search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
layout tabs issue fix #297
[openemr.git] / interface / forms / newpatient / save.php
blob27c23201d91443127904bc529bffbb93ca26f7a2
1 <?php
2 /**
3 * Encounter form save script.
4 *
5 * Copyright (C) 2015 Roberto Vasquez <robertogagliotta@gmail.com>
6 *
7 * LICENSE: This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
17 *
18 * @package OpenEMR
19 * @author Brady Miller <brady@sparmy.com>
20 * @author Roberto Vasquez <robertogagliotta@gmail.com>
21 * @link http://www.open-emr.org
22 */
23
24 $fake_register_globals=false;
25 $sanitize_all_escapes=true;
26
27 require_once("../../globals.php");
28 require_once("$srcdir/forms.inc");
29 require_once("$srcdir/sql.inc");
30 require_once("$srcdir/encounter.inc");
31 require_once("$srcdir/acl.inc");
32 require_once("$srcdir/formatting.inc.php");
33 require_once("$srcdir/formdata.inc.php");
34
35 $date = (isset($_POST['form_date'])) ? $_POST['form_date'] : '';
36 $onset_date = (isset($_POST['form_onset_date'])) ? $_POST['form_onset_date'] : '';
37 $sensitivity = (isset($_POST['form_sensitivity'])) ? $_POST['form_sensitivity'] : '';
38 $pc_catid = (isset($_POST['pc_catid'])) ? $_POST['pc_catid'] : '';
39 $facility_id = (isset($_POST['facility_id'])) ? $_POST['facility_id'] : '';
40 $billing_facility = (isset($_POST['billing_facility'])) ? $_POST['billing_facility'] : '';
41 $reason = (isset($_POST['reason'])) ? $_POST['reason'] : '';
42 $mode = (isset($_POST['mode'])) ? $_POST['mode'] : '';
43 $referral_source = (isset($_POST['form_referral_source'])) ? $_POST['form_referral_source'] : '';
44 $pos_code = (isset($_POST['pos_code'])) ? $_POST['pos_code'] : '';
45
46 $facilityresult = sqlQuery("select name FROM facility WHERE id = ?", array($facility_id));
47 $facility = $facilityresult['name'];
48
49 $normalurl = "patient_file/encounter/encounter_top.php";
50
51 $nexturl = $normalurl;
52
53 if ($mode == 'new')
54 {
55 $provider_id = $userauthorized ? $_SESSION['authUserID'] : 0;
56 $encounter = generate_id();
57 addForm($encounter, "New Patient Encounter",
58 sqlInsert("INSERT INTO form_encounter SET " .
59 "date = '" . add_escape_custom($date) . "', " .
60 "onset_date = '" . add_escape_custom($onset_date) . "', " .
61 "reason = '" . add_escape_custom($reason) . "', " .
62 "facility = '" . add_escape_custom($facility) . "', " .
63 "pc_catid = '" . add_escape_custom($pc_catid) . "', " .
64 "facility_id = '" . add_escape_custom($facility_id) . "', " .
65 "billing_facility = '" . add_escape_custom($billing_facility) . "', " .
66 "sensitivity = '" . add_escape_custom($sensitivity) . "', " .
67 "referral_source = '" . add_escape_custom($referral_source) . "', " .
68 "pid = '" . add_escape_custom($pid) . "', " .
69 "encounter = '" . add_escape_custom($encounter) . "', " .
70 "pos_code = '" . add_escape_custom($pos_code) . "', " .
71 "provider_id = '" . add_escape_custom($provider_id) . "'"),
72 "newpatient", $pid, $userauthorized, $date);
73 }
74 else if ($mode == 'update')
75 {
76 $id = $_POST["id"];
77 $result = sqlQuery("SELECT encounter, sensitivity FROM form_encounter WHERE id = ?", array($id));
78 if ($result['sensitivity'] && !acl_check('sensitivities', $result['sensitivity'])) {
79 die(xlt("You are not authorized to see this encounter."));
80 }
81 $encounter = $result['encounter'];
82 // See view.php to allow or disallow updates of the encounter date.
83 $datepart = acl_check('encounters', 'date_a') ? "date = '" . add_escape_custom($date) . "', " : "";
84 sqlStatement("UPDATE form_encounter SET " .
85 $datepart .
86 "onset_date = '" . add_escape_custom($onset_date) . "', " .
87 "reason = '" . add_escape_custom($reason) . "', " .
88 "facility = '" . add_escape_custom($facility) . "', " .
89 "pc_catid = '" . add_escape_custom($pc_catid) . "', " .
90 "facility_id = '" . add_escape_custom($facility_id) . "', " .
91 "billing_facility = '" . add_escape_custom($billing_facility) . "', " .
92 "sensitivity = '" . add_escape_custom($sensitivity) . "', " .
93 "referral_source = '" . add_escape_custom($referral_source) . "', " .
94 "pos_code = '" . add_escape_custom($pos_code) . "' " .
95 "WHERE id = '" . add_escape_custom($id) . "'");
96 }
97 else {
98 die("Unknown mode '" . text($mode) . "'");
99 }
100
101 setencounter($encounter);
102
103 // Update the list of issues associated with this encounter.
104 sqlStatement("DELETE FROM issue_encounter WHERE " .
105 "pid = ? AND encounter = ?", array($pid,$encounter) );
106 if (is_array($_POST['issues'])) {
107 foreach ($_POST['issues'] as $issue) {
108 $query = "INSERT INTO issue_encounter ( pid, list_id, encounter ) VALUES (?,?,?)";
109 sqlStatement($query, array($pid,$issue,$encounter));
110 }
111 }
112
113 // Custom for Chelsea FC.
114 //
115 if ($mode == 'new' && $GLOBALS['default_new_encounter_form'] == 'football_injury_audit') {
116
117 // If there are any "football injury" issues (medical problems without
118 // "illness" in the title) linked to this encounter, but no encounter linked
119 // to such an issue has the injury form in it, then present that form.
120
121 $lres = sqlStatement("SELECT list_id " .
122 "FROM issue_encounter, lists WHERE " .
123 "issue_encounter.pid = ? AND " .
124 "issue_encounter.encounter = ? AND " .
125 "lists.id = issue_encounter.list_id AND " .
126 "lists.type = 'medical_problem' AND " .
127 "lists.title NOT LIKE '%Illness%'", array($pid,$encounter));
128
129 if (sqlNumRows($lres) > 0) {
130 $nexturl = "patient_file/encounter/load_form.php?formname=" .
131 $GLOBALS['default_new_encounter_form'];
132 while ($lrow = sqlFetchArray($lres)) {
133 $frow = sqlQuery("SELECT count(*) AS count " .
134 "FROM issue_encounter, forms WHERE " .
135 "issue_encounter.list_id = ? AND " .
136 "forms.pid = issue_encounter.pid AND " .
137 "forms.encounter = issue_encounter.encounter AND " .
138 "forms.formdir = ?", array($lrow['list_id'],$GLOBALS['default_new_encounter_form']));
139 if ($frow['count']) $nexturl = $normalurl;
140 }
141 }
142 }
143 $result4 = sqlStatement("SELECT fe.encounter,fe.date,openemr_postcalendar_categories.pc_catname FROM form_encounter AS fe ".
144 " left join openemr_postcalendar_categories on fe.pc_catid=openemr_postcalendar_categories.pc_catid WHERE fe.pid = ? order by fe.date desc", array($pid));
145 ?>
146 <html>
147 <body>
148 <script language='JavaScript'>
149 EncounterDateArray=new Array;
150 CalendarCategoryArray=new Array;
151 EncounterIdArray=new Array;
152 Count=0;
153 <?php
154 if(sqlNumRows($result4)>0)
155 while($rowresult4 = sqlFetchArray($result4))
156 {
157 ?>
158 EncounterIdArray[Count]='<?php echo attr($rowresult4['encounter']); ?>';
159 EncounterDateArray[Count]='<?php echo attr(oeFormatShortDate(date("Y-m-d", strtotime($rowresult4['date'])))); ?>';
160 CalendarCategoryArray[Count]='<?php echo attr(xl_appt_category($rowresult4['pc_catname'])); ?>';
161 Count++;
162 <?php
163 }
164 ?>
165 top.window.parent.left_nav.setPatientEncounter(EncounterIdArray,EncounterDateArray,CalendarCategoryArray);
166 top.restoreSession();
167 <?php if ($mode == 'new') { ?>
168 parent.left_nav.setEncounter(<?php echo "'" . attr(oeFormatShortDate($date)) . "', '" . attr($encounter) . "', window.name"; ?>);
169 <?php } // end if new encounter ?>
170 parent.left_nav.loadFrame('enc2', window.name, '<?php echo $nexturl; ?>');
171 </script>
172
173 </body>
174 </html>
Mirror of official OpenEMR Sourceforge repository