search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
The new changes helps serve two important aspects
[openemr.git] / myportal / soap_service / server_side.php
blob177854eca5662b775fc671d792bc688f50fd6b7b
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10 //
11 //
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
16 //
17 //
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
26 //
27 // +------------------------------------------------------------------------------+
28
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
31 //
32
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
35 //
36
37 global $ISSUE_TYPES;
38 $ignoreAuth=true;
39 ob_start();
40
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__)."/../../controllers/C_Document.class.php");
43 $err = '';
44 if(!extension_loaded("soap")){
45 dl("php_soap.dll");
46 }
47 require_once("server_med_rec.php");
48 require_once("factory_class.php");
49 class UserService extends Userforms
50 {
51
52 /**
53 * To display the patient uploaded files/pdf patient wise
54 */
55 public function patientuploadedfiles($data){
56 if($this->valid($data[0])){
57 ob_start();
58 $query = "
59 SELECT
60 am.id,
61 am.pid,
62 ad.field_value AS doc_name,
63 pd.fname,
64 pd.lname,
65 pd.mname,
66 ad2.field_value AS file_name,
67 ad3.field_value AS pat_comments
68 FROM
69 audit_details AS ad
70 JOIN audit_master AS am
71 ON am.id = ad.audit_master_id
72 LEFT JOIN patient_data AS pd
73 ON am.pid = pd.pid
74 JOIN audit_details AS ad2
75 ON am.id = ad2.audit_master_id
76 AND ad2.field_name = 'dlm_filename'
77 JOIN audit_details AS ad3
78 ON am.id = ad3.audit_master_id
79 AND ad3.field_name = 'dld_patient_comments'
80 WHERE ad.field_name = 'dlm_document_name'
81 AND approval_status = '1'
82 AND am.type = '4'
83 ORDER BY am.pid ASC
84 ";
85 if(!empty($data[1])){
86 $query .= " AND am.id = ?";
87 $res = sqlStatement($query,array($data[1]));
88 }else{
89 $res = sqlStatement($query);
90 }
91 if ($res) {
92 for($iter=0; $row=sqlFetchArray($res); $iter++) {
93 $all[$iter] = $row;
94 }
95 }
96 $v = ob_get_clean();
97 return $all;
98 }
99 }
100
101 public function createandstoretodirectory($data){
102 global $pid;
103 if($this->valid($data[0])){
104 $file_name=$data[1];
105 $data=$data[2];
106 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
107 if(is_dir($savedpath));
108 else
109 {
110 mkdir($savedpath,0777,true);
111 chmod($savedpath, 0777);
112 }
113 $handler = fopen($savedpath."/".$file_name,"w");
114 fwrite($handler, base64_decode($data));
115 fclose($handler);
116 chmod($savedpath."/".$file_name,0777);
117 }
118 else{
119 throw new SoapFault("Server", "credentials failed");
120 }
121 }
122
123 /**
124 * To move category,rename filename,input note and to move to new patient#
125 */
126 public function documents_update($data){
127 if($this->valid($data[0])){
128 $_POST['process'] = true;
129 $_POST['new_category_id'] = $data[1];
130 $_POST['new_patient_id'] = $data[4];
131 $file_path = '';
132 if($data[9] == 2)
133 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
134 elseif($data[9] == 1)
135 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
136 elseif($data[9] == 4)
137 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
138 $mime_types = array(
139 "pdf"=>"application/pdf"
140 ,"exe"=>"application/octet-stream"
141 ,"zip"=>"application/zip"
142 ,"docx"=>"application/msword"
143 ,"doc"=>"application/msword"
144 ,"xls"=>"application/vnd.ms-excel"
145 ,"ppt"=>"application/vnd.ms-powerpoint"
146 ,"gif"=>"image/gif"
147 ,"png"=>"image/png"
148 ,"jpeg"=>"image/jpg"
149 ,"jpg"=>"image/jpg"
150 ,"mp3"=>"audio/mpeg"
151 ,"wav"=>"audio/x-wav"
152 ,"mpeg"=>"video/mpeg"
153 ,"mpg"=>"video/mpeg"
154 ,"mpe"=>"video/mpeg"
155 ,"mov"=>"video/quicktime"
156 ,"avi"=>"video/x-msvideo"
157 ,"3gp"=>"video/3gpp"
158 ,"css"=>"text/css"
159 ,"jsc"=>"application/javascript"
160 ,"js"=>"application/javascript"
161 ,"php"=>"text/html"
162 ,"htm"=>"text/html"
163 ,"html"=>"text/html"
164 );
165
166 $extension = strtolower(end(explode('.',$file_path)));
167 $mime_types = $mime_types[$extension];
168 $_FILES['file']['name'][0] = $data[6];
169 $_FILES['file']['type'][0] = $mime_types;
170 $_FILES['file']['tmp_name'][0] = $file_path;
171 $_FILES['file']['error'][0] = 0;
172 $_FILES['file']['size'][0] = filesize($file_path);
173 $_POST['category_id'] = $_POST['new_category_id'];
174 $_POST['patient_id'] = $_POST['new_patient_id'];
175 $_GET['patient_id'] = $_POST['patient_id'];
176 $_POST['destination'] = $data[3];
177
178 $cdoc = new C_Document();
179 $cdoc->upload_action_process();
180 if($GLOBALS['document_storage_method']==0){
181 if($data[3])
182 copy($file_path,$cdoc->file_path.$data[3]);
183 else
184 copy($file_path,$cdoc->file_path.$data[6]);
185 }
186 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
187 unset($_POST);
188 $_POST['encrypted'] = '';
189 $_POST['passphrase'] = '';
190 $_POST['process'] = true;
191 $_POST['foreign_id'] = $foreign_id['id'];
192 $_POST['note'] = $data[7];
193 $cdoc->note_action_process($_GET['patient_id']);
194 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
195 sqlQuery($sql_patient_no,array($data[2],$data[8]));
196 unset($_POST);
197 }
198 }
199
200 /**
201 * To display the files/pdfforms patient wise
202 */
203 public function userslistportal($data){
204 if($this->valid($data[0])){
205 ob_start();
206 $query = "SELECT
207 dlm.dlm_upload_type,
208 dld.dld_id,
209 dld.dld_pid,
210 dlm.dlm_document_name,
211 dlm.dlm_document_id,
212 dlm.dlm_filename,
213 dld.dld_filename,
214 dld.dld_signed,
215 dlm.dlm_filename,
216 dld.dld_master_docid,
217 dld.dld_signed,
218 dld.dld_patient_comments,
219 dld.dld_moved,
220 pd.fname,
221 pd.lname,
222 pd.mname
223 FROM
224 documents_legal_master AS dlm
225 LEFT OUTER JOIN documents_legal_detail AS dld
226 ON dlm.dlm_document_id = dld_master_docid
227 JOIN patient_data AS pd
228 ON dld.dld_pid = pd.pid
229 WHERE dlm.dlm_effective_date <= NOW()
230 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
231 AND dld.dld_id IS NOT NULL
232 AND dld.dld_signed IN (1,2,4)
233 AND dld.dld_moved = 0
234 ORDER BY dld.dld_pid ASC ";
235
236 $res = sqlStatement($query);
237 if ($res) {
238 for($iter=0; $row=sqlFetchArray($res); $iter++) {
239 $all[$iter] = $row;
240 }
241 }
242 $v = ob_get_clean();
243 return $all;
244 }
245 }
246
247 /**
248 * To display the category list in Move To Category option
249 */
250 public function category_list($data){
251 if($this->valid($data[0])){
252 ob_start();
253 $query = "SELECT * FROM categories";
254 $res = sqlStatement($query);
255 if ($res) {
256 for($iter=0; $row=sqlFetchArray($res); $iter++) {
257 $all[$iter] = $row;
258 }
259 }
260 $v = ob_get_clean();
261 return $all;
262 }
263 }
264
265 //Converts a text to xml format.Format is as follows
266 public function text_to_xml($data){
267 if($this->valid($data[0])){
268 $text = $data[1];
269 $doc = new DOMDocument();
270 $doc->formatOutput = true;
271
272 $root = $doc->createElement( "root" );
273 $doc->appendChild( $root );
274
275 $level = $doc->createElement( "level" );
276 $root->appendChild( $level );
277
278 $element = $doc->createElement( "text" );
279 $element->appendChild(
280 $doc->createTextNode( $text )
281 );
282 $level->appendChild( $element );
283 return $doc->saveXML();
284 }
285 else{
286 throw new SoapFault("Server", "credentials failed");
287 }
288 }
289
290 //Accepts an array and returns the result in xml format.Format is as follows
291
292
293 public function function_return_to_xml($var=array()){
294
295 $doc = new DOMDocument();
296 $doc->formatOutput = true;
297
298 $root = $doc->createElement( "root" );
299 $doc->appendChild( $root );
300
301
302 $level = $doc->createElement( "level" );
303 $root->appendChild( $level );
304 foreach($var as $key=>$value){
305 $element = $doc->createElement( "$key" );
306 $element->appendChild(
307 $doc->createTextNode( $value )
308 );
309 $level->appendChild( $element );
310 }
311
312 return $doc->saveXML();
313
314 }
315
316 //When a filled PDf is rejected During audit , the file is deleted
317
318
319 public function delete_file($data){
320 if($this->valid($data[0])){
321 $file_name_with_path=$data[1];
322 @unlink($file_name_with_path);
323 }
324 else{
325 throw new SoapFault("Server", "credentials failed");
326 }
327 }
328
329
330 //Accepts a file path.Fetches the file in xml format.
331 //Transfer the file to portal in XML format
332 public function file_to_xml($data){
333 if($this->valid($data[0])){
334 $file_name_with_path=$data[1];
335 $path_parts = pathinfo($file_name_with_path);
336 $handler = fopen($file_name_with_path,"rb");
337 $returnData = fread($handler,filesize($file_name_with_path));
338 fclose($handler);
339 $doc = new DOMDocument();
340 $doc->formatOutput = true;
341
342 $root = $doc->createElement( "root" );
343 $doc->appendChild( $root );
344
345 $level = $doc->createElement( "level" );
346 $root->appendChild( $level );
347
348 $filename = $doc->createElement( "name" );
349 $filename->appendChild(
350 $doc->createTextNode( $path_parts['basename'] )
351 );
352 $level->appendChild( $filename );
353
354 $type = $doc->createElement( "type" );
355 $type->appendChild(
356 $doc->createTextNode( $path_parts['extension'] )
357 );
358 $level->appendChild( $type );
359 $content = $doc->createElement( "file" );
360 $content->appendChild(
361 $doc->createTextNode( base64_encode($returnData) )
362 );
363 $level->appendChild( $content );
364 return $doc->saveXML();
365 }
366 else{
367 throw new SoapFault("Server", "credentials failed");
368 }
369 }
370
371
372 //File teceived from the portal side is saved to OpenEMR
373
374 public function store_to_file($data){
375 if($this->valid($data[0])){
376 $file_name_with_path=$data[1];
377 $data=$data[2];
378 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
379 if(is_dir($savedpath));
380 else
381 {
382 mkdir($savedpath,0777);
383 chmod($savedpath, 0777);
384 }
385 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
386 if(is_dir($savedpath));
387 else
388 {
389 mkdir($savedpath,0777);
390 chmod($savedpath, 0777);
391 }
392 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
393 if(is_dir($savedpath));
394 else
395 {
396 mkdir($savedpath,0777);
397 chmod($savedpath, 0777);
398 }
399 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
400 if(is_dir($savedpath));
401 else
402 {
403 mkdir($savedpath,0777);
404 chmod($savedpath, 0777);
405 }
406 $handler = fopen($file_name_with_path,"w");
407 fwrite($handler, base64_decode($data));
408 fclose($handler);
409 chmod($file_name_with_path,0777);
410 }
411 else{
412 throw new SoapFault("Server", "credentials failed");
413 }
414 }
415
416
417 //receive a batch of function calls received from Portal, execute it and return the results to the portal
418 //The results will be stored in the key, which is received from portal.
419
420
421 static public function batch_despatch($var,$func,$data_credentials){
422 global $pid;
423 if(UserService::valid($data_credentials)){
424 require_once("../../library/invoice_summary.inc.php");
425 require_once("../../library/options.inc.php");
426 require_once("../../library/acl.inc");
427 require_once("../../library/patient.inc");
428 if($func=='ar_responsible_party')
429 {
430 $patient_id=$pid;
431 $encounter_id=$var['encounter'];
432 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
433 return UserService::function_return_to_xml($x);
434 }
435 elseif($func=='getInsuranceData')
436 {
437 $type=$var['type'];
438 $given=$var['given'];
439 $x=getInsuranceData($pid,$type,$given);
440 return UserService::function_return_to_xml($x);
441 }
442 elseif($func=='generate_select_list')
443 {
444 $tag_name=$var['tag_name'];
445 $list_id=$var['list_id'];
446 $currvalue=$var['currvalue'];
447 $title=$var['title'];
448 $empty_name=$var['empty_name'];
449 $class=$var['class'];
450 $onchange=$var['onchange'];
451 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
452 return UserService::function_return_to_xml($x);
453 }
454 elseif($func=='xl_layout_label')
455 {
456 $constant=$var['constant'];
457 $x['xl_layout_label']=xl_layout_label($constant);
458 return UserService::function_return_to_xml($x);
459 }
460 elseif($func=='generate_form_field')
461 {
462 $frow=$var['frow'];
463 $currvalue=$var['currvalue'];
464 ob_start();
465 generate_form_field($frow,$currvalue);
466 $x['generate_form_field']=ob_get_contents();
467 ob_end_clean();
468 return UserService::function_return_to_xml($x);
469 }
470 elseif($func=='getInsuranceProviders')
471 {
472 $i=$var['i'];
473 $provider=$var['provider'];
474 $insurancei=getInsuranceProviders();
475 $x=$insurancei;
476 return $x;
477 }
478 elseif($func=='get_layout_form_value')
479 {
480 $frow=$var['frow'];
481 $_POST=$var['post_array'];
482 $x['get_layout_form_value']=get_layout_form_value($frow);
483 return UserService::function_return_to_xml($x);
484 }
485 elseif($func=='updatePatientData')
486 {
487 $patient_data=$var['patient_data'];
488 $create=$var['create'];
489 updatePatientData($pid,$patient_data,$create);
490 $x['ok']='ok';
491 return UserService::function_return_to_xml($x);
492 }
493 elseif($func=='updateEmployerData')
494 {
495 $employer_data=$var['employer_data'];
496 $create=$var['create'];
497 updateEmployerData($pid,$employer_data,$create);
498 $x['ok']='ok';
499 return UserService::function_return_to_xml($x);
500 }
501 elseif($func=='newHistoryData')
502 {
503 newHistoryData($pid);
504 $x['ok']='ok';
505 return UserService::function_return_to_xml($x);
506 }
507 elseif($func=='newInsuranceData')
508 {
509 $_POST=$var[0];
510 foreach($var as $key=>$value)
511 {
512 if($key>=3)//first 3 need to be skipped.
513 {
514 $var[$key]=formData($value);
515 }
516 if($key>=1)
517 {
518 $parameters[$key]=$var[$key];
519 }
520 }
521 $parameters[12]=fixDate($parameters[12]);
522 $parameters[27]=fixDate($parameters[27]);
523 call_user_func_array('newInsuranceData',$parameters);
524 $x['ok']='ok';
525 return UserService::function_return_to_xml($x);
526 }
527
528 }
529 else{
530 throw new SoapFault("Server", "credentials failed");
531 }
532 }
533
534 //Writing patient credentials to table
535 public function insert_login_details($var)
536 {
537 global $pid;
538 $data_credentials=$var[0];
539 if(UserService::valid($data_credentials))
540 {
541 $username=$var['username'];
542 $authPass=$var['authPass'];
543 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
544 sqlInsert($query,array($pid,$username,$authPass));
545 }
546 else
547 {
548 throw new SoapFault("Server", "credentials failed");
549 }
550 }
551
552
553
554 //Updating the password on a password change
555
556 public function update_password($var){
557 $data_credentials=$var[0];
558 global $pid;
559 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
560 $status = $var['new_pwd_status'];
561 $pwd=$var['new_pwd'];
562 $oldpwd = $var['old_pwd'];
563 $set = '';
564 $setarray = '';
565 $where = '';
566 if($status)
567 {
568 $where = "portal_pwd_status=? and pid=?";
569 $set= "portal_pwd=?,portal_pwd_status=?";
570 $setarray[]=$pwd;
571 $setarray[]=$status;
572 $setarray[]=0;
573 $setarray[]=$pid;
574 }
575
576 else
577 {
578 $set= "portal_pwd=? ";
579 $setarray[]=$pwd;
580 $where = " pid=?";
581 $setarray[]=$pid;
582 }
583 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
584 $res=sqlStatement($qry,array($pid,$oldpwd));
585 if(sqlNumRows($res)>0)
586 {
587 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
588 sqlStatement($qry,$setarray);
589 return 'ok';
590 }
591 else
592 {
593 return 'notok';
594 }
595 }
596 else{
597 throw new SoapFault("Server", "credentials failed");
598 }
599 }
600
601 //appointment update
602
603
604 public function update_openemr_appointment($var)
605 {
606 $data_credentials=$var[0];
607 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
608 foreach($var[1] as $key=>$value)
609 {
610 $eid=explode('_',$var[1][$key]);
611 if($eid[0]=='calendar')
612 {
613 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
614 }
615 elseif($eid[0]=='audit')
616 {
617 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
618 }
619 }
620 }
621 else{
622 throw new SoapFault("Server", "credentials failed");
623 }
624 }
625
626
627 //Marking the Documents as ready to be signed
628
629 public function update_dlm_dld($var)
630 {
631 $data_credentials=$var[0];
632 if(UserService::valid($data_credentials)){
633
634 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
635 sqlStatement($qry,array($var['dld_id']));
636 }
637 else{
638 throw new SoapFault("Server", "credentials failed");
639 }
640 }
641
642
643 //Setting PDF documets approve /denial status
644
645 public function update_dld_approve_deny($data){
646 if($this->valid($data[0])){
647 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
648 sqlStatement($qry,$data[1]);
649 }
650 else{
651 throw new SoapFault("Server", "credentials failed");
652 }
653 }
654
655 //Marking PDF documets as signed
656
657 public function update_dld_signed($data){
658 if($this->valid($data[0])){
659 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
660 sqlStatement($qry,$data[1]);
661 }
662 else{
663 throw new SoapFault("Server", "credentials failed");
664 }
665 }
666
667 //Marking PDF documets for audit.
668
669 public function update_dld_pending($data){
670 if($this->valid($data[0])){
671 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
672 sqlStatement($qry,$data[1]);
673 }
674 else{
675 throw new SoapFault("Server", "credentials failed");
676 }
677 }
678
679
680
681 public function insert_dld($data){
682 global $pid;
683 if(UserService::valid($data[0])=='existingpatient' || UserService::valid($data[0])=='newpatient'){
684 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
685 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
686 }
687 else{
688 throw new SoapFault("Server", "credentials failed");
689 }
690 }
691
692
693 //Inserting the entries for Master PDF documents uploaded
694
695 public function insert_dlm($data){
696 if($this->valid($data[0])=='oemruser'){
697 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
698 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
699 }
700 else{
701 throw new SoapFault("Server", "credentials failed");
702 }
703 }
704
705
706 //REceive an array of Select cases from portal execute it and return
707 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
708
709 public function batch_select($data){
710 if($this->valid($data[0])){
711 $batch = $data[1];
712 foreach($batch as $key=>$value)
713 {
714 $batchkey=$value['batchkey'];
715 $case=$value['case'];
716 $param=$value['param'];
717 $arrproc[] = $case;
718 $arrproc[] = $param;
719 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
720 $arrproc=null;
721 }
722 return $return_array;
723 }
724 else{
725 throw new SoapFault("Server", "credentials failed");
726 }
727 }
728
729
730 //Receive a batch of function calls from portal and execute it through batch despatch Function
731 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
732
733 public function batch_function($data){
734 if($this->valid($data[0])){
735 $batch = $data[1];
736 foreach($batch as $key=>$value)
737 {
738 $batchkey=$value['batchkey'];
739 $function=$value['funcname'];
740 $param=$value['param'];
741 $param[]=$data[0];
742 $res=call_user_func_array("UserService::$function",$param);
743 $return_array[$batchkey]=$res;
744 }
745 return $return_array;
746 }
747 else{
748 throw new SoapFault("Server", "credentials failed");
749 }
750 }
751
752 //Execute a batch of functions received from portal. But this function is limited to
753 // the functions written in the myportal module.
754
755 public function multiplecall($data){
756 $batch = $data[1];
757 foreach($batch as $key=>$value)
758 {
759 $batchkey=$value['batchkey'];
760 $function=$value['funcname'];
761 $param=$value['param'];
762 if(is_array($param))
763 array_unshift($param,$data[0]);
764 else
765 $param[]=$data[0];
766 $res= UserService::$function($param);
767 $return_array[$batchkey]=$res;
768 }
769 return $return_array;
770 }
771
772
773
774
775 public function getversion($data){
776 return '1.2';
777 }
778
779
780 public function loginchecking($data){
781 if($this->valid($data[0])=='existingpatient' || $this->valid($data[0])=='newpatient'){
782 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
783 return $this->resourcetoxml($res);
784 }
785
786 return false;
787 }
788
789 //Execute a query and return its results.
790
791 public function selectquery($data){
792 //global $pid;
793 $sql_result_set='';
794 $utype = $this->valid($data[0]);
795 if($utype){
796 $newobj = factoryclass::dynamic_class_factory($utype);
797 $sql_result_setarr = $newobj->query_formation($data[1]);
798 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
799 return $this->resourcetoxml($sql_result_set);
800 }
801 }
802
803 //Return an SQL resultset as an XML
804
805
806 public function resourcetoxml($sql_result_set){
807 $doc = new DOMDocument();
808 $doc->formatOutput = true;
809
810 $root = $doc->createElement( "root" );
811 $doc->appendChild( $root );
812 while($row = sqlFetchArray($sql_result_set))
813 {
814 $level = $doc->createElement( "level" );
815 $root->appendChild( $level );
816 foreach($row as $key=>$value){
817 $element = $doc->createElement( "$key" );
818 $element->appendChild(
819 $doc->createTextNode( $value )
820 );
821 $level->appendChild( $element );
822 }
823 }
824 return $doc->saveXML();
825 }
826
827 //Writing facility payment configuration to table
828 public function save_payment_configuration($var){
829 $data_credentials=$var[0];
830 if(UserService::valid($data_credentials))
831 {
832 if($var['service'] == 'paypal'){
833 if($var['paypal'] != ''){
834 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
835 sqlStatement($update_sql,array($var['login_id']));
836 }else{
837 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
838 sqlStatement($save_sql,array($var['service'],$var['login_id']));
839 }
840 }elseif($var['service'] == 'authorize_net'){
841 if($var['authorize_net'] != ''){
842 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
843 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
844 }else{
845 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
846 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
847 }
848 }
849 }
850 else
851 {
852 throw new SoapFault("Server", "credentials failed");
853 }
854 }
855
856 //Writing patient's authorizenet profile id to table
857 public function insert_authorizenet_details($var){
858 global $pid;
859 $data_credentials=$var[0];
860 if(UserService::valid($data_credentials))
861 {
862 $authorizenetid=$var['authorizenetid'];
863 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
864 sqlInsert($query,array($authorizenetid,$pid));
865 }
866 else
867 {
868 throw new SoapFault("Server", "credentials failed");
869 }
870 }
871
872 public function valid($credentials){
873 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
874 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
875 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
876 global $pid;
877 $ok=0;
878 $okE=0;
879 $okN=0;
880 $okO=0;
881 $okP=0;
882 $tim = strtotime(gmdate("Y-m-d H:m"));
883 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
884 if(sqlNumRows($res)){
885 if($GLOBALS['validated_offsite_portal'] !=true){
886 return false;
887 }
888 }
889 else{
890 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
891 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
892 }
893 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
894 $ok =1;
895 }
896 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
897 $ok =1;
898 }
899 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+3600)).$credentials[3])==$credentials[2]){
900 $ok =1;
901 }
902 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||$GLOBALS['validated_offsite_portal']==true){
903 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
904 if($credentials[4] == 'existingpatient'){
905 if(UserService::validcredential($credentials)){
906 $okE = 1;
907 }
908 else{
909 return false;
910 }
911 }
912 elseif($credentials[4] == 'oemruser'){
913 if($credentials[9])
914 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
915 $okO = 1;
916 }
917 elseif($credentials[4] == 'newpatient'){
918 if(UserService::validcredential($credentials)){
919 $okN = 2;
920 }
921 else{
922 $okN = 1;
923 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
924 }
925 }
926 if($okE==1 || $okN == 2 || $okN == 1 || $okO == 1){
927 $pid = $prow['pid'];
928 $GLOBALS['pid'] = $prow['pid'];
929 }
930 $_GET['site'] = $credentials[0];
931 if($okE==1){
932 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
933 if(strtolower($portal['allow_patient_portal'])!='yes')
934 return false;
935 }
936 $GLOBALS['validated_offsite_portal'] = true;
937 if($okO){
938 return 'oemruser';
939 }
940 elseif($okE){
941 return 'existingpatient';
942 }
943 elseif($okN){
944 return 'newpatient';
945 }
946 return false;
947 }
948 else{
949 return false;
950 }
951 }
952
953
954
955
956 public function validcredential($credentials){
957 $tim = strtotime(gmdate("Y-m-d H:m"));
958 if($credentials[6]){
959 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
960 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
961 return true;
962 }
963 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
964 return true;
965 }
966 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+3600)).$credentials[8])==$credentials[7]){
967 return true;
968 }
969 }
970 return false;
971 }
972
973
974 //for checking the connection
975
976
977
978 public function check_connection($data){
979 if($this->valid($data[0])){
980 return 'ok';
981 }
982 else{
983 return 'notok';
984 }
985 }
986 }
987 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
988 $server->setClass('UserService');
989 $server->setPersistence(SOAP_PERSISTENCE_SESSION);
990 $server->handle();
991 ?>
Mirror of official OpenEMR Sourceforge repository