}
$loggedIn = false;
$trial = new eCRF($page);
// Create trial object
if (isset($_SESSION['user']) && $_SESSION['user']) {
// Add current user to trial object (if they exist)
$user =& $_SESSION['user'];
$loggedIn = $trial->addUser($user);
// On adding user it checks to see if user has been expired and if not renews their last logon time
if (!$loggedIn) {
unset($_SESSION['user']);
header("Location:index.php?expire=1");
exit;
}
if (!isset($_GET['keepData']) && $trial->user->isLinked()) {
$trial->addRecord();
$complete = $trial->checkComplete('core');
if (!$complete) {
$trial->record->deleteAllData($user->getID(), 'Incomplete Randomisation', true);
$_SESSION['error'] = "Your partially entered randomisation data has been deleted. Please note the new trial ID when you go to re-enter.";
}
$trial->user->unlinkRecord();
// Unlink user from any records
}
$trial->addRecord();
}
$include = $trial->checkPageLogin($page);
// Generate correct include file, assuming user has correct privilege
if ($include == 'logout') {
$loggedIn = $include = false;
$_SESSION['message'] = "You have been successfully logged out.";
echo "<h3>Protocol deviations</h3>";
if ($user->isCentralAdmin()) {
echo "<h5>If you wish to remove a protocol deviation form then please select and click 'Delete' - the form will be stored for audit purposes.</h5>";
echo "<form action=\"process.php\" method=\"POST\">";
}
echo '<table class="table table-striped table-bordered table-hover dataTable"><thead>';
echo '<tr><th scope="col">Centre</th><th scope="col">' . Config::get('idName') . '</th><th scope="col">Deviation</th>';
echo '<th scope="col">Description</th><th scope="col">Reported time</th><th scope="col">Reported by</th>';
if ($user->isCentralAdmin()) {
echo '<th>Select</th>';
}
echo '</tr></thead>';
echo "<tbody>\n";
foreach ($result->rows as $rowv) {
$e = new eCRF('violation');
$e->addRecord($rowv->link_id);
foreach ($e->getViolations() as $v) {
if ($v->isActive()) {
echo "<tr class=\"clickable\"><td>{$rowv->centre_name}</td><td>{$rowv->trialid}</td>";
$typearray = array('no' => 'Participant in the intervention group did NOT receive CPAP', 'low' => 'CPAP started at a dose other than 5cmH2O', 'stop' => 'CPAP administered for less than 4 hours or with significant interruption', 'wrong' => 'Participant in the usual care group DID receive CPAP');
$output = '<td><ul>';
foreach ($typearray as $type => $title) {
if ($v->{$type . 'cpap'}) {
$output .= "<li><b>{$title}</b></li>";
$output .= "<ul>";
foreach ($v->{$type . 'cpapreason'} as $reason) {
$sql = "SELECT option_text FROM {$type}cpapreason WHERE option_value = ?";
$pA = array('i', $reason);
$result = DB::query($sql, $pA);
$output .= "<li>{$result->option_text}</li>";
}
$_SESSION['error'] = "Log in expired due to inactivity";
header("Location:index.php?expire=1");
exit;
}
if (!isset($_POST['csrfToken']) || !isset($_SESSION['csrfToken']) || $_POST['csrfToken'] != $_SESSION['csrfToken']) {
$_SESSION['error'] = 'A token error has occurred, please try again.';
if (isset($_SESSION['csrfToken'])) {
unset($_SESSION['csrfToken']);
}
header("Location:index.php");
exit;
}
if (isset($_SESSION['csrfToken'])) {
unset($_SESSION['csrfToken']);
}
$link_id = $trial->addRecord();
if (!$link_id) {
$_SESSION['error'] = "No record linked to this user.";
header('Location:index.php');
exit;
} elseif (!isset($_POST['link_id']) || $link_id != $_POST['link_id']) {
$_SESSION['error'] = "An error has occurred, please reselect the patient you wish to edit.";
header('Location:index.php');
exit;
}
$include = $trial->checkPageLogin($page);
if (!$include) {
$_SESSION['error'] = "Unauthorised access attempted.";
header("Location:index.php");
exit;
}
$emailArr = $result->getArray('email');
}
echo json_encode($emailArr);
exit;
}
$trial = new eCRF($page);
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
$loggedIn = $trial->addUser($user);
if (!$loggedIn) {
throw new Exception("Your session has timed out, please log in again.", 1);
}
} else {
throw new Exception("Your session has timed out, please log in again.", 1);
}
if (!$trial->addRecord()) {
// Bind a record to the trial, if it fails then throw exception
throw new Exception("No record is linked with this user, please try selecting a different record.");
}
if ($trial->user->isLocal()) {
if ($trial->record->getCentre() != $trial->user->getCentre()) {
// Ensure that a 'local' user isn't trying to manipulate someone else's record
throw new Exception("You have tried to manipulate a record from another centre.");
}
}
if ($trial->checkPageLogin($page)) {
// Check that the user has the privilege to access this page
switch ($_POST['request']) {
case 'addFlag':
$flag = $trial->addFlagInput($_POST);
// Add form input to create a new flag
