function insertPhIS($con, $id)
{
$phisDataSQL = "SELECT ID, patientName, patientMrn, patientIdno, patientIdType, patientDateOfBirth, patientAge, \n\tpatientGender, patientRace, patientNationality, patientPregnancyStatus, patientPregnancyGestationPeriod, \n\tpatientAllergicStatus, patientAllergicDescription, ptjCode, facilityID, facilityName, adrNo, adverseReactionDesc, \n\tdateOfReaction, timeOnsetReaction, reactionUnit, treatAdvReaction, adrOutcome, drugRelationship, \n\textentOfReaction, reactionSubsided, reactionReappear, adrCategory, additionalinfo, seriousness, \n\tseriousnessCriteria, dateOfDeath, causeOfDeath, wasAutopsyDone, autopsyCauseDeath, investigationLabData, \n\tmedicalHistory, remarks, reporterName, reporterDesignation, reporterState, reporterFacility, reporterDepartment, \n\treporterEmail, reporterAddress, dateOfReport, confirmFlag, reporterContactNumber, reporterMobileNumber, verifiedBy, \n\tskinReaction, acneiform, alopecia, erythemaMultiforme, erythemaNodosum, fixedDrugEruption, maculoPapularRash, \n\tphotosensitivity, pigmentaryChanges, pruritusOnly, purpura, toxicEpidermalNecrolysis, stevensJhonsonSynd, \n\turticaria, angioadema, vasculitis, vesiculobullousReaction, other, bodyAffect, mStatus, receiveDate\n\tFROM phisdata WHERE ID = '{$id}'";
$phisRes = $con->query($phisDataSQL);
if ($phisRes) {
if ($phisRes->num_rows > 0) {
$formID = "12345678";
$dataSql = "INSERT INTO adrdata SET adrFormID = '{$formID}', ";
$detailSql = "INSERT INTO adrdetail SET adrFormID = '{$formID}', ";
$drugSql = "INSERT INTO adr_druglist SET adrFormID = '{$formID}', ";
$phis = $phisRes->fetch_assoc();
// $dataSql .= "ptName = '".mysqli_real_escape_string($con, $phis['patientName'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['patientMrn'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['patientIdno'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['patientIdType'])."', ";
$dataSql .= "ptDOB = '" . mysqli_real_escape_string($con, $phis['patientDateOfBirth']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['patientAge'])."', ";
$phis['patientGender'] = convertGender($phis['patientGender']);
$dataSql .= "sex = '" . mysqli_real_escape_string($con, $phis['patientGender']) . "', ";
$phis['patientRace'] = convertRace($phis['patientRace']);
$dataSql .= "ethnic = '" . mysqli_real_escape_string($con, $phis['patientRace']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['patientNationality'])."', ";
$phis['patientPregnancyStatus'] = convertYesNo($phis['patientPregnancyStatus']);
$dataSql .= "pregnancyStat = '" . mysqli_real_escape_string($con, $phis['patientPregnancyStatus']) . "', ";
$dataSql .= "gesPer = '" . mysqli_real_escape_string($con, $phis['patientPregnancyGestationPeriod']) . "', ";
${$phis}['patientAllergicStatus'] = convertYesNo($phis['patientAllergicStatus']);
$dataSql .= "allergyStat = '" . mysqli_real_escape_string($con, $phis['patientAllergicStatus']) . "', ";
$dataSql .= "allergyText = '" . mysqli_real_escape_string($con, $phis['patientAllergicDescription']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['ptjCode'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['facilityID'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['facilityName'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['adrNo'])."', ";
$detailSql .= "AdrDesc = '" . mysqli_real_escape_string($con, $phis['adverseReactionDesc']) . "', ";
$detailSql .= "Adr_onsetDate = '" . mysqli_real_escape_string($con, $phis['dateOfReaction']) . "', ";
$detailSql .= "Adr_Dur = '" . mysqli_real_escape_string($con, $phis['timeOnsetReaction']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['reactionUnit'])."', ";
$detailSql .= "Adr_treat = '" . mysqli_real_escape_string($con, $phis['treatAdvReaction']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['adrOutcome'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['drugRelationship'])."', ";
$phis['extentOfReaction'] = convertExtent($phis['extentOfReaction']);
$detailSql .= "Adr_Extent = '" . mysqli_real_escape_string($con, $phis['extentOfReaction']) . "', ";
$phis['reactionSubsided'] = convertYesNo($phis['reactionSubsided']);
$drugSql .= "subsided = '" . mysqli_real_escape_string($con, $phis['reactionSubsided']) . "', ";
$phis['reactionReappear'] = convertYesNo($phis['reactionReappear']);
$drugSql .= "reappear = '" . mysqli_real_escape_string($con, $phis['reactionReappear']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['adrCategory'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['additionalinfo'])."', ";
$phis['seriousness'] = convertYesNo($phis['seriousness']);
$detailSql .= "seriousness = '" . mysqli_real_escape_string($con, $phis['seriousness']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['seriousnessCriteria'])."', ";
$detailSql .= "Adr_dateofDeath = '" . mysqli_real_escape_string($con, $phis['dateOfDeath']) . "', ";
$detailSql .= "Adr_causeofDeath = '" . mysqli_real_escape_string($con, $phis['causeOfDeath']) . "', ";
$phis['wasAutopsyDone'] = convertYesNo($phis['wasAutopsyDone']);
$detailSql .= "Adr_autopsyyesno = '" . mysqli_real_escape_string($con, $phis['wasAutopsyDone']) . "', ";
$detailSql .= "Adr_detDeath = '" . mysqli_real_escape_string($con, $phis['autopsyCauseDeath']) . "', ";
$dataSql .= "lab_data = '" . mysqli_real_escape_string($con, $phis['investigationLabData']) . "', ";
$dataSql .= "history = '" . mysqli_real_escape_string($con, $phis['medicalHistory']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['remarks'])."', ";
$dataSql .= "reporter_name = '" . mysqli_real_escape_string($con, $phis['reporterName']) . "', ";
$dataSql .= "desig = '" . mysqli_real_escape_string($con, $phis['reporterDesignation']) . "', ";
$dataSql .= "reporter_state = '" . mysqli_real_escape_string($con, $phis['reporterState']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['reporterFacility'])."', ";
$dataSql .= "reporter_dept = '" . mysqli_real_escape_string($con, $phis['reporterDepartment']) . "', ";
$dataSql .= "reporter_email = '" . mysqli_real_escape_string($con, $phis['reporterEmail']) . "', ";
$dataSql .= "reporter_address = '" . mysqli_real_escape_string($con, $phis['reporterAddress']) . "', ";
$dataSql .= "report_date = '" . mysqli_real_escape_string($con, $phis['dateOfReport']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['confirmFlag'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['reporterContactNumber'])."', ";
$dataSql .= "reporter_telno = '" . mysqli_real_escape_string($con, $phis['reporterMobileNumber']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['verifiedBy'])."', ";
$phis['skinReaction'] = convertYesNo($phis['skinReaction']);
$detailSql .= "AdrSkinReactYesNo = '" . mysqli_real_escape_string($con, $phis['skinReaction']) . "', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['acneiform'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['alopecia'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['erythemaMultiforme'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['erythemaNodosum'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['fixedDrugEruption'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['maculoPapularRash'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['photosensitivity'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['pigmentaryChanges'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['pruritusOnly'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['purpura'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['toxicEpidermalNecrolysis'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['stevensJhonsonSynd'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['urticaria'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['angioadema'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['vasculitis'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['vesiculobullousReaction'])."', ";
// $dataSql .= "xxxxx = '".mysqli_real_escape_string($con, $phis['other'])."', ";
$detailSql .= "AdrBodyPart = '" . mysqli_real_escape_string($con, $phis['bodyAffect']) . "', ";
// echo "$dataSql";
// echo(str_replace("\'", "", $dataSql));
// echo "$detailSql";
}
}
}
if (!isset($_GET['token']) or !is_valid_token($_GET['token'])) {
die("Valid token required");
}
$token = $_GET['token'];
$patient_id = get_patient_id_from_token($token);
$slot_id = get_slot_id_from_token($token);
/*------------------------------------------------------------------------------
* Step 1: Collect our POST variables into PHP variables for readability.
* We will perform data validation with helper functions.
* Pay careful attention to variables which have bounds
* As well as date parsing. SQL date convention is: YYYY-MM-DD
* As well as Yes/No or True/False responses. SQL convention dictates we
* store such information as CHAR(1): 'Y' or 'N'.
*/
// Convert Yes or No to Y or N
$has_pain_now = convertYesNo($_POST['has_pain']);
$month = clean($_POST['month']);
$day = clean($_POST['day']);
$year = clean($_POST['year']);
$date = sql_friendly_date($month . '/' . $day . '/' . $year);
// Give date like 02/28/2015 and convert to SQL friendly date
if (!isReasonableYear($year)) {
die("Please enter a reasonable year, {$year} is not reasonable.");
}
$activity_onset_pain = clean($_POST['activity']);
$pain_right_now = clean($_POST['pain_right_now']);
$pain_at_worst = clean($_POST['pain_at_worst']);
$pain_at_best = clean($_POST['pain_at_best']);
$pain_on_average = clean($_POST['pain_on_average']);
$makes_pain_worse = clean($_POST['makes_pain_worse']);
$makes_pain_better = clean($_POST['makes_pain_better']);
