search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
removed FILTER_SANITIZE_STRING from filter_input since OpenEMR does html escaping...
[openemr.git] / interface / billing / edih_main.php
blobb7b6cadcb139dd6a187bdf55a15ed825c1dc5153
1 <?php
2 /*
3 * edi_history_main.php
4 *
5 * Copyright 2012 Kevin McCormick Longview, Texas
6 *
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; version 3 or later. You should have
16 * received a copy of the GNU General Public License along with this program;
17 * if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
19 * <http://opensource.org/licenses/gpl-license.php>
20 *
21 *
22 * @author Kevin McCormick
23 * @link: http://www.open-emr.org
24 * @package OpenEMR
25 * @subpackage ediHistory
26 */
27
28 /* these lines for OpenEMR
29 */
30 $sanitize_all_escapes=true;
31 $fake_register_globals=false;
32 require_once(dirname(__FILE__) . "/../globals.php");
33
34 /**
35 * this define is used to prevent direct access to the included scripts
36 * which have the corresponding definition commented for now
37 */
38 define('SITE_IN', 1);
39
40 // define constants
41 // since enounter digits are sequential, digit length should rarely change
42 // however for a startup they may, or a "mask" value of 1000 or 10000
43 // would be a good idea if there are problems with deciphering the pid-encounter
44 // same idea for pid value, but since encounter is unique and always last, it is essential
45 // possibly check the mask value in OpenEMR globals to set this
46
47
48 // Try to prevent search for too short encounter value
49 if (!defined("ENCOUNTER_MIN_DIGIT_LENGTH")) define("ENCOUNTER_MIN_DIGIT_LENGTH", 1);
50 // these delimiters are hardcoded into OpenEMR batch files
51 if (!defined("SEG_ELEM_DELIM")) define( "SEG_ELEM_DELIM" , "*");
52 if (!defined("SEG_TERM_DELIM")) define( "SEG_TERM_DELIM" , "~");
53 //clearinghouse practice
54 if (!defined("IBR_DELIMITER")) define("IBR_DELIMITER", "|");
55 //
56 if (!defined("DS")) define("DS", DIRECTORY_SEPARATOR);
57 //
58 // path will be "$srcdir/edihistory/filename.php"
59 require_once("$srcdir/edihistory/edih_csv_inc.php"); //dirname(__FILE__) . "/edihist/csv_record_include.php");
60 require_once("$srcdir/edihistory/edih_io.php"); //dirname(__FILE__) . "/edihist/ibr_io.php");
61 require_once("$srcdir/edihistory/edih_x12file_class.php");
62 require_once("$srcdir/edihistory/edih_uploads.php"); //dirname(__FILE__) . "/edihist/ibr_uploads.php");
63 require_once("$srcdir/edihistory/edih_csv_parse.php"); //dirname(__FILE__) . "/edihist/ibr_997_read.php");
64 require_once("$srcdir/edihistory/edih_csv_data.php"); //dirname(__FILE__) . "/edihist/ibr_277_read.php");
65 require_once("$srcdir/edihistory/edih_997_error.php");
66 require_once("$srcdir/edihistory/edih_segments.php");
67 require_once("$srcdir/edihistory/edih_archive.php"); //dirname(__FILE__) . "/edihist/ibr_batch_read.php");
68 require_once("$srcdir/edihistory/edih_271_html.php"); //dirname(__FILE__) . "/edihist/ibr_ack_read.php");
69 require_once("$srcdir/edihistory/edih_277_html.php");
70 require_once("$srcdir/edihistory/edih_278_html.php");
71 require_once("$srcdir/edihistory/edih_835_html.php"); //dirname(__FILE__) . "/edihist/ibr_era_read.php");
72 require_once("$srcdir/edihistory/codes/edih_271_code_class.php"); //dirname(__FILE__) . "/edihist/ibr_code_arrays.php");
73 require_once("$srcdir/edihistory/codes/edih_835_code_class.php"); //dirname(__FILE__) . "/edihist/ibr_status_code_arrays.php");
74 require_once("$srcdir/edihistory/codes/edih_997_codes.php");
75 //
76 // php may output line endings with included files
77 ob_clean();
78
79 if (isset($GLOBALS['OE_SITE_DIR'])) {
80 $edih_base_dir = csv_edih_basedir();
81 $edih_tmp_dir = csv_edih_tmpdir();
82 } else {
83 die("EDI History: Did not get directory path information!");
84 }
85
86 // if we are not set up, create directories and csv files
87 //if (!is_dir(dirname(__FILE__) . '/edihist' . IBR_HISTORY_DIR) ) {
88 if (!is_dir($edih_tmp_dir)) {
89 //
90 //echo "setup with base directory: $edih_base_dir <br />" .PHP_EOL;
91 if (csv_setup() == true) {
92 $html_str = '';
93 if (is_dir($edih_tmp_dir)) { csv_clear_tmpdir(); }
94 } else {
95 print $html_str;
96 exit;
97 }
98 }
99 // avoid unitialized variable error
100 $html_str = '';
101 // debug
102 if (count($_GET)) {
103 $dbg_str = "_GET request ".PHP_EOL;
104 foreach($_GET as $k=>$v) {
105 $dbg_str .= " $k => $v ";
106 }
107 csv_edihist_log($dbg_str);
108 }
109 if (count($_POST)) {
110 $dbg_str = "_POST request ".PHP_EOL;
111 foreach($_POST as $k=>$v) {
112 $dbg_str .= " $k => $v ";
113 }
114 csv_edihist_log($dbg_str);
115 }
116 //
117 /* ******* remove functions to separate file ******* */
118 /*
119 * functions called in the if stanzas are now in edih_io.php
120 */
121 if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
122 //
123 // === log user access on POST requests ===========
124 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
125 // =====================================
126 if ( isset($_POST['NewFiles']) && isset($_FILES['fileUplMulti']) ) {
127 // process new files button clicked
128 $html_str = edih_disp_file_upload();
129
130 } elseif ( isset($_POST['viewx12Files']) && isset($_FILES['fileUplx12']) ) {
131 // process new files button clicked
132 $html_str = edih_disp_x12file();
133
134 } elseif (isset($_POST['notes_hidden']) ) {
135 // user notes
136 $html_str = edih_user_notes();
137
138 } elseif (isset($_POST['ArchiveRequest']) ) {
139 // request to archive edi files
140 $req = filter_input(INPUT_POST, 'ArchiveRequest', FILTER_DEFAULT);
141 if ($req == 'requested') {
142 $html_str = edih_disp_archive();
143 } else {
144 $html_str .= "<p>Input Error: for edi files archive function</p>".PHP_EOL;
145 }
146 } elseif (isset($_POST['ArchiveRestore']) ) {
147 // request to restore an archive of edi files
148 $req = filter_input(INPUT_POST, 'ArchiveRestore', FILTER_DEFAULT);
149 if ($req == 'restore') {
150 $html_str = edih_disp_archive_restore();
151 } else {
152 $html_str .= "<p>Input Error: for edi files archive restore function</p>".PHP_EOL;
153 }
154
155 } else {
156 // ========= log user access for user commands ===========
157 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
158 // ===========
159 $html_str .= "<p>Error: unrecognized value in request</p>".PHP_EOL;
160 // debug
161 $bg_str = "Unknown POST value: ".PHP_EOL;
162 foreach($_POST as $ky => $val) {
163 $bg_str .= "$ky : $val ".PHP_EOL;
164 }
165 csv_edihist_log($bg_str);
166 } // end if (strtolower($_SERVER['REQUEST_METHOD']) == 'post')
167 //
168 } elseif (strtolower($_SERVER['REQUEST_METHOD']) == 'get') {
169 //
170 if (isset($_GET['srvinfo']) && $_GET['srvinfo'] == 'yes') {
171 // initial ajax request
172 $html_str = edih_php_inivals();
173
174 } elseif ( isset($_GET['csvtbllist']) ) {
175 // list of available csv tables
176 $tbl = filter_input(INPUT_GET, 'csvtbllist', FILTER_DEFAULT);
177 //
178 if ($tbl == 'yes') {
179 $html_str = csv_table_select_list();
180 } else {
181 $html_str = json_encode('error');
182 csv_edihist_log("GET error: missing parameter for csv table list");
183 return $html_str;
184 }
185
186 } elseif ( isset($_GET['archlist']) ) {
187 // list of csv archive files
188 $tbl = filter_input(INPUT_GET, 'archlist', FILTER_DEFAULT);
189 if ($tbl == 'yes') {
190 $html_str = csv_archive_select_list();
191 } else {
192 $html_str = json_encode('error');
193 csv_edihist_log("GET error: missing parameter for csv archive list");
194 return $html_str;
195 }
196
197 } elseif ( isset($_GET['loglist']) ) {
198 // initial setup -- populate log file select { loglist: 'yes' },
199 $la = filter_input(INPUT_GET, 'loglist', FILTER_DEFAULT);
200 $html_str = edih_disp_logfiles();
201
202 } elseif ( isset( $_GET['archivelog']) ) {
203 // Notes tab [archive log files if older than 7 days]
204 // ========= log user access for user commands ===========
205 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
206 // =====================================
207 $html_str = edih_disp_logfiles();
208
209 } elseif ( isset( $_GET['logshowfile']) ) {
210 // New Files tab [ Process New ]
211 // ========= log user access for user commands ===========
212 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
213 // =====================================
214 $html_str = edih_disp_log();
215
216 } elseif ( isset( $_GET['ProcessFiles']) ) {
217 // New Files tab [ Process New ]
218 // ========= log user access for user commands ===========
219 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
220 // =====================================
221 $html_str = edih_disp_file_process();
222
223 } elseif ( isset( $_GET['gtbl']) ) {
224 // get from a csv_table
225 // ========= log user access for user commands ===========
226 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
227 // ======================================
228 $gtb = filter_input(INPUT_GET, 'gtbl', FILTER_DEFAULT);
229 //
230 if ($gtb == 'file') {
231 $html_str = edih_disp_x12file();
232 } elseif ($gtb == 'claim') {
233 $html_str = edih_disp_x12trans();
234 } elseif ($gtb == 'hist') {
235 $chkd = (isset( $_GET['chkdenied'])) ? filter_input(INPUT_GET, 'chkdenied', FILTER_DEFAULT) : '';
236 if ($chkd == 'yes') {
237 $html_str = edih_disp_denied_claims();
238 } else {
239 $html_str = edih_disp_x12trans();
240 }
241 } else {
242 $html_str = '<p>Input error: missing parameter</p>';
243 csv_edihist_log("GET error: missing parameter, no 'gtbl' value");
244 }
245
246 } elseif ( isset($_GET['csvShowTable']) ) {
247 // view a csv table
248 // ========= log user access for user commands ===========
249 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
250 // =======================================
251 $html_str = edih_disp_csvtable();
252
253 } elseif ( isset($_GET['hist_enctr']) ) {
254 // history for encounter
255 // ========= log user access for user commands ===========
256 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
257 // =======================================
258 $html_str = edih_disp_clmhist();
259
260 } elseif ( isset($_GET['ckprocessed']) ) {
261 // whether 835 payment file has been applied to pt balance
262 // ========= log user access for user commands ===========
263 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
264 // =======================================
265 $la = filter_input(INPUT_GET, 'ckprocessed', FILTER_DEFAULT);
266 if ($la == 'yes') {
267 // ajax request on page load
268 $html_str = edih_disp_era_processed();
269 $html_str = "alert('$html_str')";
270 }
271
272 } elseif ( isset( $_GET['chkdenied']) ) {
273 // files csv table
274 // ========= log user access for user commands ===========
275 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
276 // =====================================
277 $chkd = filter_input(INPUT_GET, 'chkdenied', FILTER_DEFAULT);
278 if ($chkd == 'yes') {
279 $html_str = edih_disp_denied_claims();
280 } else {
281 $html_str = '<p>Input error: invalid parameter</p>';
282 csv_edihist_log("GET error: missing parameter, invalid 'chkdenied' value");
283 }
284
285 } elseif ( isset($_GET['showlog']) ) {
286 // show the edi_history log
287 // ========= log user access for user commands ===========
288 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
289 // =======================================
290 $lgnm = (isset($_GET['log_select'])) ? filter_input(INPUT_GET, 'log_select', FILTER_DEFAULT) : '';
291 $la = (isset($_GET['logshowfile'])) ? filter_input(INPUT_GET, 'logshowfile', FILTER_DEFAULT) : '';
292 if ( $la == 'getlog' && $lgnm ) {
293 $html_str = csv_log_html($lgnm);
294 } else {
295 $html_str = "Show Log: input parameter error<br />" ;
296 }
297
298 } elseif ( isset($_GET['getnotes']) ) {
299 // ========= log user access for user commands ===========
300 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
301 // =======================================
302 $la = filter_input(INPUT_GET, 'getnotes', FILTER_DEFAULT);
303 $html_str = ($la) ? edih_user_notes() : "input parameter error<br />";
304
305 } elseif ( isset($_GET['archivereport']) ) {
306 // ========= log user access for user commands ===========
307 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
308 // =======================================
309 // data: { period: prd, archivereport: 'yes'),
310 $html_str = edih_disp_archive_report();
311
312 } else {
313 // ========= log user access for user commands ===========
314 csv_edihist_log("User: ".$_SERVER['REMOTE_ADDR'].' - '.date("F j, Y, g:i a"));
315 // =======================================
316 $html_str = "Error: unknown parameter in request<br />" .PHP_EOL;
317 $bg_str = "Error GET unknown value ";
318 foreach($_GET as $ky => $val) {
319 $bg_str .= "$ky : $val ".PHP_EOL;
320 }
321 csv_edihist_log($bg_str);
322 //$html_str .= var_dump($_GET) . PHP_EOL;
323 }
324
325 } else {
326 die("EDI History: invalid input method <br />");
327 }
328
329 //
330 $isclear = csv_clear_tmpdir();
331 if (!$isclear) {
332 //echo "file contents remain in $edih_tmp_dir <br />".PHP_EOL;
333 csv_edihist_log("file contents remain in $edih_tmp_dir");
334 }
335 //
336 if (!$html_str) {
337 csv_edihist_log("no html output!");
338 die("No content in response <br />" . PHP_EOL);
339 }
340 //
341 print $html_str;
Mirror of official OpenEMR Sourceforge repository