2 // Copyright (C) 2010 OpenEMR Support LLC
3 // This program is free software; you can redistribute it and/or
4 // modify it under the terms of the GNU General Public License
5 // as published by the Free Software Foundation; either version 2
6 // of the License, or (at your option) any later version.
9 $sanitize_all_escapes=true;
12 //STOP FAKE REGISTER GLOBALS
13 $fake_register_globals=false;
16 require_once("../../globals.php");
17 require_once("$srcdir/pnotes.inc");
18 require_once("$srcdir/patient.inc");
19 require_once("$srcdir/acl.inc");
20 require_once("$srcdir/log.inc");
21 require_once("$srcdir/options.inc.php");
22 require_once("$srcdir/formdata.inc.php");
23 require_once("$srcdir/classes/Document.class.php");
24 require_once("$srcdir/gprelations.inc.php");
25 require_once("$srcdir/formatting.inc.php");
30 <?php
html_header_show();?
>
31 <link rel
="stylesheet" href
="<?php echo $css_header;?>" type
="text/css">
32 <script type
="text/javascript" src
="../../../library/dialog.js"></script
>
33 <script type
="text/javascript" src
="../../../library/textformat.js"></script
>
34 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot']; ?>/library/js/jquery.js"></script
>
37 <body
class="body_top">
39 <span
class="title"><?php
echo xlt('Message and Reminder Center'); ?
></span
>
41 <span
class="title"><?php
echo xlt('Reminders'); ?
></span
>
45 // TajEmo Work by CB 2012/01/11 02:51:25 PM adding dated reminders
46 // I am asuming that at this point security checks have been performed
47 require_once '../dated_reminders/dated_reminders.php';
49 // Check to see if the user has Admin rights, and if so, allow access to See All.
50 $showall = isset($_GET['show_all']) ?
$_GET['show_all'] : "" ;
51 if ($showall == "yes") {
58 if (acl_check('admin', 'super' )) {
59 if ($show_all=='yes') {
61 $lnkvar="'messages.php?show_all=no' name='Just Mine' onclick=\"top.restoreSession()\"> (".htmlspecialchars( xl('Just Mine'), ENT_NOQUOTES
).")";
65 $lnkvar="'messages.php?show_all=yes' name='See All' onclick=\"top.restoreSession()\"> (".htmlspecialchars( xl('See All'), ENT_NOQUOTES
).")";
69 <table
><tr
><td
><span
class="title"><?php
echo htmlspecialchars( xl('Messages'), ENT_NOQUOTES
); ?
></span
> <a
class='more' href
=<?php
echo $lnkvar; ?
></a
></td
></tr
></table
><br
>
71 //collect the task setting
72 $task= isset($_REQUEST['task']) ?
$_REQUEST['task'] : "";
77 // Add a new message for a specific patient; the message is documented in Patient Notes.
78 // Add a new message; it's treated as a new note in Patient Notes.
79 $note = $_POST['note'];
80 $noteid = $_POST['noteid'];
81 $form_note_type = $_POST['form_note_type'];
82 $assigned_to = $_POST['assigned_to'];
83 $form_message_status = $_POST['form_message_status'];
84 $reply_to = $_POST['reply_to'];
85 $assigned_to_list = explode(';',$assigned_to);
86 foreach($assigned_to_list as $assigned_to){
87 if ($noteid && $assigned_to != '-patient-') {
88 updatePnote($noteid, $note, $form_note_type, $assigned_to, $form_message_status);
92 if($noteid && $assigned_to == '-patient-'){
93 $row = getPnoteById($noteid);
94 if (! $row) die("getPnoteById() did not find id '$noteid'");
95 $pres = sqlQuery("SELECT lname, fname " .
96 "FROM patient_data WHERE pid = ?", array($reply_to) );
97 $patientname = $pres['lname'] . ", " . $pres['fname'];
98 $note .= "\n\n$patientname on ".$row['date']." wrote:\n\n";
99 $note .= $row['body'];
101 addPnote($reply_to, $note, $userauthorized, '1', $form_note_type, $assigned_to, '', $form_message_status);
107 $noteid = $_POST['noteid'];
108 $form_message_status = $_POST['form_message_status'];
109 updatePnoteMessageStatus($noteid,$form_message_status);
111 $note = $_POST['note'];
112 $title = $_POST['form_note_type'];
113 $assigned_to = $_POST['assigned_to'];
114 $reply_to = $_POST['reply_to'];
118 $noteid = $_GET['noteid'];
120 // Update the message if it already exists; it's appended to an existing note in Patient Notes.
121 $result = getPnoteById($noteid);
124 $title = $result['title'];
126 if ($assigned_to == ""){
127 $assigned_to = $result['assigned_to'];
129 $body = $result['body'];
130 if ($reply_to == ""){
131 $reply_to = $result['pid'];
133 $form_message_status = $result['message_status'];
137 // Delete selected message(s) from the Messages box (only).
138 $delete_id = $_POST['delete_id'];
139 for($i = 0; $i < count($delete_id); $i++
) {
140 deletePnote($delete_id[$i]);
141 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "pnotes: id ".$delete_id[$i]);
146 if($task == "addnew" or $task == "edit") {
147 // Display the Messages page layout.
149 <form name=new_note id=new_note action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin\" method=post>
150 <input type=hidden name=noteid id=noteid value=".htmlspecialchars( $noteid, ENT_QUOTES
).">
151 <input type=hidden name=task id=task value=add>";
153 <div id
="pnotes"><center
>
154 <table border
='0' cellspacing
='8'>
156 <td
class='text' align
='center'>
157 <b
><?php
echo htmlspecialchars( xl('Type'), ENT_NOQUOTES
); ?
>:</b
>
160 $title = "Unassigned";
162 // Added 6/2009 by BM to incorporate the patient notes into the list_options listings.
163 generate_form_field(array('data_type'=>1,'field_id'=>'note_type','list_id'=>'note_type','empty_title'=>'SKIP','order_by'=>'title'), $title);
166 <b
><?php
echo htmlspecialchars( xl('To'), ENT_QUOTES
); ?
>:</b
>
167 <input type
='textbox' name
='assigned_to_text' id
='assigned_to_text' size
='50' readonly
='readonly' value
='<?php echo htmlspecialchars(xl("Select Users From The Dropdown List"), ENT_QUOTES)?>' >
168 <input type
='hidden' name
='assigned_to' id
='assigned_to' >
169 <select name
='users' id
='users' onchange
='addtolist(this);' >
172 echo "<option value='" . htmlspecialchars( '--', ENT_QUOTES
) . "'";
173 echo ">" . htmlspecialchars( xl('Select User'), ENT_NOQUOTES
);
175 $ures = sqlStatement("SELECT username, fname, lname FROM users " .
176 "WHERE username != '' AND active = 1 AND " .
177 "( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
178 "ORDER BY lname, fname");
179 while ($urow = sqlFetchArray($ures)) {
180 echo " <option value='" . htmlspecialchars( $urow['username'], ENT_QUOTES
) . "'";
181 if ($urow['username'] == $assigned_to) echo " selected";
182 echo ">" . htmlspecialchars( $urow['lname'], ENT_NOQUOTES
);
183 if ($urow['fname']) echo ", " . htmlspecialchars( $urow['fname'], ENT_NOQUOTES
);
186 echo "<option value='" . htmlspecialchars( '-patient-', ENT_QUOTES
) . "'";
187 if ($assigned_to == '-patient-') echo " selected";
188 echo ">" . htmlspecialchars( '-Patient-', ENT_NOQUOTES
);
195 <td
class='text' align
='center'>
196 <b
class='<?php echo ($task=="addnew"?"required":"") ?>'><?php
echo htmlspecialchars( xl('Patient'), ENT_NOQUOTES
); ?
>:</b
><?php
198 $prow = sqlQuery("SELECT lname, fname " .
199 "FROM patient_data WHERE pid = ?", array($reply_to) );
200 $patientname = $prow['lname'] . ", " . $prow['fname'];
202 if ($patientname == "") {
203 $patientname = xl('Click to select');
205 <input type
='text' size
='10' name
='form_patient' style
='width:150px;<?php echo ($task=="addnew"?"cursor:pointer;cursor:hand;":"") ?>' value
='<?php echo htmlspecialchars($patientname, ENT_QUOTES); ?>' <?php
echo ($task=="addnew"?
"onclick='sel_patient()' readonly":"disabled") ?
> title
='<?php echo ($task=="addnew"?(htmlspecialchars( xl('Click to select patient
'), ENT_QUOTES)):"") ?>' />
206 <input type
='hidden' name
='reply_to' id
='reply_to' value
='<?php echo htmlspecialchars( $reply_to, ENT_QUOTES) ?>' />
208 <b
><?php
echo htmlspecialchars( xl('Status'), ENT_NOQUOTES
); ?
>:</b
>
210 if ($form_message_status == "") {
211 $form_message_status = 'New';
213 generate_form_field(array('data_type'=>1,'field_id'=>'message_status','list_id'=>'message_status','empty_title'=>'SKIP','order_by'=>'title'), $form_message_status); ?
>
222 $body = preg_replace('/(:\d{2}\s\()'.$result['pid'].'(\sto\s)/','${1}'.$patientname.'${2}',$body);
223 $body = nl2br(htmlspecialchars( $body, ENT_NOQUOTES
));
224 echo "<div class='text' style='background-color:white; color: gray; border:1px solid #999; padding: 5px; width: 640px;'>".$body."</div>";
228 <textarea name
='note' id
='note' rows
='8' style
="width: 660px; "><?php
echo htmlspecialchars( $note, ENT_NOQUOTES
) ?
></textarea
>
233 <?php
if ($noteid) { ?
>
234 <!-- This is
for displaying an existing note
. -->
235 <input type
="button" id
="newnote" value
="<?php echo htmlspecialchars( xl('Send message'), ENT_QUOTES); ?>">
236 <input type
="button" id
="printnote" value
="<?php echo htmlspecialchars( xl('Print message'), ENT_QUOTES); ?>">
237 <input type
="button" id
="cancel" value
="<?php echo htmlspecialchars( xl('Cancel'), ENT_QUOTES); ?>">
239 <!-- This is
for displaying a
new note
. -->
240 <input type
="button" id
="newnote" value
="<?php echo htmlspecialchars( xl('Send message'), ENT_QUOTES); ?>">
241 <input type
="button" id
="cancel" value
="<?php echo htmlspecialchars( xl('Cancel'), ENT_QUOTES); ?>">
245 </form
></center
></div
>
246 <script language
="javascript">
248 // jQuery stuff to make the page a little easier to use
250 $
(document
).ready(function(){
251 $
("#newnote").click(function() { NewNote(); });
252 $
("#printnote").click(function() { PrintNote(); });
253 obj
= document
.getElementById("form_message_status");
254 obj
.onchange
= function(){SaveNote();};
255 $
("#cancel").click(function() { CancelNote(); });
258 var NewNote
= function () {
259 top
.restoreSession();
260 if (document
.forms
[0].reply_to
.value
.length
== 0) {
261 alert('<?php echo htmlspecialchars( xl('Please choose a patient
'), ENT_QUOTES); ?>');
263 else if (document
.forms
[0].assigned_to
.value
.length
== 0) {
264 alert('<?php echo addslashes(xl('Recipient
List Is
Empty')); ?>');
268 $
("#new_note").submit();
272 var PrintNote
= function () {
273 top
.restoreSession();
274 window
.open('../../patient_file/summary/pnotes_print.php?noteid=<?php echo htmlspecialchars( $noteid, ENT_QUOTES); ?>', '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
277 var SaveNote
= function () {
278 <?php
if ($noteid) { ?
>
279 top
.restoreSession();
280 $
("#task").val("save");
281 $
("#new_note").submit();
285 var CancelNote
= function () {
286 top
.restoreSession();
288 $
("#new_note").submit();
291 // This is for callback by the find-patient popup.
292 function setpatient(pid
, lname
, fname
, dob
) {
293 var f
= document
.forms
[0];
294 f
.form_patient
.value
= lname +
', ' + fname
;
295 f
.reply_to
.value
= pid
;
298 // This invokes the find-patient popup.
299 function sel_patient() {
300 dlgopen('../../main/calendar/find_patient_popup.php', '_blank', 500, 400);
303 function addtolist(sel
){
304 var itemtext
= document
.getElementById('assigned_to_text');
305 var item
= document
.getElementById('assigned_to');
306 if(sel
.value
!= '--'){
308 if(item
.value
.indexOf(sel
.value
) == -1){
309 itemtext
.value
= itemtext
.value +
' ; '+ sel
.options
[sel
.selectedIndex
].text
;
310 item
.value
= item
.value +
';'+ sel
.value
;
313 itemtext
.value
= sel
.options
[sel
.selectedIndex
].text
;
314 item
.value
= sel
.value
;
323 // This is for sorting the records.
324 $sort = array("users.lname", "patient_data.lname", "pnotes.title", "pnotes.date", "pnotes.message_status");
325 $sortby = (isset($_REQUEST['sortby']) && ($_REQUEST['sortby']!="")) ?
$_REQUEST['sortby'] : $sort[0];
326 $sortorder = (isset($_REQUEST['sortorder']) && ($_REQUEST['sortorder']!="")) ?
$_REQUEST['sortorder'] : "asc";
327 $begin = isset($_REQUEST['begin']) ?
$_REQUEST['begin'] : 0;
329 for($i = 0; $i < count($sort); $i++
) {
330 $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sort[$i]&sortorder=asc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortdown.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Up'), ENT_QUOTES
)."\"></a>";
332 for($i = 0; $i < count($sort); $i++
) {
333 if($sortby == $sort[$i]) {
335 case "asc" : $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=desc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortup.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Up'), ENT_QUOTES
)."\"></a>"; break;
336 case "desc" : $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=asc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortdown.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Down'), ENT_QUOTES
)."\"></a>"; break;
340 // Manage page numbering and display beneath the Messages table.
343 if ($show_all == 'yes' ) {
346 $usrvar=$_SESSION['authUser'] ;
349 $sql = "SELECT pnotes.id, pnotes.user, pnotes.pid, pnotes.title, pnotes.date, pnotes.message_status,
350 IF(pnotes.user != pnotes.pid,users.fname,patient_data.fname), IF(pnotes.user != pnotes.pid,users.lname,patient_data.lname), patient_data.fname,
351 patient_data.lname FROM ((pnotes LEFT JOIN users ON pnotes.user = users.username)
352 JOIN patient_data ON pnotes.pid = patient_data.pid) WHERE pnotes.message_status != 'Done'
353 AND pnotes.deleted != '1' AND pnotes.assigned_to LIKE ?";
354 $result = sqlStatement($sql, array($usrvar) );
355 if(sqlNumRows($result) != 0) {
356 $total = sqlNumRows($result);
361 if($begin == "" or $begin == 0) {
364 $prev = $begin - $listnumber;
365 $next = $begin +
$listnumber;
367 $end = $listnumber +
$start - 1;
375 $prevlink = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=$sortorder&begin=$prev\" onclick=\"top.restoreSession()\"><<</a>";
382 $nextlink = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=$sortorder&begin=$next\" onclick=\"top.restoreSession()\">>></a>";
387 // Display the Messages table header.
389 <table width=100%><tr><td><table border=0 cellpadding=1 cellspacing=0 width=90% style=\"border-left: 1px #000000 solid; border-right: 1px #000000 solid; border-top: 1px #000000 solid;\">
390 <form name=wikiList action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin\" method=post>
391 <input type=hidden name=task value=delete>
392 <tr height=\"24\" style=\"background:lightgrey\">
393 <td align=\"center\" width=\"25\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><input type=checkbox id=\"checkAll\" onclick=\"selectAll()\"></td>
394 <td width=\"20%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold> <b>" .
395 htmlspecialchars( xl('From'), ENT_NOQUOTES
) . "</b> $sortlink[0]</td>
396 <td width=\"20%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold> <b>" .
397 htmlspecialchars( xl('Patient'), ENT_NOQUOTES
) . "</b> $sortlink[1]</td>
398 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold> <b>" .
399 htmlspecialchars( xl('Type'), ENT_NOQUOTES
) . "</b> $sortlink[2]</td>
400 <td width=\"15%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold> <b>" .
401 htmlspecialchars( xl('Date'), ENT_NOQUOTES
) . "</b> $sortlink[3]</td>
402 <td width=\"15%\" style=\"border-bottom: 1px #000000 solid; \" class=bold> <b>" .
403 htmlspecialchars( xl('Status'), ENT_NOQUOTES
) . "</b> $sortlink[4]</td>
405 // Display the Messages table body.
407 if ($show_all == 'yes' ) {
410 $usrvar=$_SESSION['authUser'] ;
413 $sql = "SELECT pnotes.id, pnotes.user, pnotes.pid, pnotes.title, pnotes.date, pnotes.message_status,
414 IF(pnotes.user != pnotes.pid,users.fname,patient_data.fname) as users_fname,
415 IF(pnotes.user != pnotes.pid,users.lname,patient_data.lname) as users_lname,
416 patient_data.fname as patient_data_fname, patient_data.lname as patient_data_lname
417 FROM ((pnotes LEFT JOIN users ON pnotes.user = users.username)
418 JOIN patient_data ON pnotes.pid = patient_data.pid) WHERE pnotes.message_status != 'Done'
419 AND pnotes.deleted != '1' AND pnotes.assigned_to LIKE ?".
420 " order by ".add_escape_custom($sortby)." ".add_escape_custom($sortorder).
421 " limit ".add_escape_custom($begin).", ".add_escape_custom($listnumber);
422 $result = sqlStatement($sql, array($usrvar) );
423 while ($myrow = sqlFetchArray($result)) {
424 $name = $myrow['user'];
425 $name = $myrow['users_lname'];
426 if ($myrow['users_fname']) {
427 $name .= ", " . $myrow['users_fname'];
429 $patient = $myrow['pid'];
430 $patient = $myrow['patient_data_lname'];
431 if ($myrow['patient_data_fname']) {
432 $patient .= ", " . $myrow['patient_data_fname'];
436 <tr id=\"row$count\" style=\"background:white\" height=\"24\">
437 <td align=\"center\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><input type=checkbox id=\"check$count\" name=\"delete_id[]\" value=\"" .
438 htmlspecialchars( $myrow['id'], ENT_QUOTES
) . "\" onclick=\"if(this.checked==true){ selectRow('row$count'); }else{ deselectRow('row$count'); }\"></td>
439 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
440 htmlspecialchars( $name, ENT_NOQUOTES
) . "</td><td width=5></td></tr></table></td>
441 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\"><a href=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&task=edit¬eid=" .
442 htmlspecialchars( $myrow['id'], ENT_QUOTES
) . "\" onclick=\"top.restoreSession()\">" .
443 htmlspecialchars( $patient, ENT_NOQUOTES
) . "</a></td><td width=5></td></tr></table></td>
444 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
445 htmlspecialchars( $myrow['title'], ENT_NOQUOTES
) . "</td><td width=5></td></tr></table></td>
446 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
447 htmlspecialchars( oeFormatShortDate(substr($myrow['date'], 0, strpos($myrow['date'], " "))), ENT_NOQUOTES
) . "</td><td width=5></td></tr></table></td>
448 <td style=\"border-bottom: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
449 htmlspecialchars( $myrow['message_status'], ENT_NOQUOTES
) . "</td><td width=5></td></tr></table></td>
452 // Display the Messages table footer.
455 <table border=0 cellpadding=5 cellspacing=0 width=90%>
457 <td class=\"text\"><a href=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&task=addnew\" onclick=\"top.restoreSession()\">" .
458 htmlspecialchars( xl('Add New'), ENT_NOQUOTES
) . "</a> <a href=\"javascript:confirmDeleteSelected()\" onclick=\"top.restoreSession()\">" .
459 htmlspecialchars( xl('Delete'), ENT_NOQUOTES
) . "</a></td>
460 <td align=right class=\"text\">$prevlink $end of $total $nextlink</td>
462 </table></td></tr></table><br>"; ?
>
463 <script language
="javascript">
464 // This is to confirm delete action.
465 function confirmDeleteSelected() {
466 if(confirm("<?php echo htmlspecialchars( xl('Do you really want to delete the selection?'), ENT_QUOTES); ?>")) {
467 document
.wikiList
.submit();
470 // This is to allow selection of all items in Messages table for deletion.
471 function selectAll() {
472 if(document
.getElementById("checkAll").checked
==true) {
473 document
.getElementById("checkAll").checked
=true;<?php
474 for($i = 1; $i <= $count; $i++
) {
475 echo "document.getElementById(\"check$i\").checked=true; document.getElementById(\"row$i\").style.background='#E7E7E7'; ";
479 document
.getElementById("checkAll").checked
=false;<?php
480 for($i = 1; $i <= $count; $i++
) {
481 echo "document.getElementById(\"check$i\").checked=false; document.getElementById(\"row$i\").style.background='#F7F7F7'; ";
485 // The two functions below are for managing row styles in Messages table.
486 function selectRow(row
) {
487 document
.getElementById(row
).style
.background
= "#E7E7E7";
489 function deselectRow(row
) {
490 document
.getElementById(row
).style
.background
= "#F7F7F7";