2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__
)."/../../controllers/C_Document.class.php");
44 if(!extension_loaded("soap")){
47 require_once("server_med_rec.php");
48 require_once("factory_class.php");
49 class UserService
extends Userforms
53 * To display the patient uploaded files/pdf patient wise
55 public function patientuploadedfiles($data){
56 if($this->valid($data[0])){
62 ad.field_value AS doc_name,
66 ad2.field_value AS file_name,
67 ad3.field_value AS pat_comments
70 JOIN audit_master AS am
71 ON am.id = ad.audit_master_id
72 LEFT JOIN patient_data AS pd
74 JOIN audit_details AS ad2
75 ON am.id = ad2.audit_master_id
76 AND ad2.field_name = 'dlm_filename'
77 JOIN audit_details AS ad3
78 ON am.id = ad3.audit_master_id
79 AND ad3.field_name = 'dld_patient_comments'
80 WHERE ad.field_name = 'dlm_document_name'
81 AND approval_status = '1'
86 $query .= " AND am.id = ?";
87 $res = sqlStatement($query,array($data[1]));
89 $res = sqlStatement($query);
92 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
101 public function createandstoretodirectory($data){
103 if($this->valid($data[0])){
106 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
107 if(is_dir($savedpath));
110 mkdir($savedpath,0777,true);
111 chmod($savedpath, 0777);
113 $handler = fopen($savedpath."/".$file_name,"w");
114 fwrite($handler, base64_decode($data));
116 chmod($savedpath."/".$file_name,0777);
119 throw new SoapFault("Server", "credentials failed");
124 * To move category,rename filename,input note and to move to new patient#
126 public function documents_update($data){
127 if($this->valid($data[0])){
128 $_POST['process'] = true;
129 $_POST['new_category_id'] = $data[1];
130 $_POST['new_patient_id'] = $data[4];
133 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
134 elseif($data[9] == 1)
135 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
136 elseif($data[9] == 4)
137 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
139 "pdf"=>"application/pdf"
140 ,"exe"=>"application/octet-stream"
141 ,"zip"=>"application/zip"
142 ,"docx"=>"application/msword"
143 ,"doc"=>"application/msword"
144 ,"xls"=>"application/vnd.ms-excel"
145 ,"ppt"=>"application/vnd.ms-powerpoint"
151 ,"wav"=>"audio/x-wav"
152 ,"mpeg"=>"video/mpeg"
155 ,"mov"=>"video/quicktime"
156 ,"avi"=>"video/x-msvideo"
159 ,"jsc"=>"application/javascript"
160 ,"js"=>"application/javascript"
166 $extension = strtolower(end(explode('.',$file_path)));
167 $mime_types = $mime_types[$extension];
168 $_FILES['file']['name'][0] = $data[6];
169 $_FILES['file']['type'][0] = $mime_types;
170 $_FILES['file']['tmp_name'][0] = $file_path;
171 $_FILES['file']['error'][0] = 0;
172 $_FILES['file']['size'][0] = filesize($file_path);
173 $_POST['category_id'] = $_POST['new_category_id'];
174 $_POST['patient_id'] = $_POST['new_patient_id'];
175 $_GET['patient_id'] = $_POST['patient_id'];
176 $_POST['destination'] = $data[3];
178 $cdoc = new C_Document();
179 $cdoc->upload_action_process();
180 if($GLOBALS['document_storage_method']==0){
182 copy($file_path,$cdoc->file_path
.$data[3]);
184 copy($file_path,$cdoc->file_path
.$data[6]);
186 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
188 $_POST['encrypted'] = '';
189 $_POST['passphrase'] = '';
190 $_POST['process'] = true;
191 $_POST['foreign_id'] = $foreign_id['id'];
192 $_POST['note'] = $data[7];
193 $cdoc->note_action_process($_GET['patient_id']);
194 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
195 sqlQuery($sql_patient_no,array($data[2],$data[8]));
201 * To display the files/pdfforms patient wise
203 public function userslistportal($data){
204 if($this->valid($data[0])){
210 dlm.dlm_document_name,
216 dld.dld_master_docid,
218 dld.dld_patient_comments,
224 documents_legal_master AS dlm
225 LEFT OUTER JOIN documents_legal_detail AS dld
226 ON dlm.dlm_document_id = dld_master_docid
227 JOIN patient_data AS pd
228 ON dld.dld_pid = pd.pid
229 WHERE dlm.dlm_effective_date <= NOW()
230 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
231 AND dld.dld_id IS NOT NULL
232 AND dld.dld_signed IN (1,2,4)
233 AND dld.dld_moved = 0
234 ORDER BY dld.dld_pid ASC ";
236 $res = sqlStatement($query);
238 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
248 * To display the category list in Move To Category option
250 public function category_list($data){
251 if($this->valid($data[0])){
253 $query = "SELECT * FROM categories";
254 $res = sqlStatement($query);
256 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
265 //Converts a text to xml format.Format is as follows
266 public function text_to_xml($data){
267 if($this->valid($data[0])){
269 $doc = new DOMDocument();
270 $doc->formatOutput
= true;
272 $root = $doc->createElement( "root" );
273 $doc->appendChild( $root );
275 $level = $doc->createElement( "level" );
276 $root->appendChild( $level );
278 $element = $doc->createElement( "text" );
279 $element->appendChild(
280 $doc->createTextNode( $text )
282 $level->appendChild( $element );
283 return $doc->saveXML();
286 throw new SoapFault("Server", "credentials failed");
290 //Accepts an array and returns the result in xml format.Format is as follows
293 public function function_return_to_xml($var=array()){
295 $doc = new DOMDocument();
296 $doc->formatOutput
= true;
298 $root = $doc->createElement( "root" );
299 $doc->appendChild( $root );
302 $level = $doc->createElement( "level" );
303 $root->appendChild( $level );
304 foreach($var as $key=>$value){
305 $element = $doc->createElement( "$key" );
306 $element->appendChild(
307 $doc->createTextNode( $value )
309 $level->appendChild( $element );
312 return $doc->saveXML();
316 //When a filled PDf is rejected During audit , the file is deleted
319 public function delete_file($data){
320 if($this->valid($data[0])){
321 $file_name_with_path=$data[1];
322 @unlink
($file_name_with_path);
325 throw new SoapFault("Server", "credentials failed");
330 //Accepts a file path.Fetches the file in xml format.
331 //Transfer the file to portal in XML format
332 public function file_to_xml($data){
333 if($this->valid($data[0])){
334 $file_name_with_path=$data[1];
335 $path_parts = pathinfo($file_name_with_path);
336 $handler = fopen($file_name_with_path,"rb");
337 $returnData = fread($handler,filesize($file_name_with_path));
339 $doc = new DOMDocument();
340 $doc->formatOutput
= true;
342 $root = $doc->createElement( "root" );
343 $doc->appendChild( $root );
345 $level = $doc->createElement( "level" );
346 $root->appendChild( $level );
348 $filename = $doc->createElement( "name" );
349 $filename->appendChild(
350 $doc->createTextNode( $path_parts['basename'] )
352 $level->appendChild( $filename );
354 $type = $doc->createElement( "type" );
356 $doc->createTextNode( $path_parts['extension'] )
358 $level->appendChild( $type );
359 $content = $doc->createElement( "file" );
360 $content->appendChild(
361 $doc->createTextNode( base64_encode($returnData) )
363 $level->appendChild( $content );
364 return $doc->saveXML();
367 throw new SoapFault("Server", "credentials failed");
372 //File teceived from the portal side is saved to OpenEMR
374 public function store_to_file($data){
375 if($this->valid($data[0])){
376 $file_name_with_path=$data[1];
378 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
379 if(is_dir($savedpath));
382 mkdir($savedpath,0777);
383 chmod($savedpath, 0777);
385 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
386 if(is_dir($savedpath));
389 mkdir($savedpath,0777);
390 chmod($savedpath, 0777);
392 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
393 if(is_dir($savedpath));
396 mkdir($savedpath,0777);
397 chmod($savedpath, 0777);
399 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
400 if(is_dir($savedpath));
403 mkdir($savedpath,0777);
404 chmod($savedpath, 0777);
406 $handler = fopen($file_name_with_path,"w");
407 fwrite($handler, base64_decode($data));
409 chmod($file_name_with_path,0777);
412 throw new SoapFault("Server", "credentials failed");
417 //receive a batch of function calls received from Portal, execute it and return the results to the portal
418 //The results will be stored in the key, which is received from portal.
421 static public function batch_despatch($var,$func,$data_credentials){
423 if(UserService
::valid($data_credentials)){
424 require_once("../../library/invoice_summary.inc.php");
425 require_once("../../library/options.inc.php");
426 require_once("../../library/acl.inc");
427 require_once("../../library/patient.inc");
428 if($func=='ar_responsible_party')
431 $encounter_id=$var['encounter'];
432 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
433 return UserService
::function_return_to_xml($x);
435 elseif($func=='getInsuranceData')
438 $given=$var['given'];
439 $x=getInsuranceData($pid,$type,$given);
440 return UserService
::function_return_to_xml($x);
442 elseif($func=='generate_select_list')
444 $tag_name=$var['tag_name'];
445 $list_id=$var['list_id'];
446 $currvalue=$var['currvalue'];
447 $title=$var['title'];
448 $empty_name=$var['empty_name'];
449 $class=$var['class'];
450 $onchange=$var['onchange'];
451 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
452 return UserService
::function_return_to_xml($x);
454 elseif($func=='xl_layout_label')
456 $constant=$var['constant'];
457 $x['xl_layout_label']=xl_layout_label($constant);
458 return UserService
::function_return_to_xml($x);
460 elseif($func=='generate_form_field')
463 $currvalue=$var['currvalue'];
465 generate_form_field($frow,$currvalue);
466 $x['generate_form_field']=ob_get_contents();
468 return UserService
::function_return_to_xml($x);
470 elseif($func=='getInsuranceProviders')
473 $provider=$var['provider'];
474 $insurancei=getInsuranceProviders();
478 elseif($func=='get_layout_form_value')
481 $_POST=$var['post_array'];
482 $x['get_layout_form_value']=get_layout_form_value($frow);
483 return UserService
::function_return_to_xml($x);
485 elseif($func=='updatePatientData')
487 $patient_data=$var['patient_data'];
488 $create=$var['create'];
489 updatePatientData($pid,$patient_data,$create);
491 return UserService
::function_return_to_xml($x);
493 elseif($func=='updateEmployerData')
495 $employer_data=$var['employer_data'];
496 $create=$var['create'];
497 updateEmployerData($pid,$employer_data,$create);
499 return UserService
::function_return_to_xml($x);
501 elseif($func=='newHistoryData')
503 newHistoryData($pid);
505 return UserService
::function_return_to_xml($x);
507 elseif($func=='newInsuranceData')
510 foreach($var as $key=>$value)
512 if($key>=3)//first 3 need to be skipped.
514 $var[$key]=formData($value);
518 $parameters[$key]=$var[$key];
521 $parameters[12]=fixDate($parameters[12]);
522 $parameters[27]=fixDate($parameters[27]);
523 call_user_func_array('newInsuranceData',$parameters);
525 return UserService
::function_return_to_xml($x);
530 throw new SoapFault("Server", "credentials failed");
534 //Writing patient credentials to table
535 public function insert_login_details($var)
538 $data_credentials=$var[0];
539 if(UserService
::valid($data_credentials))
541 $username=$var['username'];
542 $authPass=$var['authPass'];
543 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
544 sqlInsert($query,array($pid,$username,$authPass));
548 throw new SoapFault("Server", "credentials failed");
554 //Updating the password on a password change
556 public function update_password($var){
557 $data_credentials=$var[0];
559 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
560 $status = $var['new_pwd_status'];
561 $pwd=$var['new_pwd'];
562 $oldpwd = $var['old_pwd'];
568 $where = "portal_pwd_status=? and pid=?";
569 $set= "portal_pwd=?,portal_pwd_status=?";
578 $set= "portal_pwd=? ";
583 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
584 $res=sqlStatement($qry,array($pid,$oldpwd));
585 if(sqlNumRows($res)>0)
587 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
588 sqlStatement($qry,$setarray);
597 throw new SoapFault("Server", "credentials failed");
604 public function update_openemr_appointment($var)
606 $data_credentials=$var[0];
607 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
608 foreach($var[1] as $key=>$value)
610 $eid=explode('_',$var[1][$key]);
611 if($eid[0]=='calendar')
613 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
615 elseif($eid[0]=='audit')
617 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
622 throw new SoapFault("Server", "credentials failed");
627 //Marking the Documents as ready to be signed
629 public function update_dlm_dld($var)
631 $data_credentials=$var[0];
632 if(UserService
::valid($data_credentials)){
634 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
635 sqlStatement($qry,array($var['dld_id']));
638 throw new SoapFault("Server", "credentials failed");
643 //Setting PDF documets approve /denial status
645 public function update_dld_approve_deny($data){
646 if($this->valid($data[0])){
647 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
648 sqlStatement($qry,$data[1]);
651 throw new SoapFault("Server", "credentials failed");
655 //Marking PDF documets as signed
657 public function update_dld_signed($data){
658 if($this->valid($data[0])){
659 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
660 sqlStatement($qry,$data[1]);
663 throw new SoapFault("Server", "credentials failed");
667 //Marking PDF documets for audit.
669 public function update_dld_pending($data){
670 if($this->valid($data[0])){
671 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
672 sqlStatement($qry,$data[1]);
675 throw new SoapFault("Server", "credentials failed");
681 public function insert_dld($data){
683 if(UserService
::valid($data[0])=='existingpatient' || UserService
::valid($data[0])=='newpatient'){
684 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
685 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
688 throw new SoapFault("Server", "credentials failed");
693 //Inserting the entries for Master PDF documents uploaded
695 public function insert_dlm($data){
696 if($this->valid($data[0])=='oemruser'){
697 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
698 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
701 throw new SoapFault("Server", "credentials failed");
706 //REceive an array of Select cases from portal execute it and return
707 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
709 public function batch_select($data){
710 if($this->valid($data[0])){
712 foreach($batch as $key=>$value)
714 $batchkey=$value['batchkey'];
715 $case=$value['case'];
716 $param=$value['param'];
719 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
722 return $return_array;
725 throw new SoapFault("Server", "credentials failed");
730 //Receive a batch of function calls from portal and execute it through batch despatch Function
731 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
733 public function batch_function($data){
734 if($this->valid($data[0])){
736 foreach($batch as $key=>$value)
738 $batchkey=$value['batchkey'];
739 $function=$value['funcname'];
740 $param=$value['param'];
742 $res=call_user_func_array("UserService::$function",$param);
743 $return_array[$batchkey]=$res;
745 return $return_array;
748 throw new SoapFault("Server", "credentials failed");
752 //Execute a batch of functions received from portal. But this function is limited to
753 // the functions written in the myportal module.
755 public function multiplecall($data){
757 foreach($batch as $key=>$value)
759 $batchkey=$value['batchkey'];
760 $function=$value['funcname'];
761 $param=$value['param'];
763 array_unshift($param,$data[0]);
766 $res= UserService
::$function($param);
767 $return_array[$batchkey]=$res;
769 return $return_array;
775 public function getversion($data){
780 public function loginchecking($data){
781 if($this->valid($data[0])=='existingpatient' ||
$this->valid($data[0])=='newpatient'){
782 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
783 return $this->resourcetoxml($res);
789 //Execute a query and return its results.
791 public function selectquery($data){
794 $utype = $this->valid($data[0]);
796 $newobj = factoryclass
::dynamic_class_factory($utype);
797 $sql_result_setarr = $newobj->query_formation($data[1]);
798 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
799 return $this->resourcetoxml($sql_result_set);
803 //Return an SQL resultset as an XML
806 public function resourcetoxml($sql_result_set){
807 $doc = new DOMDocument();
808 $doc->formatOutput
= true;
810 $root = $doc->createElement( "root" );
811 $doc->appendChild( $root );
812 while($row = sqlFetchArray($sql_result_set))
814 $level = $doc->createElement( "level" );
815 $root->appendChild( $level );
816 foreach($row as $key=>$value){
817 $element = $doc->createElement( "$key" );
818 $element->appendChild(
819 $doc->createTextNode( $value )
821 $level->appendChild( $element );
824 return $doc->saveXML();
827 //Writing facility payment configuration to table
828 public function save_payment_configuration($var){
829 $data_credentials=$var[0];
830 if(UserService
::valid($data_credentials))
832 if($var['service'] == 'paypal'){
833 if($var['paypal'] != ''){
834 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
835 sqlStatement($update_sql,array($var['login_id']));
837 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
838 sqlStatement($save_sql,array($var['service'],$var['login_id']));
840 }elseif($var['service'] == 'authorize_net'){
841 if($var['authorize_net'] != ''){
842 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
843 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
845 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
846 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
852 throw new SoapFault("Server", "credentials failed");
856 //Writing patient's authorizenet profile id to table
857 public function insert_authorizenet_details($var){
859 $data_credentials=$var[0];
860 if(UserService
::valid($data_credentials))
862 $authorizenetid=$var['authorizenetid'];
863 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
864 sqlInsert($query,array($authorizenetid,$pid));
868 throw new SoapFault("Server", "credentials failed");
872 public function valid($credentials){
873 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
874 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
875 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
882 $tim = strtotime(gmdate("Y-m-d H:m"));
883 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
884 if(sqlNumRows($res)){
885 if($GLOBALS['validated_offsite_portal'] !=true){
890 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
891 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
893 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
896 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
899 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+
3600)).$credentials[3])==$credentials[2]){
902 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||
$GLOBALS['validated_offsite_portal']==true){
903 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
904 if($credentials[4] == 'existingpatient'){
905 if(UserService
::validcredential($credentials)){
912 elseif($credentials[4] == 'oemruser'){
914 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
917 elseif($credentials[4] == 'newpatient'){
918 if(UserService
::validcredential($credentials)){
923 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
926 if($okE==1 ||
$okN == 2 ||
$okN == 1 ||
$okO == 1){
928 $GLOBALS['pid'] = $prow['pid'];
930 $_GET['site'] = $credentials[0];
932 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
933 if(strtolower($portal['allow_patient_portal'])!='yes')
936 $GLOBALS['validated_offsite_portal'] = true;
941 return 'existingpatient';
956 public function validcredential($credentials){
957 $tim = strtotime(gmdate("Y-m-d H:m"));
959 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
960 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
963 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
966 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+
3600)).$credentials[8])==$credentials[7]){
974 //for checking the connection
978 public function check_connection($data){
979 if($this->valid($data[0])){
987 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
988 $server->setClass('UserService');
989 $server->setPersistence(SOAP_PERSISTENCE_SESSION
);