Пример #1
0
function addBilling2($encounter, $code_type, $code, $code_text, $modifier = "", $units = "", $fee = "0.00", $justify)
{
    $justify_string = '';
    if ($justify) {
        //trim eahc entry
        foreach ($justify as $temp_justify) {
            $justify_trimmed[] = trim($temp_justify);
        }
        //format it
        $justify_string = implode(":", $justify_trimmed) . ":";
    }
    $code_type = formDataCore($code_type);
    $code = formDataCore($code);
    $code_text = formDataCore($code_text);
    $modifier = formDataCore($modifier);
    $units = formDataCore($units);
    $fee = formDataCore($fee);
    $justify_string = formDataCore($justify_string);
    // set to authorize billing codes as default - bm
    //  could place logic here via acls to control who
    //  can authorize as a feature in the future
    $authorized = 1;
    $sql = "insert into billing (date, encounter, code_type, code, code_text, pid, authorized, user, groupname,activity,billed,provider_id,modifier,units,fee,justify) values (NOW(), '" . $_SESSION['encounter'] . "', '{$code_type}', '{$code}', '{$code_text}', '" . $_SESSION['pid'] . "', '{$authorized}', '" . $_SESSION['authId'] . "', '" . $_SESSION['authProvider'] . "',1,0," . $_SESSION['authUserID'] . ",'{$modifier}','{$units}','{$fee}','{$justify_string}')";
    return sqlInsert($sql);
}
Пример #2
0
/**
 * Offsite Portal connection function library.
 *
 * Copyright (C) 2013 Z&H Consultancy Services Private Limited <*****@*****.**>
 *
 * LICENSE: This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
 *
 * @package OpenEMR
 * @author  Eldho Chacko <*****@*****.**>
 * @author  Vinish K <*****@*****.**>
 * @link    http://www.open-emr.org
 */

function portal_connection(){
    global $credentials;
    $password 	= $GLOBALS['portal_offsite_password'];
    $randkey	= '';
    $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
    sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
    sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
    do{
        $randkey 	= substr(md5(rand().rand()), 0, 8);
        $res 	= sqlStatement("SELECT * FROM audit_details WHERE field_value = ?",array($randkey));
        $cnt 	= sqlNumRows($res);
    }
    while($cnt>0);
    $password 	= sha1($password.gmdate("Y-m-d H").$randkey);
    $grpID 	= sqlInsert("INSERT INTO audit_master SET type=5");
    sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=?",array($randkey,$grpID));
    $credentials 	= array($GLOBALS['portal_offsite_username'],$password,$randkey);
    //CALLING WEBSERVICE ON THE PATIENT-PORTAL 
    $client 	= new SoapClient(null, array(
            'location' => $GLOBALS['portal_offsite_address_patient_link']."/webservice/webserver.php",
            'uri'      => "urn://portal/req"
        )
    );
    return $client;
}
Пример #3
0
function catch_logs()
{
    $sql = sqlStatement("select * from log where id not in(select log_id from log_validator) and checksum is NOT null and checksum != ''");
    while ($row = sqlFetchArray($sql)) {
        sqlInsert("INSERT into log_validator (log_id,log_checksum) VALUES(?,?)", array($row['id'], $row['checksum']));
    }
}
Пример #4
0
 /**
  * Provision new radius account(s)
  */
 function p_new()
 {
     $db =& DB();
     $this->account['id'];
     for ($i = 0; $i < $this->plugin_data['max']; $i++) {
         $fields = array('service_id' => $this->service['id'], 'account_id' => $this->account['id'], 'auth' => $this->plugin_data['auth']);
         $db->Execute(sqlInsert($db, "radius_service", $fields));
     }
     return true;
 }
Пример #5
0
function arPostSession($payer_id, $check_number, $check_date, $pay_total, $post_to_date, $deposit_date, $debug)
{
    $query = "INSERT INTO ar_session( " . "payer_id,user_id,closed,reference,check_date,pay_total,post_to_date,deposit_date,patient_id,payment_type,adjustment_code,payment_method " . ") VALUES ( " . "'{$payer_id}'," . $_SESSION['authUserID'] . "," . "0," . "'ePay - {$check_number}'," . "'{$check_date}', " . "{$pay_total}, " . "'{$post_to_date}','{$deposit_date}', " . "0,'insurance','insurance_payment','electronic'" . ")";
    if ($debug) {
        echo $query . "<br>\n";
    } else {
        $sessionId = sqlInsert($query);
        return $sessionId;
    }
}
Пример #6
0
function md5_pass($length = 8)
{
    $randkey = substr(md5(rand() . rand()), 0, $length);
    $res = sqlStatement("SELECT * FROM audit_master AS am LEFT OUTER JOIN audit_details AS ad ON ad.audit_master_id=am.id WHERE type=5 AND field_value=?", array($randkey));
    if (sqlNumRows($res)) {
        md5_pass();
    } else {
        $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
        sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=?", array($randkey, $grpID));
        return $randkey;
    }
}
 function setNewPassword($account_id, $password, $hashed = true)
 {
     $db =& DB();
     if (!$hashed) {
         $this->hashPassword($password);
     }
     /* update last_date in existing passwords to indicate they are no longer in use */
     $fields['date_last'] = time();
     $db->Execute($sql = "update " . AGILE_DB_PREFIX . "account_password_history set date_last = " . time() . " where account_id = {$account_id}");
     /* insert new password */
     $fields = array('date_orig' => time(), 'date_last' => 0, 'account_id' => $account_id, 'password' => $password, 'ip' => USER_IP);
     $db->Execute(sqlInsert($db, "account_password_history", $fields));
 }
Пример #8
0
function do_visit_form($irow, $encounter, $first)
{
    global $insert_count, $debug, $verbose;
    $pid = $irow['pid'];
    // If a gcac form already exists for this visit, get out.
    $row = sqlQuery("SELECT COUNT(*) AS count FROM forms WHERE " . "pid = '{$pid}' AND encounter = '{$encounter}' AND " . "formdir = 'LBFgcac' AND deleted = 0");
    if ($row['count']) {
        echo "<br />*** Visit {$pid}.{$encounter} skipped, already has a GCAC visit form ***\n";
        return;
    }
    $a = array('client_status' => $irow['client_status'], 'in_ab_proc' => $irow['in_ab_proc'], 'ab_location' => $irow['ab_location'], 'complications' => $irow['fol_compl'], 'contrameth' => $irow['contrameth']);
    // logic that applies only to the first related visit
    if ($first) {
        if ($a['ab_location'] == 'ma') {
            $a['ab_location'] = 'proc';
        }
        $a['complications'] = $irow['rec_compl'];
        $a['contrameth'] = '';
    }
    $newid = 0;
    $didone = false;
    foreach ($a as $field_id => $value) {
        if ($value !== '') {
            if ($newid) {
                $query = "INSERT INTO lbf_data " . "( form_id, field_id, field_value ) " . " VALUES ( '{$newid}', '{$field_id}', '{$value}' )";
                if ($verbose) {
                    echo "<br />{$query}\n";
                }
                if (!$debug) {
                    sqlStatement($query);
                }
            } else {
                $query = "INSERT INTO lbf_data " . "( field_id, field_value ) " . " VALUES ( '{$field_id}', '{$value}' )";
                if ($verbose) {
                    echo "<br />{$query}\n";
                }
                if (!$debug) {
                    $newid = sqlInsert($query);
                }
            }
            $didone = true;
        }
    }
    if ($newid && !$debug) {
        addForm($encounter, 'IPPF GCAC', $newid, 'LBFgcac', $pid, 1);
        ++$insert_count;
    }
    if (!$didone) {
        echo "<br />*** Empty issue skipped for visit {$pid}.{$encounter} ***\n";
    }
}
Пример #9
0
function createToken($userId, $create = true, $device_token = '')
{
    $token = md5(uniqid(rand(), 1));
    $query = "SELECT * FROM api_tokens WHERE user_id = ?";
    $token_result = sqlQuery($query, array($userId));
    if ($create || !$token_result) {
        $strQuery = "INSERT INTO api_tokens VALUES('', '" . add_escape_custom($userId) . "' ,'" . add_escape_custom($token) . "','" . add_escape_custom($device_token) . "' ,'" . date('Y-m-d h:i:s') . "', '',0,0,0,0)";
        $result = sqlInsert($strQuery);
    } else {
        $strQuery = "UPDATE `api_tokens` SET `token` = '" . add_escape_custom($token) . "' ";
        if ($device_token) {
            $strQuery .= ",`device_token` = '" . add_escape_custom($device_token) . "' ";
        }
        $strQuery .= "WHERE `user_id` = ?";
        $result = sqlStatement($strQuery, array($userId));
    }
    if ($result) {
        return $token;
    } else {
        return false;
    }
}
Пример #10
0
function frontPayment($patient_id, $encounter, $method, $source, $amount1, $amount2, $timestamp, $auth = "")
{
    if (empty($auth)) {
        $auth = $_SESSION['authUser'];
    }
    $tmprow = sqlQuery("SELECT date FROM form_encounter WHERE " . "encounter=? and pid=?", array($encounter, $patient_id));
    //the manipulation is done to insert the amount paid into payments table in correct order to show in front receipts report,
    //if the payment is for today's encounter it will be shown in the report under today field and otherwise shown as previous
    $tmprowArray = explode(' ', $tmprow['date']);
    if (date('Y-m-d') == $tmprowArray[0]) {
        if ($amount1 == 0) {
            $amount1 = $amount2;
            $amount2 = 0;
        }
    } else {
        if ($amount2 == 0) {
            $amount2 = $amount1;
            $amount1 = 0;
        }
    }
    $payid = sqlInsert("INSERT INTO payments ( " . "pid, encounter, dtime, user, method, source, amount1, amount2 " . ") VALUES ( ?, ?, ?, ?, ?, ?, ?, ?)", array($patient_id, $encounter, $timestamp, $auth, $method, $source, $amount1, $amount2));
    return $payid;
}
function todaysEncounter($patient_id, $reason = '')
{
    global $today, $userauthorized;
    if (empty($reason)) {
        $reason = xl('Please indicate visit reason');
    }
    // Was going to use the existing encounter for today if there is one, but
    // decided it's right to always create a new one.  Leaving the code here
    // (and corresponding function above) in case it is ever wanted later.
    /*******************************************************************
      $encounter = todaysEncounterIf($patient_id);
      if ($encounter) return $encounter;
      *******************************************************************/
    $tmprow = sqlQuery("SELECT username, facility, facility_id FROM users " . "WHERE id = ?", array($_SESSION["authUserID"]));
    $username = $tmprow['username'];
    $facility = $tmprow['facility'];
    $facility_id = $tmprow['facility_id'];
    $conn = $GLOBALS['adodb']['db'];
    $encounter = $conn->GenID("sequences");
    $provider_id = $userauthorized ? $_SESSION['authUserID'] : 0;
    addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET date = ?, onset_date = ?, " . "reason = ?, facility = ?, facility_id = ?, pid = ?, encounter = ?, " . "provider_id = ?", array($today, $today, $reason, $facility, $facility_id, $patient_id, $encounter, $provider_id)), "newpatient", $patient_id, $userauthorized, "NOW()", $username);
    return $encounter;
}
Пример #12
0
/**
 *
 * @param <type> $facility
 * @return <type> returns the id
 */
function addNewLabFacility($facility)
{
    $query = "INSERT INTO users ( " . "username, password, authorized, info, source, " . "title, fname, lname, mname,  " . "federaltaxid, federaldrugid, upin, facility, see_auth, active, npi, taxonomy, " . "specialty, organization, valedictory, assistant, billname, email, url, " . "street, streetb, city, state, zip, " . "street2, streetb2, city2, state2, zip2," . "phone, phonew1, phonew2, phonecell, fax, notes, abook_type " . ") VALUES ( " . "'', " . "'', " . "0, " . "'', " . "NULL, " . "'" . trim($facility->FacilityDirectorTitle) . "', " . "'" . trim($facility->FacilityDirectorFirstName) . "', " . "'" . trim($facility->FacilityDirectorLastName) . "', " . "'', " . "'', " . "'', " . "'', " . "'', " . "0, " . "1, " . "'', " . "'', " . "'', " . "'" . trim($facility->FacilityName) . "', " . "'', " . "'', " . "'', " . "'', " . "'', " . "'" . trim($facility->FacilityAddress) . "', " . "'', " . "'" . trim($facility->FacilityCity) . "', " . "'" . trim($facility->FacilityState) . "', " . "'" . trim($facility->FacilityZip) . "', " . "'', " . "'', " . "'', " . "'', " . "'', " . "'" . trim($facility->FacilityPhone) . "', " . "'', " . "'', " . "'', " . "'', " . "'', " . "'ord_lab'" . ")";
    return sqlInsert($query);
}
Пример #13
0
include_once "../../globals.php";
// allow a custom 'delete' form
$deleteform = $incdir . "/forms/" . $_REQUEST["formname"] . "/delete.php";
check_file_dir_name($_REQUEST["formname"]);
if (file_exists($deleteform)) {
    include_once $deleteform;
    exit;
}
// if no custom 'delete' form, then use a generic one
// when the Cancel button is pressed, where do we go?
$returnurl = $GLOBALS['concurrent_layout'] ? 'encounter_top.php' : 'patient_encounter.php';
if ($_POST['confirm']) {
    // set the deleted flag of the indicated form
    $sql = "update forms set deleted=1 where id= ?";
    if ($_POST['id'] != "*" && $_POST['id'] != '') {
        sqlInsert($sql, array($_POST['id']));
    }
    // log the event
    newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "Form " . $_POST['formname'] . " deleted from Encounter " . $_POST['encounter']);
    // redirect back to the encounter
    $address = "{$GLOBALS['rootdir']}/patient_file/encounter/{$returnurl}";
    echo "\n<script language='Javascript'>top.restoreSession();window.location='{$address}';</script>\n";
    exit;
}
?>
<html>

<head>
<?php 
html_header_show();
?>
            $runit['option_id'] = $runit['option_id'] + 1;
        }
    }
    if ($medArray[$i]['DosageFrequencyDescription']) {
        $qint = sqlStatement("SELECT option_id FROM list_options WHERE list_id='drug_interval' AND title = ?", array($medArray[$i]['DosageFrequencyDescription']));
        $rint = sqlFetchArray($qint);
        if (sqlNumRows($qint) <= 0) {
            $rint = sqlQuery("SELECT option_id AS option_id FROM list_options WHERE list_id='drug_interval' ORDER BY ABS(option_id) DESC LIMIT 1");
            sqlQuery("INSERT INTO list_options (list_id,option_id,title,seq) VALUES ('drug_interval',?,?,?)", array($rint['option_id'] + 1, $medArray[$i]['DosageFrequencyDescription'], $rint['option_id'] + 1));
            $rint['option_id'] = $rint['option_id'] + 1;
        }
    }
    $check = sqlStatement("select * from prescriptions where prescriptionguid=? and patient_id=? and prescriptionguid is not null", array($medArray[$i]['PrescriptionGuid'], $medArray[$i]['ExternalPatientID']));
    $prescription_id = '';
    if (sqlNumRows($check) == 0) {
        $prescription_id = sqlInsert("insert into prescriptions \n        (\n            patient_id,provider_id,encounter,date_added,drug,drug_id,drug_info_erx,form,dosage,size,unit,route,`INTERVAL`,refills,note,`DATETIME`,\n            `USER`,site,prescriptionguid,erx_source,rxnorm_drugcode\n        )\n        values\n        (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,NOW(),?,?,?,'1',?)", array($medArray[$i]['ExternalPatientID'], $provider['id'], $encounter, substr($medArray[$i]['PrescriptionDate'], 0, 10), $medArray[$i]['DrugName'], $medArray[$i]['DrugID'], $medArray[$i]['DrugInfo'], $rin['option_id'], $medArray[$i]['DosageNumberDescription'], number($medArray[$i]['Strength']), $runit['option_id'], $rroute['option_id'], $rint['option_id'], $medArray[$i]['Refills'], $medArray[$i]['PrescriptionNotes'], $_SESSION['authUserID'], $medArray[$i]['SiteID'], $medArray[$i]['PrescriptionGuid'], $medArray[$i]['rxcui']));
        $j++;
    } else {
        sqlQuery("update prescriptions set \n        provider_id=?, drug=?, drug_id=?, drug_info_erx=?, form=?, dosage=?, size=? ,unit=?, route=?, `INTERVAL`=?, refills=?, note=?, \n        `DATETIME`=NOW(),`USER`=?, site=? ,erx_source='1', rxnorm_drugcode=?, active='1'\n        WHERE prescriptionguid=? AND patient_id=?\n        ", array($provider['id'], $medArray[$i]['DrugName'], $medArray[$i]['DrugID'], $medArray[$i]['DrugInfo'], $rin['option_id'], $medArray[$i]['DosageNumberDescription'], number($medArray[$i]['Strength']), $runit['option_id'], $rroute['option_id'], $rint['option_id'], $medArray[$i]['Refills'], $medArray[$i]['PrescriptionNotes'], $_SESSION['authUserID'], $medArray[$i]['SiteID'], $medArray[$i]['rxcui'], $medArray[$i]['PrescriptionGuid'], $medArray[$i]['ExternalPatientID']));
    }
    $result = sqlFetchArray($check);
    if ($result['id']) {
        $prescription_id = $result['id'];
    }
    processAmcCall('e_prescribe_amc', true, 'add', $medArray[$i]['ExternalPatientID'], 'prescriptions', $prescription_id);
}
if ($j != 0) {
    sqlQuery("update patient_data set soap_import_status=? where pid=?", array('2', $pid));
}
if ($xml_response_count == 0) {
    echo htmlspecialchars(xl("Nothing to import for Prescription"), ENT_NOQUOTES);
Пример #15
0
  }
 }
</script>

</head>

<body class="body_top">
<?php 
// If we are saving, then save and close the window.
//
if ($_POST['form_save']) {
    if ($userid) {
        $query = "UPDATE users SET " . "abook_type = " . invalue('form_abook_type') . ", " . "title = " . invalue('form_title') . ", " . "fname = " . invalue('form_fname') . ", " . "lname = " . invalue('form_lname') . ", " . "mname = " . invalue('form_mname') . ", " . "specialty = " . invalue('form_specialty') . ", " . "organization = " . invalue('form_organization') . ", " . "valedictory = " . invalue('form_valedictory') . ", " . "assistant = " . invalue('form_assistant') . ", " . "federaltaxid = " . invalue('form_federaltaxid') . ", " . "upin = " . invalue('form_upin') . ", " . "npi = " . invalue('form_npi') . ", " . "taxonomy = " . invalue('form_taxonomy') . ", " . "email = " . invalue('form_email') . ", " . "url = " . invalue('form_url') . ", " . "street = " . invalue('form_street') . ", " . "streetb = " . invalue('form_streetb') . ", " . "city = " . invalue('form_city') . ", " . "state = " . invalue('form_state') . ", " . "zip = " . invalue('form_zip') . ", " . "street2 = " . invalue('form_street2') . ", " . "streetb2 = " . invalue('form_streetb2') . ", " . "city2 = " . invalue('form_city2') . ", " . "state2 = " . invalue('form_state2') . ", " . "zip2 = " . invalue('form_zip2') . ", " . "phone = " . invalue('form_phone') . ", " . "phonew1 = " . invalue('form_phonew1') . ", " . "phonew2 = " . invalue('form_phonew2') . ", " . "phonecell = " . invalue('form_phonecell') . ", " . "fax = " . invalue('form_fax') . ", " . "notes = " . invalue('form_notes') . " " . "WHERE id = '{$userid}'";
        sqlStatement($query);
    } else {
        $userid = sqlInsert("INSERT INTO users ( " . "username, password, authorized, info, source, " . "title, fname, lname, mname,  " . "federaltaxid, federaldrugid, upin, facility, see_auth, active, npi, taxonomy, " . "specialty, organization, valedictory, assistant, billname, email, url, " . "street, streetb, city, state, zip, " . "street2, streetb2, city2, state2, zip2, " . "phone, phonew1, phonew2, phonecell, fax, notes, abook_type " . ") VALUES ( " . "'', " . "'', " . "0, " . "'', " . "NULL, " . invalue('form_title') . ", " . invalue('form_fname') . ", " . invalue('form_lname') . ", " . invalue('form_mname') . ", " . invalue('form_federaltaxid') . ", " . "'', " . invalue('form_upin') . ", " . "'', " . "0, " . "1, " . invalue('form_npi') . ", " . invalue('form_taxonomy') . ", " . invalue('form_specialty') . ", " . invalue('form_organization') . ", " . invalue('form_valedictory') . ", " . invalue('form_assistant') . ", " . "'', " . invalue('form_email') . ", " . invalue('form_url') . ", " . invalue('form_street') . ", " . invalue('form_streetb') . ", " . invalue('form_city') . ", " . invalue('form_state') . ", " . invalue('form_zip') . ", " . invalue('form_street2') . ", " . invalue('form_streetb2') . ", " . invalue('form_city2') . ", " . invalue('form_state2') . ", " . invalue('form_zip2') . ", " . invalue('form_phone') . ", " . invalue('form_phonew1') . ", " . invalue('form_phonew2') . ", " . invalue('form_phonecell') . ", " . invalue('form_fax') . ", " . invalue('form_notes') . ", " . invalue('form_abook_type') . " " . ")");
    }
} else {
    if ($_POST['form_delete']) {
        if ($userid) {
            // Be careful not to delete internal users.
            sqlStatement("DELETE FROM users WHERE id = '{$userid}' AND username = ''");
        }
    }
}
if ($_POST['form_save'] || $_POST['form_delete']) {
    // Close this window and redisplay the updated list.
    echo "<script language='JavaScript'>\n";
    if ($info_msg) {
        echo " alert('{$info_msg}');\n";
    }
Пример #16
0
include_once "../../globals.php";
include_once "../../../library/api.inc";
include_once "../../../library/forms.inc";
include_once "../../../library/sql.inc";
include_once "./content_parser.php";
include_once "../../../library/formdata.inc.php";
if ($_GET["mode"] == "delete") {
    foreach ($_POST as $key => $val) {
        if (substr($key, 0, 3) == 'ch_' and $val = 'on') {
            $id = substr($key, 3);
            if ($_POST['delete']) {
                sqlInsert("delete from " . mitigateSqlTableUpperCase("form_CAMOS") . " where id={$id}");
                sqlInsert("delete from forms where form_name like 'CAMOS%' and form_id={$id}");
            }
            if ($_POST['update']) {
                // Replace the placeholders before saving the form. This was changed in version 4.0. Previous to this, placeholders
                //   were submitted into the database and converted when viewing. All new notes will now have placeholders converted
                //   before being submitted to the database. Will also continue to support placeholder conversion on report
                //   views to support notes within database that still contain placeholders (ie. notes that were created previous to
                //   version 4.0).
                $content = strip_escape_custom($_POST['textarea_' . ${id}]);
                $content = add_escape_custom(replace($pid, $encounter, $content));
                sqlInsert("update " . mitigateSqlTableUpperCase("form_CAMOS") . " set content='{$content}' where id={$id}");
            }
        }
    }
}
$_SESSION["encounter"] = $encounter;
formHeader("Redirecting....");
formJump();
formFooter();
Пример #17
0
 $encounter_id = 0;
 if (empty($_POST['form_copy_sn_visit'])) {
     $info_msg .= "This patient has no visits! ";
 } else {
     $encounter_id = 0 + $_POST['form_copy_sn_visit'];
 }
 if (!$info_msg) {
     // Merge the selected pages.
     $info_msg .= mergeTiffs();
     $tmp_name = "{$faxcache}/temp.tif";
 }
 if (!$info_msg) {
     // The following is cloned from contrib/forms/scanned_notes/new.php:
     //
     $query = "INSERT INTO form_scanned_notes ( " . "notes " . ") VALUES ( " . "'" . $_POST['form_copy_sn_comments'] . "' " . ")";
     $formid = sqlInsert($query);
     addForm($encounter_id, "Scanned Notes", $formid, "scanned_notes", $patient_id, $userauthorized);
     //
     $imagedir = "{$webserver_root}/documents/{$patient_id}/encounters";
     $imagepath = "{$imagedir}/{$encounter_id}_{$formid}.jpg";
     //
     if (!is_dir($imagedir)) {
         $tmp0 = exec("mkdir -p '{$imagedir}'", $tmp1, $tmp2);
         if ($tmp2) {
             die("mkdir returned {$tmp2}: {$tmp0}");
         }
         exec("touch '{$imagedir}/index.html'");
     }
     if (is_file($imagepath)) {
         unlink($imagepath);
     }
Пример #18
0
<?php

//------------Forms generated from formsWiz
include_once "../../globals.php";
include_once "{$srcdir}/api.inc";
include_once "{$srcdir}/forms.inc";
foreach ($_POST as $k => $var) {
    $_POST[$k] = mysql_escape_string($var);
    echo "{$var}\n";
}
if ($encounter == "") {
    $encounter = date("Ymd");
}
if ($_GET["mode"] == "new") {
    $newid = formSubmit("form_dictation", $_POST, $_GET["id"], $userauthorized);
    addForm($encounter, "Speech Dictation", $newid, "dictation", $pid, $userauthorized);
} elseif ($_GET["mode"] == "update") {
    sqlInsert("update form_dictation set pid = {$_SESSION["pid"]},groupname='" . $_SESSION["authProvider"] . "',user='******',authorized={$userauthorized},activity=1, date = NOW(), dictation='" . $_POST["dictation"] . "', additional_notes='" . $_POST["additional_notes"] . "' where id={$id}");
}
$_SESSION["encounter"] = $encounter;
formHeader("Redirecting....");
formJump();
formFooter();
Пример #19
0
                        $id = "LBF{$id}";
                    }
                    sqlInsert("INSERT INTO list_options ( " . "list_id, option_id, title, seq, is_default, option_value, mapping, notes " . ") VALUES ( " . "'{$list_id}', " . "'" . $id . "', " . "'" . formTrim($iter['title']) . "', " . "'" . formTrim($iter['seq']) . "', " . "'" . formTrim($iter['default']) . "', " . "'" . $value . "', " . "'" . formTrim($iter['mapping']) . "', " . "'" . formTrim($iter['notes']) . "' " . ")");
                }
            }
        }
    }
} else {
    if ($_POST['formaction'] == 'addlist') {
        // make a new list ID from the new list name
        $newlistID = $_POST['newlistname'];
        $newlistID = preg_replace("/\\W/", "_", $newlistID);
        // determine the position of this new list
        $row = sqlQuery("SELECT max(seq) as maxseq FROM list_options WHERE list_id= 'lists'");
        // add the new list to the list-of-lists
        sqlInsert("INSERT INTO list_options ( " . "list_id, option_id, title, seq, is_default, option_value " . ") VALUES ( " . "'lists'," . "'" . $newlistID . "'," . "'" . $_POST['newlistname'] . "', " . "'" . ($row['maxseq'] + 1) . "'," . "'1', '0')");
    } else {
        if ($_POST['formaction'] == 'deletelist') {
            // delete the lists options
            sqlStatement("DELETE FROM list_options WHERE list_id = '" . $_POST['list_id'] . "'");
            // delete the list from the master list-of-lists
            sqlStatement("DELETE FROM list_options WHERE list_id = 'lists' and option_id='" . $_POST['list_id'] . "'");
        }
    }
}
$opt_line_no = 0;
// Given a string of multiple instances of code_type|code|selector,
// make a description for each.
function getCodeDescriptions($codes)
{
    global $code_types;
Пример #20
0
    /**
     * Insert new prescription as external sourced
     * @param  array   $prescriptionData Information for creating prescription: [PrescriptionDate, DrugName, DrugID, DrugInfo, DosageNumberDescription, Strength, Refills, PrescriptionNotes, SiteID, rxcui, PrescriptionGuid, ExternalPatientID]
     * @param  integer $encounter        Id of encounter for prescription
     * @param  integer $providerId       Id of provider for prescription
     * @param  string  $authUserId       Id of user creating prescription
     * @param  integer $formOptionId     Option Id for prescription form
     * @param  integer $routeOptionId    Option Id for prescription route
     * @param  integer $unitsOptionId    Option Id for prescription units
     * @param  integer $intervalOptionId Option Id for prescription interval
     * @return integer                   Id of newly created prescription
     */
    public function insertPrescriptions($prescriptionData, $encounter, $providerId, $authUserId, $formOptionId, $routeOptionId, $unitsOptionId, $intervalOptionId)
    {
        return sqlInsert('INSERT INTO `prescriptions`
				(
					`datetime`,
					`erx_source`,
					`encounter`,
					`date_added`,
					`user`,
					`provider_id`,
					`form`,
					`unit`,
					`route`,
					`interval`,
					`drug`,
					`drug_id`,
					`drug_info_erx`,
					`dosage`,
					`size`,
					`refills`,
					`note`,
					`site`,
					`rxnorm_drugcode`,
					`prescriptionguid`,
					`patient_id`
				)
			VALUES
				(
					NOW(), \'1\', ?, ?, ?,
					?, ?, ?, ?, ?, ?, ?, ?,
					?, ?, ?, ?, ?, ?, ?, ?
				);', array($encounter, substr($prescriptionData['PrescriptionDate'], 0, 10), $authUserId, $providerId, $formOptionId, $unitsOptionId, $routeOptionId, $intervalOptionId, $prescriptionData['DrugName'], $prescriptionData['DrugID'], $prescriptionData['DrugInfo'], $prescriptionData['DosageNumberDescription'], self::sanitizeNumber($prescriptionData['Strength']), $prescriptionData['Refills'], $prescriptionData['PrescriptionNotes'], $prescriptionData['SiteID'], $prescriptionData['rxcui'], $prescriptionData['PrescriptionGuid'], $prescriptionData['ExternalPatientID']));
    }
Пример #21
0
            $sets .= ", " . add_escape_custom($field_id) . " = NULL";
        } else {
            // use sql placemaker (note need to explicitly escape the column label)
            $sets .= ", " . add_escape_custom($field_id) . " = ?";
            array_push($sqlBindArray, $value);
        }
    }
    if ($transid) {
        //use sql placemaker
        array_push($sqlBindArray, $transid);
        sqlStatement("UPDATE transactions SET {$sets} WHERE id = ?", $sqlBindArray);
    } else {
        //use sql placemaker
        array_push($sqlBindArray, $pid);
        $sets .= ", pid = ?";
        $transid = sqlInsert("INSERT INTO transactions SET {$sets}", $sqlBindArray);
    }
    if ($GLOBALS['concurrent_layout']) {
        $body_onload_code = "javascript:location.href='transactions.php';";
    } else {
        $body_onload_code = "javascript:parent.Transactions.location.href='transactions.php';";
    }
}
/************************************
//Migrated this to the list_options engine (transactions list)
$trans_types = array(
  'Referral'          => xl('Referral'),
  'Patient Request'   => xl('Patient Request'),
  'Physician Request' => xl('Physician Request'),
  'Legal'             => xl('Legal'),
  'Billing'           => xl('Billing'),
Пример #22
0
function manage_tracker_status($apptdate,$appttime,$eid,$pid,$user,$status='',$room='',$enc_id='') {

  #First ensure the eid is not a recurrent appointment. If it is, then do not do anything and return false.
  $pc_appt =  sqlQuery("SELECT `pc_recurrtype` FROM `openemr_postcalendar_events` WHERE `pc_eid` = ?", array($eid));
  if ($pc_appt['pc_recurrtype'] != 0) {
    return false;
  }

  $datetime = date("Y-m-d H:i:s");
  if (is_null($room)) {
      $room = '';
  }
  #Check to see if there is an entry in the patient_tracker table.
  $tracker = sqlQuery("SELECT id, apptdate, appttime, eid, pid, original_user, encounter, lastseq,".
                       "patient_tracker_element.room AS lastroom,patient_tracker_element.status AS laststatus ".
					   "from `patient_tracker`".
					   "LEFT JOIN patient_tracker_element " .
                       "ON patient_tracker.id = patient_tracker_element.pt_tracker_id " .
                       "AND patient_tracker.lastseq = patient_tracker_element.seq " .
					   "WHERE `apptdate` = ? AND `appttime` = ? " .
                       "AND `eid` = ? AND `pid` = ?", array($apptdate,$appttime,$eid,$pid));

  if (empty($tracker)) {
    #Add a new tracker.
    $tracker_id = sqlInsert("INSERT INTO `patient_tracker` " .
                            "(`date`, `apptdate`, `appttime`, `eid`, `pid`, `original_user`, `encounter`, `lastseq`) " .
                            "VALUES (?,?,?,?,?,?,?,'1')",
                            array($datetime,$apptdate,$appttime,$eid,$pid,$user,$enc_id));
    #If there is a status or a room, then add a tracker item.
    if (!empty($status) || !empty($room)) {
    sqlInsert("INSERT INTO `patient_tracker_element` " .
              "(`pt_tracker_id`, `start_datetime`, `user`, `status`, `room`, `seq`) " .
              "VALUES (?,?,?,?,?,'1')",
              array($tracker_id,$datetime,$user,$status,$room));
    }
  }
  else {
    #Tracker already exists.
    $tracker_id = $tracker['id'];
    if (($status != $tracker['laststatus']) || ($room != $tracker['lastroom'])) {
      #Status or room has changed, so need to update tracker.
      #Update lastseq in tracker.	  
	   sqlStatement("UPDATE `patient_tracker` SET  `lastseq` = ? WHERE `id` = ?",
                   array(($tracker['lastseq']+1),$tracker_id));
      #Add a tracker item.
      sqlInsert("INSERT INTO `patient_tracker_element` " .
                "(`pt_tracker_id`, `start_datetime`, `user`, `status`, `room`, `seq`) " .
                "VALUES (?,?,?,?,?,?)",
                array($tracker_id,$datetime,$user,$status,$room,($tracker['lastseq']+1)));
    }
    if (!empty($enc_id)) {
      #enc_id (encounter number) is not blank, so update this in tracker.
      sqlStatement("UPDATE `patient_tracker` SET `encounter` = ? WHERE `id` = ?", array($enc_id,$tracker_id));
    }
  }
  #Ensure the entry in calendar appt entry has been updated.
  $pc_appt =  sqlQuery("SELECT `pc_apptstatus`, `pc_room` FROM `openemr_postcalendar_events` WHERE `pc_eid` = ?", array($eid));
  if ($status != $pc_appt['pc_apptstatus']) {
    sqlStatement("UPDATE `openemr_postcalendar_events` SET `pc_apptstatus` = ? WHERE `pc_eid` = ?", array($status,$eid));
  }
  if ($room != $pc_appt['pc_room']) {
    sqlStatement("UPDATE `openemr_postcalendar_events` SET `pc_room` = ? WHERE `pc_eid` = ?", array($room,$eid));
  }
  if( $GLOBALS['drug_screen'] && !empty($status)  && is_checkin($status)) {
    $yearly_limit = $GLOBALS['maximum_drug_test_yearly'];
    $percentage = $GLOBALS['drug_testing_percentage'];
    random_drug_test($tracker_id,$percentage,$yearly_limit);
  }
  # Returning the tracker id that has been managed
return $tracker_id;
}
Пример #23
0
     $formid = sqlInsert($query);
     addForm($encounter, "Procedure Order", $formid, "procedure_order", $pid, $userauthorized);
 }
 // Remove any existing procedures and their answers for this order and
 // replace them from the form.
 sqlStatement("DELETE FROM procedure_answers WHERE procedure_order_id = ?", array($formid));
 sqlStatement("DELETE FROM procedure_order_code WHERE procedure_order_id = ?", array($formid));
 for ($i = 0; isset($_POST['form_proc_type'][$i]); ++$i) {
     $ptid = $_POST['form_proc_type'][$i] + 0;
     if ($ptid <= 0) {
         continue;
     }
     $prefix = "ans{$i}" . "_";
     sqlBeginTrans();
     $procedure_order_seq = sqlQuery("SELECT IFNULL(MAX(procedure_order_seq),0) + 1 AS increment FROM procedure_order_code WHERE procedure_order_id = ? ", array($formid));
     $poseq = sqlInsert("INSERT INTO procedure_order_code SET " . "procedure_order_id = ?, " . "diagnoses = ?, " . "procedure_order_title = ?, " . "procedure_code = (SELECT procedure_code FROM procedure_type WHERE procedure_type_id = ?), " . "procedure_name = (SELECT name FROM procedure_type WHERE procedure_type_id = ?)," . "procedure_order_seq = ? ", array($formid, strip_escape_custom($_POST['form_proc_type_diag'][$i]), strip_escape_custom($_POST['form_proc_order_title'][$i]), $ptid, $ptid, $procedure_order_seq['increment']));
     sqlCommitTrans();
     $qres = sqlStatement("SELECT " . "q.procedure_code, q.question_code, q.options, q.fldtype " . "FROM procedure_type AS t " . "JOIN procedure_questions AS q ON q.lab_id = t.lab_id " . "AND q.procedure_code = t.procedure_code AND q.activity = 1 " . "WHERE t.procedure_type_id = ? " . "ORDER BY q.seq, q.question_text", array($ptid));
     while ($qrow = sqlFetchArray($qres)) {
         $options = trim($qrow['options']);
         $qcode = trim($qrow['question_code']);
         $fldtype = $qrow['fldtype'];
         $data = '';
         if ($fldtype == 'G') {
             if ($_POST["G1_{$prefix}{$qcode}"]) {
                 $data = $_POST["G1_{$prefix}{$qcode}"] * 7 + $_POST["G2_{$prefix}{$qcode}"];
             }
         } else {
             $data = $_POST["{$prefix}{$qcode}"];
         }
         if (!isset($data) || $data === '') {
Пример #24
0
                        $insert_value = $value;
                    }
                    $statement = sqlStatement("select id from " . mitigateSqlTableUpperCase("form_CAMOS_item") . " where item like \"{$insert_value}\" " . "and subcategory_id = {$subcategory_id}");
                    if ($result = sqlFetchArray($statement)) {
                        $item_id = $result['id'];
                    }
                } elseif ($mode == 'content') {
                    $statement = sqlStatement("select content from " . mitigateSqlTableUpperCase("form_CAMOS_item") . " where id = " . $item_id);
                    if ($result = sqlFetchArray($statement)) {
                        //$content = "/*old*/\n\n".$result['content']."\n\n/*new*/\n\n$value";
                        $content = $value;
                    } else {
                        $content = $value;
                    }
                    $query = "UPDATE " . mitigateSqlTableUpperCase("form_CAMOS_item") . " set content = \"{$content}\" where id = " . $item_id;
                    sqlInsert($query);
                }
            }
        }
        fclose($handle);
    }
}
?>
<html>
<head>
<title>
admin
</title>
</head>
<body>
<p>
Пример #25
0
<?php 
// If we are saving, then save and close the window.
//
if ($_POST['form_save']) {
    $ins_id = '';
    $ins_name = $_POST['form_name'];
    if ($ins_id) {
        // sql for updating could go here if this script is enhanced to support
        // editing of existing insurance companies.
    } else {
        $ins_id = generate_id();
        sqlInsert("INSERT INTO insurance_companies ( " . "id, name, attn, cms_id, freeb_type, x12_receiver_id, x12_default_partner_id " . ") VALUES ( " . $ins_id . ", " . "'" . $ins_name . "', " . "'" . $_POST['form_attn'] . "', " . "'" . $_POST['form_cms_id'] . "', " . "'" . $_POST['form_freeb_type'] . "', " . "'" . $_POST['form_partner'] . "', " . "'" . $_POST['form_partner'] . "' " . ")");
        sqlInsert("INSERT INTO addresses ( " . "id, line1, line2, city, state, zip, country, foreign_id " . ") VALUES ( " . generate_id() . ", " . "'" . $_POST['form_addr1'] . "', " . "'" . $_POST['form_addr2'] . "', " . "'" . $_POST['form_city'] . "', " . "'" . $_POST['form_state'] . "', " . "'" . $_POST['form_zip'] . "', " . "'" . $_POST['form_country'] . "', " . $ins_id . " " . ")");
        $phone_parts = array();
        preg_match("/(\\d\\d\\d)\\D*(\\d\\d\\d)\\D*(\\d\\d\\d\\d)/", $_POST['form_phone'], $phone_parts);
        sqlInsert("INSERT INTO phone_numbers ( " . "id, country_code, area_code, prefix, number, type, foreign_id " . ") VALUES ( " . generate_id() . ", " . "'+1'" . ", " . "'" . $phone_parts[1] . "', " . "'" . $phone_parts[2] . "', " . "'" . $phone_parts[3] . "', " . "'2'" . ", " . $ins_id . " " . ")");
    }
    // Close this window and tell our opener to select the new company.
    //
    echo "<script language='JavaScript'>\n";
    if ($info_msg) {
        echo " alert('{$info_msg}');\n";
    }
    echo " parent.\$.fn.fancybox.close();\n";
    echo " top.restoreSession();\n";
    echo " if (parent.set_insurance) parent.set_insurance({$ins_id},'{$ins_name}');\n";
    echo "</script></body></html>\n";
    exit;
}
// Query x12_partners.
$xres = sqlStatement("SELECT id, name FROM x12_partners ORDER BY name");
Пример #26
0
//
// Author:   Eldho Chacko <*****@*****.**>
//           Jacob T Paul <*****@*****.**>
//
// +------------------------------------------------------------------------------+
//SANITIZE ALL ESCAPES
$sanitize_all_escapes = true;
//
//STOP FAKE REGISTER GLOBALS
$fake_register_globals = false;
//
require_once "../../interface/globals.php";
if (trim($_POST['contextname']) != '' && $_POST['action'] == 'add') {
    $res = sqlStatement("SELECT * FROM customlists WHERE cl_list_type=2 AND cl_deleted=0 AND cl_list_item_long=?", array($_POST['contextname']));
    if (!sqlNumRows($res)) {
        $id = sqlInsert("INSERT INTO customlists (cl_list_type,cl_list_item_long) VALUES(?,?)", array(2, $_POST['contextname']));
        sqlStatement("UPDATE customlists SET cl_list_id=? WHERE cl_list_slno=?", array($id, $id));
    }
} elseif ($_POST['action'] == 'delete' && $_POST['item'] != '') {
    sqlStatement("UPDATE customlists SET cl_deleted=1 WHERE cl_list_type=2 AND cl_list_slno=?", array($_POST['item']));
} elseif ($_POST['action'] == 'update' && $_POST['item'] != '') {
    sqlStatement("UPDATE customlists SET cl_list_item_long=? WHERE cl_deleted=0 AND cl_list_type=2 AND cl_list_slno=?", array($_POST['updatecontextname'], $_POST['item']));
}
?>
<html>
    <head>
        <link rel="stylesheet" href="<?php 
echo $css_header;
?>
" type="text/css">
        <style>
Пример #27
0
         // => procedure_result.date
         $comment = $result->CommentText;
         //=> procedure_result.comments
         //Do something with result, ie put in DB
         //echo $resultCode . ":" .$value . " " . $unit. "\n";
         $check_type2 = sqlQuery("SELECT COUNT(*) AS count FROM procedure_type WHERE procedure_type_id = '" . add_escape_custom($resultCode) . "'");
         if ($check_type2['count'] <= 0) {
             $sql_type_data = "procedure_type_id = '" . add_escape_custom($resultCode) . "', " . "parent = '" . add_escape_custom($observationCode) . "', " . "name = '" . add_escape_custom($resultCodeTex) . "', " . "procedure_type = 'res'";
             $type_id = sqlInsert("INSERT INTO procedure_type SET {$sql_type_data}");
         }
         $result_status = mapResultStatus($resultStatus);
         $abnormalFlag = mapAbnormalStatus($abnormalFlag);
         $check_result = sqlQuery("SELECT COUNT(*) AS count, procedure_result_id FROM procedure_result WHERE procedure_report_id = '" . add_escape_custom($report_id) . "' AND procedure_type_id = '" . add_escape_custom($resultCode) . "'");
         if ($check_result['count'] <= 0) {
             $sql_result_data = "procedure_report_id = '" . add_escape_custom($report_id) . "', " . "procedure_type_id = '" . add_escape_custom($resultCode) . "', " . "date = DATE_FORMAT('" . add_escape_custom($resultDateTime . '00') . "', '%Y%m%d%H%i%s'), " . "facility = '" . add_escape_custom($str_facilityId) . "', " . "units = '" . add_escape_custom($unit) . "', " . "result = '" . add_escape_custom($value) . "', " . "`range` = '" . add_escape_custom($referenceRange) . "', " . "abnormal = '" . add_escape_custom($abnormalFlag) . "', " . "comments = '" . add_escape_custom($comment) . "', " . "result_status = '" . add_escape_custom($result_status) . "'";
             sqlInsert("INSERT INTO procedure_result SET {$sql_result_data}");
         } else {
             $sql_result_data = "date = DATE_FORMAT('" . add_escape_custom($resultDateTime . '00') . "', '%Y%m%d%H%i%s'), " . "facility = '" . add_escape_custom($str_facilityId) . "', " . "units = '" . add_escape_custom($unit) . "', " . "result = '" . add_escape_custom($value) . "', " . "`range` = '" . add_escape_custom($referenceRange) . "', " . "abnormal = '" . add_escape_custom($abnormalFlag) . "', " . "comments = '" . add_escape_custom($comment) . "', " . "result_status = '" . add_escape_custom($result_status) . "'";
             sqlStatement("UPDATE procedure_result SET {$sql_result_data} WHERE procedure_result_id = '" . add_escape_custom($check_result['procedure_result_id']) . "'");
         }
     }
     // Send a message regarding a report with pending review status.
     lab_results_messages($patient_id, $report_id, $user_id);
 }
 // Need to confirm that the lab result message has been received.
 // This is the url of the confirm request.
 $url = "confirm/" . $id;
 // Make the confirmation request.
 $response = $client->sendRequest($url, "POST");
 // Check response for success or error.
 if ($response->IsError) {
Пример #28
0
 $form_end = fixDate($_POST['form_end'], '');
 if ($text_type == 'football_injury') {
     $form_injury_part = $_POST['form_injury_part'];
     $form_injury_type = $_POST['form_injury_type'];
 } else {
     $form_injury_part = $_POST['form_medical_system'];
     $form_injury_type = $_POST['form_medical_type'];
 }
 if ($issue) {
     $query = "UPDATE lists SET " . "type = '" . $text_type . "', " . "title = '" . $_POST['form_title'] . "', " . "comments = '" . $_POST['form_comments'] . "', " . "begdate = " . QuotedOrNull($form_begin) . ", " . "enddate = " . QuotedOrNull($form_end) . ", " . "returndate = " . QuotedOrNull($form_return) . ", " . "diagnosis = '" . $_POST['form_diagnosis'] . "', " . "occurrence = '" . $_POST['form_occur'] . "', " . "classification = '" . $_POST['form_classification'] . "', " . "reinjury_id = '" . $_POST['form_reinjury_id'] . "', " . "referredby = '" . $_POST['form_referredby'] . "', " . "injury_grade = '" . $_POST['form_injury_grade'] . "', " . "injury_part = '" . $form_injury_part . "', " . "injury_type = '" . $form_injury_type . "', " . "outcome = '" . $_POST['form_outcome'] . "', " . "destination = '" . $_POST['form_destination'] . "', " . "reaction ='" . $_POST['form_reaction'] . "' " . "WHERE id = '{$issue}'";
     sqlStatement($query);
     if ($text_type == "medication" && enddate != '') {
         sqlStatement('UPDATE prescriptions SET ' . 'medication = 0 where patient_id = ' . $thispid . " and upper(trim(drug)) = '" . strtoupper($_POST['form_title']) . "' " . ' and medication = 1');
     }
 } else {
     $issue = sqlInsert("INSERT INTO lists ( " . "date, pid, type, title, activity, comments, begdate, enddate, returndate, " . "diagnosis, occurrence, classification, referredby, user, groupname, " . "outcome, destination, reinjury_id, injury_grade, injury_part, injury_type, " . "reaction " . ") VALUES ( " . "NOW(), " . "'{$thispid}', " . "'" . $text_type . "', " . "'" . $_POST['form_title'] . "', " . "1, " . "'" . $_POST['form_comments'] . "', " . QuotedOrNull($form_begin) . ", " . QuotedOrNull($form_end) . ", " . QuotedOrNull($form_return) . ", " . "'" . $_POST['form_diagnosis'] . "', " . "'" . $_POST['form_occur'] . "', " . "'" . $_POST['form_classification'] . "', " . "'" . $_POST['form_referredby'] . "', " . "'" . ${$_SESSION}['authUser'] . "', " . "'" . ${$_SESSION}['authProvider'] . "', " . "'" . $_POST['form_outcome'] . "', " . "'" . $_POST['form_destination'] . "', " . "'" . $_POST['form_reinjury_id'] . "', " . "'" . $_POST['form_injury_grade'] . "', " . "'" . $form_injury_part . "', " . "'" . $form_injury_type . "', " . "'" . $_POST['form_reaction'] . "' " . ")");
 }
 // For record/reporting purposes, place entry in lists_touch table.
 setListTouch($thispid, $text_type);
 if ($text_type == 'football_injury') {
     issue_football_injury_save($issue);
 }
 if ($text_type == 'ippf_gcac') {
     issue_ippf_gcac_save($issue);
 }
 if ($text_type == 'contraceptive') {
     issue_ippf_con_save($issue);
 }
 // If requested, link the issue to a specified encounter.
 if ($thisenc) {
     $query = "INSERT INTO issue_encounter ( " . "pid, list_id, encounter " . ") VALUES ( " . "'{$thispid}', '{$issue}', '{$thisenc}'" . ")";
Пример #29
0
</head>

<body class="body_top">
<?php 
// If we are saving, then save and close the window.
//
if ($_POST['form_save']) {
    $sets = "name = " . invalue('form_name') . ", " . "lab_id = " . invalue('form_lab_id') . ", " . "procedure_code = " . invalue('form_procedure_code') . ", " . "procedure_type = " . invalue('form_procedure_type') . ", " . "body_site = " . invalue('form_body_site') . ", " . "specimen = " . invalue('form_specimen') . ", " . "route_admin = " . invalue('form_route_admin') . ", " . "laterality = " . invalue('form_laterality') . ", " . "description = " . invalue('form_description') . ", " . "units = " . invalue('form_units') . ", " . "`range` = " . invalue('form_range') . ", " . "standard_code = " . invalue('form_standard_code') . ", " . "related_code = " . invalue('form_related_code') . ", " . "seq = " . invalue('form_seq');
    if ($typeid) {
        sqlStatement("UPDATE procedure_type SET {$sets} WHERE procedure_type_id = '{$typeid}'");
        // Get parent ID so we can refresh the tree view.
        $row = sqlQuery("SELECT parent FROM procedure_type WHERE " . "procedure_type_id = '{$typeid}'");
        $parent = $row['parent'];
    } else {
        $newid = sqlInsert("INSERT INTO procedure_type SET parent = '{$parent}', {$sets}");
        // $newid is not really used in this script
    }
} else {
    if ($_POST['form_delete']) {
        if ($typeid) {
            // Get parent ID so we can refresh the tree view after deleting.
            $row = sqlQuery("SELECT parent FROM procedure_type WHERE " . "procedure_type_id = '{$typeid}'");
            $parent = $row['parent'];
            recursiveDelete($typeid);
        }
    }
}
if ($_POST['form_save'] || $_POST['form_delete']) {
    // Find out if this parent still has any children.
    $trow = sqlQuery("SELECT procedure_type_id FROM procedure_type WHERE parent = '{$parent}' LIMIT 1");
Пример #30
0
function DOBandEncounter()
{
    global $event_date, $info_msg;
    // Save new DOB if it's there.
    $patient_dob = trim($_POST['form_dob']);
    if ($patient_dob && $_POST['form_pid']) {
        sqlStatement("UPDATE patient_data SET DOB = '{$patient_dob}' WHERE " . "pid = '" . $_POST['form_pid'] . "'");
    }
    // Auto-create a new encounter if appropriate.
    //
    if ($GLOBALS['auto_create_new_encounters'] && $_POST['form_apptstatus'] == '@' && $event_date == date('Y-m-d')) {
        $tmprow = sqlQuery("SELECT count(*) AS count FROM form_encounter WHERE " . "pid = '" . $_POST['form_pid'] . "' AND date = '{$event_date} 00:00:00'");
        if ($tmprow['count'] == 0) {
            $tmprow = sqlQuery("SELECT username, facility, facility_id FROM users WHERE id = '" . $_POST['form_provider'] . "'");
            $username = $tmprow['username'];
            $facility = $tmprow['facility'];
            // $facility_id = $tmprow['facility_id'];
            // use the session facility if it is set, otherwise the one from the provider.
            $facility_id = $_SESSION['pc_facility'] ? $_SESSION['pc_facility'] : $tmprow['facility_id'];
            $conn = $GLOBALS['adodb']['db'];
            $encounter = $conn->GenID("sequences");
            addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET " . "date = '{$event_date}', " . "onset_date = '{$event_date}', " . "reason = '" . formData("form_comments") . "', " . "facility = '{$facility}', " . "facility_id = '" . (int) $_POST['facility'] . "', " . "billing_facility = '" . (int) $_POST['billing_facility'] . "', " . "provider_id = '" . (int) $_POST['form_provider'] . "', " . "pid = '" . $_POST['form_pid'] . "', " . "encounter = '{$encounter}'"), "newpatient", $_POST['form_pid'], "1", "NOW()", $username);
            $info_msg .= "New encounter {$encounter} was created. ";
        }
    }
}