], $_POST["title"], $form_fname, $form_lname, $form_mname, $form_sex, $form_dob, $form_street, $form_postcode, $form_city, "", $form_countrycode, "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "{$mypubpid}", $pid, "", "", "", "", "", "", "", "", 0, 0, "", "", "", $_POST['regdate']);
newEmployerData($pid);
newHistoryData($pid);
newInsuranceData($pid, "primary");
newInsuranceData($pid, "secondary");
newInsuranceData($pid, "tertiary");
// Set referral source separately because we don't want it messed
// with later by newPatientData().
if ($refsource = trim($_POST["refsource"])) {
sqlQuery("UPDATE patient_data SET referral_source = '{$refsource}' " . "WHERE pid = '{$pid}'");
}
}
?>
<html>
<body>
<script language="Javascript">
<?php
if ($alertmsg) {
echo "alert('{$alertmsg}');\n";
}
if ($GLOBALS['concurrent_layout']) {
public function update_audited_data($var)
{
$data_credentials = $var[0];
$validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events");
if (UserService::valid($data_credentials)) {
$audit_master_id = $var['audit_master_id'];
$res = sqlStatement("SELECT * FROM audit_master where id=? and approval_status='1' and type='3' ", array($audit_master_id));
if (sqlNumRows($res) > 0) {
return;
}
$res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=?", array($audit_master_id));
$tablecnt = sqlNumRows($res);
while ($row = sqlFetchArray($res)) {
$pid = $row['pid'];
$resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name']));
$table = $row['table_name'];
$cnt = 0;
foreach ($validtables as $value) {
//Update will execute if and only if all tables are validtables
if ($value == $table) {
$cnt++;
}
}
if ($cnt > 0) {
while ($rowfield = sqlFetchArray($resfield)) {
if ($table == 'patient_data') {
$newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'employer_data') {
$newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'insurance_data') {
$ins1_type = "primary";
$ins2_type = "secondary";
$ins3_type = "tertiary";
for ($i = 1; $i <= 3; $i++) {
$newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value'];
}
}
if ($table == 'openemr_postcalendar_events') {
$newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value'];
}
}
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($table == 'patient_data') {
$pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid));
$newdata['patient_data']['id'] = $pdrow['id'];
updatePatientData($pid, $newdata['patient_data']);
} elseif ($table == 'employer_data') {
updateEmployerData($pid, $newdata['employer_data']);
} elseif ($table == 'insurance_data') {
for ($i = 1; $i <= 3; $i++) {
newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment']));
}
} elseif ($table == 'openemr_postcalendar_events') {
sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')");
}
} else {
throw new SoapFault("Server", "Table Not Supported error message");
}
}
} else {
throw new SoapFault("Server", "credentials failed");
}
}
$newdata[$tblname][$colname] = $value;
}
updatePatientData($pid, $newdata['patient_data'], true);
updateEmployerData($pid, $newdata['employer_data'], true);
$i1dob = fixDate(formData("i1subscriber_DOB"));
$i1date = fixDate(formData("i1effective_date"));
// sqlStatement("unlock tables");
// end table lock
newHistoryData($pid);
newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment'));
$i2dob = fixDate(formData("i2subscriber_DOB"));
$i2date = fixDate(formData("i2effective_date"));
newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment'));
$i3dob = fixDate(formData("i3subscriber_DOB"));
$i3date = fixDate(formData("i3effective_date"));
newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment'));
?>
<html>
<body>
<script language="Javascript">
<?php
if ($alertmsg) {
echo "alert('{$alertmsg}');\n";
}
echo "window.location='{$rootdir}/patient_file/summary/demographics.php?" . "set_pid={$pid}&is_new=1';\n";
?>
</script>
</body>
</html>
function create_patient(&$medics, &$errors)
{
$alertmsg = "";
$patient_pid = get_patientid($medics);
$pubpid = trim($medics->pubpid);
// ID must be valid or 'NEWPATIENT'
if (empty($pubpid)) {
array_push($errors, "Patient ID '{$pubpid}' missing, patient skipped! ");
return $alertmsg;
}
if ($pubpid != 'NEWPATIENT') {
// 1. validate patient
$patient_pid = 0;
$query = "SELECT pid FROM patient_data WHERE pubpid LIKE '{$pubpid}'";
$res = sqlStatement($query);
$row = sqlFetchArray($res);
if ($row) {
$patient_pid = $row['pid'];
if (sqlFetchArray($res)) {
array_push($errors, "Patient ID '{$pubpid}' is ambiguous, patient skipped! ");
return $alertmsg;
} else {
// array_push( $errors, "Patient ID '$pubpid' exists, updates/new encounters only. ");
}
}
}
// 2. validate insurance provider - REMOVED
// 3. validate billing provider
$tmp = array();
$tmp = fetchProviderInfo($medics);
if (!array($tmp)) {
array_push($errors, "Provider '{$tmp}' not found, patient skipped!");
return $alertmsg;
}
$patient_provider_id = $tmp['id'];
$patient_provider_name = $tmp['username'];
$patient_provider_facility = $tmp['facility_id'];
// 4. get facility from // Move to function
$row = sqlQuery("SELECT id, name, pos_code FROM facility WHERE id = '{$patient_provider_facility}'");
if (!$row['id']) {
array_push($errors, "Facility '{$tmp}' not found, patient skipped! ");
return $alertmsg;
}
$patient_facility_id = $row['id'];
$patient_facility_name = $row['name'];
$patient_facility_pos = $row['pos_code'];
// 5. insert patient data
if (!$patient_pid) {
// Insert into patient_data.
//
$row = sqlQuery("SELECT max(pid)+1 AS pid FROM patient_data");
$patient_pid = $row['pid'] ? $row['pid'] : 1;
// Combine street lines
$patient_street = $medics->street . ' ' . $medics->street2;
// Build array
newPatientData('', '', form2db($medics->fname), form2db($medics->lname), form2db($medics->mname), sex($medics->sex), form2db($medics->dob), form2db($patient_street), '', '', '', form2db($medics->zip), form2db($medics->city), form2db($medics->state), '', '', '', form2db($medics->phone_home), form2db($medics->phone_alternate), '', '', '', '', '', '', '', form2db($medics->ethnicity), '', '', '', '', '', '0000-00-00 00:00:00', $patient_pid, $patient_pid, '', '', '', '', '', '', form2db($medics->hippa_notice), form2db($medics->hippa_notice), '', '', '', form2db($medics->hippa_notice), '', $dos = fixDate($medics->fromdate));
// Insert dummy row for employer_data.
newEmployerData($patient_pid);
// Update or Instest subscriber ins data
if ($medics->pubpid == 'NEWPATIENT' || !empty($medics->policy_id)) {
newInsuranceData($patient_pid, 'primary', $insurance_company_id, form2db($medics->policy_id), '', '', form2db($medics->lname), form2db($medics->mname), form2db($medics->fname), 'self', '', fixDate($medics->dob), form2db($medics->street), form2db($medics->zip), form2db($medics->city), form2db($medics->state), '', form2db($medics->phone_home), '', '', '', '', '', '', '', sex($medics->sex), fixDate($medics->eff_date));
}
$tmp = $medics->lname . ',' . $medics->fname;
$alertmsg .= "New Patient Added: '{$patient_pid}' / '{$tmp}' <br>\n";
}
$medics->pid = $patient_pid;
$history = array('history_father' => form2db($medics->familyinformation->father), 'history_mother' => form2db($medics->familyinformation->mother), 'history_spouse' => form2db($medics->familyinformation->spouse), 'history_siblings' => form2db($medics->familyinformation->siblings), 'history_offspring' => form2db($medics->familyinformation->offspring), 'relatives_cancer' => form2db($medics->medical->relativesexperience->cancer), 'relatives_tuberculosis' => form2db($medics->medical->relativesexperience->tuberculosis), 'relatives_diabetes' => form2db($medics->medical->relativesexperience->diabetes), 'relatives_high_blood_pressure' => form2db($medics->medical->relativesexperience->highbloodpressure), 'relatives_heart_problems' => form2db($medics->medical->relativesexperience->heartproblems), 'relatives_stroke' => form2db($medics->medical->relativesexperience->stroke), 'relatives_epilepsy' => form2db($medics->medical->relativesexperience->epilepsy), 'relatives_mental_illness' => form2db($medics->medical->relativesexperience->mentalillness), 'relatives_suicide' => form2db($medics->medical->relativesexperience->suicide), 'usertext12' => form2db($medics->medical->relativesexperience->other), 'coffee' => form2db($medics->medical->lifestyleusage->coffee), 'tobacco' => form2db($medics->medical->lifestyleusage->tobacco), 'alcohol' => form2db($medics->medical->lifestyleusage->alcohol), 'sleep_patterns' => form2db($medics->medical->lifestyleusage->sleep), 'exercise_patterns' => form2db($medics->medical->lifestyleusage->exercise), 'seatbelt_use' => form2db($medics->medical->lifestyleusage->seatbelt), 'counseling' => form2db($medics->medical->lifestyleusage->counseling), 'hazardous_activities' => form2db($medics->medical->lifestyleusage->hazardactivities), 'usertext13' => form2db($medics->medical->lifestyleusage->urinaryincontinence), 'usertext14' => form2db($medics->medical->lifestyleusage->fallhistory), 'additional_history' => form2db($medics->medical->lifestyleusage->other) . " " . form2db($medics->medical->lifestyleusage->generalnotes));
// Insert/Update into history_data.
if ($medics->pubpid == 'NEWPATIENT') {
newHistoryData($patient_pid, $history);
} else {
updateHistoryData($patient_pid, $history);
}
// Add or Update History data
add_update_history($medics, $patient_pid, $errors);
// Create or update an issue for each historical medication.
//
foreach ($medics->medical->medications->medication as $medication) {
if (isempty($medication->name)) {
continue;
}
$meds = array();
$meds['title'] = form2db($medication->name);
$meds['dosage'] = form2db($medication->dosage);
$meds['frequency'] = form2db($medication->frequency);
$meds['duration'] = form2db($medication->duration);
// TBD does not exsist in MEDICS
$meds['id'] = form2db($medication->id);
if (!isempty($meds['id'])) {
$row = sqlQuery("SELECT id FROM lists WHERE id = " . $meds['id']);
if (!$row) {
create_issue($patient_pid, 'medication', $meds);
} else {
update_issue($patient_pid, 'medication', $meds);
}
} else {
create_issue($patient_pid, 'medication', $meds);
}
}
return $alertmsg;
}
function setInsurance($pid, $ainsurance, $asubscriber, $seq)
{
$iwhich = $seq == '2' ? "secondary" : ($seq == '3' ? "tertiary" : "primary");
newInsuranceData($pid, $iwhich, $ainsurance["provider{$seq}"], $ainsurance["policy{$seq}"], $ainsurance["group{$seq}"], $ainsurance["name{$seq}"], $asubscriber["lname{$seq}"], $asubscriber["mname{$seq}"], $asubscriber["fname{$seq}"], $asubscriber["relationship{$seq}"], $asubscriber["ss{$seq}"], fixDate($asubscriber["dob{$seq}"]), $asubscriber["street{$seq}"], $asubscriber["zip{$seq}"], $asubscriber["city{$seq}"], $asubscriber["state{$seq}"], $asubscriber["country{$seq}"], $asubscriber["phone{$seq}"], $asubscriber["employer{$seq}"], $asubscriber["employer_street{$seq}"], $asubscriber["employer_city{$seq}"], $asubscriber["employer_zip{$seq}"], $asubscriber["employer_state{$seq}"], $asubscriber["employer_country{$seq}"], $ainsurance["copay{$seq}"], $asubscriber["sex{$seq}"]);
}
public function update_audited_data($var)
{
$data_credentials = $var[0];
$last_insert_ids = array();
$validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events", "ar_session", "documents_legal_master", "documents_legal_detail", "patient_access_offsite");
if (UserService::valid($data_credentials)) {
$audit_master_id = $var['audit_master_id'];
$res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=? ORDER BY ad.id", array($audit_master_id));
$tablecnt = sqlNumRows($res);
while ($row = sqlFetchArray($res)) {
if ($row['pid']) {
$pid = $row['pid'];
}
$resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name']));
$table = $row['table_name'];
$cnt = 0;
foreach ($validtables as $value) {
//Update will execute if and only if all tables are validtables
if ($value == $table) {
$cnt++;
}
}
if ($cnt > 0) {
while ($rowfield = sqlFetchArray($resfield)) {
if ($rowfield['field_name'] == 'pid') {
continue;
}
if ($table == 'patient_data') {
$newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'employer_data') {
$newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'insurance_data') {
$ins1_type = "primary";
$ins2_type = "secondary";
$ins3_type = "tertiary";
for ($i = 1; $i <= 3; $i++) {
$newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value'];
}
}
if ($table == 'openemr_postcalendar_events') {
$newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'ar_session') {
$newdata['ar_session'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'documents_legal_master') {
$newdata['documents_legal_master'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'documents_legal_detail') {
$newdata['documents_legal_detail'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'patient_access_offsite') {
$newdata['patient_access_offsite'][$rowfield['field_name']] = $rowfield['field_value'];
if ($rowfield['field_name'] == 'portal_pwd') {
$newdata['patient_access_offsite']['pass_id'] = $rowfield['id'];
}
}
}
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($table == 'patient_data') {
$pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid));
if ($pdrow['id']) {
$newdata['patient_data']['id'] = $pdrow['id'];
updatePatientData($pid, $newdata['patient_data']);
} else {
$prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
$pid = $prow['pid'];
$newdata['patient_data']['pubpid'] = $pid;
updatePatientData($pid, $newdata['patient_data'], true);
}
} elseif ($table == 'employer_data') {
updateEmployerData($pid, $newdata['employer_data']);
} elseif ($table == 'insurance_data') {
for ($i = 1; $i <= 3; $i++) {
newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment']));
}
} elseif ($table == 'openemr_postcalendar_events') {
sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')");
} elseif ($table == 'ar_session') {
sqlInsert("INSERT INTO ar_session ( " . "payer_id, user_id, reference, check_date, pay_total, modified_time, payment_type, description, post_to_date, patient_id, payment_method" . ") VALUES ( " . "'" . add_escape_custom($newdata['ar_session']['payer_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['user_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['reference']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['pay_total']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['payment_type']) . "', " . "'" . add_escape_custom($newdata['ar_session']['description']) . "', " . "NOW(), " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['ar_session']['payment_method']) . "')");
} elseif ($table == 'documents_legal_master') {
$master_doc_id = sqlInsert("INSERT INTO documents_legal_master ( " . "dlm_category,dlm_subcategory,dlm_document_name,dlm_filepath,dlm_facility,dlm_provider,dlm_sign_height,dlm_sign_width,dlm_filename,dlm_effective_date,dlm_version,content,dlm_savedsign,dlm_review,dlm_upload_type" . ") VALUES ( " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_category']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_subcategory']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_document_name']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filepath'] . "/{$pid}") . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_height']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_width']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_effective_date']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_version']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_savedsign']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_review']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_upload_type']) . "')");
$last_insert_ids['dlm_id'] = $master_doc_id;
} elseif ($table == 'documents_legal_detail') {
if ($master_doc_id) {
$mdoc_id = $master_doc_id;
} else {
$mdoc_id = $newdata['documents_legal_detail']['dld_master_docid'];
}
$last_insert_ids['dld_id'] = sqlInsert("INSERT INTO documents_legal_detail ( " . "dld_pid,dld_facility,dld_provider,dld_encounter,dld_master_docid,dld_signed,dld_signed_time,dld_filepath,dld_filename,dld_signing_person,dld_sign_level,dld_content,dld_file_for_pdf_generation,dld_denial_reason,dld_moved,dld_patient_comments" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_encounter']) . "', " . "'" . add_escape_custom($mdoc_id) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed_time']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filepath']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signing_person']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_sign_level']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_file_for_pdf_generation']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_denial_reason']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_moved']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_patient_comments']) . "')");
} elseif ($table == 'patient_access_offsite') {
$query = sqlStatement("SELECT * FROM patient_access_offsite WHERE portal_username = '******'patient_access_offsite']['portal_username'] . "'");
if (sqlNumRows($query) == 0) {
sqlInsert("INSERT INTO patient_access_offsite ( " . "pid,portal_username,portal_pwd,portal_pwd_status" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_username']) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_pwd']) . "', " . "0)");
sqlQuery("UPDATE audit_details SET field_value = ? WHERE id = ?", array($this->generatePassword(), $newdata['patient_access_offsite']['pass_id']));
}
}
} else {
throw new SoapFault("Server", "Table Not Supported error message");
}
}
return $last_insert_ids;
} else {
throw new SoapFault("Server", "credentials failed");
}
}
