2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__
)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__
)."/../../library/options.inc.php");
45 if(!extension_loaded("soap")){
48 require_once("server_med_rec.php");
49 require_once("factory_class.php");
50 class UserService
extends Userforms
54 * To display the result/report names from lists
56 public function get_display_field($data){
57 if($this->valid($data[0])){
58 $ret = generate_display_field(array('data_type'=>$data['data_type'],'list_id'=>$data['list_id']),$data['value']);
64 * To display the procedure order results
66 public function procedure_order($data){
67 if($this->valid($data[0])){
72 po.procedure_order_id, po.date_ordered, pc.procedure_order_seq,
73 pt1.procedure_type_id AS order_type_id, pc.procedure_name,
74 pr.procedure_report_id, pr.date_report, pr.date_collected,
75 pr.specimen_num, pr.report_status, pr.review_status
78 JOIN procedure_order_code AS pc
79 ON pc.procedure_order_id = po.procedure_order_id
80 LEFT JOIN procedure_type AS pt1
81 ON pt1.lab_id = po.lab_id
82 AND pt1.procedure_code = pc.procedure_code
83 LEFT JOIN procedure_report AS pr
84 ON pr.procedure_order_id = po.procedure_order_id
85 AND pr.procedure_order_seq = pc.procedure_order_seq
86 WHERE po.patient_id = ?
87 AND pr.review_status = 'reviewed'
88 ORDER BY po.date_ordered, po.procedure_order_id, pc.procedure_order_seq, pr.procedure_report_id";
89 $proc_result = sqlStatement($proc_query,array($pid));
90 while ($row = sqlFetchArray($proc_result)) {
92 $procedure_report_id = empty($row['procedure_report_id']) ?
'' : $row['procedure_report_id'];
93 $order_type_id = empty($row['order_type_id']) ?
'' : $row['order_type_id'];
95 $proc_order_query = "(SELECT
96 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
97 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
98 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
99 ps.procedure_result_id, ps.result_code AS result_code,
100 ps.result_text, ps.abnormal, ps.result,
101 ps.range, ps.result_status, ps.facility,
102 ps.comments, ps.units, ps.comments
104 procedure_type AS pt2
105 LEFT JOIN procedure_result AS ps
106 ON ps.procedure_report_id = ?
107 AND ps.result_code = pt2.procedure_code
109 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' ))
112 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
113 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
114 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
115 ps.procedure_result_id, ps.result_code AS result_code,
116 ps.result_text, ps.abnormal, ps.result,
117 ps.range, ps.result_status, ps.facility,
118 ps.comments, ps.units, ps.comments
120 procedure_result AS ps
121 LEFT JOIN procedure_type AS pt2
123 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' )
124 AND ps.result_code = pt2.procedure_code
125 WHERE ps.procedure_report_id = ?)
126 ORDER BY seq, NAME, procedure_type_id,result_code";
127 $proc_order_result = sqlStatement($proc_order_query,array($procedure_report_id,$order_type_id,$order_type_id,$procedure_report_id));
129 while ($rrow = sqlFetchArray($proc_order_result)) {
130 $arr[$i]['procedure_report_id'] = empty($row['procedure_report_id']) ?
'' : $row['procedure_report_id'] ;
131 $arr[$i]['date_ordered'] = empty($row['date_ordered']) ?
'' : $row['date_ordered'];
132 $arr[$i]['procedure_name'] = empty($row['procedure_name']) ?
'' : $row['procedure_name'];
133 $arr[$i]['result_text'] = empty($rrow['result_text']) ?
'' : $rrow['result_text'];
134 $arr[$i]['abnormal'] = empty($rrow['abnormal']) ?
'' : $rrow['abnormal'];
135 $arr[$i]['result'] = empty($rrow['result']) ?
'' : $rrow['result'];
136 $arr[$i]['range'] = empty($rrow['range']) ?
'' : $rrow['range'];
137 $arr[$i]['units'] = empty($rrow['units']) ?
'' : $rrow['units'];
138 $arr[$i]['result_status'] = empty($rrow['result_status']) ?
'' : $rrow['result_status'];
139 $arr[$i]['report_status'] = empty($row['report_status']) ?
'' : $row['report_status'];
148 * To display the patient uploaded files/pdf patient wise
150 public function patientuploadedfiles($data){
151 if($this->valid($data[0])){
157 ad.field_value AS doc_name,
161 ad2.field_value AS file_name,
162 ad3.field_value AS pat_comments
165 JOIN audit_master AS am
166 ON am.id = ad.audit_master_id
167 LEFT JOIN patient_data AS pd
169 JOIN audit_details AS ad2
170 ON am.id = ad2.audit_master_id
171 AND ad2.field_name = 'dlm_filename'
172 JOIN audit_details AS ad3
173 ON am.id = ad3.audit_master_id
174 AND ad3.field_name = 'dld_patient_comments'
175 WHERE ad.field_name = 'dlm_document_name'
176 AND approval_status = '1'
180 if(!empty($data[1])){
181 $query .= " AND am.id = ?";
182 $res = sqlStatement($query,array($data[1]));
184 $res = sqlStatement($query);
187 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
196 public function createandstoretodirectory($data){
198 if($this->valid($data[0])){
201 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
202 if(is_dir($savedpath));
205 mkdir($savedpath,0777,true);
206 chmod($savedpath, 0777);
208 $handler = fopen($savedpath."/".$file_name,"w");
209 fwrite($handler, base64_decode($data));
211 chmod($savedpath."/".$file_name,0777);
214 throw new SoapFault("Server", "credentials failed");
219 * To move category,rename filename,input note and to move to new patient#
221 public function documents_update($data){
222 if($this->valid($data[0])){
223 $_POST['process'] = true;
224 $_POST['new_category_id'] = $data[1];
225 $_POST['new_patient_id'] = $data[4];
228 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
229 elseif($data[9] == 1)
230 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
231 elseif($data[9] == 4)
232 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
234 "pdf"=>"application/pdf"
235 ,"exe"=>"application/octet-stream"
236 ,"zip"=>"application/zip"
237 ,"docx"=>"application/msword"
238 ,"doc"=>"application/msword"
239 ,"xls"=>"application/vnd.ms-excel"
240 ,"ppt"=>"application/vnd.ms-powerpoint"
246 ,"wav"=>"audio/x-wav"
247 ,"mpeg"=>"video/mpeg"
250 ,"mov"=>"video/quicktime"
251 ,"avi"=>"video/x-msvideo"
254 ,"jsc"=>"application/javascript"
255 ,"js"=>"application/javascript"
261 $extension = strtolower(end(explode('.',$file_path)));
262 $mime_types = $mime_types[$extension];
263 $_FILES['file']['name'][0] = $data[6];
264 $_FILES['file']['type'][0] = $mime_types;
265 $_FILES['file']['tmp_name'][0] = $file_path;
266 $_FILES['file']['error'][0] = 0;
267 $_FILES['file']['size'][0] = filesize($file_path);
268 $_POST['category_id'] = $_POST['new_category_id'];
269 $_POST['patient_id'] = $_POST['new_patient_id'];
270 $_GET['patient_id'] = $_POST['patient_id'];
271 $_POST['destination'] = $data[3];
273 $cdoc = new C_Document();
274 $cdoc->upload_action_process();
275 if($GLOBALS['document_storage_method']==0){
277 copy($file_path,$cdoc->file_path
.$data[3]);
279 copy($file_path,$cdoc->file_path
.$data[6]);
281 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
283 $_POST['encrypted'] = '';
284 $_POST['passphrase'] = '';
285 $_POST['process'] = true;
286 $_POST['foreign_id'] = $foreign_id['id'];
287 $_POST['note'] = $data[7];
288 $cdoc->note_action_process($_GET['patient_id']);
289 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
290 sqlQuery($sql_patient_no,array($data[2],$data[8]));
296 * To display the files/pdfforms patient wise
298 public function userslistportal($data){
299 if($this->valid($data[0])){
305 dlm.dlm_document_name,
311 dld.dld_master_docid,
313 dld.dld_patient_comments,
319 documents_legal_master AS dlm
320 LEFT OUTER JOIN documents_legal_detail AS dld
321 ON dlm.dlm_document_id = dld_master_docid
322 JOIN patient_data AS pd
323 ON dld.dld_pid = pd.pid
324 WHERE dlm.dlm_effective_date <= NOW()
325 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
326 AND dld.dld_id IS NOT NULL
327 AND dld.dld_signed IN (1,2,4)
328 AND dld.dld_moved = 0
329 AND dlm_subcategory NOT IN
334 documents_legal_categories
336 dlc_category_name = 'Layout Signed'
337 AND dlc_category_type = 2
339 ORDER BY dld.dld_pid ASC ";
341 $res = sqlStatement($query);
343 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
353 * To display the category list in Move To Category option
355 public function category_list($data){
356 if($this->valid($data[0])){
358 $query = "SELECT * FROM categories";
359 $res = sqlStatement($query);
361 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
370 //Converts a text to xml format.Format is as follows
371 public function text_to_xml($data){
372 if($this->valid($data[0])){
374 $doc = new DOMDocument();
375 $doc->formatOutput
= true;
377 $root = $doc->createElement( "root" );
378 $doc->appendChild( $root );
380 $level = $doc->createElement( "level" );
381 $root->appendChild( $level );
383 $element = $doc->createElement( "text" );
384 $element->appendChild(
385 $doc->createTextNode( $text )
387 $level->appendChild( $element );
388 return $doc->saveXML();
391 throw new SoapFault("Server", "credentials failed");
395 //Accepts an array and returns the result in xml format.Format is as follows
398 public function function_return_to_xml($var=array()){
400 $doc = new DOMDocument();
401 $doc->formatOutput
= true;
403 $root = $doc->createElement( "root" );
404 $doc->appendChild( $root );
407 $level = $doc->createElement( "level" );
408 $root->appendChild( $level );
409 foreach($var as $key=>$value){
410 $element = $doc->createElement( "$key" );
411 $element->appendChild(
412 $doc->createTextNode( $value )
414 $level->appendChild( $element );
417 return $doc->saveXML();
421 //When a filled PDf is rejected During audit , the file is deleted
424 public function delete_file($data){
425 if($this->valid($data[0])){
426 $file_name_with_path=$data[1];
427 @unlink
($file_name_with_path);
430 throw new SoapFault("Server", "credentials failed");
435 //Accepts a file path.Fetches the file in xml format.
436 //Transfer the file to portal in XML format
437 public function file_to_xml($data){
438 if($this->valid($data[0])){
439 $file_name_with_path=$data[1];
440 $path_parts = pathinfo($file_name_with_path);
441 $handler = fopen($file_name_with_path,"rb");
442 $returnData = fread($handler,filesize($file_name_with_path));
444 $doc = new DOMDocument();
445 $doc->formatOutput
= true;
447 $root = $doc->createElement( "root" );
448 $doc->appendChild( $root );
450 $level = $doc->createElement( "level" );
451 $root->appendChild( $level );
453 $filename = $doc->createElement( "name" );
454 $filename->appendChild(
455 $doc->createTextNode( $path_parts['basename'] )
457 $level->appendChild( $filename );
459 $type = $doc->createElement( "type" );
461 $doc->createTextNode( $path_parts['extension'] )
463 $level->appendChild( $type );
464 $content = $doc->createElement( "file" );
465 $content->appendChild(
466 $doc->createTextNode( base64_encode($returnData) )
468 $level->appendChild( $content );
469 return $doc->saveXML();
472 throw new SoapFault("Server", "credentials failed");
477 //File teceived from the portal side is saved to OpenEMR
479 public function store_to_file($data){
480 if($this->valid($data[0])){
481 $file_name_with_path=$data[1];
483 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
484 if(is_dir($savedpath));
487 mkdir($savedpath,0777);
488 chmod($savedpath, 0777);
490 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
491 if(is_dir($savedpath));
494 mkdir($savedpath,0777);
495 chmod($savedpath, 0777);
497 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
498 if(is_dir($savedpath));
501 mkdir($savedpath,0777);
502 chmod($savedpath, 0777);
504 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
505 if(is_dir($savedpath));
508 mkdir($savedpath,0777);
509 chmod($savedpath, 0777);
511 $handler = fopen($file_name_with_path,"w");
512 fwrite($handler, base64_decode($data));
514 chmod($file_name_with_path,0777);
517 throw new SoapFault("Server", "credentials failed");
522 //receive a batch of function calls received from Portal, execute it and return the results to the portal
523 //The results will be stored in the key, which is received from portal.
526 static public function batch_despatch($var,$func,$data_credentials){
528 if(UserService
::valid($data_credentials)){
529 require_once("../../library/invoice_summary.inc.php");
530 require_once("../../library/options.inc.php");
531 require_once("../../library/acl.inc");
532 require_once("../../library/patient.inc");
533 if($func=='ar_responsible_party')
536 $encounter_id=$var['encounter'];
537 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
538 return UserService
::function_return_to_xml($x);
540 elseif($func=='getInsuranceData')
543 $given=$var['given'];
544 $x=getInsuranceData($pid,$type,$given);
545 return UserService
::function_return_to_xml($x);
547 elseif($func=='generate_select_list')
549 $tag_name=$var['tag_name'];
550 $list_id=$var['list_id'];
551 $currvalue=$var['currvalue'];
552 $title=$var['title'];
553 $empty_name=$var['empty_name'];
554 $class=$var['class'];
555 $onchange=$var['onchange'];
556 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
557 return UserService
::function_return_to_xml($x);
559 elseif($func=='xl_layout_label')
561 $constant=$var['constant'];
562 $x['xl_layout_label']=xl_layout_label($constant);
563 return UserService
::function_return_to_xml($x);
565 elseif($func=='generate_form_field')
568 $currvalue=$var['currvalue'];
570 generate_form_field($frow,$currvalue);
571 $x['generate_form_field']=ob_get_contents();
573 return UserService
::function_return_to_xml($x);
575 elseif($func=='getInsuranceProviders')
578 $provider=$var['provider'];
579 $insurancei=getInsuranceProviders();
583 elseif($func=='get_layout_form_value')
586 $_POST=$var['post_array'];
587 $x['get_layout_form_value']=get_layout_form_value($frow);
588 return UserService
::function_return_to_xml($x);
590 elseif($func=='updatePatientData')
592 $patient_data=$var['patient_data'];
593 $create=$var['create'];
594 updatePatientData($pid,$patient_data,$create);
596 return UserService
::function_return_to_xml($x);
598 elseif($func=='updateEmployerData')
600 $employer_data=$var['employer_data'];
601 $create=$var['create'];
602 updateEmployerData($pid,$employer_data,$create);
604 return UserService
::function_return_to_xml($x);
606 elseif($func=='newHistoryData')
608 newHistoryData($pid);
610 return UserService
::function_return_to_xml($x);
612 elseif($func=='newInsuranceData')
615 foreach($var as $key=>$value)
617 if($key>=3)//first 3 need to be skipped.
619 $var[$key]=formData($value);
623 $parameters[$key]=$var[$key];
626 $parameters[12]=fixDate($parameters[12]);
627 $parameters[27]=fixDate($parameters[27]);
628 call_user_func_array('newInsuranceData',$parameters);
630 return UserService
::function_return_to_xml($x);
632 elseif($func=='generate_layout_validation')
634 $form_id=$var['form_id'];
636 generate_layout_validation($form_id);
642 throw new SoapFault("Server", "credentials failed");
646 //Writing patient credentials to table
647 public function insert_login_details($var)
650 $data_credentials=$var[0];
651 if(UserService
::valid($data_credentials))
653 $username=$var['username'];
654 $authPass=$var['authPass'];
655 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
656 sqlInsert($query,array($pid,$username,$authPass));
660 throw new SoapFault("Server", "credentials failed");
666 //Updating the password on a password change
668 public function update_password($var){
669 $data_credentials=$var[0];
670 global $pid,$auditmasterid;
671 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
672 $status = $var['new_pwd_status'];
673 $pwd=$var['new_pwd'];
674 $oldpwd = $var['old_pwd'];
680 $where = "portal_pwd_status=? and pid=?";
681 $set= "portal_pwd=?,portal_pwd_status=?";
690 $set= "portal_pwd=? ";
695 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
696 $res=sqlStatement($qry,array($pid,$oldpwd));
697 if(sqlNumRows($res)>0)
699 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
700 sqlStatement($qry,$setarray);
707 }elseif(UserService
::valid($data_credentials) == 'newpatienttoapprove'){
708 $pwd=$var['new_pwd'];
709 $oldpwd = $var['old_pwd'];
710 $qry = "SELECT * from audit_details WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd' AND field_value = ?";
711 $res=sqlStatement($qry,array($auditmasterid,$oldpwd));
712 if(sqlNumRows($res)>0){
713 $qry = "UPDATE audit_details SET field_value = ? WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd'";
714 sqlStatement($qry,array($pwd,$auditmasterid));
722 throw new SoapFault("Server", "credentials failed");
729 public function update_openemr_appointment($var)
731 $data_credentials=$var[0];
732 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
733 foreach($var[1] as $key=>$value)
735 $eid=explode('_',$var[1][$key]);
736 if($eid[0]=='calendar')
738 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
740 elseif($eid[0]=='audit')
742 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
747 throw new SoapFault("Server", "credentials failed");
752 //Marking the Documents as ready to be signed
754 public function update_dlm_dld($var)
756 $data_credentials=$var[0];
757 if(UserService
::valid($data_credentials)){
759 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
760 sqlStatement($qry,array($var['dld_id']));
763 throw new SoapFault("Server", "credentials failed");
768 //Setting PDF documets approve /denial status
770 public function update_dld_approve_deny($data){
771 if($this->valid($data[0])){
772 if(substr($data[1][2],0,3) == 'am-'){
773 $audid = substr($data[1][2],3);
774 $status = sqlQuery("SELECT
776 ad.field_value AS uname,
777 CONCAT(ad4.field_value,' ',ad5.field_value,' ',ad6.field_value) AS name
780 JOIN audit_details ad
781 ON ad.audit_master_id = am.id
782 AND ad.table_name = 'patient_access_offsite'
783 AND ad.field_name = 'portal_username'
784 JOIN audit_details ad2
785 ON ad2.table_name = 'patient_access_offsite'
786 AND ad2.field_name = 'portal_username'
787 AND ad2.field_value = ad.field_value
788 JOIN audit_details ad3
789 ON ad3.table_name = 'patient_access_offsite'
790 AND ad3.field_name = 'portal_pwd'
791 AND ad3.audit_master_id = ad2.audit_master_id
792 JOIN audit_details ad4
793 ON ad4.table_name = 'patient_data'
794 AND ad4.field_name = 'fname'
795 AND ad4.audit_master_id = ad2.audit_master_id
796 JOIN audit_details ad5
797 ON ad5.table_name = 'patient_data'
798 AND ad5.field_name = 'mname'
799 AND ad5.audit_master_id = ad2.audit_master_id
800 JOIN audit_details ad6
801 ON ad6.table_name = 'patient_data'
802 AND ad6.field_name = 'lname'
803 AND ad6.audit_master_id = ad2.audit_master_id
804 JOIN audit_master am2
805 ON am2.id = ad3.audit_master_id
807 WHERE am.id = ?",array($audid));
808 if($status['approval_status'] == '2'){
809 $result = UserService
::update_audited_data(array($data[0],'audit_master_id' => $audid));
810 UserService
::update_audit_master(array($data[0],'audit_master_id' => $audid,'approval_status' => '2'));
811 $pid = sqlQuery("SELECT pid FROM patient_access_offsite WHERE portal_username=?",array($status['uname']));
812 $qry = "UPDATE documents_legal_detail SET dld_pid=?,dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
813 sqlStatement($qry,array($pid['pid'],$data[1][0],$data[1][1],$result['dld_id']));
815 return "Please approve the patient ".$status['name'].", for approving the selected document";
818 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
819 sqlStatement($qry,$data[1]);
823 throw new SoapFault("Server", "credentials failed");
827 //Marking PDF documets as signed
829 public function update_dld_signed($data){
830 if($this->valid($data[0])){
831 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
832 sqlStatement($qry,$data[1]);
835 throw new SoapFault("Server", "credentials failed");
839 //Marking PDF documets for audit.
841 public function update_dld_pending($data){
842 if($this->valid($data[0])){
843 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
844 sqlStatement($qry,$data[1]);
847 throw new SoapFault("Server", "credentials failed");
853 public function insert_dld($data){
854 global $pid,$auditmasterid;
855 if(UserService
::valid($data[0])=='existingpatient' || UserService
::valid($data[0])=='newpatient'){
856 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
857 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
859 elseif(UserService
::valid($data[0])=='newpatienttoapprove'){
860 $param=array($data[0],'audit_master_id_to_delete'=>"",'pid'=>"$pid",'approval_status'=>'1',
861 'type'=>'3','ip_address'=>'',
862 'table_name_array'=>array('documents_legal_detail','patient_access_offsite'),
863 'field_name_value_array'=>array(array('dld_pid'=>"$pid",'dld_signed'=>$data[2],'dld_filepath'=>$data[3],'dld_master_docid'=>$data[4],'dld_filename'=>$data[5],'dld_encounter'=>$data[6],'dld_file_for_pdf_generation'=>$data[7]),
864 array('pid'=>"$pid",'portal_username'=>$data[0][6])),
865 'entry_identification_array'=>array(1,1),
867 UserService
::insert_to_be_audit_data($param);
870 throw new SoapFault("Server", "credentials failed");
875 //Inserting the entries for Master PDF documents uploaded
877 public function insert_dlm($data){
878 if($this->valid($data[0])=='oemruser'){
879 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
880 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
883 throw new SoapFault("Server", "credentials failed");
888 //REceive an array of Select cases from portal execute it and return
889 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
891 public function batch_select($data){
892 if($this->valid($data[0])){
894 foreach($batch as $key=>$value)
896 $batchkey=$value['batchkey'];
897 $case=$value['case'];
898 $param=$value['param'];
901 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
904 return $return_array;
907 throw new SoapFault("Server", "credentials failed");
912 //Receive a batch of function calls from portal and execute it through batch despatch Function
913 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
915 public function batch_function($data){
916 if($this->valid($data[0])){
918 foreach($batch as $key=>$value)
920 $batchkey=$value['batchkey'];
921 $function=$value['funcname'];
922 $param=$value['param'];
924 $res=call_user_func_array("UserService::$function",$param);
925 $return_array[$batchkey]=$res;
927 return $return_array;
930 throw new SoapFault("Server", "credentials failed");
934 //Execute a batch of functions received from portal. But this function is limited to
935 // the functions written in the myportal module.
937 public function multiplecall($data){
939 foreach($batch as $key=>$value)
941 $batchkey=$value['batchkey'];
942 $function=$value['funcname'];
943 $param=$value['param'];
945 array_unshift($param,$data[0]);
948 $res= UserService
::$function($param);
949 $return_array[$batchkey]=$res;
951 return $return_array;
957 public function getversion($data){
958 global $v_offsite_portal;
959 return $v_offsite_portal;
963 public function loginchecking($data){
964 if($this->valid($data[0])=='existingpatient' ||
$this->valid($data[0])=='newpatient'){
965 $res = sqlStatement("SELECT portal_pwd_status, 'yes' AS patient_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
966 return $this->resourcetoxml($res);
967 }elseif($this->valid($data[0])=='newpatienttoapprove'){
968 $res = sqlStatement("
970 COUNT(*) AS portal_pwd_status,
971 'no' AS patient_status
974 JOIN audit_details ad
975 ON ad.audit_master_id = am.id
976 AND ad.table_name = 'patient_access_offsite'
977 AND ad.field_name = 'portal_username'
978 JOIN audit_details ad2
979 ON ad2.audit_master_id = am.id
980 AND ad2.table_name = 'patient_access_offsite'
981 AND ad2.field_name = 'portal_pwd'
982 WHERE am.approval_status = 1
983 AND ad.field_value = ?
984 AND ad2.field_value = ?;
986 return $this->resourcetoxml($res);
991 //Execute a query and return its results.
993 public function selectquery($data){
996 $utype = $this->valid($data[0]);
998 $newobj = factoryclass
::dynamic_class_factory($utype);
999 $sql_result_setarr = $newobj->query_formation($data[1]);
1000 if(!empty($sql_result_setarr[1]) && $sql_result_setarr[1] == 'result'){
1001 return $this->resourcetoxml2($sql_result_setarr[0]);
1003 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
1004 return $this->resourcetoxml($sql_result_set);
1008 //Return an SQL resultset as an XML
1011 public function resourcetoxml($sql_result_set){
1012 $doc = new DOMDocument();
1013 $doc->formatOutput
= true;
1015 $root = $doc->createElement( "root" );
1016 $doc->appendChild( $root );
1017 while($row = sqlFetchArray($sql_result_set))
1019 $level = $doc->createElement( "level" );
1020 $root->appendChild( $level );
1021 foreach($row as $key=>$value){
1022 $element = $doc->createElement( "$key" );
1023 $element->appendChild(
1024 $doc->createTextNode( $value )
1026 $level->appendChild( $element );
1029 return $doc->saveXML();
1032 public function resourcetoxml2($row){
1033 $doc = new DOMDocument();
1034 $doc->formatOutput
= true;
1035 $root = $doc->createElement( "root" );
1036 $doc->appendChild( $root );
1037 $level = $doc->createElement( "level" );
1038 $root->appendChild( $level );
1039 foreach($row as $key=>$value){
1040 $element = $doc->createElement( "$key" );
1041 $element->appendChild(
1042 $doc->createTextNode( $value )
1044 $level->appendChild( $element );
1046 return $doc->saveXML();
1049 //Writing facility payment configuration to table
1050 public function save_payment_configuration($var){
1051 $data_credentials=$var[0];
1052 if(UserService
::valid($data_credentials))
1054 if($var['service'] == 'paypal'){
1055 if($var['paypal'] != ''){
1056 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
1057 sqlStatement($update_sql,array($var['login_id']));
1059 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
1060 sqlStatement($save_sql,array($var['service'],$var['login_id']));
1062 }elseif($var['service'] == 'authorize_net'){
1063 if($var['authorize_net'] != ''){
1064 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
1065 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
1067 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
1068 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
1074 throw new SoapFault("Server", "credentials failed");
1078 //Writing patient's authorizenet profile id to table
1079 public function insert_authorizenet_details($var){
1081 $data_credentials=$var[0];
1082 if(UserService
::valid($data_credentials))
1084 $authorizenetid=$var['authorizenetid'];
1085 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
1086 sqlInsert($query,array($authorizenetid,$pid));
1090 throw new SoapFault("Server", "credentials failed");
1094 public function valid($credentials){
1095 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
1096 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
1097 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
1104 $tim = strtotime(gmdate("Y-m-d H:m"));
1105 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
1106 if(sqlNumRows($res)){
1107 if($GLOBALS['validated_offsite_portal'] !=true){
1112 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
1113 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
1115 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
1118 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
1121 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+
3600)).$credentials[3])==$credentials[2]){
1124 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||
$GLOBALS['validated_offsite_portal']==true){
1125 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1126 if($credentials[4] == 'existingpatient'){
1127 if(UserService
::validcredential($credentials) === 2){
1130 elseif(UserService
::validcredential($credentials) == true){
1137 elseif($credentials[4] == 'oemruser'){
1139 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
1142 elseif($credentials[4] == 'newpatient'){
1143 if(UserService
::validcredential($credentials) === 2){
1146 elseif(UserService
::validcredential($credentials)){
1151 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
1154 if($okE==1 ||
$okN == 2 ||
$okN == 1 ||
$okO == 1){
1155 $pid = $prow['pid'];
1156 $GLOBALS['pid'] = $prow['pid'];
1157 }elseif($okE == 2 ||
$okN == 3){
1163 JOIN audit_details ad2
1164 ON ad2.audit_master_id = ad.audit_master_id
1165 AND ad2.table_name = 'patient_access_offsite'
1166 AND ad2.field_name = 'portal_pwd'
1167 WHERE ad.table_name = 'patient_access_offsite'
1168 AND ad.field_name = 'portal_username'
1169 AND ad.field_value = ?
1170 ",array($credentials[6]));
1171 $auditmasterid = $arow['audit_master_id'];
1172 $GLOBALS['auditmasterid'] = $arow['audit_master_id'];
1174 $GLOBALS['pid'] = 0;
1176 $_GET['site'] = $credentials[0];
1179 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
1181 $portal = sqlQuery("
1183 IF(COUNT(*),'yes','no') AS allow_patient_portal
1186 JOIN audit_details ad
1187 ON ad.audit_master_id = am.id
1188 AND ad.table_name = 'patient_access_offsite'
1189 AND ad.field_name = 'portal_username'
1190 WHERE am.approval_status = 1
1191 AND ad.field_value = ?
1192 ",array($credentials[6]));
1194 if(strtolower($portal['allow_patient_portal'])!='yes')
1197 $GLOBALS['validated_offsite_portal'] = true;
1202 return 'existingpatient';
1205 return 'newpatienttoapprove';
1207 elseif($okN == 1 ||
$okN == 2){
1208 return 'newpatient';
1211 return 'newpatienttoapprove';
1223 public function validcredential($credentials){
1224 $tim = strtotime(gmdate("Y-m-d H:m"));
1225 if($credentials[6]){
1226 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1227 $newpatient_to_approve = 0;
1228 if(!$prow['portal_pwd']){
1229 $newpatient_to_approve = 1;
1232 ad2.field_value AS portal_pwd
1235 JOIN audit_details ad
1236 ON ad.audit_master_id = am.id
1237 AND ad.table_name = 'patient_access_offsite'
1238 AND ad.field_name = 'portal_username'
1239 JOIN audit_details ad2
1240 ON ad2.audit_master_id = am.id
1241 AND ad2.table_name = 'patient_access_offsite'
1242 AND ad2.field_name = 'portal_pwd'
1243 WHERE am.approval_status = 1
1244 AND ad.field_value = ?
1245 ",array($credentials[6]));
1247 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
1248 if($newpatient_to_approve){
1254 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
1255 if($newpatient_to_approve){
1261 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+
3600)).$credentials[8])==$credentials[7]){
1262 if($newpatient_to_approve){
1273 //for checking the connection
1277 public function check_connection($data){
1278 if($this->valid($data[0])){
1286 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
1287 $server->setClass('UserService');
1288 $server->setPersistence(SOAP_PERSISTENCE_SESSION
);