function setPrinterFlag($id)
{
$res = ib_query("SELECT APPRSTS FROM FOLDERS WHERE FOLDERNO = '" . $id . "'");
$row = ibase_fetch_row($res);
$x = 0;
switch ($row[0]) {
case "T":
//DONE
$x = 2;
break;
case "A":
case "M":
case "N":
//PROCESSING
$x = 1;
break;
}
if ($x !== 0) {
$res = ib_query("UPDATE FOLDERS SET PRINT_FLAG = " . $x . " WHERE FOLDERNO = '" . $id . "'");
}
}
function db_getmattype($folderno, $code)
{
$q = "select fc.mattypeid from foldercontainers fc inner join orders ord on ord.folderno = fc.folderno " . "inner join ordtask o on o.containerid = fc.id and ord.id = o.ordersid " . "inner join panels p on p.id = ord.panelid " . "where fc.folderno ='" . $folderno . "' AND p.code = '" . $code . "'";
$res_mt = ib_query($q);
$row = ibase_fetch_row($res_mt);
return $row[0];
}
public function indexPost()
{
var_dump($_POST['gor']);
$ERRORS = array("NO_ERROR" => "0x000 - Ошибок нет.", "ERR_ONLY_ONE_ORDER" => "0x001 - Разрешена только одна заявка в запросе.", "ERR_INCORRECT_REQUEST" => "0x002 - Некорректный XML-файл или формат не распознан.", "ERR_ORDER_NOT_EXISTS" => "0x003 - Заявка с указанным номером не существует, или у Вас нет прав для совершения данной операции.", "ERR_INCORRECT_P-C_LINK" => "0x004 - Проверьте связь панелей с контейнерами. Имеются ошибки.", "ERR_ACCESS_DENIED" => "0x005 - Недостаточно прав для совершения данной операции.", "ERR_DEMOGRAPHY" => "0x006 - Неверно заполнена демография пациента. Обязательные поля - фамилия, пол, дата рождения.", "ERR_ORDERNO_REGERROR" => "0x007 - Заявка с указанным номером уже существует.", "ERR_ORDER_IS_REGISTERED" => "0x008 - Заявка уже зарегистрирована или у Вас нет прав для совершения данной операции.", "ERR_NO_DATES" => "0x009 - Неверено указаны или отсутствуют даты для интервала поиска направлений.", "ERR_JSON_GENERATING" => "0x010 - Внутренняя ошибка генерации запроса.");
//require_once("../../../../ecodes.php");
date_default_timezone_set('Europe/Moscow');
$demo_clients = array("3434", "2222", "0361");
$testclient = false;
$port = 1028;
if (in_array(@\Session::get("clientcode"), $demo_clients)) {
$f = new FuncControllers();
$testclient = true;
$port = 1029;
} else {
$f = new FuncControllers();
}
$post = "";
foreach ($_POST as $key => $val) {
$post .= "key: " . $key . ", val:" . $val . "; ";
}
$get = "";
foreach ($_GET as $key => $val) {
$get .= "key: " . $key . ", val:" . $val . "; ";
}
$ips = array('82.149.201.102', '46.226.98.218', '46.226.99.146', '196.254.140.244');
$alert_email = "*****@*****.**";
$clients_info = array('1831' => array('host' => '82.144.95.131', 'login' => 'nakff', 'password' => 'H7sc6yT', 'inboxdir' => 'inbox', 'outboxdir' => 'outbox'), '2062' => array('host' => '82.144.95.131', 'login' => 'nakff', 'password' => 'H7sc6yT', 'inboxdir' => 'inbox', 'outboxdir' => 'outbox'), '2055' => array('host' => '82.144.95.131', 'login' => 'nakff', 'password' => 'H7sc6yT', 'inboxdir' => 'inbox', 'outboxdir' => 'outbox'));
if (!(\Session::get('userCheck') == 0)) {
$clientid = \Session::get('clientid');
$valid_user = \Session::get('username');
} else {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка авторизации</comments>\n";
$response .= "</response>";
//$f->writeEventToFile("=== ".date("d.m.Y H:i:s")." Ошибка авторизации ===\nIP: ".implode(',',$f->getIP())."\n===\n\n");
$event = "=== " . date("d.m.Y H:i:s") . " Ошибка авторизации ===\nIP: " . implode(",", $f->getIP()) . "\nлогин/пароль\nPOST data: " . implode(", ", $_POST) . "\nGET data:" . implode(", ", $_GET) . "\n===\n\n";
if (in_array($f->getIP(true), $ips)) {
mail($alert_email, "Report from NACPP.API", $event);
$f->writeEventToFile($event, "eventsALEXEY.log");
} else {
$f->writeEventToFile($event, "plugins/events.log");
}
die($response);
}
if (\Input::has("act")) {
$act = \Input::get('act');
}
if (\Input::has('catalog')) {
$catalog = \Input::get("catalog");
}
//$xml_post = @file_get_contents('php://input');
var_dump($_POST);
// $xml = $_POST['as'];
$event = "=== " . date("d.m.Y H:i:s") . " Тех. информация ===\nКлиент (id): " . $clientid . "\nIP: " . implode(",", $f->getIP()) . "\nPOST data: " . $post . "\nGET data:" . $get . "\nXML (raw): " . $xml_post . "\nXML (parsed): " . $xml . "\n===\n\n";
$f->writeEventToFile($event, "/home/limsadmin/site/plugins/events.log");
if (in_array($f->getIP(true), $ips)) {
mail($alert_email, "Report from NACPP.API", $event);
$f->writeEventToFile($event, "eventsALEXEY.log");
}
switch ($act) {
case "push-ftp":
if (!isset($clients_info[$clientid])) {
die("No FTP auth information");
}
$user = $clients_info[$clientid]['login'];
$pass = $clients_info[$clientid]['password'];
$host = $clients_info[$clientid]['host'];
$dir = $clients_info[$clientid]['inboxdir'];
$query = "select first 10 f.folderno from folders f where f.clientid = " . $clientid . " and f.logdate > current_date - 31 and f.apprsts not in ('D','R') and exists(select o.id from orders ord\n\t\t\t\tinner join ordtask o on ord.id = o.ordersid\n\t\t\t \twhere ord.folderno = f.folderno and ord.apprsts not in ('D','R') and o.apprsts = 'T' and o.remote = 'N' ) order by f.folderno";
$stmt = $this->DBquery->query3($query);
foreach ($stmt as $row) {
$row = (array) $row;
$folderno = $row['FOLDERNO'];
$file = "ftp://{$user}:{$pass}@{$host}/" . $dir . "/" . $folderno . '.xml';
$params = array('domain' => 'https://192.168.0.17:' . $port . '/api/integration/result.xml', 'cookies' => 'cookies.txt', 'params' => array('api-key' => '5b2e6d61-1bea-4c8f-811e-b95a946a7e46', 'orderno' => $folderno, 'fupdate' => 'Y', 'client-id' => $clientid));
$data = getJsonMainList($params);
$stream_options = array('ftp' => array('overwrite' => true));
$stream_context = stream_context_create($stream_options);
$f = fopen($file, 'w', false, $stream_context);
fwrite($f, $data);
fclose($f);
//$cid = ftp_connect("ftp://$user:$pass@$host/".$dir."/");
//$res = ftp_login($cid, $user, $pass);
}
break;
case "get-ftp":
break;
case "report":
//print version of results...
if (\Input::has('id')) {
$folderno = $f->foldernoFixCheck(htmlspecialchars(\Input::get("id")));
if (!isOwner($folderno, $clientid)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Вы не имеете прав, для просмотра данной заявки (Код ошибки: " . $ERRORS["ERR_ACCESS_DENIED"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$guid = $f->GUID();
header('Content-Disposition: filename=' . $guid);
header('Content-Type: application/pdf');
$params = array('domain' => 'https://192.168.0.17:' . $port . '/api/report.json', 'cookies' => 'cookies.txt', 'params' => array('api-key' => '5b2e6d61-1bea-4c8f-811e-b95a946a7e46', 'folderno' => $folderno, 'client-id' => $clientid), 'client-id' => $clientid);
if (isset($_GET["logo"]) || isset($_POST["logo"])) {
$params['params']['logo'] = "1";
}
$json = getJsonMainList($params);
$obj = json_decode($json, true);
echo base64_decode($obj["data"][0]["pdf"]);
}
break;
case "request-status":
$req = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$req .= "<request>\n";
check_input($xml_post, $ips, $clientid, $alert_email);
$orders = array();
$count = 0;
foreach ($xml->xpath('//request') as $request) {
foreach ($request->order as $o) {
foreach ($o->attributes() as $x => $y) {
$res = ib_query("SELECT APPRSTS FROM FOLDERS WHERE FOLDERNO = '" . foldernoFixCheck($y) . "'");
$row = ibase_fetch_row($res);
$req .= "<order orderno=\"" . $y . "\" status=\"" . $row[0] . "\">\n";
}
$count++;
}
}
$req .= "</request>\n";
echo $req;
break;
case "free-orders":
if (isset($_GET["n"])) {
$n = $_GET["n"];
} else {
die('Отсутствует запрос.');
}
$query = "SELECT FOLDERNO FROM GET_FREE_FOLDERS(" . $clientid . "," . $n . ")";
$stmt = ib_query($query);
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<pool>\n";
while ($row = ibase_fetch_row($stmt)) {
$response .= "<orderno>" . $row[0] . "</orderno>\n";
}
$response .= "</pool>";
echo $response;
break;
case "pending":
$clientcodes = "";
$netsql = "select coalesce(c2.id, c1.id) from clients c1 left join clients c2 on c1.netid = c2.netid where c1.id = '" . $clientid . "' ";
$stmt = ib_query($netsql);
while ($row = ibase_fetch_row($stmt)) {
$clientcodes .= $row[0] . ",";
}
$clientcodes .= "-1";
$query = "select f.folderno from folders f where f.clientid in (" . $clientcodes . ") and f.logdate > current_date - 31 and f.apprsts not in ('D','R') and exists(select o.id from orders ord inner join ordtask o on ord.id = o.ordersid where ord.folderno = f.folderno and ord.apprsts not in ('D','R') and o.apprsts = 'T' and o.remote = 'N' ) order by f.folderno";
$stmt = ib_query($query);
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<pending>\n";
while ($row = ibase_fetch_row($stmt)) {
$response .= "<orderno>" . $row[0] . "</orderno>\n";
}
$response .= "</pending>";
echo $response;
break;
case "request-delete":
check_input($xml_post, $ips, $clientid, $alert_email);
$orders = array();
$count = 0;
foreach ($xml->xpath('//request') as $request) {
$folderno = "";
foreach ($request->order as $o) {
foreach ($o->attributes() as $x => $y) {
if ($x == "orderno") {
$folderno = $y;
}
}
}
if ($folderno == "") {
$folderno = $request->orderno;
}
$folderno = foldernoFixCheck($folderno);
if (isFolderReg($folderno) || !isOwner($folderno, $clientid)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Заявка редактированию не подлежит. (Код ошибки: " . $ERRORS["ERR_ORDER_IS_REGISTERED"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
}
$query = "SELECT xml FROM INT_REJECT_FOLDER ('" . foldernoFixCheck($folderno) . "','" . $valid_user . "','" . $clientid . "')";
$stmt = ib_query($query);
while ($row = ibase_fetch_row($stmt)) {
echo $row[0];
}
break;
case "request-orders":
check_input($xml_post, $ips, $clientid, $alert_email);
$dt1 = "";
$dt2 = "";
foreach ($xml->xpath('//request') as $request) {
$d = strtotime($request->date_start);
if ($d == FALSE) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Неверно указан интервал дат для поиска направлений. (Код ошибки: " . $ERRORS["ERR_NO_DATES"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$dt1 = date('Y/m/d', $d);
$d = strtotime($request->date_end);
if ($d == FALSE) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Неверно указан интервал дат для поиска направлений. (Код ошибки: " . $ERRORS["ERR_NO_DATES"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$dt2 = date('Y/m/d', $d);
$params = array('domain' => 'https://192.168.0.17:' . $port . '/api/integration/folders.xml', 'cookies' => 'cookies.txt', 'params' => array('api-key' => '5b2e6d61-1bea-4c8f-811e-b95a946a7e46', 'start-date' => $dt1, 'end-date' => $dt2, 'client-id' => $clientid), 'client-id' => $clientid);
$data = getJsonMainList($params);
echo $data;
die;
}
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Проверьте правильность XML-файла.</comments>\n";
$response .= "</response>";
echo $response;
die;
break;
case "request-result":
if (isset($_GET["orderno"]) && is_numeric($_GET["orderno"])) {
if (!isOwner(foldernoFixCheck($_GET["orderno"]), $clientid)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Вы не имеете прав, для просмотра данной заявки (Код ошибки: " . $ERRORS["ERR_ACCESS_DENIED"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$params = array('domain' => 'https://192.168.0.17:' . $port . '/api/integration/result.xml', 'cookies' => 'cookies.txt', 'params' => array('api-key' => '5b2e6d61-1bea-4c8f-811e-b95a946a7e46', 'orderno' => foldernoFixCheck($_GET["orderno"]), 'fupdate' => 'Y'), 'client-id' => $clientid);
$data = getJsonMainList($params);
echo $data;
} else {
check_input($xml_post, $ips, $clientid, $alert_email);
$orders = array();
$count = 0;
foreach ($xml->xpath('//request') as $request) {
$folderno = "";
foreach ($request->order as $o) {
foreach ($o->attributes() as $x => $y) {
if ($x == "orderno") {
$folderno = $y;
}
}
}
if ($folderno == "") {
$folderno = $request->orderno;
}
$folderno = foldernoFixCheck($folderno);
}
if (!isOwner(foldernoFixCheck($folderno), $clientid)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Вы не имеете прав, для просмотра данной заявки (Код ошибки: " . $ERRORS["ERR_ACCESS_DENIED"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
} else {
$params = array('domain' => 'https://192.168.0.17:' . $port . '/api/integration/result.xml', 'cookies' => 'cookies.txt', 'params' => array('api-key' => '5b2e6d61-1bea-4c8f-811e-b95a946a7e46', 'orderno' => foldernoFixCheck($folderno), 'fupdate' => 'Y'), 'client-id' => $clientid);
$data = getJsonMainList($params);
echo $data;
}
}
break;
//-----------------------------------------------------
//-----------------------------------------------------
case "request-edit":
check_input($xml_post, $ips, $clientid, $alert_email);
$container = array();
$panels = array();
foreach ($xml->xpath('//request') as $request) {
$folderno = foldernoFixCheck($request->orderno);
if (isFolderReg($folderno)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Заявка редактированию не подлежит. (Код ошибки: " . $ERRORS["ERR_ORDER_IS_REGISTERED"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$guid = $request->personal->guid;
$name = $request->personal->name;
$surname = $request->personal->surname;
$patronimic = $request->personal->patronimic;
$birthdate = $request->personal->birthdate;
$gender = $request->personal->gender;
$clientcode = $request->personal->clientcode;
$cardno = $request->personal->cardno;
$datecollect = $request->personal->datecollect;
$department = $request->personal->department;
$doctor = $request->personal->doctor;
$diagnosis = $request->personal->diagnosis;
$comment = $request->personal->comment;
$pregnancy = $request->personal->pregnancy;
$phase = $request->personal->phase;
$insurer = $request->personal->insurer;
$passno = $request->personal->passno;
$passseries = $request->personal->passseries;
$address = $request->personal->address;
$phone = $request->personal->phone;
$email = $request->personal->email;
$policy = $request->personal->policy;
$cito = $request->personal->cito;
$diuresis = $request->personal->diuresis;
$weight = $request->personal->weight;
$height = $request->personal->height;
$antibiotics = $request->personal->antibiotics;
$antibstart = $request->personal->antibstart;
$antibend = $request->personal->antibend;
$antib = !empty($antibend) && !empty($antibstart);
foreach ($request->containers->container as $c) {
$id = $c->attributes()->id;
foreach ($c->attributes() as $x => $y) {
$container["{$id}"]["{$x}"] = $y;
}
}
foreach ($request->panels->panel as $p) {
$code = $p->attributes()->code;
foreach ($p->attributes() as $x => $y) {
$panel["{$code}"]["{$x}"] = $y;
}
}
}
if (!isOwner(foldernoFixCheck($folderno), $clientid)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Вы не имеете прав, для просмотра данной заявки (Код ошибки: " . $ERRORS["ERR_ACCESS_DENIED"] . ")</comments>\n";
//$response .= "\t<comments2>".$folderno." ".$clientid."</comments2>\n";
$response .= "</response>";
echo $response;
die;
}
if (!checkPanelsAndContainers($panel, $container)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Некорректный XML-файл (Код ошибки: " . $ERRORS["ERR_INCORRECT_P-C_LINK"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
foreach ($panel as $p) {
$code = $p["code"];
$panel["{$code}"]["diagnosis"] = isDiagnosis($folderno, $code) == false ? 0 : 1;
}
// GLASS = '"."',
// TUBE = '"."',
// LOGUSER = '******',
// LOGDATE = '".date("d.m.Y")."',
$q = "";
if ($datecollect) {
$q .= !empty($q) ? "," : "";
$q .= "DATE_COLLECTED = '" . $datecollect . "'";
}
if ($name) {
$q .= !empty($q) ? "," : "";
$q .= "NAME = '" . $name . "'";
}
if ($surname) {
$q .= !empty($q) ? "," : "";
$q .= "SURNAME = '" . $surname . "'";
}
if ($patronimic) {
$q .= !empty($q) ? "," : "";
$q .= "PATRONIMIC = '" . $patronimic . "'";
}
if ($insurer) {
$q .= !empty($q) ? "," : "";
$q .= "INSURER = '" . $insurer . "'";
}
if ($cardno) {
$q .= !empty($q) ? "," : "";
$q .= "CARD = '" . $cardno . "'";
}
if ($phone) {
$q .= !empty($q) ? "," : "";
$q .= "PHONE = '" . $phone . "'";
}
if ($email) {
$q .= !empty($q) ? "," : "";
$q .= "EMAIL = '" . $email . "'";
}
if ($weight) {
$q .= !empty($q) ? "," : "";
$q .= "WEIGHT = '" . $weight . "'";
}
if ($height) {
$q .= !empty($q) ? "," : "";
$q .= "HEIGHT = '" . $height . "'";
}
if ($passseries) {
$q .= !empty($q) ? "," : "";
$q .= "PASSPORT_SERIES = '" . $passseries . "'";
}
if ($passno) {
$q .= !empty($q) ? "," : "";
$q .= "PASSPORT_NUMBER = '" . $passno . "'";
}
if ($gender) {
$q .= !empty($q) ? "," : "";
$q .= "GENDER = '" . $gender . "'";
}
if ($doctor) {
$q .= !empty($q) ? "," : "";
$q .= "DOCTOR = '" . $doctor . "'";
}
if ($diagnosis) {
$q .= !empty($q) ? "," : "";
$q .= "DIAGNOSIS = '" . $diagnosis . "'";
}
if ($comment) {
$q .= !empty($q) ? "," : "";
$q .= "COMMENTS = '" . $comment . "'";
}
if ($pregnancy) {
$q .= !empty($q) ? "," : "";
$q .= "PREGNANCY = '" . $pregnancy . "'";
}
if ($address) {
$q .= !empty($q) ? "," : "";
$q .= "ADDRESS = '" . $address . "'";
}
if ($policy) {
$q .= !empty($q) ? "," : "";
$q .= "POLICY = '" . $policy . "'";
}
if ($cito) {
$q .= !empty($q) ? "," : "";
$q .= "URGENT = '" . $cito . "'";
}
if ($diuresis) {
$q .= !empty($q) ? "," : "";
$q .= "DIURESIS = '" . $diuresis . "'";
}
if ($antibstart) {
$q .= !empty($q) ? "," : "";
$q .= "ANTIB_START = '" . $antibstart . "'";
}
if ($antibend) {
$q .= !empty($q) ? "," : "";
$q .= "ANTIB_END = '" . $antibend . "'";
}
if ($antibiotics) {
$q .= !empty($q) ? "," : "";
$q .= "ANTIBIOTICS = '" . $antibiotics . "'";
}
if ($antib) {
$q .= !empty($q) ? "," : "";
$q .= "ANTIB = '" . $antib . "'";
}
if ($department) {
$q .= !empty($q) ? "," : "";
$q .= "DEPARTMENT = '" . $department . "'";
}
$query = "UPDATE FOLDERS SET " . $q . " WHERE FOLDERNO = '" . $folderno . "'";
$query = str_replace("''", "null", $query);
$result = ib_query($query);
foreach ($panel as $p) {
if ($p["action"] == "delete") {
$query = "execute procedure DEL_PANEL('" . $folderno . "','" . $p["code"] . "','" . $valid_user . "')";
$query = str_replace("''", "null", $query);
$result = ib_query($query);
} else {
if ($p["action"] == "add") {
if (isFolderReg($folderno)) {
$query = "execute procedure ADD_PANEL1('" . $folderno . "','" . $p["code"] . "','" . $valid_user . "')";
} else {
$query = "execute procedure ADD_PANEL('" . $folderno . "','" . $p["code"] . "','" . $valid_user . "')";
}
$query = str_replace("''", "null", $query);
$result = ib_query($query);
} else {
echo "err";
}
}
}
foreach ($container as $c) {
foreach ($panel as $p) {
// echo "p cont: ".$p["container"]."; c id: ".$c["id"]."<br/>";
if (strcmp($p["container"], $c["id"]) == 0) {
$q = "";
//if ($c["containertype"]) $q .= " CONTAINERTYPEID = '".$c["containertype"]."'";
if ($c["external"]) {
$q .= " EXTERNALID = '" . $c["external"] . "'";
}
if ($c["biomaterial"] && $p["diagnosis"] == "1") {
$q .= ", MATTYPEID = '" . $c["biomaterial"] . "'";
}
//if ($c["glassno"]) $q .= ", GLASSNO = '".$c["glassno"]."'";
//if ($c["tubeno"]) $q .= ", TUBENO = '".$c["tubeno"]."'";
$query = "update foldercontainers set " . $q . " where id = (select first 1 distinct fc.id from foldercontainers fc\n\t\t\t\t\t inner join orders ord on ord.folderno = fc.folderno\n\t\t\t\t\t inner join ordtask o on o.ordersid = ord.id and fc.id = o.containerid\n\t\t\t\t\t inner join panels p on p.id = ord.panelid\n\t\t\t\t\t where fc.folderno = '" . $folderno . "' and p.code = '" . $p["code"] . "')";
$query = str_replace("''", "null", $query);
$result = ib_query($query);
break;
// ЕСЛИ БУДУТ ГЛЮКИ, ТО ЗАКОММЕНИТИТЬ BREAK
}
}
}
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"ok\">\n";
$response .= "\t<order orderno=\"" . $folderno . "\" action=\"register\" status=\"ok\" />\n";
$response .= "</response>";
echo $response;
break;
case "request-add":
//echo "debug";n
$f->check_input($xml_post, $ips, $clientid, $alert_email);
$error = false;
$container = array();
$panels = array();
//var_dump($xml_post);
var_dump(base64_decode($xml));
foreach ($xml->xpath('//request') as $request) {
//echo $debug;
if (isset($request->personal->orderno)) {
$orderno = $request->personal->orderno;
} else {
$orderno = false;
}
$guid = $request->personal->guid;
$name = mb_strtoupper($request->personal->name, 'UTF-8');
if (strlen($request->personal->surname) > 0) {
$surname = mb_strtoupper($request->personal->surname, 'UTF-8');
} else {
$error = true;
}
if (strlen($request->personal->birthdate) > 0 && dateCheck($request->personal->birthdate)) {
$birthdate = date("d.m.Y", strtotime($request->personal->birthdate));
} else {
$error = true;
}
if (strlen($request->personal->gender) > 0) {
$gender = $request->personal->gender;
} else {
$error = true;
}
$patronimic = mb_strtoupper($request->personal->patronimic, 'UTF-8');
$clientcode = $request->personal->clientcode;
//для сеток, здесь нужны хитрые проверки...
if ($clientcode * 1.0 > 0 || $clientcode == 'С') {
$cres = $f->DBquery->query("select id from clients where clientcode = '" . $clientcode . "'");
$crow = (array) $cres[0];
$clientid = $crow['ID'];
}
$cardno = $request->personal->cardno;
if (dateCheck($request->personal->datecollect, true)) {
$datecollect = $request->personal->datecollect;
} else {
$error = true;
}
$department = $request->personal->department;
$doctor = $request->personal->doctor;
$diagnosis = $request->personal->diagnosis;
$comment = $request->personal->comment;
$organisation = $request->personal->organisation;
if (isset($request->personal->pregnacy) && !empty($request->personal->pregnacy)) {
$pregnacy = $request->personal->pregnacy;
} else {
$pregnacy = 0;
}
$phase = $request->personal->phase;
$insurer = $request->personal->insurer;
$passno = $request->personal->passno;
$passseries = $request->personal->passseries;
$address = $request->personal->address;
$phone = $request->personal->phone;
$email = $request->personal->email;
$policy = $request->personal->policy;
$cito = $request->personal->cito;
$diuresis = $request->personal->diuresis;
$weight = $request->personal->weight;
$height = $request->personal->height;
$antibiotics = $request->personal->antibiotics;
$antibstart = $request->personal->antibstart;
$antibend = $request->personal->antibend;
$antib = $antibend && $antibstart ? "Y" : "N";
if (!empty($request->personal->aisorder)) {
$aisorder = $request->personal->aisorder;
} else {
if (!empty($orderno)) {
$aisorder = $orderno;
} else {
$aisorder = false;
}
}
if (!empty($request->personal->guid)) {
$guid = ", GUID = '" . $request->personal->guid . "'";
} else {
$guid = "";
}
$container = array();
foreach ($request->containers->container as $c) {
$id = $c->attributes()->id;
foreach ($c->attributes() as $x => $y) {
$container["{$id}"]["{$x}"] = $y;
}
}
foreach ($request->panels->panel as $p) {
$code = $p->attributes()->code;
foreach ($p->attributes() as $x => $y) {
$panel["{$code}"]["{$x}"] = $y;
}
}
}
$simple = false;
//echo "count containers: ".count($container);
//echo "debug";
if (count($container) == 0) {
$simple = true;
} else {
if (!checkPanelsAndContainers($panel, $container)) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Некорректный XML-файл (Код ошибки: " . $ERRORS["ERR_INCORRECT_P-C_LINK"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
}
if ($error) {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Некорректный XML-файл (Код ошибки: " . $ERRORS["ERR_DEMOGRAPHY"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$panels = "";
foreach ($panel as $p) {
$panels .= $p["code"] . ",";
}
$panels = substr($panels, 0, -1);
if ($orderno == false || $simple) {
$panels = transliterate($panels);
if ($orderno == false) {
$query = "select folderno from n_registration ('" . $surname . "','" . $name . "','" . $patronimic . "','" . $gender . "','" . $datecollect . "','" . $birthdate . "', null, '" . mb_convert_case($phase, MB_CASE_UPPER, "UTF-8") . "', " . $pregnacy . ", '" . $cito . "', " . $clientid . ",'" . $doctor . "','" . $policy . "','" . $insurer . "','" . $diuresis . "','" . $diagnosis . "','" . $antib . "','" . $antibiotics . "','" . $antibstart . "','" . $antibend . "','" . $address . "', null,'" . $panels . "','" . $comment . "');";
} else {
$query = "select folderno from n_registration_folderno ('" . $orderno . "','" . $surname . "','" . $name . "','" . $patronimic . "','" . $gender . "','" . $datecollect . "','" . $birthdate . "', null, '" . mb_convert_case($phase, MB_CASE_UPPER, "UTF-8") . "', " . $pregnacy . ", '" . $cito . "', " . $clientid . ",'" . $doctor . "','" . $policy . "','" . $insurer . "','" . $diuresis . "','" . $diagnosis . "','" . $antib . "','" . $antibiotics . "','" . $antibstart . "','" . $antibend . "','" . $address . "', null,'" . $panels . "','" . $comment . "');";
}
//echo $query;
$query = str_replace("''", "null", $query);
$result = ib_query($query);
$row = ibase_fetch_row($result);
$folderno = $row[0];
} else {
$panels = "";
foreach ($container as $c) {
$panels .= $c["external"] . ":";
foreach ($panel as $p) {
if ($p["container"] * 1 == $c["id"] * 1) {
$panels .= $p["code"] . ",";
}
}
$panels = substr($panels, 0, -1) . ";";
}
$panels = transliterate($panels);
$query = "select status from n_registration_cont ('" . $orderno . "','" . $surname . "','" . $name . "','" . $patronimic . "','" . $gender . "','" . $datecollect . "','" . $birthdate . "', null, '" . mb_convert_case($phase, MB_CASE_UPPER, "UTF-8") . "', " . $pregnacy . ", '" . $cito . "', " . $clientid . ",'" . $doctor . "','" . $policy . "','" . $insurer . "','" . $diuresis . "','" . $diagnosis . "','" . $antib . "','" . $antibiotics . "','" . $antibstart . "','" . $antibend . "','" . $address . "', null,'" . $panels . "','" . $comment . "');";
$query = str_replace("''", "null", $query);
$result = ib_query($query);
$row = ibase_fetch_row($result);
if ($row[0] !== "OK") {
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
//$response .= $query ."\n";
$response .= "<response status=\"failed\">\n";
$response .= "\t<comments>Ошибка! Невозможно зарегистрировать направление под номером '" . $orderno . "' (Код ошибки: " . $ERRORS["ERR_ORDERNO_REGERROR"] . ")</comments>\n";
$response .= "</response>";
echo $response;
die;
}
$folderno = $orderno;
}
$event = "=== " . date("d.m.Y H:i:s") . " REGISTRATION INFO ===\nIP: " . implode(",", getIP()) . "\nQUERY: " . $query . "\n\n";
$event .= "Server response: " . $row[0] . "\n";
foreach ($panel as $p) {
$code = $p["code"];
$panel["{$code}"]["diagnosis"] = isDiagnosis($folderno, $code) == false ? 0 : 1;
}
if ($aisorder) {
$query = "UPDATE FOLDERS SET ORGANISATION = '" . mb_substr($organisation, 0, 50, "UTF-8") . "', INSURER = '" . $insurer . "', LOGUSER = '******', LOGDATE = '" . date("d.m.Y") . "', CARD = '" . $cardno . "', GLASS = '" . "', TUBE = '" . "', PHONE = '" . $phone . "', EMAIL = '" . $email . "', WEIGHT = '" . $weight . "', HEIGHT = '" . $height . "', PASSPORT_SERIES = '" . $passseries . "', PASSPORT_NUMBER = '" . $passno . "', DEPARTMENT = '" . $department . "', AISORDER = '" . $aisorder . "'" . $guid . " WHERE FOLDERNO = '" . $folderno . "'";
} else {
$query = "UPDATE FOLDERS SET ORGANISATION = '" . mb_substr($organisation, 0, 50, "UTF-8") . "', INSURER = '" . $insurer . "', LOGUSER = '******', LOGDATE = '" . date("d.m.Y") . "', CARD = '" . $cardno . "', GLASS = '" . "', TUBE = '" . "', PHONE = '" . $phone . "', EMAIL = '" . $email . "', WEIGHT = '" . $weight . "', HEIGHT = '" . $height . "', PASSPORT_SERIES = '" . $passseries . "', PASSPORT_NUMBER = '" . $passno . "', DEPARTMENT = '" . $department . "'" . $guid . " WHERE FOLDERNO = '" . $folderno . "'";
}
$query = str_replace("''", "null", $query);
$result = ib_query($query);
$event .= " UPDATE: " . $query . "\n\n";
writeEventToFile($event, "events-query.log");
if (!$simple) {
foreach ($container as $c) {
foreach ($panel as $p) {
if ($p["container"] * 1 == $c["id"] * 1) {
$q = "";
//if ($c["containertype"]) $q .= " fcl.CONTAINERTYPEID = '".$c["containertype"]."'";
if ($c["external"]) {
$q .= " fcl.EXTERNALID = '" . $c["external"] . "'";
}
if ($c["biomaterial"] && $p["diagnosis"] == "1") {
$q .= ", fcl.MATTYPEID = '" . $c["biomaterial"] . "'";
}
//if ($c["glassno"]) $q .= ", fcl.GLASSNO = '".$c["glassno"]."'";
//if ($c["tubeno"]) $q .= ", fcl.TUBENO = '".$c["tubeno"]."'";
$query = "update foldercontainers fcl set " . $q . " where fcl.folderno = '" . $folderno . "' and exists(select distinct fc.*, p.code from foldercontainers fc\n\t\t\t\t\t\t inner join orders ord on ord.folderno = fc.folderno\n\t\t\t\t\t\t inner join ordtask o on o.ordersid = ord.id and fc.id = o.containerid\n\t\t\t\t\t\t inner join panels p on p.id = ord.panelid\n\t\t\t\t\t\t where fc.folderno = '" . $folderno . "' and p.code = '" . $p["code"] . "' and fcl.id = o.containerid)";
$query = str_replace("''", "null", $query);
$result = ib_query($query);
break;
}
}
}
}
$response = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$response .= "<response status=\"ok\">\n";
$response .= "\t<order orderno=\"" . $folderno . "\" action=\"register\" status=\"ok\" />\n";
$response .= "</response>";
echo $response;
break;
case "get-catalog":
switch ($catalog) {
case "containertypes":
$query = "select id, containertype, color from CONTAINERTYPES order by id ASC";
$stmt = $f->DBquery->query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<containertypes>\n";
foreach ($stmt as $row) {
$row = (array) $row;
$xml .= "<containertype code=\"" . $row['ID'] . "\" color=\"" . trim($row['COLOR']) . "\">" . $row['CONTAINERTYPE'] . "</containertype>\n";
}
$xml .= "</containertypes>";
echo $xml;
break;
case "contgroups":
$query = "select id,contgroup from CONTGROUPS order by id ASC";
$stmt = ib_query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<contgroups>\n";
while ($row = ibase_fetch_row($stmt)) {
$xml .= "<contgroup code=\"" . $row[0] . "\">" . $row[1] . "</contgroup>\n";
}
$xml .= "</contgroups>";
echo $xml;
break;
//-----------------------------------
//-----------------------------------
case "bio":
$query = "select id, mattype from MATTYPES order by id ASC";
$stmt = $f->DBquery->query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<biomaterials>\n";
foreach ($stmt as $row) {
$row = (array) $row;
$xml .= "<biomaterial code=\"" . $row['ID'] . "\">" . $row['MATTYPE'] . "</biomaterial>\n";
}
$xml .= "</biomaterials>";
echo $xml;
break;
case "panels":
$query = "select id, code, panel from PANELS WHERE status = 'A' order by id ASC";
$stmt = $f->DBquery->query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<panels>\n";
foreach ($stmt as $row) {
$row = (array) $row;
$xml .= "<panel code=\"" . $row['CODE'] . "\">\n";
$xml .= "<name>" . $row['PANEL'] . "</name>";
$xml .= "<containers>";
$query1 = "select p.mattype_id, p.containertype_id, p.containerno, p.id from panel_containers p WHERE p.panel_id = " . $row['ID'];
$stmt1 = $f->DBquery->query($query1);
foreach ($stmt1 as $row1) {
$row1 = (array) $row1;
$xml .= "<container biomaterial=\"" . $row1['MATTYPE_ID'] . "\" containertype=\"" . $row1['CONTAINERTYPE_ID'] . "\" containerno=\"" . $row1['CONTAINERNO'] . "\" code=\"" . $row1['ID'] . "\">";
$query2 = "select test_id from panel_tests where container_id = " . $row1['ID'];
$stmt2 = $f->DBquery->query($query2);
foreach ($stmt2 as $row2) {
$row2 = (array) $row2;
$xml .= "<test code=\"" . $row2['TEST_ID'] . "\" />";
}
$xml .= "</container>";
}
$xml .= "</containers>";
$xml .= "</panel>";
}
$xml .= "</panels>";
echo $xml;
break;
case "pricelists":
$query = "select p.id, cast(p.datebegin as date), cast(p.dateend as date), p.status, p.defaults from pricelists p where p.clientid = " . $clientid . " order by id ";
$stmt = ib_query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<pricelists>\n";
while ($row = ibase_fetch_row($stmt)) {
$xml .= "<pricelist>\n<code>" . $row[0] . "</code>\n<datebegin>" . $row[1] . "</datebegin>\n<dateend";
if ($row[2]) {
$xml .= ">" . $row[2] . "</dateend>\n";
} else {
$xml .= " />\n";
}
$xml .= "<status>" . $row[3] . "</status>\n";
$xml .= "<defaults>" . $row[4] . "</defaults>\n</pricelist>\n";
}
$xml .= "</pricelists>";
echo $xml;
break;
case "prices":
$query = "select p.code, pr.cost from\n panels p inner join prices pr on pr.panelid = p.id\n inner join pricelists r on r.id = pr.pricelistid\nwhere r.id = " . $_GET["pricelist"] . " and r.clientid = " . $clientid;
$stmt = ib_query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<prices>\n";
while ($row = ibase_fetch_row($stmt)) {
$xml .= "<panel><code>" . $row[0] . "\n<price>" . $row[1] . "</price>\n</panel>\n";
}
$xml .= "</prices>";
echo $xml;
break;
//для диллеров - отображение только тех панелей, которые есть в прайсах.
//для диллеров - отображение только тех панелей, которые есть в прайсах.
case "panels2":
$query = "select distinct p.id, p.code, p.panel from\n panels p inner join prices pr on pr.panelid = p.id inner join pricelists pc on pc.id = pr.pricelistid where pc.clientid = " . $clientid . " order by p.code ";
$stmt = ib_query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<panels>\n";
while ($row = ibase_fetch_row($stmt)) {
$xml .= "<panel code=\"" . $row[1] . "\">\n";
$xml .= "<name>" . $row[2] . "</name>";
$xml .= "<containers>";
$query1 = "select m.id, t.test_id from panel_containers p\n\t\t\t\t\t\t inner join mattypes m on m.id = p.mattype_id\n\t\t\t\t\t\t inner join panel_tests t on t.container_id = p.id WHERE p.panel_id = " . $row[0] . " order by m.id ASC";
$stmt1 = ib_query($query1);
while ($row1 = ibase_fetch_row($stmt1)) {
$xml .= "<container material=\"" . $row1[0] . "\">";
$xml .= "<test id=\"" . $row1[1] . "\" />";
$xml .= "</container>";
}
$xml .= "</containers>";
$xml .= "</panel>";
}
$xml .= "</panels>";
echo $xml;
break;
case "tests2":
$query = "select t.id, t.testname from\n panels p inner join panel_containers pc on pc.panel_id = p.id\n inner join panel_tests pt on pt.container_id = pc.id\n inner join tests t on t.id = pt.test_id\n inner join prices pr on pr.panelid = p.id\n inner join pricelists r on r.id = pr.pricelistid\nwhere r.clientid = " . $clientid . " order by t.id ";
$stmt = ib_query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<tests>";
while ($row = ibase_fetch_row($stmt)) {
$xml .= "<test code=\"" . $row[0] . "\">";
$xml .= "<name>" . $row[1] . "</name>\n";
$xml .= "<analytes>\n";
$query1 = "select a.id, a.analyte, a.analtype, a.iso, u.unit, a.sorter from analytes a\n\t\t\t\t\t\t inner join units u on u.id = a.units WHERE a.testcode = " . $row[0] . " ORDER BY a.id";
$stmt1 = ib_query($query1);
while ($row1 = ibase_fetch_row($stmt1)) {
$xml .= "<analyte code=\"" . $row1[0] . "\">\n";
$xml .= "<name>" . $row1[1] . "</name>\n";
$analtype = $row1[2];
if ($analtype == 3) {
$analtype = 'N';
} else {
$analtype = 'C';
}
$xml .= "<type>" . $analtype . "</type>\n";
$xml .= "<iso>" . $row1[3] . "</iso>\n";
$xml .= "<units>" . $row1[4] . "</units>\n";
$xml .= "<sorter>" . $row1[5] . "</sorter>\n";
$xml .= "</analyte>\n";
}
$xml .= "</analytes>\n";
$xml .= "</test>";
}
$xml .= "</tests>";
echo $xml;
break;
case "tests":
$query = "select t.id, t.testname from tests t ORDER BY t.id";
$stmt = $f->DBquery->query($query);
$xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
$xml .= "<tests>";
foreach ($stmt as $row) {
$row = (array) $row;
$xml .= "<test code=\"" . $row['ID'] . "\">";
$xml .= "<name>" . $row['TESTNAME'] . "</name>\n";
$xml .= "<analytes>\n";
$query1 = "select a.id, a.analyte, a.analtype, a.iso, u.unit, a.sorter from analytes a inner join units u on u.id = a.units WHERE a.testcode = " . $row['ID'] . " ORDER BY a.id";
$stmt1 = $f->DBquery->query($query1);
foreach ($stmt1 as $row1) {
$row1 = (array) $row1;
$xml .= "<analyte code=\"" . $row1['ID'] . "\">\n";
$xml .= "<name>" . $row1['ANALYTE'] . "</name>\n";
$analtype = $row1['ANALTYPE'];
if ($analtype == 3) {
$analtype = 'N';
} else {
$analtype = 'C';
}
$xml .= "<type>" . $analtype . "</type>\n";
$xml .= "<iso>" . $row1['ISO'] . "</iso>\n";
$xml .= "<units>" . $row1['UNIT'] . "</units>\n";
$xml .= "<sorter>" . $row1['SORTER'] . "</sorter>\n";
$xml .= "</analyte>\n";
}
$xml .= "</analytes>\n";
$xml .= "</test>";
}
$xml .= "</tests>";
echo $xml;
break;
}
break;
default:
$event = "=== " . date("d.m.Y H:i:s") . " Остустствует запрос. Ошибка входных данных. ===\nIP: " . implode(',', getIP()) . "\nКлиент (id): " . $clientid . "\n===\n\n";
writeEventToFile($event);
if (in_array(getIP(true), $ips)) {
mail($alert_email, "Report from NACPP.API", $event);
writeEventToFile($event, "eventsALEXEY.log");
}
echo "Отсутствует запрос.";
}
}
