portal/lib/paylib.php

   1 <?php
   2 /**
   3  *
   4  * Copyright (C) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
   5  *
   6  * LICENSE: This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  * @package OpenEMR
  20  * @author Jerry Padgett <sjpadgett@gmail.com>
  21  * @link http://www.open-emr.org
  22  */
  23 session_start();
  24 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
  25     $pid = $_SESSION['pid'];
  26     $ignoreAuth = true;
  27     require_once(dirname(__FILE__) . "/../../interface/globals.php");
  28 } else {
  29     session_destroy();
  30     $ignoreAuth = false;
  31     require_once(dirname(__FILE__) . "/../../interface/globals.php");
  32     if (! isset($_SESSION['authUserID'])) {
  33         $landingpage = "index.php";
  34         header('Location: ' . $landingpage);
  35         exit();
  36     }
  37 }
  38
  39 require_once("./appsql.class.php");
  40 //$_SESSION['whereto'] = 'paymentpanel';
  41 if ($_SESSION['portal_init'] != 'true') {
  42     $_SESSION['whereto'] = 'paymentpanel';
  43 }
  44
  45 $_SESSION['portal_init'] = false;
  46
  47 if ($_POST['mode'] == 'portal-save') {
  48     $form_pid = $_POST['form_pid'];
  49     $form_method = trim($_POST['form_method']);
  50     $form_source = trim($_POST['form_source']);
  51     $upay = isset($_POST['form_upay']) ? $_POST['form_upay'] : '';
  52     $cc = isset($_POST['extra_values']) ? $_POST['extra_values'] : '';
  53     $amts = isset($_POST['inv_values']) ? $_POST['inv_values'] : '';
  54     $s = SaveAudit($form_pid, $amts, $cc);
  55     if ($s) {
  56         echo 'failed';
  57     }
  58
  59     echo true;
  60 } else if ($_POST['mode'] == 'review-save') {
  61     $form_pid = $_POST['form_pid'];
  62     $form_method = trim($_POST['form_method']);
  63     $form_source = trim($_POST['form_source']);
  64     $upay = isset($_POST['form_upay']) ? $_POST['form_upay'] : '';
  65     $cc = isset($_POST['extra_values']) ? $_POST['extra_values'] : '';
  66     $amts = isset($_POST['inv_values']) ? $_POST['inv_values'] : '';
  67     $s = CloseAudit($form_pid, $amts, $cc);
  68     if ($s) {
  69         echo 'failed';
  70     }
  71
  72     echo true;
  73 }
  74
  75 function SaveAudit($pid, $amts, $cc)
  76 {
  77     $appsql = new ApplicationTable();
  78     try {
  79         $audit = array ();
  80         $audit['patient_id'] = $pid;
  81         $audit['activity'] = "payment";
  82         $audit['require_audit'] = "1";
  83         $audit['pending_action'] = "review";
  84         $audit['action_taken'] = "";
  85         $audit['status'] = "waiting";
  86         $audit['narrative'] = "Authorize online payment.";
  87         $audit['table_action'] = '';
  88         $audit['table_args'] =  $amts;
  89         $audit['action_user'] = "0";
  90         $audit['action_taken_time'] = "";
  91         $audit['checksum'] = aes256Encrypt($cc);
  92
  93         $edata = $appsql->getPortalAudit($pid, 'review', 'payment');
  94         $audit['date'] = $edata['date'];
  95         if ($edata['id'] > 0) {
  96             $appsql->portalAudit('update', $edata['id'], $audit);
  97         } else {
  98             $appsql->portalAudit('insert', '', $audit);
  99         }
 100     } catch (Exception $ex) {
 101         return $ex;
 102     }
 103
 104     return 0;
 105 }
 106 function CloseAudit($pid, $amts, $cc, $action = 'payment posted', $paction = 'notify patient')
 107 {
 108     $appsql = new ApplicationTable();
 109     try {
 110         $audit = array ();
 111         $audit['patient_id'] = $pid;
 112         $audit['activity'] = "payment";
 113         $audit['require_audit'] = "1";
 114         $audit['pending_action'] = $paction;//'review';//
 115         $audit['action_taken'] = $action;
 116         $audit['status'] = "closed";//'waiting';
 117         $audit['narrative'] = "Payment authorized.";
 118         $audit['table_action'] = "update";
 119         $audit['table_args'] = $amts;
 120         $audit['action_user'] = isset($_SESSION['authUserID']) ? $_SESSION['authUserID'] : "0";
 121         $audit['action_taken_time'] = date("Y-m-d H:i:s");
 122         $audit['checksum'] = aes256Encrypt($cc);
 123
 124         $edata = $appsql->getPortalAudit($pid, 'review', 'payment');
 125         $audit['date'] = $edata['date'];
 126         if ($edata['id'] > 0) {
 127             $appsql->portalAudit('update', $edata['id'], $audit);
 128         }
 129     } catch (Exception $ex) {
 130         return $ex;
 131     }
 132
 133     return 0;
 134 }
 135 function OnlinePayPost($type, $auditrec)
 136 {
 137  // start of port for payments
 138     $extra = json_decode($_POST['extra_values'], true);
 139     $form_pid = $_POST['form_pid'];
 140     $form_method = trim($_POST['form_method']);
 141     $form_source = trim($_POST['form_source']);
 142     $patdata = getPatientData($form_pid, 'fname,mname,lname,pubpid');
 143     $NameNew=$patdata['fname'] . " " .$patdata['lname']. " " .$patdata['mname'];
 144 }