include_once "../../globals.php";
include_once "../../../library/api.inc";
include_once "../../../library/forms.inc";
include_once "../../../library/sql.inc";
include_once "./content_parser.php";
include_once "../../../library/formdata.inc.php";
if ($_GET["mode"] == "delete") {
foreach ($_POST as $key => $val) {
if (substr($key, 0, 3) == 'ch_' and $val = 'on') {
$id = substr($key, 3);
if ($_POST['delete']) {
sqlInsert("delete from " . mitigateSqlTableUpperCase("form_CAMOS") . " where id={$id}");
sqlInsert("delete from forms where form_name like 'CAMOS%' and form_id={$id}");
}
if ($_POST['update']) {
// Replace the placeholders before saving the form. This was changed in version 4.0. Previous to this, placeholders
// were submitted into the database and converted when viewing. All new notes will now have placeholders converted
// before being submitted to the database. Will also continue to support placeholder conversion on report
// views to support notes within database that still contain placeholders (ie. notes that were created previous to
// version 4.0).
$content = strip_escape_custom($_POST['textarea_' . ${id}]);
$content = add_escape_custom(replace($pid, $encounter, $content));
sqlInsert("update " . mitigateSqlTableUpperCase("form_CAMOS") . " set content='{$content}' where id={$id}");
}
}
}
}
$_SESSION["encounter"] = $encounter;
formHeader("Redirecting....");
formJump();
formFooter();
if ($postfix == 0) {
$insert_value = $value;
}
$statement = sqlStatement("select id from " . mitigateSqlTableUpperCase("form_CAMOS_item") . " where item like \"{$insert_value}\" " . "and subcategory_id = {$subcategory_id}");
if ($result = sqlFetchArray($statement)) {
$item_id = $result['id'];
}
} elseif ($mode == 'content') {
$statement = sqlStatement("select content from " . mitigateSqlTableUpperCase("form_CAMOS_item") . " where id = " . $item_id);
if ($result = sqlFetchArray($statement)) {
//$content = "/*old*/\n\n".$result['content']."\n\n/*new*/\n\n$value";
$content = $value;
} else {
$content = $value;
}
$query = "UPDATE " . mitigateSqlTableUpperCase("form_CAMOS_item") . " set content = \"{$content}\" where id = " . $item_id;
sqlInsert($query);
}
}
}
fclose($handle);
}
}
?>
<html>
<head>
<title>
admin
</title>
</head>
<body>
?>
'>
<?php
}
?>
<input type=submit name='print_html' value='<?php
xl('Print (HTML)', 'e');
?>
'>
<?php
//check if an encounter is set
if ($_SESSION['encounter'] == NULL) {
$query = sqlStatement("select x.id as id, x.category, x.subcategory, x.item from " . mitigateSqlTableUpperCase("form_CAMOS") . " as x join forms as y on (x.id = y.form_id) " . "where y.pid = " . $_SESSION['pid'] . " and y.form_name like 'CAMOS%'" . " and x.activity = 1");
} else {
$query = sqlStatement("select x.id as id, x.category, x.subcategory, x.item from " . mitigateSqlTableUpperCase("form_CAMOS") . " as x join forms as y on (x.id = y.form_id) " . "where y.encounter = " . $_SESSION['encounter'] . " and y.pid = " . $_SESSION['pid'] . " and y.form_name like 'CAMOS%'" . " and x.activity = 1");
}
$results = array();
echo "<div id='checkboxes'>\n";
$count = 0;
while ($result = sqlFetchArray($query)) {
$checked = '';
if ($result['category'] == 'prescriptions' && $count < 4) {
$count++;
$checked = 'checked';
}
echo "<div>\n";
echo "<input type=checkbox name='ch_" . $result['id'] . "' {$checked}><span>" . $result['category'] . '</span>:' . $result['subcategory'] . ':' . $result['item'] . "<br/>\n";
echo "</div>\n";
}
echo "</div>\n";
?>
<br/><br/>
<input type='button' value='<?php
xl('Select All', 'e');
?>
'
onClick='checkall()'>
<input type='button' value='<?php
xl('Unselect All', 'e');
?>
'
onClick='uncheckall()'>
<br/><br/>
<?php
//experimental code start
$pid = $GLOBALS['pid'];
$encounter = $GLOBALS['encounter'];
$query = "select t1.id, t1.content from " . mitigateSqlTableUpperCase("form_CAMOS") . " as t1 join forms as t2 " . "on (t1.id = t2.form_id) where t2.form_name like 'CAMOS%' " . "and t2.encounter like {$encounter} and t2.pid = {$pid}";
$statement = sqlStatement($query);
while ($result = sqlFetchArray($statement)) {
print "<input type=button value='" . xl('Edit') . "' onClick='show_edit(\"id_textarea_" . $result['id'] . "\")'>";
print "<input type=checkbox name='ch_" . $result['id'] . "'> " . $result['content'] . "<br/>\n";
print "<div id=id_textarea_" . $result['id'] . " style='display:none'>\n";
print "<textarea name=textarea_" . $result['id'] . " cols={$textarea_cols} rows= {$textarea_rows} onFocus='content_focus()' onBlur='content_blur()' >" . $result['content'] . "</textarea><br/>\n";
print "</div>\n";
}
//experimental code end
?>
</form>
<?php
formFooter();
$query = "SELECT date(date) as date, subcategory, item, content FROM " . mitigateSqlTableUpperCase("form_CAMOS") . " WHERE category like '" . $clone_category . "' and pid=" . $_SESSION['pid'] . " order by id desc";
if ($_POST['hidden_mode'] == 'clone last visit') {
//go back $stepback # of encounters...
//This has been changed to clone last visit based on actual last encounter rather than as it was
//only looking at most recent BILLED encounters. To go back to billed encounters, change the following
//two queries to the 'billing' table rather than form_encounter and make sure to add in 'and activity=1'
//OK, now I have tried tracking last encounter from billing, then form_encounter. Now, we are going to
//try from forms where form_name like 'CAMOS%' so we will not bother with encounters that have no CAMOS entries...
$stepback = $_POST['stepback'] ? $_POST['stepback'] : 1;
$tmp = sqlQuery("SELECT max(encounter) as max FROM forms where encounter < " . $_SESSION['encounter'] . " and form_name like 'CAMOS%' and pid= " . $_SESSION['pid']);
$last_encounter_id = $tmp['max'] ? $tmp['max'] : 0;
for ($i = 0; $i < $stepback - 1; $i++) {
$tmp = sqlQuery("SELECT max(encounter) as max FROM forms where encounter < " . $last_encounter_id . " and form_name like 'CAMOS%' and pid= " . $_SESSION['pid']);
$last_encounter_id = $tmp['max'] ? $tmp['max'] : 0;
}
$query = "SELECT category, subcategory, item, content FROM " . mitigateSqlTableUpperCase("form_CAMOS") . " " . "join forms on (" . mitigateSqlTableUpperCase("form_CAMOS") . ".id = forms.form_id) where " . "forms.encounter = '{$last_encounter_id}' and " . mitigateSqlTableUpperCase("form_CAMOS") . ".pid=" . $_SESSION['pid'] . " order by " . mitigateSqlTableUpperCase("form_CAMOS") . ".id";
}
$statement = sqlStatement($query);
while ($result = sqlFetchArray($statement)) {
if (preg_match('/^[\\s\\r\\n]*$/', $result['content']) == 0) {
if ($_POST['hidden_mode'] == 'clone last visit') {
$clone_category = $result['category'];
}
$clone_subcategory = $result['subcategory'];
$clone_item = $result['item'];
$clone_content = $result['content'];
$clone_data1 = "/* camos :: {$clone_category} :: {$clone_subcategory} :: {$clone_item} :: ";
$clone_data2 = "{$clone_content} */";
$clone_data3 = $clone_data1 . $clone_data2;
if ($_POST['hidden_mode'] == 'clone last visit') {
$clone_data1 = $clone_data3;
function getFormData($start_date, $end_date, $lname, $fname)
{
//dates in sql format
// All 4 parameters have previously been trimmed, globally validated,
// and prepared for database insert
$name_clause = '';
$date_clause = "date(t2.date) >= '" . $start_date . "' and date(t2.date) <= '" . $end_date . "' ";
if ($lname || $fname) {
$name_clause = "and t3.lname like '%" . $lname . "%' and t3.fname like '%" . $fname . "%' ";
}
$dates = array();
if ($_GET['pid'] && $_GET['encounter']) {
$date_clause = '';
$name_clause = "t2.pid=" . $_GET['pid'] . " and t2.encounter=" . $_GET['encounter'] . " ";
}
$query1 = sqlStatement("select t1.form_id, t1.form_name, t1.pid, date_format(t2.date,'%m-%d-%Y') as date, " . "date_format(t2.date,'%Y%m%d') as datekey, " . "t3.lname, t3.fname, t3.pubpid, date_format(t3.DOB,'%m-%d-%Y') as dob, " . "t2.encounter as enc, " . "t2.reason from " . "forms as t1 join " . "form_encounter as t2 on " . "(t1.pid = t2.pid and t1.encounter = t2.encounter) " . "join patient_data as t3 on " . "(t1.pid = t3.pid) where " . $date_clause . $name_clause . "order by date,pid");
while ($results1 = mysql_fetch_array($query1, MYSQL_ASSOC)) {
if (!$dates[$results1['datekey']]) {
$dates[$results1['datekey']] = array();
}
if (!$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]) {
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']] = array();
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['name'] = $results1['fname'] . ' ' . $results1['lname'];
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['date'] = $results1['date'];
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['pubpid'] = $results1['pubpid'];
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['dob'] = $results1['dob'];
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['vitals'] = '';
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['reason'] = $results1['reason'];
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['exam'] = array();
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['prescriptions'] = array();
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['other'] = array();
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['billing'] = array();
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['calories'] = array();
}
// get icd9 codes for this encounter
$query2 = sqlStatement("select * from billing where encounter = " . $results1['enc'] . " and pid = " . $results1['pid'] . " and code_type like 'ICD9' and activity=1");
while ($results2 = mysql_fetch_array($query2, MYSQL_ASSOC)) {
array_push($dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['billing'], $results2['code'] . ' ' . $results2['code_text']);
}
if (strtolower($results1['form_name']) == 'vitals') {
// deal with Vitals
$query2 = sqlStatement("select * from form_vitals where id = " . $results1['form_id']);
if ($results2 = mysql_fetch_array($query2, MYSQL_ASSOC)) {
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['vitals'] = formatVitals($results2);
}
}
if (substr(strtolower($results1['form_name']), 0, 5) == 'camos') {
// deal with camos
$query2 = sqlStatement("select category,subcategory,item,content,date_format(date,'%h:%i %p') as date from " . mitigateSqlTableUpperCase("form_CAMOS") . " where id = " . $results1['form_id']);
if ($results2 = mysql_fetch_array($query2, MYSQL_ASSOC)) {
if ($results2['category'] == 'exam') {
array_push($dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['exam'], $results2['content']);
} elseif ($results2['category'] == 'prescriptions') {
array_push($dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['prescriptions'], preg_replace("/\n+/", ' ', $results2['content']));
} elseif ($results2['category'] == 'communications') {
//do nothing
} elseif ($results2['category'] == 'calorie intake') {
$values = array('subcategory' => $results2['subcategory'], 'item' => $results2['item'], 'content' => $results2['content'], 'date' => $results2['date']);
array_push($dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['calories'], $values);
} else {
if (!$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['other'][$results2['category']]) {
$dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['other'][$results2['category']] = array();
}
array_push($dates[$results1['datekey']][$results1['pid'] . '_' . $results1['enc']]['other'][$results2['category']], preg_replace(array("/\n+/", "/patientname/i"), array(' ', $results1['fname'] . ' ' . $results1['lname']), $results2['content']));
}
}
}
}
return $dates;
}
/*
* check to see if RxNorm installed
*/
$rxn = sqlQuery("SELECT table_name FROM information_schema.tables WHERE table_name = 'RXNCONSO' OR table_name = 'rxnconso'");
if ($rxn == false) {
die(xlt("Could not find RxNorm Table! Please install."));
}
/*
* Grab medication list from prescriptions list
* load into array
*/
$medList = sqlStatement("SELECT drug FROM prescriptions WHERE active = 1 AND patient_id = ?", array($pid));
$nameList = array();
while ($name = sqlFetchArray($medList)) {
$drug = explode(" ", $name['drug']);
$rXn = sqlQuery("SELECT `rxcui` FROM `" . mitigateSqlTableUpperCase('RXNCONSO') . "` WHERE `str` LIKE ?", array("%" . $drug[0] . "%"));
$nameList[] = $rXn['rxcui'];
}
/*
* make sure there are drugs to compare
*/
if (count($nameList) < 2) {
echo xlt("Need more than one drug.");
exit;
}
/*
* If there are drugs to compare, collect the data
*
*/
$rxcui_list = implode("+", $nameList);
$data = file_get_contents("https://rxnav.nlm.nih.gov/REST/interaction/list.json?rxcuis=" . $rxcui_list);