4 $sanitize_all_escapes=true;
7 //STOP FAKE REGISTER GLOBALS
8 $fake_register_globals=false;
11 include_once("../../globals.php");
12 include_once("$srcdir/log.inc");
13 include_once("$srcdir/billing.inc");
14 include_once("$srcdir/forms.inc");
15 include_once("$srcdir/pnotes.inc");
16 include_once("$srcdir/transactions.inc");
17 include_once("$srcdir/lists.inc");
18 include_once("$srcdir/patient.inc");
19 include_once("$srcdir/options.inc.php");
21 // The number of authorizations to display in the quick view:
22 // MAR 20041008 the full authorizations screen sucks... no links to the patient charts
23 // increase to a high number to make the mini frame more useful.
26 $atemp = sqlQuery("SELECT see_auth FROM users WHERE username = ?", array($_SESSION['authUser']) );
27 $see_auth = $atemp['see_auth'];
29 $imauthorized = $_SESSION['userauthorized'] ||
$see_auth > 2;
31 // This authorizes everything for the specified patient.
32 if (isset($_GET["mode"]) && $_GET["mode"] == "authorize" && $imauthorized) {
33 $retVal = getProviderId($_SESSION['authUser']);
34 newEvent("authorize", $_SESSION["authUser"], $_SESSION["authProvider"], 1, $_GET["pid"]);
35 sqlStatement("update billing set authorized=1 where pid=?", array($_GET["pid"]) );
36 sqlStatement("update forms set authorized=1 where pid=?", array($_GET["pid"]) );
37 sqlStatement("update pnotes set authorized=1 where pid=?", array($_GET["pid"]) );
38 sqlStatement("update transactions set authorized=1 where pid=?", array($_GET["pid"]) );
43 <?php
html_header_show();?
>
44 <link rel
='stylesheet' href
="<?php echo $css_header;?>" type
="text/css">
45 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery-1.2.2.min.js"></script
>
47 /* min & max buttons are hidden in the newer concurrent layout */
52 cursor
: pointer
; cursor
: hand
;
53 <?php
if ($GLOBALS['concurrent_layout']) echo "display: none;"; ?
>
59 cursor
: pointer
; cursor
: hand
;
60 <?php
if ($GLOBALS['concurrent_layout']) echo "display: none;"; ?
>
64 <body
class="body_bottom">
66 <!-- 'buttons' to min
/max the bottom frame
-JRM
-->
67 <div id
="max" title
="Restore this information">
68 <img src
="<?php echo $GLOBALS['webroot']; ?>/images/max.gif">
70 <div id
="min" title
="Minimize this information">
71 <img src
="<?php echo $GLOBALS['webroot']; ?>/images/min.gif">
74 <?php
if ($imauthorized) { ?
>
76 <?php
if ($GLOBALS['concurrent_layout']) { ?
>
77 <a href
='authorizations_full.php'>
79 <a href
='authorizations_full.php' target
='Main'>
81 <?php
echo htmlspecialchars(xl('Authorizations'),ENT_NOQUOTES
); ?
> <span
class='more'><?php
echo htmlspecialchars($tmore,ENT_NOQUOTES
); ?
></span
></a
>
87 <?php
if (!$GLOBALS['concurrent_layout']) { ?
>
88 <span
class='more'>  
;
89 <a href
="#" id
="findpatients" name
='Find Patients'>(<?php
echo htmlspecialchars(xl('Find Patient'),ENT_NOQUOTES
); ?
>)</a
>
94 if ($imauthorized && $see_auth > 1) {
102 //fetch billing information:
103 if ($res = sqlStatement("select *, concat(u.fname,' ', u.lname) as user " .
104 "from billing LEFT JOIN users as u on billing.user = u.id where " .
105 "billing.authorized = 0 and billing.activity = 1 and " .
106 "groupname = ?", array($groupname) ))
108 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
109 $result1[$iter] = $row;
111 foreach ($result1 as $iter) {
112 $authorize{$iter{"pid"}}{"billing"} .= "<span class=text>" .
113 htmlspecialchars($iter{"code_text"} . " " . date("n/j/Y",strtotime($iter{"date"})),ENT_NOQUOTES
) .
119 //fetch transaction information:
120 if ($res = sqlStatement("select * from transactions where " .
121 "authorized = 0 and groupname = ?", array($groupname) ))
123 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
124 $result2[$iter] = $row;
126 foreach ($result2 as $iter) {
127 $authorize{$iter{"pid"}}{"transaction"} .= "<span class=text>" .
128 htmlspecialchars($iter{"title"} . ": " . (strterm($iter{"body"},25)) . " " . date("n/j/Y",strtotime($iter{"date"})),ENT_NOQUOTES
) .
134 if (empty($GLOBALS['ignore_pnotes_authorization'])) {
135 //fetch pnotes information:
136 if ($res = sqlStatement("select * from pnotes where authorized = 0 and " .
137 "groupname = ?", array($groupname) ))
139 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
140 $result3[$iter] = $row;
142 foreach ($result3 as $iter) {
143 $authorize{$iter{"pid"}}{"pnotes"} .= "<span class=text>" .
144 htmlspecialchars((strterm($iter{"body"},25)) . " " . date("n/j/Y",strtotime($iter{"date"})),ENT_NOQUOTES
) .
151 //fetch forms information:
152 if ($res = sqlStatement("select * from forms where authorized = 0 and " .
153 "groupname = ?", array($groupname) ))
155 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
156 $result4[$iter] = $row;
158 foreach ($result4 as $iter) {
159 $authorize{$iter{"pid"}}{"forms"} .= "<span class=text>" .
160 htmlspecialchars($iter{"form_name"} . " " . date("n/j/Y",strtotime($iter{"date"})),ENT_NOQUOTES
) .
167 <table border
='0' cellpadding
='0' cellspacing
='2' width
='100%'>
175 while (list($ppid,$patient) = each($authorize)) {
176 $name = getPatientData($ppid);
178 // If I want to see mine only and this patient is not mine, skip it.
179 if ($see_auth == 2 && $_SESSION['authUserID'] != $name['id'])
183 print "<tr><td colspan='5' align='center'><a" .
184 ($GLOBALS['concurrent_layout'] ?
"" : " target='Main'") .
185 " href='authorizations_full.php?active=1' class='alert'>" .
186 htmlspecialchars(xl('Some authorizations were not displayed. Click here to view all'),ENT_NOQUOTES
) .
191 echo "<tr><td valign='top'>";
192 if ($GLOBALS['concurrent_layout']) {
193 // Clicking the patient name will load both frames for that patient,
194 // as demographics.php takes care of loading the bottom frame.
196 echo "<a href='$rootdir/patient_file/summary/demographics.php?set_pid=" .
197 htmlspecialchars($ppid,ENT_QUOTES
) . "' target='RTop'>";
200 echo "<a href='$rootdir/patient_file/patient_file.php?set_pid=" .
201 htmlspecialchars($ppid,ENT_QUOTES
) . "' target='_top'>";
203 echo "<span class='bold'>" . htmlspecialchars($name{"fname"},ENT_NOQUOTES
) . " " .
204 htmlspecialchars($name{"lname"},ENT_NOQUOTES
) . "</span></a><br>" .
205 "<a class=link_submit href='authorizations.php?mode=authorize" .
206 "&pid=" . htmlspecialchars($ppid,ENT_QUOTES
) . "'>" .
207 htmlspecialchars(xl('Authorize'),ENT_NOQUOTES
) . "</a></td>\n";
210 //Michael A Rowley MD 20041012.
211 // added below 4 lines to add provider to authorizations for ez reference.
212 $providerID = sqlFetchArray(sqlStatement(
213 "select providerID from patient_data where pid=?", array($ppid) ));
214 $userID=$providerID{"providerID"};
215 $providerName = sqlFetchArray(sqlStatement(
216 "select lname from users where id=?", array($userID) ));
218 // Don't use sqlQuery because there might be no match.
219 $providerName = sqlFetchArray(sqlStatement(
220 "select lname from users where id = ?", array($name['providerID']) ));
222 echo "<td valign=top><span class=bold>".htmlspecialchars(xl('Provider'),ENT_NOQUOTES
).":</span><span class=text><br>" .
223 htmlspecialchars($providerName{"lname"},ENT_NOQUOTES
) . "</td>\n";
224 echo "<td valign=top><span class=bold>".htmlspecialchars(xl('Billing'),ENT_NOQUOTES
).":</span><span class=text><br>" .
225 $patient{"billing"} . "</td>\n";
226 echo "<td valign=top><span class=bold>".htmlspecialchars(xl('Transactions'),ENT_NOQUOTES
).":</span><span class=text><br>" .
227 $patient{"transaction"} . "</td>\n";
228 echo "<td valign=top><span class=bold>".htmlspecialchars(xl('Patient Notes'),ENT_NOQUOTES
).":</span><span class=text><br>" .
229 $patient{"pnotes"} . "</td>\n";
230 echo "<td valign=top><span class=bold>".htmlspecialchars(xl('Encounter Forms'),ENT_NOQUOTES
).":</span><span class=text><br>" .
231 $patient{"forms"} . "</td>\n";
247 <script language
='JavaScript'>
249 /* added to adjust the height of this frame by the min/max buttons */
251 $
(document
).ready(function(){
252 $
("#findpatients").click(function() { RestoreFrame(this
); document
.location
.href
='../calendar/find_patient.php?no_nav=1&mode=reset'; return true; });
254 $
(".noterow").mouseover(function() { $
(this
).toggleClass("highlight"); });
255 $
(".noterow").mouseout(function() { $
(this
).toggleClass("highlight"); });
256 $
(".noterow").click(function() { EditNote(this
); });
258 <?php
if ($GLOBALS['concurrent_layout'] == 0) : ?
>
259 $
("#min").click(function() { MinimizeFrame(this
); });
260 $
("#max").click(function() { RestoreFrame(this
); });
261 var frmset
= parent
.document
.getElementById('Main');
262 origRows
= frmset
.rows
; // save the original frameset sizes
266 <?php
if ($GLOBALS['concurrent_layout'] == 0) : ?
>
267 var MinimizeFrame
= function(eventObject
) {
268 var frmset
= parent
.document
.getElementById('Main');
269 origRows
= frmset
.rows
; // save the original frameset sizes
270 frmset
.rows
= "*, 10%";
272 var RestoreFrame
= function(eventObject
) {
273 // restore the original frameset size
274 var frmset
= parent
.document
.getElementById('Main');
275 if (origRows
!= null) { frmset
.rows
= origRows
; }
279 var EditNote
= function(note
) {
280 var parts
= note
.id
.split("~");
282 top
.restoreSession();
283 <?php
if ($GLOBALS['concurrent_layout']): ?
>
284 location
.href
= "<?php echo $GLOBALS['webroot']; ?>/interface/patient_file/summary/pnotes_full.php?noteid=" + parts
[1] +
"&set_pid=" + parts
[0] +
"&active=1";
286 top
.location
.href
= "<?php echo $GLOBALS['webroot']; ?>/interface/patient_file/patient_file.php?noteid=" + parts
[1] +
"&set_pid=" + parts
[0];
290 alert("<?php echo htmlspecialchars(xl('You do not have access to view/edit this note'),ENT_QUOTES); ?>");