header("Content-Type:text/xml");
$ignoreAuth = true;
require_once 'classes.php';
$xml_array = array();
$token = $_POST['token'];
$noteIds = $_POST['noteIds'];
$active = $_POST['active'];
if ($userId = validateToken($token)) {
    $username = getUsername($userId);
    $acl_allow = acl_check('patients', 'notes', $username);
    if ($acl_allow) {
        $noteIds_array = explode(',', $noteIds);
        foreach ($noteIds_array as $noteId) {
            switch ($active) {
                case 1:
                    reappearPnote($noteId);
                    break;
                case 0:
                    disappearPnote($noteId);
                    break;
            }
        }
        $xml_array['status'] = 0;
        $xml_array['reason'] = 'The Patient notes has been updated';
    } else {
        $xml_string .= "<status>-2</status>\n";
        $xml_string .= "<reason>You are not Authorized to perform this action</reason>\n";
    }
} else {
    $xml_array['status'] = -2;
    $xml_array['reason'] = 'Invalid Token';
Exemplo n.º 2
0
        $activity_string_html = 'form_inactive=1';
    } else {
        $active = 'all';
        $activity_string_html = '';
        $form_active = $form_inactive = '0';
    }
}
// this code handles changing the state of activity tags when the user updates
// them through the interface
if (isset($mode)) {
    if ($mode == "update") {
        foreach ($_POST as $var => $val) {
            if (strncmp($var, 'act', 3) == 0) {
                $id = str_replace("act", "", $var);
                if ($_POST["chk{$id}"]) {
                    reappearPnote($id);
                } else {
                    disappearPnote($id);
                }
                if ($docid) {
                    setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk{$id}"]));
                }
                if ($orderid) {
                    setGpRelation(2, $orderid, 6, $id, !empty($_POST["lnk{$id}"]));
                }
            }
        }
    } elseif ($mode == "new") {
        $note = $_POST['note'];
        if ($noteid) {
            updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']);