* @author Karl Englund <*****@*****.**> * @link http://www.open-emr.org */ header("Content-Type:text/xml"); $ignoreAuth = true; require_once 'classes.php'; include_once "{$srcdir}/onotes.inc"; $xml_string = ""; $xml_string .= "<officenote>"; $token = $_POST['token']; $body = $_POST['body']; if ($userId = validateToken($token)) { $user = getUsername($userId); $acl_allow = acl_check('admin', 'super', $user); // $_SESSION['authUser'] used in addOnote() function. $_SESSION['authUser'] = $user; $_SESSION['authProvider'] = getAuthGroup($user); if ($acl_allow) { addOnote($body); $xml_string .= "<status>0</status>\n"; $xml_string .= "<reason>Office Note Added Successfully</reason>\n"; } else { $xml_string .= "<status>-2</status>\n"; $xml_string .= "<reason>You are not Authorized to perform this action</reason>\n"; } } else { $xml_string .= "<status>-2</status>"; $xml_string .= "<reason>Invalid Token</reason>"; } $xml_string .= "</officenote>"; echo $xml_string;
//this code handles changing the state of activity tags when the user updates them through the interface if (isset($mode)) { if ($mode == "update") { foreach ($_POST as $var => $val) { if ($val == "true" || $val == "false") { $id = str_replace("act", "", $var); if ($val == "true") { reappearOnote($id); } elseif ($val == "false") { disappearOnote($id); } //print "$id: $val > $act_state<br>\n"; } } } elseif ($mode == "new") { addOnote($_POST["note"]); } } ?> <html> <head> <link rel="stylesheet" href="<?php echo $css_header; ?> " type="text/css"> </head> <body class="body_top"> <div id="officenotes_edit">