interface/patient_file/summary/patient_picture.php

   1 <?php
   2
   3 //SANITIZE ALL ESCAPES
   4 $sanitize_all_escapes=true;
   5 //
   6
   7 //STOP FAKE REGISTER GLOBALS
   8 $fake_register_globals=false;
   9 //
  10
  11 require_once("../../globals.php");
  12 require_once("$srcdir/sql.inc");
  13 function pic_array() {
  14     $picture_directory = "Patient Photograph"; //change this if you want
  15     $pics = array();
  16     $sql_query = "select documents.id from documents join categories_to_documents on documents.id = categories_to_documents.document_id join categories on categories.id = categories_to_documents.category_id where categories.name like ? and documents.foreign_id = ?";
  17     if ($query = sqlStatement($sql_query, array($picture_directory, $_SESSION['pid']) )) {
  18       while( $results = sqlFetchArray($query) ) {
  19         $tmp = $results['id'];
  20         if (isset($tmp)) {
  21           array_push($pics,"<div name='Patient Photograph' class='patient_pic'><img src='".$GLOBALS['webroot']."/controller.php?document&retrieve&patient_id=".htmlspecialchars($_SESSION['pid'],ENT_QUOTES)."&document_id=".htmlspecialchars($tmp,ENT_QUOTES)."&as_file=false' alt='Patient Photograph'></div>\n");
  22         }
  23       }
  24     }
  25     return $pics;
  26 }
  27 ?>