search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Highway to PSR2
[openemr.git] / library / ESign / DbRow / Signable.php
blob5af4a40c59fe74fe6d8afb75b5852224dd36f14d
1 <?php
2
3 namespace ESign;
4
5 /**
6 * Abstract implementation of SignableIF which represents a signable row
7 * in the database.
8 *
9 * Copyright (C) 2013 OEMR 501c3 www.oemr.org
10 *
11 * LICENSE: This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 3
14 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
21 *
22 * @package OpenEMR
23 * @author Ken Chapple <ken@mi-squared.com>
24 * @author Medical Information Integration, LLC
25 * @link http://www.open-emr.org
26 **/
27
28 require_once $GLOBALS['srcdir'].'/ESign/SignableIF.php';
29 require_once $GLOBALS['srcdir'].'/ESign/Signature.php';
30 require_once $GLOBALS['srcdir'].'/ESign/Utils/Verification.php';
31
32 abstract class DbRow_Signable implements SignableIF
33 {
34 private $_signatures = array();
35 private $_tableId = null;
36 private $_tableName = null;
37 private $_verification = null;
38
39 public function __construct($tableId, $tableName)
40 {
41 $this->_tableId = $tableId;
42 $this->_tableName = $tableName;
43 $this->_verification = new Utils_Verification();
44 }
45
46 public function getSignatures()
47 {
48 $this->_signatures = array();
49
50 $statement = "SELECT E.id, E.tid, E.table, E.uid, U.fname, U.lname, E.datetime, E.is_lock, E.amendment, E.hash, E.signature_hash FROM esign_signatures E ";
51 $statement .= "JOIN users U ON E.uid = U.id ";
52 $statement .= "WHERE E.tid = ? AND E.table = ? ";
53 $statement .= "ORDER BY E.datetime ASC";
54 $result = sqlStatement($statement, array( $this->_tableId, $this->_tableName ));
55
56 while ($row = sqlFetchArray($result)) {
57 $signature = new Signature(
58 $row['id'],
59 $row['tid'],
60 $row['table'],
61 $row['is_lock'],
62 $row['uid'],
63 $row['fname'],
64 $row['lname'],
65 $row['datetime'],
66 $row['hash'],
67 $row['amendment'],
68 $row['signature_hash']
69 );
70 $this->_signatures[]= $signature;
71 }
72
73 return $this->_signatures;
74 }
75
76 /**
77 * Get the hash of the last signature of type LOCK.
78 *
79 * This is used for comparison with a current hash to
80 * verify data integrity.
81 *
82 * @return sha1|empty string
83 */
84 protected function getLastLockHash()
85 {
86 $statement = "SELECT E.tid, E.table, E.hash FROM esign_signatures E ";
87 $statement .= "WHERE E.tid = ? AND E.table = ? AND E.is_lock = ? ";
88 $statement .= "ORDER BY E.datetime DESC LIMIT 1";
89 $row = sqlQuery($statement, array( $this->_tableId, $this->_tableName, SignatureIF::ESIGN_LOCK ));
90 $hash = null;
91 if ($row && isset($row['hash'])) {
92 $hash = $row['hash'];
93 }
94
95 return $hash;
96 }
97
98 public function getTableId()
99 {
100 return $this->_tableId;
101 }
102
103 public function renderForm()
104 {
105 include 'views/esign_signature_log.php';
106 }
107
108 public function isLocked()
109 {
110 $statement = "SELECT E.is_lock FROM esign_signatures E ";
111 $statement .= "WHERE E.tid = ? AND E.table = ? AND is_lock = ? ";
112 $statement .= "ORDER BY E.datetime DESC LIMIT 1 ";
113 $row = sqlQuery($statement, array( $this->_tableId, $this->_tableName, SignatureIF::ESIGN_LOCK ));
114 if ($row && $row['is_lock'] == SignatureIF::ESIGN_LOCK) {
115 return true;
116 }
117
118 return false;
119 }
120
121 public function sign($userId, $lock = false, $amendment = null)
122 {
123 $statement = "INSERT INTO `esign_signatures` ( `tid`, `table`, `uid`, `datetime`, `is_lock`, `hash`, `amendment`, `signature_hash` ) ";
124 $statement .= "VALUES ( ?, ?, ?, NOW(), ?, ?, ?, ? ) ";
125
126 // Make type string
127 $isLock = SignatureIF::ESIGN_NOLOCK;
128 if ($lock) {
129 $isLock = SignatureIF::ESIGN_LOCK;
130 }
131
132 // Create a hash of the signable object so we can verify it's integrity
133 $hash = $this->_verification->hash($this->getData());
134
135 // Crate a hash of the signature data itself. This is the same data as Signature::getData() method
136 $signature = array(
137 $this->_tableId,
138 $this->_tableName,
139 $userId,
140 $isLock,
141 $hash,
142 $amendment );
143 $signatureHash = $this->_verification->hash($signature);
144
145 // Append the hash of the signature data to the insert array before we insert
146 $signature[]= $signatureHash;
147 $id = sqlInsert($statement, $signature);
148
149 if ($id === false) {
150 throw new \Exception("Error occured while attempting to insert a signature into the database.");
151 }
152
153 return $id;
154 }
155
156 public function verify()
157 {
158 $valid = true;
159 // Verify the signable data integrity
160 // Check to see if this SignableIF is locked
161 if ($this->isLocked()) {
162 $signatures = $this->getSignatures();
163
164 // SignableIF is locked, so if it has any signatures, make sure it hasn't been edited since lock
165 if (count($signatures)) {
166 // Verify the data of the SignableIF object
167 $lastLockHash = $this->getLastLockHash();
168 $valid = $this->_verification->verify($this->getData(), $lastLockHash);
169
170 if ($valid === true) {
171 // If still vlaid, verify each signatures' integrity
172 foreach ($signatures as $signature) {
173 if ($signature instanceof SignatureIF) {
174 $valid = $signature->verify();
175 if ($valid === false) {
176 break;
177 }
178 }
179 }
180 }
181 }
182 }
183
184 return $valid;
185 }
186 }
Mirror of official OpenEMR Sourceforge repository