function graphsGetValues($name)
{
global $is_lbf, $pid, $table;
if ($is_lbf) {
// Like below, but for LBF data.
$values = sqlStatement("SELECT " . "ld.field_value AS " . add_escape_custom($name) . ", " . "UNIX_TIMESTAMP(f.date) as unix_date " . "FROM forms AS f, lbf_data AS ld WHERE " . "f.pid = ? AND " . "f.formdir = ? AND " . "f.deleted = 0 AND " . "ld.form_id = f.form_id AND " . "ld.field_id = ? AND " . "ld.field_value != '0' " . "ORDER BY f.date", array($pid, $table, $name));
} else {
// Collect the pertinent info and ranges
// (Note am skipping values of zero, this could be made to be
// optional in the future when using lab values)
$values = SqlStatement("SELECT " . add_escape_custom($name) . ", " . "UNIX_TIMESTAMP(date) as unix_date " . "FROM " . add_escape_custom($table) . " " . "WHERE " . add_escape_custom($name) . " != 0 " . "AND pid = ? ORDER BY date", array($pid));
}
return $values;
}
function insert_language_log($lang_desc, $lang_code, $cons_name, $def)
{
// set up the mysql collation string to ensure case is sensitive in the mysql queries
if (!$disable_utf8_flag) {
$case_sensitive_collation = "COLLATE utf8_bin";
} else {
$case_sensitive_collation = "COLLATE latin_bin";
}
if ($cons_name == '') {
// NEW LANGUAGE
// (ensure not a repeat log entry)
$sql = "SELECT * FROM lang_custom WHERE constant_name='' AND lang_description=? " . $case_sensitive_collation;
$res_test = SqlStatement($sql, array($lang_desc));
if (!SqlFetchArray($res_test)) {
$sql = "INSERT INTO lang_custom SET lang_code=?, lang_description=?";
SqlStatement($sql, array($lang_code, $lang_desc));
}
} elseif ($lang_desc == '') {
// NEW CONSTANT
// (ensure not a repeat entry)
$sql = "SELECT * FROM lang_custom WHERE lang_description='' AND constant_name=? " . $case_sensitive_collation;
$res_test = SqlStatement($sql, array($cons_name));
if (!SqlFetchArray($res_test)) {
$sql = "INSERT INTO lang_custom SET constant_name=?";
SqlStatement($sql, array($cons_name));
}
} else {
// FULL ENTRY
// (ensure not a repeat log entry)
$sql = "SELECT * FROM lang_custom WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation . " AND definition=? " . $case_sensitive_collation;
$res_test = SqlStatement($sql, array($lang_desc, $cons_name, $def));
if (!SqlFetchArray($res_test)) {
// either modify already existing log entry or create a new one
$sql = "SELECT * FROM lang_custom WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation;
$res_test2 = SqlStatement($sql, array($lang_desc, $cons_name));
if (SqlFetchArray($res_test2)) {
// modify existing log entry(s)
$sql = "UPDATE lang_custom SET definition=? WHERE lang_description=? " . $case_sensitive_collation . " AND constant_name=? " . $case_sensitive_collation;
SqlStatement($sql, array($def, $lang_desc, $cons_name));
} else {
// create new log entry
$sql = "INSERT INTO lang_custom (lang_description,lang_code,constant_name,definition) VALUES (?,?,?,?)";
SqlStatement($sql, array($lang_desc, $lang_code, $cons_name, $def));
}
}
}
}
function xl($constant, $mode = 'r', $prepend = '', $append = '')
{
// set language id
if (!empty($_SESSION['language_choice'])) {
$lang_id = $_SESSION['language_choice'];
} else {
$lang_id = 1;
}
if ($lang_id == 1 && !empty($GLOBALS['skip_english_translation'])) {
// language id = 1, so no need to translate
$string = $constant;
} else {
// TRANSLATE
// first, clean lines
// convert new lines to spaces and remove windows end of lines
$patterns = array('/\\n/', '/\\r/');
$replace = array(' ', '');
$constant = preg_replace($patterns, $replace, $constant);
// second, attempt translation
$sql = "SELECT * FROM lang_definitions JOIN lang_constants ON " . "lang_definitions.cons_id = lang_constants.cons_id WHERE " . "lang_id='{$lang_id}' AND constant_name = '" . add_escape_custom($constant) . "' LIMIT 1";
$res = SqlStatement($sql);
$row = SqlFetchArray($res);
$string = $row['definition'];
if ($string == '') {
$string = "{$constant}";
}
// remove dangerous characters
$patterns = array('/\\n/', '/\\r/', '/"/', "/'/");
$replace = array(' ', '', '`', '`');
$string = preg_replace($patterns, $replace, $string);
}
$string = "{$prepend}" . "{$string}" . "{$append}";
if ($mode == 'e') {
echo $string;
} else {
return $string;
}
}
$defaultLangID = 1;
$defaultLangName = "English";
}
// set session variable to default so login information appears in default language
$_SESSION['language_choice'] = $defaultLangID;
// collect languages if showing language menu
if ($GLOBALS['language_menu_login']) {
// sorting order of language titles depends on language translation options.
$mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
$sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
$res3 = SqlStatement($sql);
} else {
// Use and sort by the translated language name.
$sql = "SELECT ll.lang_id, " . "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " . "ll.lang_description " . "FROM lang_languages AS ll " . "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " . "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " . "ld.lang_id = '{$mainLangID}' " . "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
$res3 = SqlStatement($sql);
}
for ($iter = 0; $row = sqlFetchArray($res3); $iter++) {
$result3[$iter] = $row;
}
if (count($result3) == 1) {
//default to english if only return one language
echo "<input type='hidden' name='languageChoice' value='1' />\n";
}
} else {
echo "<input type='hidden' name='languageChoice' value='" . $defaultLangID . "' />\n";
}
?>
<table width="100%" height="90%">
<td align='center' valign='middle' width='34%'>
$modifier = trim($iter['mod']);
if (!$cod0 && $code_types[$code_type]['fee'] == 1) {
$mod0 = $modifier;
$cod0 = $code;
$ct0 = $code_type;
}
$units = max(1, intval(trim($iter['units'])));
$fee = sprintf('%01.2f', (0 + trim($iter['price'])) * $units);
if ($code_type == 'COPAY') {
if ($id == '') {
//adding new copay from fee sheet into ar_session and ar_activity tables
if ($fee < 0) {
$fee = $fee * -1;
}
$session_id = idSqlStatement("INSERT INTO ar_session(payer_id,user_id,pay_total,payment_type,description," . "patient_id,payment_method,adjustment_code,post_to_date) VALUES('0',?,?,'patient','COPAY',?,'','patient_payment',now())", array($_SESSION['authId'], $fee, $pid));
SqlStatement("INSERT INTO ar_activity (pid,encounter,code_type,code,modifier,payer_type,post_time,post_user,session_id," . "pay_amount,account_code) VALUES (?,?,?,?,?,0,now(),?,?,?,'PCP')", array($pid, $encounter, $ct0, $cod0, $mod0, $_SESSION['authId'], $session_id, $fee));
} else {
//editing copay saved to ar_session and ar_activity
if ($fee < 0) {
$fee = $fee * -1;
}
$session_id = $id;
$res_amount = sqlQuery("SELECT pay_amount FROM ar_activity WHERE pid=? AND encounter=? AND session_id=?", array($pid, $encounter, $session_id));
if ($fee != $res_amount['pay_amount']) {
sqlStatement("UPDATE ar_session SET user_id=?,pay_total=?,modified_time=now(),post_to_date=now() WHERE session_id=?", array($_SESSION['authId'], $fee, $session_id));
sqlStatement("UPDATE ar_activity SET code_type=?, code=?, modifier=?, post_user=?, post_time=now()," . "pay_amount=?, modified_time=now() WHERE pid=? AND encounter=? AND account_code='PCP' AND session_id=?", array($ct0, $cod0, $mod0, $_SESSION['authId'], $fee, $pid, $encounter, $session_id));
}
}
if (!$cod0) {
$copay_update = TRUE;
$update_session_id = $session_id;
} else {
$def = $row['definition'];
}
$stringTemp .= '<td>' . htmlspecialchars($def, ENT_NOQUOTES) . '</td>';
$row = SqlFetchArray($res);
// jump one to get the second language selected
if ($row['def_id'] == '' or $row['def_id'] == 'NULL') {
$cons_name = "cons_id[" . $row['cons_id'] . "]";
if ($lang_filter_def == '%') {
$isShow = true;
}
// if there is a previous definition
} else {
$cons_name = "def_id[" . $row['def_id'] . "]";
$sql = "SELECT definition FROM lang_definitions WHERE def_id=? AND definition LIKE ?";
$res2 = SqlStatement($sql, array($row['def_id'], $lang_filter_def));
if (SqlFetchArray($res2)) {
$isShow = true;
}
}
$stringTemp .= '<td><INPUT TYPE="text" size="50" NAME="' . htmlspecialchars($cons_name, ENT_QUOTES) . '" value="' . htmlspecialchars($row['definition'], ENT_QUOTES) . '">';
$stringTemp .= '</td></tr>';
if ($isShow) {
//definition filter passed, so show
echo $stringTemp;
$isResults = true;
}
}
echo '<INPUT TYPE="hidden" name="lang_id" value="' . htmlspecialchars($lang_id, ENT_QUOTES) . '">';
}
if ($isResults) {
public function save(&$bill, &$prod, $main_provid = NULL, $main_supid = NULL, $default_warehouse = NULL, $mark_as_closed = false)
{
global $code_types;
if (isset($main_provid) && $main_supid == $main_provid) {
$main_supid = 0;
}
$copay_update = FALSE;
$update_session_id = '';
$ct0 = '';
// takes the code type of the first fee type code type entry from the fee sheet, against which the copay is posted
$cod0 = '';
// takes the code of the first fee type code type entry from the fee sheet, against which the copay is posted
$mod0 = '';
// takes the modifier of the first fee type code type entry from the fee sheet, against which the copay is posted
if (is_array($bill)) {
foreach ($bill as $iter) {
// Skip disabled (billed) line items.
if (!empty($iter['billed'])) {
continue;
}
$id = $iter['id'];
$code_type = $iter['code_type'];
$code = $iter['code'];
$del = !empty($iter['del']);
$units = empty($iter['units']) ? 1 : intval($iter['units']);
$price = empty($iter['price']) ? 0 : 0 + trim($iter['price']);
$pricelevel = empty($iter['pricelevel']) ? '' : $iter['pricelevel'];
$modifier = empty($iter['mod']) ? '' : trim($iter['mod']);
$justify = empty($iter['justify']) ? '' : trim($iter['justify']);
$notecodes = empty($iter['notecodes']) ? '' : trim($iter['notecodes']);
$provid = empty($iter['provid']) ? 0 : intval($iter['provid']);
$fee = sprintf('%01.2f', $price * $units);
if (!$cod0 && $code_types[$code_type]['fee'] == 1) {
$mod0 = $modifier;
$cod0 = $code;
$ct0 = $code_type;
}
if ($code_type == 'COPAY') {
if ($fee < 0) {
$fee = $fee * -1;
}
if (!$id) {
// adding new copay from fee sheet into ar_session and ar_activity tables
$session_id = idSqlStatement("INSERT INTO ar_session " . "(payer_id, user_id, pay_total, payment_type, description, patient_id, payment_method, " . "adjustment_code, post_to_date) " . "VALUES ('0',?,?,'patient','COPAY',?,'','patient_payment',now())", array($_SESSION['authId'], $fee, $this->pid));
sqlBeginTrans();
$sequence_no = sqlQuery("SELECT IFNULL(MAX(sequence_no),0) + 1 AS increment FROM ar_activity WHERE " . "pid = ? AND encounter = ?", array($this->pid, $this->encounter));
SqlStatement("INSERT INTO ar_activity (pid, encounter, sequence_no, code_type, code, modifier, " . "payer_type, post_time, post_user, session_id, " . "pay_amount, account_code) VALUES (?,?,?,?,?,?,0,now(),?,?,?,'PCP')", array($this->pid, $this->encounter, $sequence_no['increment'], $ct0, $cod0, $mod0, $_SESSION['authId'], $session_id, $fee));
sqlCommitTrans();
} else {
// editing copay saved to ar_session and ar_activity
$session_id = $id;
$res_amount = sqlQuery("SELECT pay_amount FROM ar_activity WHERE pid=? AND encounter=? AND session_id=?", array($this->pid, $this->encounter, $session_id));
if ($fee != $res_amount['pay_amount']) {
sqlStatement("UPDATE ar_session SET user_id=?,pay_total=?,modified_time=now(),post_to_date=now() WHERE session_id=?", array($_SESSION['authId'], $fee, $session_id));
sqlStatement("UPDATE ar_activity SET code_type=?, code=?, modifier=?, post_user=?, post_time=now()," . "pay_amount=?, modified_time=now() WHERE pid=? AND encounter=? AND account_code='PCP' AND session_id=?", array($ct0, $cod0, $mod0, $_SESSION['authId'], $fee, $this->pid, $this->encounter, $session_id));
}
}
if (!$cod0) {
$copay_update = TRUE;
$update_session_id = $session_id;
}
continue;
}
# Code to create justification for all codes based on first justification
if ($GLOBALS['replicate_justification'] == '1') {
if ($justify != '') {
$autojustify = $justify;
}
}
if ($GLOBALS['replicate_justification'] == '1' && $justify == '' && check_is_code_type_justify($code_type)) {
$justify = $autojustify;
}
if ($justify) {
$justify = str_replace(',', ':', $justify) . ':';
}
$auth = "1";
$ndc_info = '';
if (!empty($iter['ndcnum'])) {
$ndc_info = 'N4' . trim($iter['ndcnum']) . ' ' . $iter['ndcuom'] . trim($iter['ndcqty']);
}
// If the item is already in the database...
if ($id) {
if ($del) {
$this->logFSMessage(xl('Service deleted'));
deleteBilling($id);
} else {
$tmp = sqlQuery("SELECT * FROM billing WHERE id = ? AND (billed = 0 or billed is NULL) AND activity = 1", array($id));
if (!empty($tmp)) {
$tmparr = array('code' => $code, 'authorized' => $auth);
if (isset($iter['units'])) {
$tmparr['units'] = $units;
}
if (isset($iter['price'])) {
$tmparr['fee'] = $fee;
}
if (isset($iter['pricelevel'])) {
$tmparr['pricelevel'] = $pricelevel;
}
if (isset($iter['mod'])) {
$tmparr['modifier'] = $modifier;
}
if (isset($iter['provid'])) {
$tmparr['provider_id'] = $provid;
}
if (isset($iter['ndcnum'])) {
$tmparr['ndc_info'] = $ndc_info;
}
if (isset($iter['justify'])) {
$tmparr['justify'] = $justify;
}
if (isset($iter['notecodes'])) {
$tmparr['notecodes'] = $notecodes;
}
foreach ($tmparr as $key => $value) {
if ($tmp[$key] != $value) {
if ('fee' == $key) {
$this->logFSMessage(xl('Price changed'));
}
if ('units' == $key) {
$this->logFSMessage(xl('Quantity changed'));
}
if ('provider_id' == $key) {
$this->logFSMessage(xl('Service provider changed'));
}
sqlStatement("UPDATE billing SET `{$key}` = ? WHERE id = ?", array($value, $id));
}
}
}
}
} else {
if (!$del) {
$this->logFSMessage(xl('Service added'));
$code_text = lookup_code_descriptions($code_type . ":" . $code);
addBilling($this->encounter, $code_type, $code, $code_text, $this->pid, $auth, $provid, $modifier, $units, $fee, $ndc_info, $justify, 0, $notecodes, $pricelevel);
}
}
}
}
// end for
// if modifier is not inserted during loop update the record using the first
// non-empty modifier and code
if ($copay_update == TRUE && $update_session_id != '' && $mod0 != '') {
sqlStatement("UPDATE ar_activity SET code_type = ?, code = ?, modifier = ?" . " WHERE pid = ? AND encounter = ? AND account_code = 'PCP' AND session_id = ?", array($ct0, $cod0, $mod0, $this->pid, $this->encounter, $update_session_id));
}
// Doing similarly to the above but for products.
if (is_array($prod)) {
foreach ($prod as $iter) {
// Skip disabled (billed) line items.
if (!empty($iter['billed'])) {
continue;
}
$drug_id = $iter['drug_id'];
$selector = empty($iter['selector']) ? '' : $iter['selector'];
$sale_id = $iter['sale_id'];
// present only if already saved
$units = max(1, intval(trim($iter['units'])));
$price = empty($iter['price']) ? 0 : 0 + trim($iter['price']);
$pricelevel = empty($iter['pricelevel']) ? '' : $iter['pricelevel'];
$fee = sprintf('%01.2f', $price * $units);
$del = !empty($iter['del']);
$rxid = 0;
$warehouse_id = empty($iter['warehouse']) ? '' : $iter['warehouse'];
$somechange = false;
// If the item is already in the database...
if ($sale_id) {
$tmprow = sqlQuery("SELECT ds.prescription_id, ds.quantity, ds.inventory_id, ds.fee, " . "ds.sale_date, di.warehouse_id " . "FROM drug_sales AS ds " . "LEFT JOIN drug_inventory AS di ON di.inventory_id = ds.inventory_id " . "WHERE ds.sale_id = ?", array($sale_id));
$rxid = 0 + $tmprow['prescription_id'];
if ($del) {
if (!empty($tmprow)) {
// Delete this sale and reverse its inventory update.
$this->logFSMessage(xl('Product deleted'));
sqlStatement("DELETE FROM drug_sales WHERE sale_id = ?", array($sale_id));
if (!empty($tmprow['inventory_id'])) {
sqlStatement("UPDATE drug_inventory SET on_hand = on_hand + ? WHERE inventory_id = ?", array($tmprow['quantity'], $tmprow['inventory_id']));
}
}
if ($rxid) {
sqlStatement("DELETE FROM prescriptions WHERE id = ?", array($rxid));
}
} else {
// Modify the sale and adjust inventory accordingly.
if (!empty($tmprow)) {
foreach (array('quantity' => $units, 'fee' => $fee, 'pricelevel' => $pricelevel, 'selector' => $selector, 'sale_date' => $this->visit_date) as $key => $value) {
if ($tmprow[$key] != $value) {
$somechange = true;
if ('fee' == $key) {
$this->logFSMessage(xl('Price changed'));
}
if ('pricelevel' == $key) {
$this->logFSMessage(xl('Price level changed'));
}
if ('selector' == $key) {
$this->logFSMessage(xl('Template selector changed'));
}
if ('quantity' == $key) {
$this->logFSMessage(xl('Quantity changed'));
}
sqlStatement("UPDATE drug_sales SET `{$key}` = ? WHERE sale_id = ?", array($value, $sale_id));
if ($key == 'quantity' && $tmprow['inventory_id']) {
sqlStatement("UPDATE drug_inventory SET on_hand = on_hand - ? WHERE inventory_id = ?", array($units - $tmprow['quantity'], $tmprow['inventory_id']));
}
}
}
if ($tmprow['inventory_id'] && $warehouse_id && $warehouse_id != $tmprow['warehouse_id']) {
// Changing warehouse. Requires deleting and re-adding the sale.
// Not setting $somechange because this alone does not affect a prescription.
$this->logFSMessage(xl('Warehouse changed'));
sqlStatement("DELETE FROM drug_sales WHERE sale_id = ?", array($sale_id));
sqlStatement("UPDATE drug_inventory SET on_hand = on_hand + ? WHERE inventory_id = ?", array($units, $tmprow['inventory_id']));
$tmpnull = null;
$sale_id = sellDrug($drug_id, $units, $fee, $this->pid, $this->encounter, empty($iter['rx']) ? 0 : $rxid, $this->visit_date, '', $warehouse_id, false, $tmpnull, $pricelevel, $selector);
}
}
// Delete Rx if $rxid and flag not set.
if ($GLOBALS['gbl_auto_create_rx'] && $rxid && empty($iter['rx'])) {
sqlStatement("UPDATE drug_sales SET prescription_id = 0 WHERE sale_id = ?", array($sale_id));
sqlStatement("DELETE FROM prescriptions WHERE id = ?", array($rxid));
}
}
} else {
if (!$del) {
$somechange = true;
$this->logFSMessage(xl('Product added'));
$tmpnull = null;
$sale_id = sellDrug($drug_id, $units, $fee, $this->pid, $this->encounter, 0, $this->visit_date, '', $warehouse_id, false, $tmpnull, $pricelevel, $selector);
if (!$sale_id) {
die(xlt("Insufficient inventory for product ID") . " \"" . text($drug_id) . "\".");
}
}
}
// If a prescription applies, create or update it.
if (!empty($iter['rx']) && !$del && ($somechange || empty($rxid))) {
// If an active rx already exists for this drug and date we will
// replace it, otherwise we'll make a new one.
if (empty($rxid)) {
$rxid = '';
}
// Get default drug attributes; prefer the template with the matching selector.
$drow = sqlQuery("SELECT dt.*, " . "d.name, d.form, d.size, d.unit, d.route, d.substitute " . "FROM drugs AS d, drug_templates AS dt WHERE " . "d.drug_id = ? AND dt.drug_id = d.drug_id " . "ORDER BY (dt.selector = ?) DESC, dt.quantity, dt.dosage, dt.selector LIMIT 1", array($drug_id, $selector));
if (!empty($drow)) {
$rxobj = new Prescription($rxid);
$rxobj->set_patient_id($this->pid);
$rxobj->set_provider_id(isset($main_provid) ? $main_provid : $this->provider_id);
$rxobj->set_drug_id($drug_id);
$rxobj->set_quantity($units);
$rxobj->set_per_refill($units);
$rxobj->set_start_date_y(substr($this->visit_date, 0, 4));
$rxobj->set_start_date_m(substr($this->visit_date, 5, 2));
$rxobj->set_start_date_d(substr($this->visit_date, 8, 2));
$rxobj->set_date_added($this->visit_date);
// Remaining attributes are the drug and template defaults.
$rxobj->set_drug($drow['name']);
$rxobj->set_unit($drow['unit']);
$rxobj->set_dosage($drow['dosage']);
$rxobj->set_form($drow['form']);
$rxobj->set_refills($drow['refills']);
$rxobj->set_size($drow['size']);
$rxobj->set_route($drow['route']);
$rxobj->set_interval($drow['period']);
$rxobj->set_substitute($drow['substitute']);
//
$rxobj->persist();
// Set drug_sales.prescription_id to $rxobj->get_id().
$oldrxid = $rxid;
$rxid = 0 + $rxobj->get_id();
if ($rxid != $oldrxid) {
sqlStatement("UPDATE drug_sales SET prescription_id = ? WHERE sale_id = ?", array($rxid, $sale_id));
}
}
}
}
}
// end for
// Set default and/or supervising provider for the encounter.
if (isset($main_provid) && $main_provid != $this->provider_id) {
$this->logFSMessage(xl('Default provider changed'));
sqlStatement("UPDATE form_encounter SET provider_id = ? WHERE pid = ? AND encounter = ?", array($main_provid, $this->pid, $this->encounter));
$this->provider_id = $main_provid;
}
if (isset($main_supid) && $main_supid != $this->supervisor_id) {
sqlStatement("UPDATE form_encounter SET supervisor_id = ? WHERE pid = ? AND encounter = ?", array($main_supid, $this->pid, $this->encounter));
$this->supervisor_id = $main_supid;
}
// Save-and-Close is currently specific to Family Planning but might be more
// generally useful. It provides the ability to mark an encounter as billed
// directly from the Fee Sheet, if there are no charges.
if ($mark_as_closed) {
$tmp1 = sqlQuery("SELECT SUM(ABS(fee)) AS sum FROM drug_sales WHERE " . "pid = ? AND encounter = ? AND billed = 0", array($this->pid, $this->encounter));
$tmp2 = sqlQuery("SELECT SUM(ABS(fee)) AS sum FROM billing WHERE " . "pid = ? AND encounter = ? AND billed = 0 AND activity = 1", array($this->pid, $this->encounter));
if ($tmp1['sum'] + $tmp2['sum'] == 0) {
sqlStatement("update drug_sales SET billed = 1 WHERE " . "pid = ? AND encounter = ? AND billed = 0", array($this->pid, $this->encounter));
sqlStatement("UPDATE billing SET billed = 1, bill_date = NOW() WHERE " . "pid = ? AND encounter = ? AND billed = 0 AND activity = 1", array($this->pid, $this->encounter));
} else {
// Would be good to display an error message here... they clicked
// Save and Close but the close could not be done. However the
// framework does not provide an easy way to do that.
}
}
}
/**
* Function to migrate the Clickoptions settings (if exist) from the codebase into the database.
* Note this function is only run once in the sql upgrade script (from 4.1.1 to 4.1.2) if the
* issue_types sql table does not exist.
*/
function clickOptionsMigrate()
{
// If the clickoptions.txt file exist, then import it.
if (file_exists(dirname(__FILE__) . "/../sites/" . $_SESSION['site_id'] . "/clickoptions.txt")) {
$file_handle = fopen(dirname(__FILE__) . "/../sites/" . $_SESSION['site_id'] . "/clickoptions.txt", "rb");
$seq = 10;
$prev = '';
echo "Importing clickoption setting<br>";
while (!feof($file_handle)) {
$line_of_text = fgets($file_handle);
if (preg_match('/^#/', $line_of_text)) {
continue;
}
if ($line_of_text == "") {
continue;
}
$parts = explode('::', $line_of_text);
$parts[0] = trim(str_replace("\r\n", "", $parts[0]));
$parts[1] = trim(str_replace("\r\n", "", $parts[1]));
if ($parts[0] != $prev) {
$sql1 = "INSERT INTO list_options (`list_id`,`option_id`,`title`) VALUES (?,?,?)";
SqlStatement($sql1, array('lists', $parts[0] . '_issue_list', ucwords(str_replace("_", " ", $parts[0])) . ' Issue List'));
$seq = 10;
}
$sql2 = "INSERT INTO list_options (`list_id`,`option_id`,`title`,`seq`) VALUES (?,?,?,?)";
SqlStatement($sql2, array($parts[0] . '_issue_list', $parts[1], $parts[1], $seq));
$seq = $seq + 10;
$prev = $parts[0];
}
fclose($file_handle);
}
}
$defaultLangID = 1;
$defaultLangName = "English";
}
// set session variable to default so login information appears in default language
$_SESSION['language_choice'] = $defaultLangID;
// collect languages if showing language menu
if ($GLOBALS['language_menu_login']) {
// sorting order of language titles depends on language translation options.
$mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
$sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
$res3 = SqlStatement($sql);
} else {
// Use and sort by the translated language name.
$sql = "SELECT ll.lang_id, " . "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " . "ll.lang_description " . "FROM lang_languages AS ll " . "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " . "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " . "ld.lang_id = ? " . "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
$res3 = SqlStatement($sql, array($mainLangID));
}
for ($iter = 0; $row = sqlFetchArray($res3); $iter++) {
$result3[$iter] = $row;
}
if (count($result3) == 1) {
//default to english if only return one language
$hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n";
}
} else {
$hiddenLanguageField = "<input type='hidden' name='languageChoice' value='" . htmlspecialchars($defaultLangID, ENT_QUOTES) . "' />\n";
}
}
?>
<html>
//definition is different
echo htmlspecialchars(xl('Following is a new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR>";
if (!$checkOnly) {
//add new definition
$sql = "UPDATE `lang_definitions` SET `definition`=? WHERE `def_id`=? LIMIT 1";
SqlStatement($sql, array($row['definition'], $def_id));
echo htmlspecialchars(xl('Synchronized new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR><BR>";
}
$difference = 1;
}
} else {
echo htmlspecialchars(xl('Following is a new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR>";
if (!$checkOnly) {
//add new definition
$sql = "INSERT INTO lang_definitions (cons_id,lang_id,definition) VALUES (?,?,?)";
SqlStatement($sql, array($constant_id, $language_id, $row['definition']));
echo htmlspecialchars(xl('Synchronized new definition (Language, Constant, Definition):'), ENT_NOQUOTES) . " " . htmlspecialchars($row['lang_description'], ENT_NOQUOTES) . " " . htmlspecialchars($row['constant_name'], ENT_NOQUOTES) . " " . htmlspecialchars($row['definition'], ENT_NOQUOTES) . "<BR><BR>";
}
$difference = 1;
}
}
if (!$difference) {
echo htmlspecialchars(xl('The translation tables are synchronized.'), ENT_NOQUOTES);
}
}
?>
<TABLE>
<FORM name="manage_form" METHOD=POST ACTION="?m=manage" onsubmit="return top.restoreSession()">
<TR>
<TD><INPUT TYPE="submit" name="check" value="<?php
if ($_POST['constant_name'] == "") {
echo htmlspecialchars(xl('Constant name is blank'), ENT_NOQUOTES) . '<br>';
$err = 'y';
}
$sql = "SELECT * FROM lang_constants WHERE constant_name=? limit 1";
$res = SqlQuery($sql, array($_POST['constant_name']));
if ($res) {
echo htmlspecialchars(xl('Data Alike is already in database, please change constant name'), ENT_NOQUOTES) . '<br>';
$err = 'y';
}
if ($err == 'y') {
$val_constant = $_POST['constant_name'];
} else {
//insert into the main table
$sql = "INSERT INTO lang_constants SET constant_name=?";
SqlStatement($sql, array($_POST['constant_name']));
//insert into the log table - to allow persistant customizations
insert_language_log('', '', $_POST['constant_name'], '');
echo htmlspecialchars(xl('Constant', '', '', ' ') . $_POST['constant_name'] . xl('added', '', ' '), ENT_NOQUOTES) . '<br>';
}
// echo "$sql here ";
}
?>
<TABLE>
<FORM name="cons_form" METHOD=POST ACTION="?m=constant" onsubmit="return top.restoreSession()">
<TR>
<TD><?php
echo htmlspecialchars(xl('constant name'), ENT_NOQUOTES);
?>
</TD>
//
//
// A copy of the GNU General Public License is included along with this program:
// openemr/interface/login/GnuGPL.html
// For more information write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// Author: Eldho Chacko <*****@*****.**>
// Jacob T Paul <*****@*****.**>
//
// +------------------------------------------------------------------------------+
//SANITIZE ALL ESCAPES
$sanitize_all_escapes = true;
//
//STOP FAKE REGISTER GLOBALS
$fake_register_globals = false;
//
include_once '../../interface/globals.php';
$sql = "select distinct tu_user_id from template_users";
$rs = SqlStatement($sql);
while ($row = SqlFetchArray($rs)) {
$sql = "select * from template_users join customlists on cl_list_slno=tu_template_id where\n cl_deleted=0 and tu_user_id=?";
$rs2 = SqlStatement($sql, array($row['tu_user_id']));
while ($row2 = SqlFetchArray($rs2)) {
$sql = "select cl_list_slno from customlists where cl_deleted=0 and cl_list_id=?";
$rs3 = SqlStatement($sql, array($row2['cl_list_slno']));
while ($row3 = SqlFetchArray($rs3)) {
SqlStatement("insert into template_users (tu_template_id,tu_user_id) values(?,?)", array($row3['cl_list_slno'], $row['tu_user_id']));
}
}
}
if (sqlNumRows($values) < 2) {
exit;
}
// If blood pressure, then collect the other reading to allow graphing both in same graph
$isBP = 0;
if ($name == "bps" || $name == "bpd") {
// Set BP flag and collect other pressure reading
$isBP = 1;
if ($name == "bps") {
$name_alt = "bpd";
}
if ($name == "bpd") {
$name_alt = "bps";
}
// Collect the pertinent vitals and ranges.
$values_alt = SqlStatement("SELECT " . add_escape_custom($name_alt) . ", " . "UNIX_TIMESTAMP(date) as unix_date " . "FROM " . add_escape_custom($table) . " " . "WHERE pid=? ORDER BY date", array($pid));
$ranges_alt = SqlQuery("SELECT MAX(CONVERT(" . add_escape_custom($name_alt) . ",SIGNED)) AS " . "max_" . add_escape_custom($name_alt) . ", " . "MAX(UNIX_TIMESTAMP(date)) as max_date, " . "MIN(UNIX_TIMESTAMP(date)) as min_date " . "FROM " . add_escape_custom($table) . " " . "WHERE pid=?", array($pid));
}
// Prepare look and feel of data points
$s = new scatter_line('#DB1750', 2);
$def = new hollow_dot();
$def->size(4)->halo_size(3)->tooltip('#val#<br>#date:Y-m-d H:i#');
$s->set_default_dot_style($def);
if ($isBP) {
//set up the other blood pressure line
$s_alt = new scatter_line('#0000FF', 2);
$s_alt->set_default_dot_style($def);
}
// Prepare and insert data
$data = array();
while ($row = sqlFetchArray($values)) {
echo htmlspecialchars(xl("Code must be two letter lowercase"), ENT_NOQUOTES) . '<br>';
$err = 'y';
}
$sql = "SELECT * FROM lang_languages WHERE lang_code LIKE ? or lang_description LIKE ? limit 1";
$res = SqlQuery($sql, array("%" . $_POST['lang_code'] . "%", "%" . $_POST['lang_name']));
if ($res) {
echo htmlspecialchars(xl("Data Alike is already in database, please change code and/or description"), ENT_NOQUOTES) . '<br>';
$err = 'y';
}
if ($err == 'y') {
$val_lang_code = $_POST['lang_code'];
$val_lang_name = $_POST['lang_name'];
} else {
//insert into the main table
$sql = "INSERT INTO lang_languages SET lang_code=?, lang_description=?";
SqlStatement($sql, array($_POST['lang_code'], $_POST['lang_name']));
//insert into the log table - to allow persistant customizations
insert_language_log($_POST['lang_name'], $_POST['lang_code'], '', '');
echo htmlspecialchars(xl('Language definition added'), ENT_NOQUOTES) . '<br>';
}
}
?>
<TABLE>
<FORM name="lang_form" METHOD=POST ACTION="?m=language" onsubmit="return top.restoreSession()">
<TR>
<TD><?php
echo htmlspecialchars(xl('Language Code'), ENT_NOQUOTES);
?>
:</TD>
<TD><INPUT TYPE="text" NAME="lang_code" size="2" maxlength="2" value="<?php
$user = getUsername($userId);
$acl_allow = acl_check('acct', 'bill', $user);
$_SESSION['authProvider'] = getAuthGroup($user);
$_SESSION['authId'] = $userId;
if ($acl_allow) {
if ($code_type == 'COPAY') {
$strQuery3 = "INSERT INTO ar_session(payer_id,user_id,pay_total,payment_type,description," . "patient_id,payment_method,adjustment_code,post_to_date)" . "VALUES('0',?,?,'patient','COPAY',?,'','patient_payment',now())";
$session_id = idSqlStatement($strQuery3, array($auth, $fee, $patientId));
$getCode = "SELECT * FROM `billing` WHERE pid = ? AND encounter = ? ORDER BY `billing`.`encounter` ASC LIMIT 1";
$res = sqlQuery($getCode, array($patientId, $visit_id));
if ($res) {
$cod0 = $res['code'];
$ct0 = $res['code_type'];
$mod0 = $res['modifier'];
$strQuery4 = "INSERT INTO ar_activity (pid,encounter,code_type,code,modifier,payer_type," . "post_time,post_user,session_id,pay_amount,account_code) " . "VALUES (?,?,?,?,?,0,now(),?,?,?,'PCP')";
$result3 = SqlStatement($strQuery4, array($patientId, $visit_id, $ct0, $cod0, $mod0, $auth, $session_id, $fee));
}
} else {
addBilling($visit_id, $code_type, $code, $code_text, $patientId, $auth, $provider_id, $modifier, $units, $fee, $ndc_info, $justify, 0, $noteCodes);
}
$strQuery1 = 'UPDATE `patient_data` SET';
$strQuery1 .= ' pricelevel = "' . add_escape_custom($priceLevel) . '"';
$strQuery1 .= ' WHERE pid = ?';
$result1 = sqlStatement($strQuery1, array($patientId));
$strQuery2 = 'UPDATE `form_encounter` SET';
$strQuery2 .= ' provider_id = "' . add_escape_custom($provider_id) . '",';
$strQuery2 .= ' supervisor_id = "' . add_escape_custom($supervisor_id) . '"';
$strQuery2 .= ' WHERE pid = ?' . ' AND encounter = ?';
$result2 = sqlStatement($strQuery2, array($patientId, $visit_id));
if ($result1 && $result2) {
$xml_string .= "<status>0</status>";
