public static function batch_despatch($var, $func, $data_credentials)
{
global $pid;
if (UserService::valid($data_credentials)) {
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($func == 'ar_responsible_party') {
$patient_id = $pid;
$encounter_id = $var['encounter'];
$x['ar_responsible_party'] = ar_responsible_party($patient_id, $encounter_id);
return UserService::function_return_to_xml($x);
} elseif ($func == 'getInsuranceData') {
$type = $var['type'];
$given = $var['given'];
$x = getInsuranceData($pid, $type, $given);
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_select_list') {
$tag_name = $var['tag_name'];
$list_id = $var['list_id'];
$currvalue = $var['currvalue'];
$title = $var['title'];
$empty_name = $var['empty_name'];
$class = $var['class'];
$onchange = $var['onchange'];
$x['generate_select_list'] = generate_select_list($tag_name, $list_id, $currvalue, $title, $empty_name, $class, $onchange);
return UserService::function_return_to_xml($x);
} elseif ($func == 'xl_layout_label') {
$constant = $var['constant'];
$x['xl_layout_label'] = xl_layout_label($constant);
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_form_field') {
$frow = $var['frow'];
$currvalue = $var['currvalue'];
ob_start();
generate_form_field($frow, $currvalue);
$x['generate_form_field'] = ob_get_contents();
ob_end_clean();
return UserService::function_return_to_xml($x);
} elseif ($func == 'getInsuranceProviders') {
$i = $var['i'];
$provider = $var['provider'];
$insurancei = getInsuranceProviders();
$x = $insurancei;
return $x;
} elseif ($func == 'get_layout_form_value') {
$frow = $var['frow'];
$_POST = $var['post_array'];
$x['get_layout_form_value'] = get_layout_form_value($frow);
return UserService::function_return_to_xml($x);
} elseif ($func == 'updatePatientData') {
$patient_data = $var['patient_data'];
$create = $var['create'];
updatePatientData($pid, $patient_data, $create);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'updateEmployerData') {
$employer_data = $var['employer_data'];
$create = $var['create'];
updateEmployerData($pid, $employer_data, $create);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'newHistoryData') {
newHistoryData($pid);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'newInsuranceData') {
$_POST = $var[0];
foreach ($var as $key => $value) {
if ($key >= 3) {
$var[$key] = formData($value);
}
if ($key >= 1) {
$parameters[$key] = $var[$key];
}
}
$parameters[12] = fixDate($parameters[12]);
$parameters[27] = fixDate($parameters[27]);
call_user_func_array('newInsuranceData', $parameters);
$x['ok'] = 'ok';
return UserService::function_return_to_xml($x);
} elseif ($func == 'generate_layout_validation') {
$form_id = $var['form_id'];
ob_start();
generate_layout_validation($form_id);
$x = ob_get_clean();
return $x;
}
} else {
throw new SoapFault("Server", "credentials failed");
}
}
$data_type = $frow['data_type'];
$field_id = $frow['field_id'];
$table = 'patient_data';
if (isset($_POST["form_{$field_id}"])) {
$newdata[$table][$field_id] = get_layout_form_value($frow);
}
}
if (empty($ptid)) {
$tmp = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data");
$ptid = empty($tmp['pid']) ? 1 : intval($tmp['pid']);
if (empty($newdata['patient_data']['pubpid'])) {
// pubpid for new patient defaults to pid.
$newdata['patient_data']['pubpid'] = "{$ptid}";
}
updatePatientData($ptid, $newdata['patient_data'], true);
updateEmployerData($ptid, $newdata['employer_data'], true);
newHistoryData($ptid);
} else {
$newdata['patient_data']['id'] = $_POST['db_id'];
updatePatientData($ptid, $newdata['patient_data']);
}
// Finally, delete the request from the portal.
$result = cms_portal_call(array('action' => 'delpost', 'postid' => $postid));
if ($result['errmsg']) {
die(text($result['errmsg']));
}
echo "<html><body><script language='JavaScript'>\n";
echo "if (top.restoreSession) top.restoreSession(); else opener.top.restoreSession();\n";
echo "document.location.href = 'list_requests.php';\n";
echo "</script></body></html>\n";
exit;
// trust that it's OK to clear any field that is defined in the layout but not returned
// by the form.
//
$value = get_layout_form_value($frow);
// If edit option P or Q, save to the appropriate different table and skip the rest.
$source = $frow['source'];
if ($source == 'D' || $source == 'H') {
// Save to patient_data, employer_data or history_data.
if ($source == 'H') {
$new = array($field_id => $value);
updateHistoryData($pid, $new);
} else {
if (strpos($field_id, 'em_') === 0) {
$field_id = substr($field_id, 3);
$new = array($field_id => $value);
updateEmployerData($pid, $new);
} else {
$esc_field_id = escape_sql_column_name($field_id, array('patient_data'));
sqlStatement("UPDATE patient_data SET `{$esc_field_id}` = ? WHERE pid = ?", array($value, $pid));
}
}
continue;
} else {
if ($source == 'E') {
// Save to shared_attributes. Can't delete entries for empty fields because with the P option
// it's important to know when a current empty value overrides a previous value.
sqlStatement("REPLACE INTO shared_attributes SET " . "pid = ?, encounter = ?, field_id = ?, last_update = NOW(), " . "user_id = ?, field_value = ?", array($pid, $encounter, $field_id, $_SESSION['authUserID'], $value));
continue;
} else {
if ($source == 'V') {
// Save to form_encounter.
public function update_audited_data($var)
{
$data_credentials = $var[0];
$validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events");
if (UserService::valid($data_credentials)) {
$audit_master_id = $var['audit_master_id'];
$res = sqlStatement("SELECT * FROM audit_master where id=? and approval_status='1' and type='3' ", array($audit_master_id));
if (sqlNumRows($res) > 0) {
return;
}
$res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=?", array($audit_master_id));
$tablecnt = sqlNumRows($res);
while ($row = sqlFetchArray($res)) {
$pid = $row['pid'];
$resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name']));
$table = $row['table_name'];
$cnt = 0;
foreach ($validtables as $value) {
//Update will execute if and only if all tables are validtables
if ($value == $table) {
$cnt++;
}
}
if ($cnt > 0) {
while ($rowfield = sqlFetchArray($resfield)) {
if ($table == 'patient_data') {
$newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'employer_data') {
$newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'insurance_data') {
$ins1_type = "primary";
$ins2_type = "secondary";
$ins3_type = "tertiary";
for ($i = 1; $i <= 3; $i++) {
$newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value'];
}
}
if ($table == 'openemr_postcalendar_events') {
$newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value'];
}
}
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($table == 'patient_data') {
$pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid));
$newdata['patient_data']['id'] = $pdrow['id'];
updatePatientData($pid, $newdata['patient_data']);
} elseif ($table == 'employer_data') {
updateEmployerData($pid, $newdata['employer_data']);
} elseif ($table == 'insurance_data') {
for ($i = 1; $i <= 3; $i++) {
newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment']));
}
} elseif ($table == 'openemr_postcalendar_events') {
sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')");
}
} else {
throw new SoapFault("Server", "Table Not Supported error message");
}
}
} else {
throw new SoapFault("Server", "credentials failed");
}
}
/**
* Create a patient using whatever patient_data attributes are provided.
*/
function create_skeleton_patient($patient_data)
{
$employer_data = array();
$tmp = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data");
$ptid = empty($tmp['pid']) ? 1 : intval($tmp['pid']);
if (!isset($patient_data['pubpid'])) {
$patient_data['pubpid'] = $ptid;
}
updatePatientData($ptid, $patient_data, true);
updateEmployerData($ptid, $employer_data, true);
newHistoryData($ptid);
return $ptid;
}
$fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = 'DEM' AND uor > 0 AND field_id != '' " . "ORDER BY group_name, seq");
while ($frow = sqlFetchArray($fres)) {
$data_type = $frow['data_type'];
$field_id = $frow['field_id'];
// $value = '';
$colname = $field_id;
$table = 'patient_data';
if (strpos($field_id, 'em_') === 0) {
$colname = substr($field_id, 3);
$table = 'employer_data';
}
// if (isset($_POST["form_$field_id"])) $value = $_POST["form_$field_id"];
$value = get_layout_form_value($frow);
$newdata[$table][$colname] = $value;
}
updatePatientData($pid, $newdata['patient_data']);
updateEmployerData($pid, $newdata['employer_data']);
$i1dob = fixDate(formData("i1subscriber_DOB"));
$i1date = fixDate(formData("i1effective_date"), date('Y-m-d'));
newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment'));
$i2dob = fixDate(formData("i2subscriber_DOB"));
$i2date = fixDate(formData("i2effective_date"), date('Y-m-d'));
newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment'));
$i3dob = fixDate(formData("i3subscriber_DOB"));
$i3date = fixDate(formData("i3effective_date"), date('Y-m-d'));
newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment'));
if ($GLOBALS['concurrent_layout']) {
include_once "demographics.php";
} else {
include_once "patient_summary.php";
}
public function update_audited_data($var)
{
$data_credentials = $var[0];
$last_insert_ids = array();
$validtables = array("patient_data", "employer_data", "insurance_data", "history_data", "openemr_postcalendar_events", "ar_session", "documents_legal_master", "documents_legal_detail", "patient_access_offsite");
if (UserService::valid($data_credentials)) {
$audit_master_id = $var['audit_master_id'];
$res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=? ORDER BY ad.id", array($audit_master_id));
$tablecnt = sqlNumRows($res);
while ($row = sqlFetchArray($res)) {
if ($row['pid']) {
$pid = $row['pid'];
}
$resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=?", array($audit_master_id, $row['table_name']));
$table = $row['table_name'];
$cnt = 0;
foreach ($validtables as $value) {
//Update will execute if and only if all tables are validtables
if ($value == $table) {
$cnt++;
}
}
if ($cnt > 0) {
while ($rowfield = sqlFetchArray($resfield)) {
if ($rowfield['field_name'] == 'pid') {
continue;
}
if ($table == 'patient_data') {
$newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'employer_data') {
$newdata['employer_data'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'insurance_data') {
$ins1_type = "primary";
$ins2_type = "secondary";
$ins3_type = "tertiary";
for ($i = 1; $i <= 3; $i++) {
$newdata[$rowfield['entry_identification']][$rowfield['field_name']] = $rowfield['field_value'];
}
}
if ($table == 'openemr_postcalendar_events') {
$newdata['openemr_postcalendar_events'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'ar_session') {
$newdata['ar_session'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'documents_legal_master') {
$newdata['documents_legal_master'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'documents_legal_detail') {
$newdata['documents_legal_detail'][$rowfield['field_name']] = $rowfield['field_value'];
}
if ($table == 'patient_access_offsite') {
$newdata['patient_access_offsite'][$rowfield['field_name']] = $rowfield['field_value'];
if ($rowfield['field_name'] == 'portal_pwd') {
$newdata['patient_access_offsite']['pass_id'] = $rowfield['id'];
}
}
}
require_once "../../library/invoice_summary.inc.php";
require_once "../../library/options.inc.php";
require_once "../../library/acl.inc";
require_once "../../library/patient.inc";
if ($table == 'patient_data') {
$pdrow = sqlQuery("SELECT id from patient_data WHERE pid=?", array($pid));
if ($pdrow['id']) {
$newdata['patient_data']['id'] = $pdrow['id'];
updatePatientData($pid, $newdata['patient_data']);
} else {
$prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
$pid = $prow['pid'];
$newdata['patient_data']['pubpid'] = $pid;
updatePatientData($pid, $newdata['patient_data'], true);
}
} elseif ($table == 'employer_data') {
updateEmployerData($pid, $newdata['employer_data']);
} elseif ($table == 'insurance_data') {
for ($i = 1; $i <= 3; $i++) {
newInsuranceData($pid, add_escape_custom($newdata[${ins . $i . _type}]['type']), add_escape_custom($newdata[${ins . $i . _type}]['provider']), add_escape_custom($newdata[${ins . $i . _type}]['policy_number']), add_escape_custom($newdata[${ins . $i . _type}]['group_number']), add_escape_custom($newdata[${ins . $i . _type}]['plan_name']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_lname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_mname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_fname']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_relationship']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_ss']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_DOB']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_country']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_phone']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_street']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_city']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_postal_code']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_state']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_employer_country']), add_escape_custom($newdata[${ins . $i . _type}]['copay']), add_escape_custom($newdata[${ins . $i . _type}]['subscriber_sex']), add_escape_custom($newdata[${ins . $i . _type}]['date']), add_escape_custom($newdata[${ins . $i . _type}]['accept_assignment']));
}
} elseif ($table == 'openemr_postcalendar_events') {
sqlInsert("INSERT INTO openemr_postcalendar_events ( " . "pc_pid,pc_title,pc_time,pc_hometext,pc_eventDate,pc_endDate,pc_startTime,pc_endTime,pc_duration,pc_catid,pc_eventstatus,pc_aid,pc_facility" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_title']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_hometext']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_eventDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endDate']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_startTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_endTime']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_duration']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_catid']) . "', " . "1, " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_aid']) . "', " . "'" . add_escape_custom($newdata['openemr_postcalendar_events']['pc_facility']) . "')");
} elseif ($table == 'ar_session') {
sqlInsert("INSERT INTO ar_session ( " . "payer_id, user_id, reference, check_date, pay_total, modified_time, payment_type, description, post_to_date, patient_id, payment_method" . ") VALUES ( " . "'" . add_escape_custom($newdata['ar_session']['payer_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['user_id']) . "', " . "'" . add_escape_custom($newdata['ar_session']['reference']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['pay_total']) . "', " . "NOW(), " . "'" . add_escape_custom($newdata['ar_session']['payment_type']) . "', " . "'" . add_escape_custom($newdata['ar_session']['description']) . "', " . "NOW(), " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['ar_session']['payment_method']) . "')");
} elseif ($table == 'documents_legal_master') {
$master_doc_id = sqlInsert("INSERT INTO documents_legal_master ( " . "dlm_category,dlm_subcategory,dlm_document_name,dlm_filepath,dlm_facility,dlm_provider,dlm_sign_height,dlm_sign_width,dlm_filename,dlm_effective_date,dlm_version,content,dlm_savedsign,dlm_review,dlm_upload_type" . ") VALUES ( " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_category']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_subcategory']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_document_name']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filepath'] . "/{$pid}") . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_height']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_width']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_effective_date']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_version']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_savedsign']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_review']) . "', " . "'" . add_escape_custom($newdata['documents_legal_master']['dlm_upload_type']) . "')");
$last_insert_ids['dlm_id'] = $master_doc_id;
} elseif ($table == 'documents_legal_detail') {
if ($master_doc_id) {
$mdoc_id = $master_doc_id;
} else {
$mdoc_id = $newdata['documents_legal_detail']['dld_master_docid'];
}
$last_insert_ids['dld_id'] = sqlInsert("INSERT INTO documents_legal_detail ( " . "dld_pid,dld_facility,dld_provider,dld_encounter,dld_master_docid,dld_signed,dld_signed_time,dld_filepath,dld_filename,dld_signing_person,dld_sign_level,dld_content,dld_file_for_pdf_generation,dld_denial_reason,dld_moved,dld_patient_comments" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_facility']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_provider']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_encounter']) . "', " . "'" . add_escape_custom($mdoc_id) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed_time']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filepath']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filename']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signing_person']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_sign_level']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_content']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_file_for_pdf_generation']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_denial_reason']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_moved']) . "', " . "'" . add_escape_custom($newdata['documents_legal_detail']['dld_patient_comments']) . "')");
} elseif ($table == 'patient_access_offsite') {
$query = sqlStatement("SELECT * FROM patient_access_offsite WHERE portal_username = '******'patient_access_offsite']['portal_username'] . "'");
if (sqlNumRows($query) == 0) {
sqlInsert("INSERT INTO patient_access_offsite ( " . "pid,portal_username,portal_pwd,portal_pwd_status" . ") VALUES ( " . "'" . add_escape_custom($pid) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_username']) . "', " . "'" . add_escape_custom($newdata['patient_access_offsite']['portal_pwd']) . "', " . "0)");
sqlQuery("UPDATE audit_details SET field_value = ? WHERE id = ?", array($this->generatePassword(), $newdata['patient_access_offsite']['pass_id']));
}
}
} else {
throw new SoapFault("Server", "Table Not Supported error message");
}
}
return $last_insert_ids;
} else {
throw new SoapFault("Server", "credentials failed");
}
}
