header("Content-Type:text/xml"); $ignoreAuth = true; require_once 'classes.php'; $xml_array = array(); $token = $_POST['token']; $noteIds = $_POST['noteIds']; $active = $_POST['active']; if ($userId = validateToken($token)) { $username = getUsername($userId); $acl_allow = acl_check('patients', 'notes', $username); if ($acl_allow) { $noteIds_array = explode(',', $noteIds); foreach ($noteIds_array as $noteId) { switch ($active) { case 1: reappearPnote($noteId); break; case 0: disappearPnote($noteId); break; } } $xml_array['status'] = 0; $xml_array['reason'] = 'The Patient notes has been updated'; } else { $xml_string .= "<status>-2</status>\n"; $xml_string .= "<reason>You are not Authorized to perform this action</reason>\n"; } } else { $xml_array['status'] = -2; $xml_array['reason'] = 'Invalid Token';
$activity_string_html = 'form_inactive=1'; } else { $active = 'all'; $activity_string_html = ''; $form_active = $form_inactive = '0'; } } // this code handles changing the state of activity tags when the user updates // them through the interface if (isset($mode)) { if ($mode == "update") { foreach ($_POST as $var => $val) { if (strncmp($var, 'act', 3) == 0) { $id = str_replace("act", "", $var); if ($_POST["chk{$id}"]) { reappearPnote($id); } else { disappearPnote($id); } if ($docid) { setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk{$id}"])); } if ($orderid) { setGpRelation(2, $orderid, 6, $id, !empty($_POST["lnk{$id}"])); } } } } elseif ($mode == "new") { $note = $_POST['note']; if ($noteid) { updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']);