library/ajax/code_attributes_ajax.php

   1 <?php
   2 /**
   3  * Given a code type, code, selector and price level for a service or product, this creates
   4  * JavaScript that will call the user's handler passing the following arguments:
   5  * code type, code, description, price, warehouse options.
   6  * Upload designated service codes as "services=" attributes for designated layouts.
   7  * This supports specifying related codes to determine the service codes to be used.
   8  *
   9  * @package   OpenEMR
  10  * @link      http://www.open-emr.org
  11  * @author    Rod Roark <rod@sunsetsystems.com>
  12  * @copyright Copyright (c) 2015-2017 Rod Roark <rod@sunsetsystems.com>
  13  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  14  */
  15
  16 require_once("../../interface/globals.php");
  17 require_once("$fileroot/custom/code_types.inc.php");
  18 require_once("$fileroot/interface/drugs/drugs.inc.php");
  19
  20 //verify csrf
  21 if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  22     die(xlt('Authentication Error'));
  23 }
  24
  25 function write_code_info($codetype, $code, $selector, $pricelevel)
  26 {
  27     global $code_types;
  28
  29     $wh = ''; // options for warehouse selection
  30
  31     if ($codetype == 'PROD') {
  32         $wrow = sqlQuery(
  33             "SELECT default_warehouse FROM users WHERE username = ?",
  34             array($_SESSION['authUser'])
  35         );
  36         $defaultwh = empty($wrow['default_warehouse']) ? '' : $wrow['default_warehouse'];
  37       //
  38         $crow = sqlQuery(
  39             "SELECT d.name, p.pr_price " .
  40             "FROM drugs AS d " .
  41             "LEFT JOIN prices AS p ON p.pr_id = d.drug_id AND p.pr_selector = ? AND p.pr_level = ? " .
  42             "WHERE d.drug_id = ?",
  43             array($selector, $pricelevel, $code)
  44         );
  45         $desc = $crow['name'];
  46         $price = empty($crow['pr_price']) ? 0 : (0 + $crow['pr_price']);
  47       //
  48         $lres = sqlStatement("SELECT * FROM list_options " .
  49         "WHERE list_id = 'warehouse' AND activity = 1 ORDER BY seq, title");
  50         $wh .= "<option value=''></option>";
  51         while ($lrow = sqlFetchArray($lres)) {
  52             $wh .= "<option value='" . attr($lrow['option_id']) . "'";
  53             $has_inventory = sellDrug($code, 1, 0, 0, 0, 0, '', '', $lrow['option_id'], true);
  54             if ($has_inventory && (
  55             (strlen($defaultwh) == 0 && $lrow['is_default']           ) ||
  56             (strlen($defaultwh)  > 0 && $lrow['option_id'] == $default))) {
  57                 $wh .= " selected";
  58             } else {
  59               // Disable this warehouse option if not selected and has no inventory.
  60                 if (!$has_inventory) {
  61                     $wh .= " disabled";
  62                 }
  63             }
  64             $wh .= ">" . text(xl_list_label($lrow['title'])) . "</option>";
  65         }
  66     } else {
  67       // not PROD
  68         $cres = return_code_information($codetype, $code, false);
  69         $desc = '';
  70         $price = 0;
  71         if ($crow = sqlFetchArray($cres)) {
  72             $desc = trim($crow['code_text']);
  73             if ($code_types[$codetype]['fee']) {
  74                 if ($code_types[$codetype]['external'] == 0) {
  75                     $prow = sqlQuery(
  76                         "SELECT pr_price " .
  77                         "FROM prices WHERE pr_id = ? AND pr_selector = '' AND pr_level = ? " .
  78                         "LIMIT 1",
  79                         array($crow['id'], $pricelevel)
  80                     );
  81                     if (!empty($prow['pr_price'])) {
  82                         $price = 0 + $prow['pr_price'];
  83                     }
  84                 } else {
  85                   // external code set with fees, prices table not supported
  86                     $price = 0 + $crow['fee'];
  87                 }
  88             }
  89         }
  90     }
  91
  92   // error_log("Warehouse string is: " . $wh); // debugging
  93
  94     echo "code_attributes_handler(" .
  95     "'" . addslashes($codetype) . "'," .
  96     "'" . addslashes($code) . "'," .
  97     "'" . addslashes($desc) . "'," .
  98     "'" . addslashes($price) . "'," .
  99     "'" . addslashes($wh) . "');";
 100 }
 101
 102 $pricelevel = isset($_GET['pricelevel']) ? $_GET['pricelevel'] : '';
 103
 104 if (!empty($_GET['list'])) {
 105   // This case supports packages of codes.
 106     $arrcodes = explode('~', $_GET['list']);
 107     foreach ($arrcodes as $codestring) {
 108         if ($codestring === '') {
 109             continue;
 110         }
 111         $arrcode = explode('|', $codestring);
 112         $codetype = $arrcode[0];
 113         list($code, $modifier) = explode(":", $arrcode[1]);
 114         $selector = isset($arrcode[2]) ? $arrcode[2] : '';
 115         write_code_info($codetype, $code, $selector, $pricelevel);
 116     }
 117 } else {
 118   // This is the normal case of adding a single code.
 119     $codetype   = isset($_GET['codetype'  ]) ? $_GET['codetype'  ] : '';
 120     $code       = isset($_GET['code'      ]) ? $_GET['code'      ] : '';
 121     $selector   = isset($_GET['selector'  ]) ? $_GET['selector'  ] : '';
 122     write_code_info($codetype, $code, $selector, $pricelevel);
 123 }