search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix to using most recent development translation set on development demo.
[openemr.git] / myportal / soap_service / server_side.php
blob0635c11db2cea09ce0a5f4c4aaf82bfbf254a9e7
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10 //
11 //
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
16 //
17 //
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
26 //
27 // +------------------------------------------------------------------------------+
28
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
31 //
32
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
35 //
36
37 global $ISSUE_TYPES;
38 $ignoreAuth=true;
39 ob_start();
40
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__)."/../../library/options.inc.php");
44 $err = '';
45 if(!extension_loaded("soap")){
46 dl("php_soap.dll");
47 }
48 require_once("server_med_rec.php");
49 require_once("factory_class.php");
50 class UserService extends Userforms
51 {
52
53 /**
54 * To display the result/report names from lists
55 */
56 public function get_display_field($data){
57 if($this->valid($data[0])){
58 $ret = generate_display_field(array('data_type'=>$data['data_type'],'list_id'=>$data['list_id']),$data['value']);
59 return $ret;
60 }
61 }
62
63 /**
64 * To display the procedure order results
65 */
66 public function procedure_order($data){
67 if($this->valid($data[0])){
68 global $pid;
69 $arr = array();
70 $i = 0;
71 $proc_query = "SELECT
72 po.procedure_order_id, po.date_ordered, pc.procedure_order_seq,
73 pt1.procedure_type_id AS order_type_id, pc.procedure_name,
74 pr.procedure_report_id, pr.date_report, pr.date_collected,
75 pr.specimen_num, pr.report_status, pr.review_status
76 FROM
77 procedure_order AS po
78 JOIN procedure_order_code AS pc
79 ON pc.procedure_order_id = po.procedure_order_id
80 LEFT JOIN procedure_type AS pt1
81 ON pt1.lab_id = po.lab_id
82 AND pt1.procedure_code = pc.procedure_code
83 LEFT JOIN procedure_report AS pr
84 ON pr.procedure_order_id = po.procedure_order_id
85 AND pr.procedure_order_seq = pc.procedure_order_seq
86 WHERE po.patient_id = ?
87 AND pr.review_status = 'reviewed'
88 ORDER BY po.date_ordered, po.procedure_order_id, pc.procedure_order_seq, pr.procedure_report_id";
89 $proc_result = sqlStatement($proc_query,array($pid));
90 while ($row = sqlFetchArray($proc_result)) {
91
92 $procedure_report_id = empty($row['procedure_report_id']) ? '' : $row['procedure_report_id'];
93 $order_type_id = empty($row['order_type_id']) ? '' : $row['order_type_id'];
94
95 $proc_order_query = "(SELECT
96 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
97 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
98 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
99 ps.procedure_result_id, ps.result_code AS result_code,
100 ps.result_text, ps.abnormal, ps.result,
101 ps.range, ps.result_status, ps.facility,
102 ps.comments, ps.units, ps.comments
103 FROM
104 procedure_type AS pt2
105 LEFT JOIN procedure_result AS ps
106 ON ps.procedure_report_id = ?
107 AND ps.result_code = pt2.procedure_code
108 WHERE pt2.parent = ?
109 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' ))
110 UNION
111 (SELECT
112 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
113 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
114 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
115 ps.procedure_result_id, ps.result_code AS result_code,
116 ps.result_text, ps.abnormal, ps.result,
117 ps.range, ps.result_status, ps.facility,
118 ps.comments, ps.units, ps.comments
119 FROM
120 procedure_result AS ps
121 LEFT JOIN procedure_type AS pt2
122 ON pt2.parent = ?
123 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' )
124 AND ps.result_code = pt2.procedure_code
125 WHERE ps.procedure_report_id = ?)
126 ORDER BY seq, NAME, procedure_type_id,result_code";
127 $proc_order_result = sqlStatement($proc_order_query,array($procedure_report_id,$order_type_id,$order_type_id,$procedure_report_id));
128
129 while ($rrow = sqlFetchArray($proc_order_result)) {
130 $arr[$i]['procedure_report_id'] = empty($row['procedure_report_id']) ? '' : $row['procedure_report_id'] ;
131 $arr[$i]['date_ordered'] = empty($row['date_ordered']) ? '' : $row['date_ordered'];
132 $arr[$i]['procedure_name'] = empty($row['procedure_name']) ? '' : $row['procedure_name'];
133 $arr[$i]['result_text'] = empty($rrow['result_text']) ? '' : $rrow['result_text'];
134 $arr[$i]['abnormal'] = empty($rrow['abnormal']) ? '' : $rrow['abnormal'];
135 $arr[$i]['result'] = empty($rrow['result']) ? '' : $rrow['result'];
136 $arr[$i]['range'] = empty($rrow['range']) ? '' : $rrow['range'];
137 $arr[$i]['units'] = empty($rrow['units']) ? '' : $rrow['units'];
138 $arr[$i]['result_status'] = empty($rrow['result_status']) ? '' : $rrow['result_status'];
139 $arr[$i]['report_status'] = empty($row['report_status']) ? '' : $row['report_status'];
140 $i++;
141 }
142 }
143 return $arr;
144 }
145 }
146
147 /**
148 * To display the patient uploaded files/pdf patient wise
149 */
150 public function patientuploadedfiles($data){
151 if($this->valid($data[0])){
152 ob_start();
153 $query = "
154 SELECT
155 am.id,
156 am.pid,
157 ad.field_value AS doc_name,
158 pd.fname,
159 pd.lname,
160 pd.mname,
161 ad2.field_value AS file_name,
162 ad3.field_value AS pat_comments
163 FROM
164 audit_details AS ad
165 JOIN audit_master AS am
166 ON am.id = ad.audit_master_id
167 LEFT JOIN patient_data AS pd
168 ON am.pid = pd.pid
169 JOIN audit_details AS ad2
170 ON am.id = ad2.audit_master_id
171 AND ad2.field_name = 'dlm_filename'
172 JOIN audit_details AS ad3
173 ON am.id = ad3.audit_master_id
174 AND ad3.field_name = 'dld_patient_comments'
175 WHERE ad.field_name = 'dlm_document_name'
176 AND approval_status = '1'
177 AND am.type = '4'
178 ORDER BY am.pid ASC
179 ";
180 if(!empty($data[1])){
181 $query .= " AND am.id = ?";
182 $res = sqlStatement($query,array($data[1]));
183 }else{
184 $res = sqlStatement($query);
185 }
186 if ($res) {
187 for($iter=0; $row=sqlFetchArray($res); $iter++) {
188 $all[$iter] = $row;
189 }
190 }
191 $v = ob_get_clean();
192 return $all;
193 }
194 }
195
196 public function createandstoretodirectory($data){
197 global $pid;
198 if($this->valid($data[0])){
199 $file_name=$data[1];
200 $data=$data[2];
201 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
202 if(is_dir($savedpath));
203 else
204 {
205 mkdir($savedpath,0777,true);
206 chmod($savedpath, 0777);
207 }
208 $handler = fopen($savedpath."/".$file_name,"w");
209 fwrite($handler, base64_decode($data));
210 fclose($handler);
211 chmod($savedpath."/".$file_name,0777);
212 }
213 else{
214 throw new SoapFault("Server", "credentials failed");
215 }
216 }
217
218 /**
219 * To move category,rename filename,input note and to move to new patient#
220 */
221 public function documents_update($data){
222 if($this->valid($data[0])){
223 $_POST['process'] = true;
224 $_POST['new_category_id'] = $data[1];
225 $_POST['new_patient_id'] = $data[4];
226 $file_path = '';
227 if($data[9] == 2)
228 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
229 elseif($data[9] == 1)
230 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
231 elseif($data[9] == 4)
232 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
233 $mime_types = array(
234 "pdf"=>"application/pdf"
235 ,"exe"=>"application/octet-stream"
236 ,"zip"=>"application/zip"
237 ,"docx"=>"application/msword"
238 ,"doc"=>"application/msword"
239 ,"xls"=>"application/vnd.ms-excel"
240 ,"ppt"=>"application/vnd.ms-powerpoint"
241 ,"gif"=>"image/gif"
242 ,"png"=>"image/png"
243 ,"jpeg"=>"image/jpg"
244 ,"jpg"=>"image/jpg"
245 ,"mp3"=>"audio/mpeg"
246 ,"wav"=>"audio/x-wav"
247 ,"mpeg"=>"video/mpeg"
248 ,"mpg"=>"video/mpeg"
249 ,"mpe"=>"video/mpeg"
250 ,"mov"=>"video/quicktime"
251 ,"avi"=>"video/x-msvideo"
252 ,"3gp"=>"video/3gpp"
253 ,"css"=>"text/css"
254 ,"jsc"=>"application/javascript"
255 ,"js"=>"application/javascript"
256 ,"php"=>"text/html"
257 ,"htm"=>"text/html"
258 ,"html"=>"text/html"
259 );
260
261 $extension = strtolower(end(explode('.',$file_path)));
262 $mime_types = $mime_types[$extension];
263 $_FILES['file']['name'][0] = $data[6];
264 $_FILES['file']['type'][0] = $mime_types;
265 $_FILES['file']['tmp_name'][0] = $file_path;
266 $_FILES['file']['error'][0] = 0;
267 $_FILES['file']['size'][0] = filesize($file_path);
268 $_POST['category_id'] = $_POST['new_category_id'];
269 $_POST['patient_id'] = $_POST['new_patient_id'];
270 $_GET['patient_id'] = $_POST['patient_id'];
271 $_POST['destination'] = $data[3];
272
273 $cdoc = new C_Document();
274 $cdoc->upload_action_process();
275 if($GLOBALS['document_storage_method']==0){
276 if($data[3])
277 copy($file_path,$cdoc->file_path.$data[3]);
278 else
279 copy($file_path,$cdoc->file_path.$data[6]);
280 }
281 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
282 unset($_POST);
283 $_POST['encrypted'] = '';
284 $_POST['passphrase'] = '';
285 $_POST['process'] = true;
286 $_POST['foreign_id'] = $foreign_id['id'];
287 $_POST['note'] = $data[7];
288 $cdoc->note_action_process($_GET['patient_id']);
289 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
290 sqlQuery($sql_patient_no,array($data[2],$data[8]));
291 unset($_POST);
292 }
293 }
294
295 /**
296 * To display the files/pdfforms patient wise
297 */
298 public function userslistportal($data){
299 if($this->valid($data[0])){
300 ob_start();
301 $query = "SELECT
302 dlm.dlm_upload_type,
303 dld.dld_id,
304 dld.dld_pid,
305 dlm.dlm_document_name,
306 dlm.dlm_document_id,
307 dlm.dlm_filename,
308 dld.dld_filename,
309 dld.dld_signed,
310 dlm.dlm_filename,
311 dld.dld_master_docid,
312 dld.dld_signed,
313 dld.dld_patient_comments,
314 dld.dld_moved,
315 pd.fname,
316 pd.lname,
317 pd.mname
318 FROM
319 documents_legal_master AS dlm
320 LEFT OUTER JOIN documents_legal_detail AS dld
321 ON dlm.dlm_document_id = dld_master_docid
322 JOIN patient_data AS pd
323 ON dld.dld_pid = pd.pid
324 WHERE dlm.dlm_effective_date <= NOW()
325 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
326 AND dld.dld_id IS NOT NULL
327 AND dld.dld_signed IN (1,2,4)
328 AND dld.dld_moved = 0
329 AND dlm_subcategory NOT IN
330 (
331 SELECT
332 dlc_id
333 FROM
334 documents_legal_categories
335 WHERE
336 dlc_category_name = 'Layout Signed'
337 AND dlc_category_type = 2
338 )
339 ORDER BY dld.dld_pid ASC ";
340
341 $res = sqlStatement($query);
342 if ($res) {
343 for($iter=0; $row=sqlFetchArray($res); $iter++) {
344 $all[$iter] = $row;
345 }
346 }
347 $v = ob_get_clean();
348 return $all;
349 }
350 }
351
352 /**
353 * To display the category list in Move To Category option
354 */
355 public function category_list($data){
356 if($this->valid($data[0])){
357 ob_start();
358 $query = "SELECT * FROM categories";
359 $res = sqlStatement($query);
360 if ($res) {
361 for($iter=0; $row=sqlFetchArray($res); $iter++) {
362 $all[$iter] = $row;
363 }
364 }
365 $v = ob_get_clean();
366 return $all;
367 }
368 }
369
370 //Converts a text to xml format.Format is as follows
371 public function text_to_xml($data){
372 if($this->valid($data[0])){
373 $text = $data[1];
374 $doc = new DOMDocument();
375 $doc->formatOutput = true;
376
377 $root = $doc->createElement( "root" );
378 $doc->appendChild( $root );
379
380 $level = $doc->createElement( "level" );
381 $root->appendChild( $level );
382
383 $element = $doc->createElement( "text" );
384 $element->appendChild(
385 $doc->createTextNode( $text )
386 );
387 $level->appendChild( $element );
388 return $doc->saveXML();
389 }
390 else{
391 throw new SoapFault("Server", "credentials failed");
392 }
393 }
394
395 //Accepts an array and returns the result in xml format.Format is as follows
396
397
398 public function function_return_to_xml($var=array()){
399
400 $doc = new DOMDocument();
401 $doc->formatOutput = true;
402
403 $root = $doc->createElement( "root" );
404 $doc->appendChild( $root );
405
406
407 $level = $doc->createElement( "level" );
408 $root->appendChild( $level );
409 foreach($var as $key=>$value){
410 $element = $doc->createElement( "$key" );
411 $element->appendChild(
412 $doc->createTextNode( $value )
413 );
414 $level->appendChild( $element );
415 }
416
417 return $doc->saveXML();
418
419 }
420
421 //When a filled PDf is rejected During audit , the file is deleted
422
423
424 public function delete_file($data){
425 if($this->valid($data[0])){
426 $file_name_with_path=$data[1];
427 @unlink($file_name_with_path);
428 }
429 else{
430 throw new SoapFault("Server", "credentials failed");
431 }
432 }
433
434
435 //Accepts a file path.Fetches the file in xml format.
436 //Transfer the file to portal in XML format
437 public function file_to_xml($data){
438 if($this->valid($data[0])){
439 $file_name_with_path=$data[1];
440 $path_parts = pathinfo($file_name_with_path);
441 $handler = fopen($file_name_with_path,"rb");
442 $returnData = fread($handler,filesize($file_name_with_path));
443 fclose($handler);
444 $doc = new DOMDocument();
445 $doc->formatOutput = true;
446
447 $root = $doc->createElement( "root" );
448 $doc->appendChild( $root );
449
450 $level = $doc->createElement( "level" );
451 $root->appendChild( $level );
452
453 $filename = $doc->createElement( "name" );
454 $filename->appendChild(
455 $doc->createTextNode( $path_parts['basename'] )
456 );
457 $level->appendChild( $filename );
458
459 $type = $doc->createElement( "type" );
460 $type->appendChild(
461 $doc->createTextNode( $path_parts['extension'] )
462 );
463 $level->appendChild( $type );
464 $content = $doc->createElement( "file" );
465 $content->appendChild(
466 $doc->createTextNode( base64_encode($returnData) )
467 );
468 $level->appendChild( $content );
469 return $doc->saveXML();
470 }
471 else{
472 throw new SoapFault("Server", "credentials failed");
473 }
474 }
475
476
477 //File teceived from the portal side is saved to OpenEMR
478
479 public function store_to_file($data){
480 if($this->valid($data[0])){
481 $file_name_with_path=$data[1];
482 $data=$data[2];
483 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
484 if(is_dir($savedpath));
485 else
486 {
487 mkdir($savedpath,0777);
488 chmod($savedpath, 0777);
489 }
490 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
491 if(is_dir($savedpath));
492 else
493 {
494 mkdir($savedpath,0777);
495 chmod($savedpath, 0777);
496 }
497 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
498 if(is_dir($savedpath));
499 else
500 {
501 mkdir($savedpath,0777);
502 chmod($savedpath, 0777);
503 }
504 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
505 if(is_dir($savedpath));
506 else
507 {
508 mkdir($savedpath,0777);
509 chmod($savedpath, 0777);
510 }
511 $handler = fopen($file_name_with_path,"w");
512 fwrite($handler, base64_decode($data));
513 fclose($handler);
514 chmod($file_name_with_path,0777);
515 }
516 else{
517 throw new SoapFault("Server", "credentials failed");
518 }
519 }
520
521
522 //receive a batch of function calls received from Portal, execute it and return the results to the portal
523 //The results will be stored in the key, which is received from portal.
524
525
526 static public function batch_despatch($var,$func,$data_credentials){
527 global $pid;
528 if(UserService::valid($data_credentials)){
529 require_once("../../library/invoice_summary.inc.php");
530 require_once("../../library/options.inc.php");
531 require_once("../../library/acl.inc");
532 require_once("../../library/patient.inc");
533 if($func=='ar_responsible_party')
534 {
535 $patient_id=$pid;
536 $encounter_id=$var['encounter'];
537 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
538 return UserService::function_return_to_xml($x);
539 }
540 elseif($func=='getInsuranceData')
541 {
542 $type=$var['type'];
543 $given=$var['given'];
544 $x=getInsuranceData($pid,$type,$given);
545 return UserService::function_return_to_xml($x);
546 }
547 elseif($func=='generate_select_list')
548 {
549 $tag_name=$var['tag_name'];
550 $list_id=$var['list_id'];
551 $currvalue=$var['currvalue'];
552 $title=$var['title'];
553 $empty_name=$var['empty_name'];
554 $class=$var['class'];
555 $onchange=$var['onchange'];
556 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
557 return UserService::function_return_to_xml($x);
558 }
559 elseif($func=='xl_layout_label')
560 {
561 $constant=$var['constant'];
562 $x['xl_layout_label']=xl_layout_label($constant);
563 return UserService::function_return_to_xml($x);
564 }
565 elseif($func=='generate_form_field')
566 {
567 $frow=$var['frow'];
568 $currvalue=$var['currvalue'];
569 ob_start();
570 generate_form_field($frow,$currvalue);
571 $x['generate_form_field']=ob_get_contents();
572 ob_end_clean();
573 return UserService::function_return_to_xml($x);
574 }
575 elseif($func=='getInsuranceProviders')
576 {
577 $i=$var['i'];
578 $provider=$var['provider'];
579 $insurancei=getInsuranceProviders();
580 $x=$insurancei;
581 return $x;
582 }
583 elseif($func=='get_layout_form_value')
584 {
585 $frow=$var['frow'];
586 $_POST=$var['post_array'];
587 $x['get_layout_form_value']=get_layout_form_value($frow);
588 return UserService::function_return_to_xml($x);
589 }
590 elseif($func=='updatePatientData')
591 {
592 $patient_data=$var['patient_data'];
593 $create=$var['create'];
594 updatePatientData($pid,$patient_data,$create);
595 $x['ok']='ok';
596 return UserService::function_return_to_xml($x);
597 }
598 elseif($func=='updateEmployerData')
599 {
600 $employer_data=$var['employer_data'];
601 $create=$var['create'];
602 updateEmployerData($pid,$employer_data,$create);
603 $x['ok']='ok';
604 return UserService::function_return_to_xml($x);
605 }
606 elseif($func=='newHistoryData')
607 {
608 newHistoryData($pid);
609 $x['ok']='ok';
610 return UserService::function_return_to_xml($x);
611 }
612 elseif($func=='newInsuranceData')
613 {
614 $_POST=$var[0];
615 foreach($var as $key=>$value)
616 {
617 if($key>=3)//first 3 need to be skipped.
618 {
619 $var[$key]=formData($value);
620 }
621 if($key>=1)
622 {
623 $parameters[$key]=$var[$key];
624 }
625 }
626 $parameters[12]=fixDate($parameters[12]);
627 $parameters[27]=fixDate($parameters[27]);
628 call_user_func_array('newInsuranceData',$parameters);
629 $x['ok']='ok';
630 return UserService::function_return_to_xml($x);
631 }
632 elseif($func=='generate_layout_validation')
633 {
634 $form_id=$var['form_id'];
635 ob_start();
636 generate_layout_validation($form_id);
637 $x = ob_get_clean();
638 return $x;
639 }
640 }
641 else{
642 throw new SoapFault("Server", "credentials failed");
643 }
644 }
645
646 //Writing patient credentials to table
647 public function insert_login_details($var)
648 {
649 global $pid;
650 $data_credentials=$var[0];
651 if(UserService::valid($data_credentials))
652 {
653 $username=$var['username'];
654 $authPass=$var['authPass'];
655 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
656 sqlInsert($query,array($pid,$username,$authPass));
657 }
658 else
659 {
660 throw new SoapFault("Server", "credentials failed");
661 }
662 }
663
664
665
666 //Updating the password on a password change
667
668 public function update_password($var){
669 $data_credentials=$var[0];
670 global $pid,$auditmasterid;
671 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
672 $status = $var['new_pwd_status'];
673 $pwd=$var['new_pwd'];
674 $oldpwd = $var['old_pwd'];
675 $set = '';
676 $setarray = '';
677 $where = '';
678 if($status)
679 {
680 $where = "portal_pwd_status=? and pid=?";
681 $set= "portal_pwd=?,portal_pwd_status=?";
682 $setarray[]=$pwd;
683 $setarray[]=$status;
684 $setarray[]=0;
685 $setarray[]=$pid;
686 }
687
688 else
689 {
690 $set= "portal_pwd=? ";
691 $setarray[]=$pwd;
692 $where = " pid=?";
693 $setarray[]=$pid;
694 }
695 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
696 $res=sqlStatement($qry,array($pid,$oldpwd));
697 if(sqlNumRows($res)>0)
698 {
699 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
700 sqlStatement($qry,$setarray);
701 return 'ok';
702 }
703 else
704 {
705 return 'notok';
706 }
707 }elseif(UserService::valid($data_credentials) == 'newpatienttoapprove'){
708 $pwd=$var['new_pwd'];
709 $oldpwd = $var['old_pwd'];
710 $qry = "SELECT * from audit_details WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd' AND field_value = ?";
711 $res=sqlStatement($qry,array($auditmasterid,$oldpwd));
712 if(sqlNumRows($res)>0){
713 $qry = "UPDATE audit_details SET field_value = ? WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd'";
714 sqlStatement($qry,array($pwd,$auditmasterid));
715 return 'ok';
716 }
717 else
718 {
719 return 'notok';
720 }
721 }else{
722 throw new SoapFault("Server", "credentials failed");
723 }
724 }
725
726 //appointment update
727
728
729 public function update_openemr_appointment($var)
730 {
731 $data_credentials=$var[0];
732 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
733 foreach($var[1] as $key=>$value)
734 {
735 $eid=explode('_',$var[1][$key]);
736 if($eid[0]=='calendar')
737 {
738 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
739 }
740 elseif($eid[0]=='audit')
741 {
742 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
743 }
744 }
745 }
746 else{
747 throw new SoapFault("Server", "credentials failed");
748 }
749 }
750
751
752 //Marking the Documents as ready to be signed
753
754 public function update_dlm_dld($var)
755 {
756 $data_credentials=$var[0];
757 if(UserService::valid($data_credentials)){
758
759 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
760 sqlStatement($qry,array($var['dld_id']));
761 }
762 else{
763 throw new SoapFault("Server", "credentials failed");
764 }
765 }
766
767
768 //Setting PDF documets approve /denial status
769
770 public function update_dld_approve_deny($data){
771 if($this->valid($data[0])){
772 if(substr($data[1][2],0,3) == 'am-'){
773 $audid = substr($data[1][2],3);
774 $status = sqlQuery("SELECT
775 am2.approval_status,
776 ad.field_value AS uname,
777 CONCAT(ad4.field_value,' ',ad5.field_value,' ',ad6.field_value) AS name
778 FROM
779 audit_master am
780 JOIN audit_details ad
781 ON ad.audit_master_id = am.id
782 AND ad.table_name = 'patient_access_offsite'
783 AND ad.field_name = 'portal_username'
784 JOIN audit_details ad2
785 ON ad2.table_name = 'patient_access_offsite'
786 AND ad2.field_name = 'portal_username'
787 AND ad2.field_value = ad.field_value
788 JOIN audit_details ad3
789 ON ad3.table_name = 'patient_access_offsite'
790 AND ad3.field_name = 'portal_pwd'
791 AND ad3.audit_master_id = ad2.audit_master_id
792 JOIN audit_details ad4
793 ON ad4.table_name = 'patient_data'
794 AND ad4.field_name = 'fname'
795 AND ad4.audit_master_id = ad2.audit_master_id
796 JOIN audit_details ad5
797 ON ad5.table_name = 'patient_data'
798 AND ad5.field_name = 'mname'
799 AND ad5.audit_master_id = ad2.audit_master_id
800 JOIN audit_details ad6
801 ON ad6.table_name = 'patient_data'
802 AND ad6.field_name = 'lname'
803 AND ad6.audit_master_id = ad2.audit_master_id
804 JOIN audit_master am2
805 ON am2.id = ad3.audit_master_id
806 AND am2.type = 1
807 WHERE am.id = ?",array($audid));
808 if($status['approval_status'] == '2'){
809 $result = UserService::update_audited_data(array($data[0],'audit_master_id' => $audid));
810 UserService::update_audit_master(array($data[0],'audit_master_id' => $audid,'approval_status' => '2'));
811 $pid = sqlQuery("SELECT pid FROM patient_access_offsite WHERE portal_username=?",array($status['uname']));
812 $qry = "UPDATE documents_legal_detail SET dld_pid=?,dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
813 sqlStatement($qry,array($pid['pid'],$data[1][0],$data[1][1],$result['dld_id']));
814 }else{
815 return "Please approve the patient ".$status['name'].", for approving the selected document";
816 }
817 }else{
818 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
819 sqlStatement($qry,$data[1]);
820 }
821 }
822 else{
823 throw new SoapFault("Server", "credentials failed");
824 }
825 }
826
827 //Marking PDF documets as signed
828
829 public function update_dld_signed($data){
830 if($this->valid($data[0])){
831 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
832 sqlStatement($qry,$data[1]);
833 }
834 else{
835 throw new SoapFault("Server", "credentials failed");
836 }
837 }
838
839 //Marking PDF documets for audit.
840
841 public function update_dld_pending($data){
842 if($this->valid($data[0])){
843 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
844 sqlStatement($qry,$data[1]);
845 }
846 else{
847 throw new SoapFault("Server", "credentials failed");
848 }
849 }
850
851
852
853 public function insert_dld($data){
854 global $pid,$auditmasterid;
855 if(UserService::valid($data[0])=='existingpatient' || UserService::valid($data[0])=='newpatient'){
856 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
857 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
858 }
859 elseif(UserService::valid($data[0])=='newpatienttoapprove'){
860 $param=array($data[0],'audit_master_id_to_delete'=>"",'pid'=>"$pid",'approval_status'=>'1',
861 'type'=>'3','ip_address'=>'',
862 'table_name_array'=>array('documents_legal_detail','patient_access_offsite'),
863 'field_name_value_array'=>array(array('dld_pid'=>"$pid",'dld_signed'=>$data[2],'dld_filepath'=>$data[3],'dld_master_docid'=>$data[4],'dld_filename'=>$data[5],'dld_encounter'=>$data[6],'dld_file_for_pdf_generation'=>$data[7]),
864 array('pid'=>"$pid",'portal_username'=>$data[0][6])),
865 'entry_identification_array'=>array(1,1),
866 );
867 UserService::insert_to_be_audit_data($param);
868 }
869 else{
870 throw new SoapFault("Server", "credentials failed");
871 }
872 }
873
874
875 //Inserting the entries for Master PDF documents uploaded
876
877 public function insert_dlm($data){
878 if($this->valid($data[0])=='oemruser'){
879 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
880 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
881 }
882 else{
883 throw new SoapFault("Server", "credentials failed");
884 }
885 }
886
887
888 //REceive an array of Select cases from portal execute it and return
889 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
890
891 public function batch_select($data){
892 if($this->valid($data[0])){
893 $batch = $data[1];
894 foreach($batch as $key=>$value)
895 {
896 $batchkey=$value['batchkey'];
897 $case=$value['case'];
898 $param=$value['param'];
899 $arrproc[] = $case;
900 $arrproc[] = $param;
901 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
902 $arrproc=null;
903 }
904 return $return_array;
905 }
906 else{
907 throw new SoapFault("Server", "credentials failed");
908 }
909 }
910
911
912 //Receive a batch of function calls from portal and execute it through batch despatch Function
913 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
914
915 public function batch_function($data){
916 if($this->valid($data[0])){
917 $batch = $data[1];
918 foreach($batch as $key=>$value)
919 {
920 $batchkey=$value['batchkey'];
921 $function=$value['funcname'];
922 $param=$value['param'];
923 $param[]=$data[0];
924 $res=call_user_func_array("UserService::$function",$param);
925 $return_array[$batchkey]=$res;
926 }
927 return $return_array;
928 }
929 else{
930 throw new SoapFault("Server", "credentials failed");
931 }
932 }
933
934 //Execute a batch of functions received from portal. But this function is limited to
935 // the functions written in the myportal module.
936
937 public function multiplecall($data){
938 $batch = $data[1];
939 foreach($batch as $key=>$value)
940 {
941 $batchkey=$value['batchkey'];
942 $function=$value['funcname'];
943 $param=$value['param'];
944 if(is_array($param))
945 array_unshift($param,$data[0]);
946 else
947 $param[]=$data[0];
948 $res= UserService::$function($param);
949 $return_array[$batchkey]=$res;
950 }
951 return $return_array;
952 }
953
954
955
956
957 public function getversion($data){
958 global $v_offsite_portal;
959 return $v_offsite_portal;
960 }
961
962
963 public function loginchecking($data){
964 if($this->valid($data[0])=='existingpatient' || $this->valid($data[0])=='newpatient'){
965 $res = sqlStatement("SELECT portal_pwd_status, 'yes' AS patient_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
966 return $this->resourcetoxml($res);
967 }elseif($this->valid($data[0])=='newpatienttoapprove'){
968 $res = sqlStatement("
969 SELECT
970 COUNT(*) AS portal_pwd_status,
971 'no' AS patient_status
972 FROM
973 audit_master am
974 JOIN audit_details ad
975 ON ad.audit_master_id = am.id
976 AND ad.table_name = 'patient_access_offsite'
977 AND ad.field_name = 'portal_username'
978 JOIN audit_details ad2
979 ON ad2.audit_master_id = am.id
980 AND ad2.table_name = 'patient_access_offsite'
981 AND ad2.field_name = 'portal_pwd'
982 WHERE am.approval_status = 1
983 AND ad.field_value = ?
984 AND ad2.field_value = ?;
985 ",$data[1]);
986 return $this->resourcetoxml($res);
987 }
988 return false;
989 }
990
991 //Execute a query and return its results.
992
993 public function selectquery($data){
994 //global $pid;
995 $sql_result_set='';
996 $utype = $this->valid($data[0]);
997 if($utype){
998 $newobj = factoryclass::dynamic_class_factory($utype);
999 $sql_result_setarr = $newobj->query_formation($data[1]);
1000 if(!empty($sql_result_setarr[1]) && $sql_result_setarr[1] == 'result'){
1001 return $this->resourcetoxml2($sql_result_setarr[0]);
1002 }
1003 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
1004 return $this->resourcetoxml($sql_result_set);
1005 }
1006 }
1007
1008 //Return an SQL resultset as an XML
1009
1010
1011 public function resourcetoxml($sql_result_set){
1012 $doc = new DOMDocument();
1013 $doc->formatOutput = true;
1014
1015 $root = $doc->createElement( "root" );
1016 $doc->appendChild( $root );
1017 while($row = sqlFetchArray($sql_result_set))
1018 {
1019 $level = $doc->createElement( "level" );
1020 $root->appendChild( $level );
1021 foreach($row as $key=>$value){
1022 $element = $doc->createElement( "$key" );
1023 $element->appendChild(
1024 $doc->createTextNode( $value )
1025 );
1026 $level->appendChild( $element );
1027 }
1028 }
1029 return $doc->saveXML();
1030 }
1031
1032 public function resourcetoxml2($row){
1033 $doc = new DOMDocument();
1034 $doc->formatOutput = true;
1035 $root = $doc->createElement( "root" );
1036 $doc->appendChild( $root );
1037 $level = $doc->createElement( "level" );
1038 $root->appendChild( $level );
1039 foreach($row as $key=>$value){
1040 $element = $doc->createElement( "$key" );
1041 $element->appendChild(
1042 $doc->createTextNode( $value )
1043 );
1044 $level->appendChild( $element );
1045 }
1046 return $doc->saveXML();
1047 }
1048
1049 //Writing facility payment configuration to table
1050 public function save_payment_configuration($var){
1051 $data_credentials=$var[0];
1052 if(UserService::valid($data_credentials))
1053 {
1054 if($var['service'] == 'paypal'){
1055 if($var['paypal'] != ''){
1056 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
1057 sqlStatement($update_sql,array($var['login_id']));
1058 }else{
1059 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
1060 sqlStatement($save_sql,array($var['service'],$var['login_id']));
1061 }
1062 }elseif($var['service'] == 'authorize_net'){
1063 if($var['authorize_net'] != ''){
1064 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
1065 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
1066 }else{
1067 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
1068 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
1069 }
1070 }
1071 }
1072 else
1073 {
1074 throw new SoapFault("Server", "credentials failed");
1075 }
1076 }
1077
1078 //Writing patient's authorizenet profile id to table
1079 public function insert_authorizenet_details($var){
1080 global $pid;
1081 $data_credentials=$var[0];
1082 if(UserService::valid($data_credentials))
1083 {
1084 $authorizenetid=$var['authorizenetid'];
1085 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
1086 sqlInsert($query,array($authorizenetid,$pid));
1087 }
1088 else
1089 {
1090 throw new SoapFault("Server", "credentials failed");
1091 }
1092 }
1093
1094 public function valid($credentials){
1095 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
1096 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
1097 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
1098 global $pid;
1099 $ok=0;
1100 $okE=0;
1101 $okN=0;
1102 $okO=0;
1103 $okP=0;
1104 $tim = strtotime(gmdate("Y-m-d H:m"));
1105 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
1106 if(sqlNumRows($res)){
1107 if($GLOBALS['validated_offsite_portal'] !=true){
1108 return false;
1109 }
1110 }
1111 else{
1112 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
1113 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
1114 }
1115 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
1116 $ok =1;
1117 }
1118 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
1119 $ok =1;
1120 }
1121 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+3600)).$credentials[3])==$credentials[2]){
1122 $ok =1;
1123 }
1124 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||$GLOBALS['validated_offsite_portal']==true){
1125 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1126 if($credentials[4] == 'existingpatient'){
1127 if(UserService::validcredential($credentials) === 2){
1128 $okE = 2;
1129 }
1130 elseif(UserService::validcredential($credentials) == true){
1131 $okE = 1;
1132 }
1133 else{
1134 return false;
1135 }
1136 }
1137 elseif($credentials[4] == 'oemruser'){
1138 if($credentials[9])
1139 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
1140 $okO = 1;
1141 }
1142 elseif($credentials[4] == 'newpatient'){
1143 if(UserService::validcredential($credentials) === 2){
1144 $okN = 3;
1145 }
1146 elseif(UserService::validcredential($credentials)){
1147 $okN = 2;
1148 }
1149 else{
1150 $okN = 1;
1151 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
1152 }
1153 }
1154 if($okE==1 || $okN == 2 || $okN == 1 || $okO == 1){
1155 $pid = $prow['pid'];
1156 $GLOBALS['pid'] = $prow['pid'];
1157 }elseif($okE == 2 || $okN == 3){
1158 $arow = sqlQuery("
1159 SELECT
1160 ad.audit_master_id
1161 FROM
1162 audit_details ad
1163 JOIN audit_details ad2
1164 ON ad2.audit_master_id = ad.audit_master_id
1165 AND ad2.table_name = 'patient_access_offsite'
1166 AND ad2.field_name = 'portal_pwd'
1167 WHERE ad.table_name = 'patient_access_offsite'
1168 AND ad.field_name = 'portal_username'
1169 AND ad.field_value = ?
1170 ",array($credentials[6]));
1171 $auditmasterid = $arow['audit_master_id'];
1172 $GLOBALS['auditmasterid'] = $arow['audit_master_id'];
1173 $pid = 0;
1174 $GLOBALS['pid'] = 0;
1175 }
1176 $_GET['site'] = $credentials[0];
1177 if($okE){
1178 if($okE == 1){
1179 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
1180 }elseif($okE == 2){
1181 $portal = sqlQuery("
1182 SELECT
1183 IF(COUNT(*),'yes','no') AS allow_patient_portal
1184 FROM
1185 audit_master am
1186 JOIN audit_details ad
1187 ON ad.audit_master_id = am.id
1188 AND ad.table_name = 'patient_access_offsite'
1189 AND ad.field_name = 'portal_username'
1190 WHERE am.approval_status = 1
1191 AND ad.field_value = ?
1192 ",array($credentials[6]));
1193 }
1194 if(strtolower($portal['allow_patient_portal'])!='yes')
1195 return false;
1196 }
1197 $GLOBALS['validated_offsite_portal'] = true;
1198 if($okO){
1199 return 'oemruser';
1200 }
1201 elseif($okE == 1){
1202 return 'existingpatient';
1203 }
1204 elseif($okE == 2){
1205 return 'newpatienttoapprove';
1206 }
1207 elseif($okN == 1 || $okN == 2){
1208 return 'newpatient';
1209 }
1210 elseif($okN == 3){
1211 return 'newpatienttoapprove';
1212 }
1213 return false;
1214 }
1215 else{
1216 return false;
1217 }
1218 }
1219
1220
1221
1222
1223 public function validcredential($credentials){
1224 $tim = strtotime(gmdate("Y-m-d H:m"));
1225 if($credentials[6]){
1226 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1227 $newpatient_to_approve = 0;
1228 if(!$prow['portal_pwd']){
1229 $newpatient_to_approve = 1;
1230 $prow = sqlQuery("
1231 SELECT
1232 ad2.field_value AS portal_pwd
1233 FROM
1234 audit_master am
1235 JOIN audit_details ad
1236 ON ad.audit_master_id = am.id
1237 AND ad.table_name = 'patient_access_offsite'
1238 AND ad.field_name = 'portal_username'
1239 JOIN audit_details ad2
1240 ON ad2.audit_master_id = am.id
1241 AND ad2.table_name = 'patient_access_offsite'
1242 AND ad2.field_name = 'portal_pwd'
1243 WHERE am.approval_status = 1
1244 AND ad.field_value = ?
1245 ",array($credentials[6]));
1246 }
1247 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
1248 if($newpatient_to_approve){
1249 return 2;
1250 }else{
1251 return true;
1252 }
1253 }
1254 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
1255 if($newpatient_to_approve){
1256 return 2;
1257 }else{
1258 return true;
1259 }
1260 }
1261 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+3600)).$credentials[8])==$credentials[7]){
1262 if($newpatient_to_approve){
1263 return 2;
1264 }else{
1265 return true;
1266 }
1267 }
1268 }
1269 return false;
1270 }
1271
1272
1273 //for checking the connection
1274
1275
1276
1277 public function check_connection($data){
1278 if($this->valid($data[0])){
1279 return 'ok';
1280 }
1281 else{
1282 return 'notok';
1283 }
1284 }
1285 }
1286 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
1287 $server->setClass('UserService');
1288 $server->setPersistence(SOAP_PERSISTENCE_SESSION);
1289 $server->handle();
1290 ?>
Mirror of official OpenEMR Sourceforge repository