interface/forms/treatment_plan/save.php

   1 <?php
   2 /**
   3  *
   4  * Copyright (C) 2012-2013 Naina Mohamed <naina@capminds.com> CapMinds Technologies
   5  *
   6  * LICENSE: This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public License
   8  * as published by the Free Software Foundation; either version 3
   9  * of the License, or (at your option) any later version.
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
  16  *
  17  * @package OpenEMR
  18  * @author  Naina Mohamed <naina@capminds.com>
  19  * @link    http://www.open-emr.org
  20  */
  21
  22
  23 include_once("../../globals.php");
  24 include_once("$srcdir/api.inc");
  25 include_once("$srcdir/forms.inc");
  26
  27 if (! $encounter) { // comes from globals.php
  28     die(xl("Internal error: we do not seem to be in an encounter!"));
  29 }
  30
  31 $id = 0 + (isset($_GET['id']) ? $_GET['id'] : '');
  32
  33 $sets = "pid = {$_SESSION["pid"]},
  34   groupname = '" . $_SESSION["authProvider"] . "',
  35   user = '" . $_SESSION["authUser"] . "',
  36   authorized = $userauthorized, activity=1, date = NOW(),
  37   provider               = '" . add_escape_custom($_POST["provider"]) . "',
  38   client_name            = '" . add_escape_custom($_POST["client_name"]) . "',
  39   client_number          = '" . add_escape_custom($_POST["client_number"]) . "',
  40   admit_date             =  '" . add_escape_custom($_POST["admit_date"]) . "',
  41   presenting_issues          = '" . add_escape_custom($_POST["presenting_issues"]) . "',
  42   patient_history            =  '" . add_escape_custom($_POST["patient_history"]) . "',
  43   medications                = '" . add_escape_custom($_POST["medications"]) . "',
  44   anyother_relevant_information          = '" . add_escape_custom($_POST["anyother_relevant_information"]) . "',
  45   diagnosis                    = '" . add_escape_custom($_POST["diagnosis"]) . "',
  46   treatment_received           = '" . add_escape_custom($_POST["treatment_received"]) . "',
  47   recommendation_for_follow_up                    = '" . add_escape_custom($_POST["recommendation_for_follow_up"]) . "'";
  48
  49
  50
  51 if (empty($id)) {
  52     $newid = sqlInsert("INSERT INTO form_treatment_plan SET $sets");
  53     addForm($encounter, "Treatment Plan", $newid, "treatment_plan", $pid, $userauthorized);
  54 } else {
  55     sqlStatement("UPDATE form_treatment_plan SET $sets WHERE id = '". add_escape_custom("$id"). "'");
  56 }
  57
  58 $_SESSION["encounter"] = $encounter;
  59 formHeader("Redirecting....");
  60 formJump();
  61 formFooter();