2 // Copyright (C) 2010 Rod Roark <rod@sunsetsystems.com>
3 // Some code was adapted from patient_select.php.
5 // This program is free software; you can redistribute it and/or
6 // modify it under the terms of the GNU General Public License
7 // as published by the Free Software Foundation; either version 2
8 // of the License, or (at your option) any later version.
10 //SANITIZE ALL ESCAPES
11 $sanitize_all_escapes=true;
14 //STOP FAKE REGISTER GLOBALS
15 $fake_register_globals=false;
18 require_once("../globals.php");
19 require_once("$srcdir/patient.inc");
20 require_once("$srcdir/formdata.inc.php");
22 $fstart = $_REQUEST['fstart'] +
0;
24 $searchcolor = empty($GLOBALS['layout_search_color']) ?
25 '#ffff55' : $GLOBALS['layout_search_color'];
29 <?php
html_header_show();?
>
31 <link rel
=stylesheet href
="<?php echo $css_header;?>" type
="text/css">
41 background
-color
: #ddddff;
45 #searchResultsHeader {
47 background
-color
: lightgrey
;
49 #searchResultsHeader table {
50 width
: 96%
; /* not 100% because the 'searchResults' table has a scrollbar */
51 border
-collapse
: collapse
;
53 #searchResultsHeader th {
62 .srName
{ width
: 12%
; }
63 .srPhone
{ width
: 11%
; }
67 .srMisc
{ width
: 10%
; }
69 #searchResults table {
71 border
-collapse
: collapse
;
72 background
-color
: white
;
80 border
-bottom
: 1px solid
#eee;
85 background
-color
: <?php
echo htmlspecialchars( $searchcolor, ENT_QUOTES
); ?
>;
92 background
-color
: #336699;
97 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery-1.2.2.min.js"></script
>
99 <script language
="JavaScript">
101 // This is called when forward or backward paging is done.
103 function submitList(offset
) {
104 var f
= document
.forms
[0];
105 var i
= parseInt(f
.fstart
.value
) + offset
;
114 <body
class="body_top">
116 <form method
='post' action
='new_search_popup.php' name
='theform'>
117 <input type
='hidden' name
='fstart' value
='<?php echo htmlspecialchars( $fstart, ENT_QUOTES); ?>' />
120 $MAXSHOW = 100; // maximum number of results to display at once
122 // Construct query and save search parameters as form fields.
123 // An interesting requirement is to sort on the number of matching fields.
128 // array to hold the sql parameters for binding
129 // Note in this special situation, there are two:
130 // 1. For the main sql statement - $sqlBindArray
131 // 2. For the _set_patient_inc_count function - $sqlBindArraySpecial
132 // (this only holds $where and not $relevance binded values)
133 $sqlBindArray = array();
134 $sqlBindArraySpecial = array();
137 foreach ($_REQUEST as $key => $value) {
138 if (substr($key, 0, 3) != 'mf_') continue; // "match field"
139 $fldname = substr($key, 3);
140 // pubpid requires special treatment. Match on that is fatal.
141 if ($fldname == 'pubpid') {
142 $relevance .= " + 1000 * ( ".add_escape_custom($fldname)." LIKE ? )";
143 array_push($sqlBindArray, $value);
146 $relevance .= " + ( ".add_escape_custom($fldname)." LIKE ? )";
147 array_push($sqlBindArray, $value);
149 $where .= " OR ".add_escape_custom($fldname)." LIKE ?";
150 array_push($sqlBindArraySpecial, $value);
151 echo "<input type='hidden' name='".htmlspecialchars( $key, ENT_QUOTES
)."' value='".htmlspecialchars( $value, ENT_QUOTES
)."' />\n";
155 $sql = "SELECT *, ( $relevance ) AS relevance, " .
156 "DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS " .
157 "FROM patient_data WHERE $where " .
158 "ORDER BY relevance DESC, lname, fname, mname " .
159 "LIMIT ".add_escape_custom($fstart).", ".add_escape_custom($MAXSHOW)."";
161 $sqlBindArray = array_merge($sqlBindArray, $sqlBindArraySpecial);
162 $rez = sqlStatement($sql, $sqlBindArray);
164 while ($row = sqlFetchArray($rez)) $result[] = $row;
165 _set_patient_inc_count($MAXSHOW, count($result), $where, $sqlBindArraySpecial);
170 <table border
='0' cellpadding
='5' cellspacing
='0' width
='100%'>
175 <td
class='text' align
='center'>
176 <?php
if ($message) echo "<font color='red'><b>".htmlspecialchars( $message, ENT_NOQUOTES
)."</b></font>\n"; ?
>
178 <td
class='text' align
='right'>
180 // Show start and end row number, and number of rows, with paging links.
181 $count = $GLOBALS['PATIENT_INC_COUNT'];
182 $fend = $fstart +
$MAXSHOW;
183 if ($fend > $count) $fend = $count;
185 <?php
if ($fstart) { ?
>
186 <a href
="javascript:submitList(-<?php echo $MAXSHOW ?>)">
191 <?php
echo ($fstart +
1) . htmlspecialchars( " - $fend of $count", ENT_NOQUOTES
) ?
>
192 <?php
if ($count > $fend) { ?
>
194 <a href
="javascript:submitList(<?php echo $MAXSHOW ?>)">
202 <div id
="searchResultsHeader">
205 <th
class="srID" ><?php
echo htmlspecialchars( xl('Hits'), ENT_NOQUOTES
);?
></th
>
206 <th
class="srName" ><?php
echo htmlspecialchars( xl('Name'), ENT_NOQUOTES
);?
></th
>
208 // This gets address plus other fields that are mandatory, up to a limit of 5.
209 $extracols = array();
210 $tres = sqlStatement("SELECT field_id, title FROM layout_options " .
211 "WHERE form_id = 'DEM' AND field_id != '' AND " .
212 "( uor > 1 OR uor > 0 AND edit_options LIKE '%D%' ) AND " .
213 "field_id NOT LIKE 'title' AND " .
214 "field_id NOT LIKE '_name' " .
215 "ORDER BY group_name, seq, title LIMIT 9");
217 while ($trow = sqlFetchArray($tres)) {
218 $extracols[$trow['field_id']] = $trow['title'];
219 echo "<th class='srMisc'>" . htmlspecialchars( xl_layout_label($trow['title']), ENT_NOQUOTES
) . "</th>\n";
227 <div id
="searchResults">
232 $pubpid_matched = false;
234 foreach ($result as $iter) {
235 $relevance = $iter['relevance'];
236 if ($relevance > 999) {
238 $pubpid_matched = true;
240 echo "<tr id='" . htmlspecialchars( $iter['pid'], ENT_QUOTES
) . "' class='oneresult";
241 // Highlight entries where all fields matched.
242 echo $numfields <= $iter['relevance'] ?
" topresult" : "";
244 echo "<td class='srID'>".htmlspecialchars( $relevance, ENT_NOQUOTES
)."</td>\n";
245 echo "<td class='srName'>" . htmlspecialchars( $iter['lname'] . ", " . $iter['fname'], ENT_NOQUOTES
) . "</td>\n";
246 foreach ($extracols as $field_id => $title) {
247 echo "<td class='srMisc'>" . htmlspecialchars( $iter[$field_id], ENT_NOQUOTES
) . "</td>\n";
253 </div
> <!-- end searchResults DIV
-->
256 <?php
if ($pubpid_matched) { ?
>
257 <input type
='button' value
='<?php echo htmlspecialchars( xl('Cancel
'), ENT_QUOTES); ?>'
258 onclick
='window.close();' />
260 <input type
='button' value
='<?php echo htmlspecialchars( xl('Confirm Create
New Patient
'), ENT_QUOTES); ?>'
261 onclick
='opener.top.restoreSession();opener.document.forms[0].submit();window.close();' />
265 <script language
="javascript">
267 // jQuery stuff to make the page a little easier to use
269 $
(document
).ready(function() {
270 $
(".oneresult").mouseover(function() { $
(this
).addClass("highlight"); });
271 $
(".oneresult").mouseout(function() { $
(this
).removeClass("highlight"); });
272 $
(".oneresult").click(function() { SelectPatient(this
); });
275 var SelectPatient
= function (eObj
) {
277 // For the old layout we load a frameset that also sets up the new pid.
278 // The new layout loads just the demographics frame here, which in turn
279 // will set the pid and load all the other frames.
280 if ($GLOBALS['concurrent_layout']) {
281 $newPage = "../patient_file/summary/demographics.php?set_pid=";
282 $target = "document";
285 $newPage = "../patient_file/patient_file.php?set_pid=";
290 var parts
= objID
.split("~");
291 opener
.<?php
echo $target; ?
>.location
.href
= '<?php echo $newPage; ?>' + parts
[0];
296 var f
= opener
.document
.forms
[0];
297 <?php
if ($pubpid_matched) { ?
>
298 alert('<?php echo htmlspecialchars( xl('A patient with this ID already exists
.'), ENT_QUOTES); ?>')
300 opener
.force_submit
= true;
301 f
.create
.value
= '<?php echo htmlspecialchars( xl('Confirm Create
New Patient
'), ENT_QUOTES); ?>';
304 <?php
if (!count($result)) { ?
>
305 $
("<td><?php echo htmlspecialchars( xl('No matches were found.'), ENT_QUOTES); ?></td>").appendTo("#searchResults tr");
