interface/patient_file/deleter.php

   1 <?
   2  // Copyright (C) 2005 Rod Roark <rod@sunsetsystems.com>
   3  //
   4  // This program is free software; you can redistribute it and/or
   5  // modify it under the terms of the GNU General Public License
   6  // as published by the Free Software Foundation; either version 2
   7  // of the License, or (at your option) any later version.
   8
   9  include_once("../globals.php");
  10  include_once("$srcdir/log.inc");
  11  include_once("$srcdir/acl.inc");
  12
  13  $patient   = $_REQUEST['patient'];
  14  $encounter = $_REQUEST['encounter'];
  15  $issue     = $_REQUEST['issue'];
  16
  17  $info_msg = "";
  18
  19  $thisauth = acl_check('admin', 'super');
  20  if (! $thisauth) die("Not authorized!");
  21
  22  // Delete rows, with logging, for the specified table using the
  23  // specified WHERE clause.
  24  //
  25  function row_delete($table, $where) {
  26   $tres = sqlStatement("SELECT * FROM $table WHERE $where");
  27   $count = 0;
  28   while ($trow = sqlFetchArray($tres)) {
  29    $logstring = "";
  30    foreach ($trow as $key => $value) {
  31     if (! $value || $value == '0000-00-00 00:00:00') continue;
  32     if ($logstring) $logstring .= " ";
  33     $logstring .= $key . "='" . addslashes($value) . "'";
  34    }
  35    newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], "$table: $logstring");
  36    ++$count;
  37   }
  38   if ($count) {
  39    $query = "DELETE FROM $table WHERE $where";
  40    echo $query . "<br>\n";
  41    sqlStatement($query);
  42   }
  43  }
  44
  45  // Deactivate rows, with logging, for the specified table using the
  46  // specified SET and WHERE clauses.
  47  //
  48  function row_modify($table, $set, $where) {
  49   if (sqlQuery("SELECT * FROM $table WHERE $where")) {
  50    newEvent("deactivate", $_SESSION['authUser'], $_SESSION['authProvider'], "$table: $where");
  51    $query = "UPDATE $table SET $set WHERE $where";
  52    echo $query . "<br>\n";
  53    sqlStatement($query);
  54   }
  55  }
  56
  57 ?>
  58 <html>
  59 <head>
  60 <title>Delete Patient, Encounter or Issue</title>
  61 <link rel=stylesheet href='<? echo $css_header ?>' type='text/css'>
  62
  63 <style>
  64 td { font-size:10pt; }
  65 </style>
  66
  67 </head>
  68
  69 <body <?echo $top_bg_line;?>>
  70 <?
  71  // If the delete is confirmed...
  72  //
  73  if ($_POST['form_submit']) {
  74
  75   if ($patient) {
  76    row_modify("billing"       , "activity = 0", "pid = '$patient'");
  77    row_modify("pnotes"        , "activity = 0", "pid = '$patient'");
  78    row_modify("prescriptions" , "active = 0"  , "patient_id = '$patient'");
  79
  80    row_delete("openemr_postcalendar_events", "pc_pid = '$patient'");
  81    row_delete("immunizations"  , "patient_id = '$patient'");
  82    row_delete("issue_encounter", "pid = '$patient'");
  83    row_delete("lists"          , "pid = '$patient'");
  84    row_delete("transactions"   , "pid = '$patient'");
  85    row_delete("employer_data"  , "pid = '$patient'");
  86    row_delete("history_data"   , "pid = '$patient'");
  87    row_delete("insurance_data" , "pid = '$patient'");
  88    row_delete("patient_data"   , "pid = '$patient'");
  89
  90    $res = sqlStatement("SELECT * FROM forms WHERE pid = '$patient'");
  91    while ($row = sqlFetchArray($res)) {
  92     $formdir = ($row['formdir'] == 'newpatient') ? 'encounter' : $row['formdir'];
  93     row_delete("form_$formdir", "id = '" . $row['form_id'] . "'");
  94    }
  95    row_delete("forms", "pid = '$patient'");
  96   }
  97   else if ($encounter) {
  98    row_modify("billing", "activity = 0", "encounter = '$encounter'");
  99    row_delete("issue_encounter", "encounter = '$encounter'");
 100    $res = sqlStatement("SELECT * FROM forms WHERE encounter = '$encounter'");
 101    while ($row = sqlFetchArray($res)) {
 102     $formdir = ($row['formdir'] == 'newpatient') ? 'encounter' : $row['formdir'];
 103     row_delete("form_$formdir", "id = '" . $row['form_id'] . "'");
 104    }
 105    row_delete("forms", "encounter = '$encounter'");
 106   }
 107   else if ($issue) {
 108    row_delete("issue_encounter", "list_id = '$issue'");
 109    row_delete("lists", "id = '$issue'");
 110   }
 111   else {
 112    die("Nothing was specified to delete!");
 113   }
 114
 115   if (! $info_msg) $info_msg = "Delete successful.";
 116
 117   // Close this window and tell our opener that it's done.
 118   //
 119   echo "<script language='JavaScript'>\n";
 120   if ($info_msg) echo " alert('$info_msg');\n";
 121   echo " window.close();\n";
 122   echo " if (opener.imdeleted) opener.imdeleted();\n";
 123   echo "</script></body></html>\n";
 124   exit();
 125  }
 126 ?>
 127
 128 <form method='post' action='deleter.php?patient=<? echo $patient ?>&encounter=<? echo $encounter ?>&issue=<? echo $issue ?>'>
 129
 130 <p>&nbsp;<br>
 131 Do you really want to delete
 132
 133 <?php
 134  if ($patient) {
 135   echo "patient $patient";
 136  } else if ($encounter) {
 137   echo "encounter $encounter";
 138  } else if ($issue) {
 139   echo "issue $issue";
 140  }
 141 ?> and all subordinate data? This action will be logged!</p>
 142
 143 <center>
 144
 145 <p>&nbsp;<br>
 146 <input type='submit' name='form_submit' value='Yes, Delete and Log' />
 147 &nbsp;
 148 <input type='button' value='No, Cancel' onclick='window.close()' />
 149 </p>
 150
 151 </center>
 152 </form>
 153 </body>
 154 </html>