search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
added ability to delete a transaction
[openemr.git] / interface / patient_file / deleter.php
blob4f78c407ecd65270809d9c1867d805cf865e489c
1 <?php
2 // Copyright (C) 2005-2009 Rod Roark <rod@sunsetsystems.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8
9 require_once("../globals.php");
10 require_once("$srcdir/log.inc");
11 require_once("$srcdir/acl.inc");
12 require_once("$srcdir/sl_eob.inc.php");
13
14 $patient = $_REQUEST['patient'];
15 $encounterid = $_REQUEST['encounterid'];
16 $formid = $_REQUEST['formid'];
17 $issue = $_REQUEST['issue'];
18 $document = $_REQUEST['document'];
19 $payment = $_REQUEST['payment'];
20 $billing = $_REQUEST['billing'];
21 $transaction = $_REQUEST['transaction'];
22
23 $info_msg = "";
24
25 // Delete rows, with logging, for the specified table using the
26 // specified WHERE clause.
27 //
28 function row_delete($table, $where) {
29 $tres = sqlStatement("SELECT * FROM $table WHERE $where");
30 $count = 0;
31 while ($trow = sqlFetchArray($tres)) {
32 $logstring = "";
33 foreach ($trow as $key => $value) {
34 if (! $value || $value == '0000-00-00 00:00:00') continue;
35 if ($logstring) $logstring .= " ";
36 $logstring .= $key . "='" . addslashes($value) . "'";
37 }
38 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], "$table: $logstring");
39 ++$count;
40 }
41 if ($count) {
42 $query = "DELETE FROM $table WHERE $where";
43 echo $query . "<br>\n";
44 sqlStatement($query);
45 }
46 }
47
48 // Deactivate rows, with logging, for the specified table using the
49 // specified SET and WHERE clauses.
50 //
51 function row_modify($table, $set, $where) {
52 if (sqlQuery("SELECT * FROM $table WHERE $where")) {
53 newEvent("deactivate", $_SESSION['authUser'], $_SESSION['authProvider'], "$table: $where");
54 $query = "UPDATE $table SET $set WHERE $where";
55 echo $query . "<br>\n";
56 sqlStatement($query);
57 }
58 }
59
60 // We use this to put dashes, colons, etc. back into a timestamp.
61 //
62 function decorateString($fmt, $str) {
63 $res = '';
64 while ($fmt) {
65 $fc = substr($fmt, 0, 1);
66 $fmt = substr($fmt, 1);
67 if ($fc == '.') {
68 $res .= substr($str, 0, 1);
69 $str = substr($str, 1);
70 } else {
71 $res .= $fc;
72 }
73 }
74 return $res;
75 }
76
77 ?>
78 <html>
79 <head>
80 <?php html_header_show();?>
81 <title><?php xl('Delete Patient, Encounter, Form, Issue, Document, Payment, Billing or Transaction','e'); ?></title>
82 <link rel="stylesheet" href='<?php echo $css_header ?>' type='text/css'>
83
84 <style>
85 td { font-size:10pt; }
86 </style>
87
88 </head>
89
90 <body class="body_top">
91 <?php
92 // If the delete is confirmed...
93 //
94 if ($_POST['form_submit']) {
95
96 if ($patient) {
97 if (!acl_check('admin', 'super')) die("Not authorized!");
98 row_modify("billing" , "activity = 0", "pid = '$patient'");
99 row_modify("pnotes" , "activity = 0", "pid = '$patient'");
100 // row_modify("prescriptions" , "active = 0" , "patient_id = '$patient'");
101 row_delete("prescriptions" , "patient_id = '$patient'");
102 row_delete("claims" , "patient_id = '$patient'");
103 row_delete("drug_sales" , "pid = '$patient'");
104 row_delete("payments" , "pid = '$patient'");
105 row_delete("ar_activity" , "pid = '$patient'");
106 row_delete("openemr_postcalendar_events", "pc_pid = '$patient'");
107 row_delete("immunizations" , "patient_id = '$patient'");
108 row_delete("issue_encounter", "pid = '$patient'");
109 row_delete("lists" , "pid = '$patient'");
110 row_delete("transactions" , "pid = '$patient'");
111 row_delete("employer_data" , "pid = '$patient'");
112 row_delete("history_data" , "pid = '$patient'");
113 row_delete("insurance_data" , "pid = '$patient'");
114 row_delete("patient_data" , "pid = '$patient'");
115
116 $res = sqlStatement("SELECT * FROM forms WHERE pid = '$patient'");
117 while ($row = sqlFetchArray($res)) {
118 $formdir = ($row['formdir'] == 'newpatient') ? 'encounter' : $row['formdir'];
119 row_delete("form_$formdir", "id = '" . $row['form_id'] . "'");
120 }
121 row_delete("forms", "pid = '$patient'");
122
123 $row = sqlQuery("SELECT id FROM patient_data WHERE pid = '$patient'");
124 row_delete("integration_mapping", "local_table = 'patient_data' AND " .
125 "local_id = '" . $row['id'] . "'");
126 }
127 else if ($encounterid) {
128 if (!acl_check('admin', 'super')) die("Not authorized!");
129 row_modify("billing", "activity = 0", "encounter = '$encounterid'");
130 row_delete("ar_activity", "pid = '$patient' AND encounter = '$encounterid'");
131 row_delete("claims", "encounter_id = '$encounterid'");
132 row_delete("issue_encounter", "encounter = '$encounterid'");
133 $res = sqlStatement("SELECT * FROM forms WHERE encounter = '$encounterid'");
134 while ($row = sqlFetchArray($res)) {
135 $formdir = ($row['formdir'] == 'newpatient') ? 'encounter' : $row['formdir'];
136 row_delete("form_$formdir", "id = '" . $row['form_id'] . "'");
137 }
138 row_delete("forms", "encounter = '$encounterid'");
139 }
140 else if ($formid) {
141 if (!acl_check('admin', 'super')) die("Not authorized!");
142 $row = sqlQuery("SELECT * FROM forms WHERE id = '$formid'");
143 $formdir = $row['formdir'];
144 if (! $formdir) die("There is no form with id '$formid'");
145 $formname = ($formdir == 'newpatient') ? 'encounter' : $formdir;
146 row_delete("form_$formname", "id = '" . $row['form_id'] . "'");
147 row_delete("forms", "id = '$formid'");
148 }
149 else if ($issue) {
150 if (!acl_check('admin', 'super')) die("Not authorized!");
151 row_delete("issue_encounter", "list_id = '$issue'");
152 row_delete("lists", "id = '$issue'");
153 }
154 else if ($document) {
155 if (!acl_check('admin', 'super')) die("Not authorized!");
156 $trow = sqlQuery("SELECT url FROM documents WHERE id = '$document'");
157 $url = $trow['url'];
158 row_delete("categories_to_documents", "document_id = '$document'");
159 row_delete("documents", "id = '$document'");
160 if (substr($url, 0, 7) == 'file://') {
161 @unlink(substr($url, 7));
162 }
163 }
164 else if ($payment) {
165 if (!acl_check('admin', 'super')) die("Not authorized!");
166 list($patient_id, $timestamp) = explode(".", $payment);
167 $timestamp = decorateString('....-..-.. ..:..:..', $timestamp);
168 $payres = sqlStatement("SELECT * FROM payments WHERE " .
169 "pid = '$patient_id' AND dtime = '$timestamp'");
170 while ($payrow = sqlFetchArray($payres)) {
171 if ($payrow['amount1'] != 0) {
172 // Mark the payment as inactive.
173 row_modify("billing", "activity = 0",
174 "pid = '$patient_id' AND " .
175 "encounter = '" . $payrow['encounter'] . "' AND " .
176 "code_type = 'COPAY' AND " .
177 "fee = '" . (0 - $payrow['amount1']) . "' AND " .
178 "LEFT(date, 10) = '" . substr($timestamp, 0, 10) . "' AND " .
179 "activity = 1 LIMIT 1");
180 }
181 if ($payrow['amount2'] != 0) {
182 if ($GLOBALS['oer_config']['ws_accounting']['enabled'] === 2) {
183 $thissrc = '';
184 if ($payrow['method']) {
185 $thissrc .= $payrow['method'];
186 if ($payrow['source']) $thissrc .= ' ' . $payrow['source'];
187 }
188 $thissrc .= ' front office reversal';
189 $session_id = 0; // Is this OK?
190 arPostPayment($patient_id, $payrow['encounter'], $session_id,
191 0 - $payrow['amount2'], '', 0, $thissrc, 0);
192 }
193 else {
194 // Look up the matching invoice and post an offsetting payment.
195 slInitialize();
196 $invnum = "$patient_id." . $payrow['encounter'];
197 $thissrc = 'Pt/';
198 if ($payrow['method']) {
199 $thissrc .= $payrow['method'];
200 if ($payrow['source']) $thissrc .= ' ' . $payrow['source'];
201 }
202 $thissrc .= ' front office reversal';
203 $trans_id = SLQueryValue("SELECT id FROM ar WHERE " .
204 "ar.invnumber = '$invnum' LIMIT 1");
205 if ($trans_id) {
206 slPostPayment($trans_id, 0 - $payrow['amount2'], date('Y-m-d'),
207 $thissrc, '', 0, 0);
208 } else {
209 $info_msg .= "Invoice '$invnum' not found; could not delete its " .
210 "payment of \$" . $payrow['amount2'] . ". ";
211 }
212 SLClose();
213 }
214 }
215 row_delete("payments", "id = '" . $payrow['id'] . "'");
216 }
217 }
218 else if ($billing) {
219 if (!acl_check('acct','disc')) die("Not authorized!");
220 list($patient_id, $encounter_id) = explode(".", $billing);
221 if ($GLOBALS['oer_config']['ws_accounting']['enabled'] === 2) {
222 sqlStatement("DELETE FROM ar_activity WHERE " .
223 "pid = '$patient_id' AND encounter = '$encounter_id'");
224 sqlStatement("DELETE ar_session FROM ar_session LEFT JOIN " .
225 "ar_activity ON ar_session.session_id = ar_activity.session_id " .
226 "WHERE ar_activity.session_id IS NULL");
227 sqlStatement("UPDATE form_encounter SET last_level_billed = 0, " .
228 "last_level_closed = 0, stmt_count = 0, last_stmt_date = NULL " .
229 "WHERE pid = '$patient_id' AND encounter = '$encounter_id'");
230 }
231 else {
232 slInitialize();
233 $trans_id = SLQueryValue("SELECT id FROM ar WHERE ar.invnumber = '$billing' LIMIT 1");
234 if ($trans_id) {
235 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], "Invoice $billing from SQL-Ledger");
236 SLQuery("DELETE FROM acc_trans WHERE trans_id = '$trans_id'");
237 if ($sl_err) die($sl_err);
238 SLQuery("DELETE FROM invoice WHERE trans_id = '$trans_id'");
239 if ($sl_err) die($sl_err);
240 SLQuery("DELETE FROM ar WHERE id = '$trans_id'");
241 if ($sl_err) die($sl_err);
242 } else {
243 $info_msg .= "Invoice '$billing' not found!";
244 }
245 SLClose();
246 }
247 sqlStatement("UPDATE drug_sales SET billed = 0 WHERE " .
248 "pid = '$patient_id' AND encounter = '$encounter_id'");
249 updateClaim(true, $patient_id, $encounter_id, -1, -1, 1, 0, ''); // clears for rebilling
250 }
251 else if ($transaction) {
252 if (!acl_check('admin', 'super')) die("Not authorized!");
253 row_delete("transactions", "id = '$transaction'");
254 }
255 else {
256 die("Nothing was recognized to delete!");
257 }
258
259 if (! $info_msg) $info_msg = "Delete successful.";
260
261 // Close this window and tell our opener that it's done.
262 //
263 echo "<script language='JavaScript'>\n";
264 if ($info_msg) echo " alert('$info_msg');\n";
265 echo " window.close();\n";
266 echo " if (opener.imdeleted) opener.imdeleted();\n";
267 echo "</script></body></html>\n";
268 exit();
269 }
270 ?>
271
272 <form method='post' action='deleter.php?patient=<?php echo $patient ?>&encounterid=<?php echo $encounterid ?>&formid=<?php echo $formid ?>&issue=<?php echo $issue ?>&document=<?php echo $document ?>&payment=<?php echo $payment ?>&billing=<?php echo $billing ?>&transaction=<?php echo $transaction ?>'>
273
274 <p>&nbsp;<br><?php xl('
275 Do you really want to delete','e'); ?>
276
277 <?php
278 if ($patient) {
279 echo "patient $patient";
280 } else if ($encounterid) {
281 echo "encounter $encounterid";
282 } else if ($formid) {
283 echo "form $formid";
284 } else if ($issue) {
285 echo "issue $issue";
286 } else if ($document) {
287 echo "document $document";
288 } else if ($payment) {
289 echo "payment $payment";
290 } else if ($billing) {
291 echo "invoice $billing";
292 } else if ($transaction) {
293 echo "transaction $transaction";
294 }
295 ?> <?php xl('and all subordinate data? This action will be logged','e'); ?>!</p>
296
297 <center>
298
299 <p>&nbsp;<br>
300 <input type='submit' name='form_submit' value='Yes, Delete and Log' />
301 &nbsp;
302 <input type='button' value='No, Cancel' onclick='window.close()' />
303 </p>
304
305 </center>
306 </form>
307 </body>
308 </html>
Mirror of official OpenEMR Sourceforge repository