services/DocumentService.php

   1 <?php
   2 /**
   3  * DocumentService
   4  *
   5  * @package   OpenEMR
   6  * @link      http://www.open-emr.org
   7  * @author    Matthew Vita <matthewvita48@gmail.com>
   8  * @author    Brady Miller <brady.g.miller@gmail.com>
   9  * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
  10  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
  11  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  12  */
  13
  14
  15 namespace OpenEMR\Services;
  16
  17 use Particle\Validator\Validator;
  18
  19 class DocumentService
  20 {
  21     public function __construct()
  22     {
  23     }
  24
  25     public function isValidPath($path)
  26     {
  27         $docPathParts = explode("/", $path);
  28
  29         unset($docPathParts[0]);
  30
  31         $categoriesSql  = "  SELECT parent, id";
  32         $categoriesSql .= "    FROM categories";
  33         $categoriesSql .= "    WHERE replace(LOWER(name), ' ', '') = ?";
  34
  35         $lastParent = null;
  36         $isValidPath = true;
  37         foreach ($docPathParts as $index => $part) {
  38             $categoryResults = sqlQuery($categoriesSql, str_replace("_", "", $part));
  39
  40             if ($index === 1) {
  41                 $lastParent = $categoryResults["id"];
  42                 continue;
  43             }
  44
  45             if ($categoryResults["parent"] === $lastParent) {
  46                 $lastParent = $categoryResults["id"];
  47             } else {
  48                 $isValidPath = false;
  49                 break;
  50             }
  51         }
  52
  53         return $isValidPath;
  54     }
  55
  56     public function getLastIdOfPath($path)
  57     {
  58         $docPathParts = explode("/", $path);
  59         $lastInPath = end($docPathParts);
  60
  61         $sql  = "  SELECT id";
  62         $sql .= "    FROM categories";
  63         $sql .= "    WHERE replace(LOWER(name), ' ', '') = ?";
  64
  65         $results = sqlQuery($sql, str_replace("_", "", $lastInPath));
  66         return $results['id'];
  67     }
  68
  69     public function getAllAtPath($pid, $path)
  70     {
  71         if (!$this->isValidPath($path)) {
  72             return false;
  73         }
  74
  75         $categoryId = $this->getLastIdOfPath($path);
  76
  77         $documentsSql  = " SELECT doc.url, doc.id, doc.mimetype, doc.docdate";
  78         $documentsSql .= " FROM documents doc";
  79         $documentsSql .= " JOIN categories_to_documents ctd on ctd.document_id = doc.id";
  80         $documentsSql .= " WHERE ctd.category_id = ? and doc.foreign_id = ?";
  81
  82         $documentResults = sqlStatement($documentsSql, array($categoryId, $pid));
  83
  84         $fileResults = array();
  85         while ($row = sqlFetchArray($documentResults)) {
  86             array_push($fileResults, array(
  87                 "filename" => basename($row["url"]),
  88                 "id" =>  $row["id"],
  89                 "mimetype" =>  $row["mimetype"],
  90                 "docdate" =>  $row["docdate"]
  91             ));
  92         }
  93         return $fileResults;
  94     }
  95
  96     public function insertAtPath($pid, $path, $fileData)
  97     {
  98         if (!$this->isValidPath($path)) {
  99             return false;
 100         }
 101
 102         $categoryId = $this->getLastIdOfPath($path);
 103
 104         $nextIdResult = sqlQuery("SELECT MAX(id)+1 as id FROM documents");
 105
 106         $insertDocSql  = " INSERT INTO documents SET";
 107         $insertDocSql .= "   id=?,";
 108         $insertDocSql .= "   type='file_url',";
 109         $insertDocSql .= "   size=?,";
 110         $insertDocSql .= "   date=NOW(),";
 111         $insertDocSql .= "   url=?,";
 112         $insertDocSql .= "   mimetype=?,";
 113         $insertDocSql .= "   foreign_id=?";
 114
 115         sqlInsert(
 116             $insertDocSql,
 117             array(
 118                 $nextIdResult["id"],
 119                 $fileData["size"],
 120                 $GLOBALS['oer_config']['documents']['repository'] . $categoryId . "/" . $fileData["name"],
 121                 $fileData["type"],
 122                 $pid
 123             )
 124         );
 125
 126         $cateToDocsSql  = " INSERT INTO categories_to_documents SET";
 127         $cateToDocsSql .= "    category_id=?,";
 128         $cateToDocsSql .= "    document_id=?";
 129
 130         sqlInsert(
 131             $cateToDocsSql,
 132             array(
 133                 $categoryId,
 134                 $nextIdResult["id"]
 135             )
 136         );
 137
 138         $newPath = $GLOBALS['oer_config']['documents']['repository'] . "/" . $categoryId;
 139         if (!file_exists($newPath)) {
 140             mkdir($newPath, 0700, true);
 141         }
 142
 143         $moved = move_uploaded_file($fileData["tmp_name"], $newPath . "/" . $fileData["name"]);
 144
 145         return $moved;
 146     }
 147
 148     public function getFile($pid, $did)
 149     {
 150         return sqlQuery("SELECT url FROM documents WHERE id = ? AND foreign_id = ?", array($did, $pid));
 151     }
 152 }