$_SESSION['error'] = "An error has occurred, please try again.";
}
} else {
$_SESSION['error'] = "Your search returned no patients, please try again.";
}
} else {
if (isset($_POST['searchpt-link_id'])) {
// Gets the offered link id
$linkid = $_POST['searchpt-link_id'];
// Searches the link table to ensure it is a real one
$sql = "SELECT link.id AS id, core.centre_id AS centre_id, centre.country_id FROM link \n LEFT JOIN core ON link.core_id = core.id \n\t\t\t\tLEFT JOIN centre ON core.centre_id = centre.id \n WHERE link.id = ?";
$pA = array('i', $linkid);
$result = DB::query($sql, $pA);
if ($result->getRows()) {
$userCentre = new Centre($user->getCentre());
if ($user->isCentralAdmin() || $user->isRegionalAdmin() && $userCentre->get('country_id') == $result->country_id || $result->centre_id == $user->getCentre()) {
$link_id = $result->id;
} else {
$_SESSION['error'] = "You cannot access patients from other centres.";
}
} else {
$_SESSION['error'] = "Provided record ID not found, please try again.";
}
} else {
$_SESSION['error'] = "As error has occurred, please try again.";
}
}
if (isset($link_id)) {
$sql = "SELECT studygroup FROM core LEFT JOIN link ON core.id = link.core_id WHERE link.id = ?";
$pA = array('i', $link_id);
$result = DB::query($sql, $pA);
<?php
$sql = "SELECT v.id as vid, d.option_text as centre_name, a.link_id, c.trialid, v.active, CONCAT(user.forename,' ',user.surname) as full_name, privilege.option_text as privilege_name FROM violation v \nLEFT JOIN violationlink a ON v.id = a.violation_id \nLEFT JOIN link b ON a.link_id = b.id \nLEFT JOIN core c ON b.core_id = c.id\nLEFT JOIN centre d ON c.centre_id = d.id\nLEFT JOIN violationAudit ON v.id = violationAudit.table_id\nLEFT JOIN user on violationAudit.user_id = user.id\nLEFT JOIN privilege ON user.privilege_id = privilege.option_value\nWHERE v.active = 1\nAND violationAudit.field='violationdesc'";
if ($user->isCentralAdmin()) {
$sql .= " GROUP BY a.link_id ORDER BY active";
$result = DB::query($sql);
} elseif ($user->isRegionalAdmin()) {
$sql .= " AND country_id = ?";
$sql .= " GROUP BY a.link_id";
$centre = new Centre($user->getCentre());
$pA = array('i', $centre->get('country_id'));
$result = DB::query($sql, $pA);
} else {
$sql .= " AND centre_id = ?";
$sql .= " GROUP BY a.link_id";
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
}
if ($result->getRows()) {
echo "<div class=\"container well\" style=\"background-color:#FFFFFF;\">";
echo "<h3>Protocol deviations</h3>";
if ($user->isCentralAdmin()) {
echo "<h5>If you wish to remove a protocol deviation form then please select and click 'Delete' - the form will be stored for audit purposes.</h5>";
echo "<form action=\"process.php\" method=\"POST\">";
}
echo '<table class="table table-striped table-bordered table-hover dataTable"><thead>';
echo '<tr><th scope="col">Centre</th><th scope="col">' . Config::get('idName') . '</th><th scope="col">Deviation</th>';
echo '<th scope="col">Description</th><th scope="col">Reported time</th><th scope="col">Reported by</th>';
if ($user->isCentralAdmin()) {
echo '<th>Select</th>';
}
<?php
$showSearch = true;
if (isset($_POST['centreSelect']) && is_numeric($_POST['centreSelect'])) {
$centreEdit = new Centre($_POST['centreSelect']);
if ($centreEdit->get('name') && ($centreEdit->getCountry() == $user->getCountry() || $user->isCentralAdmin())) {
$showSearch = false;
echo "<h4>Edit the centre below</h4>";
$form = new HTMLForm('process.php', 'post');
$fields = $trial->getFormFields($page);
$form->processFields($fields, $centreEdit);
if ($user->isCentralAdmin()) {
$sql = "SELECT units.number, units.name FROM units WHERE number IN ( SELECT number FROM formFields\n LEFT JOIN units ON units.number=formFields.fieldname\n GROUP BY units.number )\n GROUP BY units.number\n HAVING count(units.number)>1";
$numbers = DB::cleanQuery($sql);
if ($numbers->getRows()) {
$defUnits = $centreEdit->getUnits();
foreach ($numbers->rows as $row) {
$input = $form->addInput('select', "units[{$row->number}]");
$input->addLabel("Units for {$row->name}");
$sql = "SELECT id, unit FROM units\n WHERE number = ?\n ORDER BY unitorder";
$pA = array('s', $row->number);
$units = DB::cleanQuery($sql, $pA);
$options = array();
foreach ($units->rows as $unitRow) {
$options[$unitRow->id] = $unitRow->unit;
}
$input->addOption($options, true);
if (isset($defUnits[$row->number])) {
$input->addValue($defUnits[$row->number]['units_id']);
}
$input->setMand();
function write_search_table($type, $acc = false, $active = false, $centre = NULL)
{
$user = $_SESSION['user'];
$pA = array();
// Central admin and above allowed to see whole dataset, local users just local // WHen this is moved, remember to fix it!
switch ($type) {
case 'yourcrfs':
$caption = "Your CRFs";
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id \n WHERE firstuser = ?";
$pA = array('i', $user->getID());
$result = DB::query($sql, $pA);
break;
case 'sitecrfs':
$caption = "All CRFs entered by your site";
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n\t\t\t\t\tcentre.id AS centre_id,\n\t\t\t\t\tMIN( DATE(coreAudit.time) ) AS time_entered\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id\n\t\t\t\t\tLEFT JOIN coreAudit ON coreAudit.table_id = core.id\n WHERE centre.id = ? AND core.studygroup IS NOT NULL AND link.discontinue_id IS NULL\n GROUP BY link.id";
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
break;
case 'siteunsigncrfs':
$caption = "Completed CRFs for you to sign";
$none = 'There are no unflagged CRFs for you to sign';
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n link.comment AS comment\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id \n LEFT JOIN flag ON link.id = flag.link_id \n WHERE centre.id = ? \n AND presigned = 1 \n AND signed = 0\n AND ( link.comment IS NULL OR link.comment = '' ) \n AND flag.id IS NULL";
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
break;
case 'siteflaggedcrfs':
$caption = "Completed CRFs that have been flagged as requiring checking before signing";
$none = 'There are no flagged CRFs for you to sign';
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n link.comment AS comment\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id \n LEFT JOIN flag ON link.id = flag.link_id \n WHERE centre.id = ? \n AND presigned = 1 \n AND signed = 0\n AND (( link.comment IS NOT NULL AND link.comment != '' ) \n OR flag.id IS NOT NULL )\n GROUP BY link.id";
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
break;
case 'signedandflagged':
$caption = "Signed CRFs that are flagged as having incomplete data";
$none = 'There are no signed and flagged CRFs';
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n link.comment AS comment\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id \n LEFT JOIN flag ON link.id = flag.link_id \n WHERE signed = 1\n AND ignored = 0\n AND (( link.comment IS NOT NULL AND link.comment != '' ) \n OR flag.id IS NOT NULL )";
if ($user->isRegional()) {
$sql .= " AND centre.id = ?";
}
$sql .= " GROUP BY link.id";
if ($user->isRegional()) {
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
} else {
$result = DB::query($sql);
}
break;
case 'incompletecrfs':
$caption = "Incomplete CRFs from your site";
$none = 'There are no incomplete CRFs from your site';
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id \n WHERE centre.id = ? AND \n presigned = 0";
$pA = array('i', $user->getCentre());
$result = DB::query($sql, $pA);
break;
case 'countrycrfs':
if (!($user->isCentralAdmin() || $user->isRegionalAdmin())) {
exit('Please select another option');
}
$caption = "All CRFs from your country";
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n country.name AS country,\n\t\t\t\t\tcentre.id AS centre_id,\n\t\t\t\t\tMIN( DATE(coreAudit.time) ) AS time_entered\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id\n INNER JOIN country ON centre.country_id = country.id\n LEFT JOIN coreAudit ON coreAudit.table_id = core.id\n\t\t\t\tWHERE country.id = ? AND core.studygroup IS NOT NULL AND link.discontinue_id IS NULL\n\t\t\t\tGROUP BY link.id";
$centre = new Centre($user->getCentre());
$pA = array('i', $centre->get('country_id'));
$result = DB::query($sql, $pA);
break;
case 'all':
if (!$user->isCentralAdmin()) {
exit('Please select another option');
}
$caption = "All CRFs";
if ($centre) {
$caption .= " from centre {$centre}";
}
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned,\n link.lastmod AS lastmod,\n country.name AS country,\n\t\t\t\t\tcentre.id AS centre_id,\n\t\t\t\t\tMIN( coreAudit.time ) AS time_entered\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id\n INNER JOIN country ON centre.country_id = country.id\n LEFT JOIN coreAudit ON coreAudit.table_id = core.id ";
if ($centre) {
$sql .= "WHERE centre.id = ? AND link.discontinue_id IS NULL ";
$sql .= "GROUP BY link.id";
$pA = array('i', $centre);
$result = DB::query($sql, $pA);
} else {
$sql .= "WHERE link.discontinue_id IS NULL GROUP BY link.id";
$result = DB::query($sql);
}
break;
}
if ($type == 'recent') {
$sql = "SELECT link.id AS link_id, \n\t\t\t\t\tcentre.name AS name, \n\t\t\t\t\tcore.trialid AS trialid, \n\t\t\t\t\tlink.signed AS signed,\n link.presigned AS presigned\n\t\t\t\tFROM link \n\t\t\t\t\tINNER JOIN core ON link.core_id = core.id \n\t\t\t\t\tINNER JOIN centre ON core.centre_id = centre.id ";
switch ($user->getPrivilege()) {
case 10:
$sql .= "WHERE centre_id=" . DB::clean($user->getCentre()) . " ";
break;
case 15:
$sql .= "WHERE centre_id=" . DB::clean($user->getCentre()) . " AND signed = 0 ";
break;
}
$sql .= "ORDER BY lastmod DESC, centre_id \n\t\t\t\t\t\tLIMIT 0, 10";
$caption = 'Recently entered patients';
} elseif ($type == 'unsigned') {
$sql = "SELECT *, link.id AS link_id FROM link INNER JOIN core ON link.core_id = core.id INNER JOIN centre ON core.centre_id = centre.id WHERE centre_id=" . DB::clean($user->getCentre()) . " AND signed = 0 ORDER BY lastmod DESC, centre_id";
$caption = 'Incomplete CRFs from your site (max 10)';
$none = 'No incomplete CRFs found';
} elseif ($type == 'signedsite') {
$sql = "SELECT *, link.id AS link_id FROM link INNER JOIN core ON link.core_id = core.id INNER JOIN centre ON core.centre_id = centre.id WHERE centre_id=" . DB::clean($user->getCentre()) . " AND signed = 1 ORDER BY lastmod DESC, centre_id";
$caption = 'Unflagged CRFs for you to sign (max 10)';
$none = 'No unflagged CRFs for you to sign found';
} elseif ($type == 'unsigneduser') {
$sql = "SELECT *, link.id AS link_id FROM link INNER JOIN core ON link.core_id = core.id INNER JOIN centre ON core.centre_id = centre.id WHERE centre_id=" . DB::clean($user->getCentre()) . " AND signed = 0 AND firstuser = "******" ORDER BY lastmod DESC, centre.id";
$caption = 'Your incomplete CRFs (max 10)';
$none = 'No incomplete CRFs of yours found';
} elseif ($type == 'flagged') {
$sql = "SELECT *, link.id AS link_id, COUNT( flag.id ) AS name FROM flag LEFT JOIN link ON flag.link_id = link.id INNER JOIN core ON core.id = link.core_id WHERE core.centre_id = " . DB::clean($user->getCentre()) . " AND signed = 1 GROUP BY link.id ORDER BY lastmod DESC";
$caption = 'Flagged CRFs from your site (max 10)';
$none = 'No flagged CRFs for you to sign found';
}
// $result = DB::query( $sql );
if ($result->getRows()) {
echo "<div class=\"container well\" style=\"background-color:#FFFFFF;\">";
if ($acc) {
echo "<div class=\"accordion-group\">";
echo "<div class=\"accordion-heading\">";
if ($active) {
$class = 'active';
$collapse = 'in';
} else {
$collapse = $class = '';
}
echo "<a class=\"accordion-toggle {$class}\" data-toggle=\"collapse\" data-parent=\"#{$acc}\" href=\"#{$type}\">";
echo $caption;
echo "</a>";
echo "</div>\n";
echo "<div id=\"{$type}\" class=\"accordion-body collapse {$collapse}\">";
echo "<div class=\"accordion-inner\">";
} else {
echo "<h3>{$caption}</h3>";
}
echo "<p>Click on any heading to sort by that field.</p>";
echo '<form class="nomand" action="process.php" method="post">';
ob_start();
echo '<table id="searchTable';
if ($type == 'all') {
echo "All";
}
echo '" class="table table-striped table-bordered table-hover"><thead><tr><th scope="col">' . Config::get('idName') . '</th><th scope="col">Centre</th>';
if ($type == 'all') {
echo '<th scope="col">Country</th>';
}
echo '<th scope="col">Date Entered</th><th scope="col">Completed?</th><th scope="col">Signed?</th><th scope="col">Action</th><th scope="col">Last modified</th></tr></thead>';
echo "<tbody>\n";
for ($i = 0; $i < $result->num_rows; $i++) {
echo '<tr class="clickable"><td>', HTML::clean($result->rows[$i]->trialid), '</td><td>', HTML::clean($result->rows[$i]->name), '</td>';
if ($type == 'all') {
echo "<td>{$result->rows[$i]->country}</td>";
}
echo "<td>{$result->rows[$i]->time_entered}</td>";
echo '<td>';
echo $result->rows[$i]->presigned == 1 ? 'Yes' : 'No';
echo '</td><td >';
echo $result->rows[$i]->signed == 1 ? 'Yes' : 'No';
echo '</td><td class="clickable">';
$link_id = HTML::clean($result->rows[$i]->link_id);
echo '<input class="radio" type="radio" name="searchpt-link_id" value="', $link_id, '" />';
echo '      ';
echo '<select class="action-', $link_id, '" name="searchpt-action" disabled>';
echo '<option>No action</option>';
if (!$result->rows[$i]->signed) {
if ($user->isCentralAdmin() || $user->getCentre() == $result->rows[$i]->centre_id) {
echo '<option value="data">Enter data</option>';
echo '<option value="ae">Record an adverse event</option>';
echo '<option value="withdraw">Withdraw a patient</option>';
echo '<option value="violation">Record a protocol deviation</option>';
} elseif ($user->isRegionalAdmin()) {
echo '<option value="data">View record</option>';
}
} else {
echo '<option value="data">View record</option>';
if ($user->canUnsign() && ($user->isCentralAdmin() || $user->getCentre() == $result->rows[$i]->centre_id)) {
echo '<option value="unsign">Unsign and edit record</option>';
}
}
echo '</select>';
echo '</td><td>';
echo HTML::clean($result->rows[$i]->lastmod);
echo '</td></tr>';
echo "\n";
}
echo '</tbody></table><p>';
echo "<input type=\"hidden\" name=\"page\" value=\"searchpt\">";
if ($type == 'siteunsigncrfs') {
echo "<input type=\"hidden\" name=\"sign\" value =\"1\">";
}
$_SESSION['csrfToken'] = $token = base64_encode(openssl_random_pseudo_bytes(32));
echo "<input type=\"hidden\" name=\"csrfToken\" value=\"{$token}\"/>";
echo "<div class=\"form-actions\">\n <button type=\"submit\" class=\"btn btn-primary\">Select</button>\n </div>";
ob_end_flush();
echo '</form>';
if ($acc) {
echo "</div>\n";
echo "</div>\n";
echo "</div>\n";
}
echo "</div>";
} else {
if (isset($none)) {
echo "<h3>{$none}</h3>";
} else {
echo "<h3>No records found.</h3>";
}
}
}