search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix: ccda zip import and php warnings and deprecations (#7416)
[openemr.git] / library / forms.inc.php
blob7b05bf6672d7eda9807b222ec3bb2c8883503f03
1 <?php
2
3 use OpenEMR\Common\Acl\AclMain;
4 use OpenEMR\Services\FormService;
5
6 $GLOBALS['form_exit_url'] = "javascript:parent.closeTab(window.name, false)";
7
8 function getFormByEncounter(
9 $attendant_id,
10 $encounter,
11 $cols = "form_id, form_name",
12 $name = "",
13 $orderby = "FIND_IN_SET(formdir,'vitals') DESC, date DESC"
14 ) {
15 $formService = new FormService();
16 return $formService->getFormByEncounter($attendant_id, $encounter, $cols, $name, $orderby);
17 }
18
19 function addForm(
20 $encounter,
21 $form_name,
22 $form_id,
23 $formdir,
24 $pid,
25 $authorized = "0",
26 $date = "NOW()",
27 $user = "",
28 $group = "",
29 $therapy_group = 'not_given'
30 ) {
31
32 global $attendant_type;
33 if (!$user) {
34 $user = $_SESSION['authUser'] ?? null;
35 }
36
37 if (!$group) {
38 $group = $_SESSION['authProvider'] ?? null;
39 }
40
41 if ($therapy_group == 'not_given') {
42 $therapy_group = $attendant_type == 'pid' ? null : $_SESSION['therapy_group'];
43 }
44
45 //print_r($_SESSION['therapy_group']);die;
46 $arraySqlBind = array();
47 $sql = "insert into forms (date, encounter, form_name, form_id, pid, " .
48 "user, groupname, authorized, formdir, therapy_group_id) values (";
49 if ($date == "NOW()") {
50 $sql .= "$date";
51 } else {
52 $sql .= "?";
53 array_push($arraySqlBind, $date);
54 }
55
56 $sql .= ", ?, ?, ?, ?, ?, ?, ?, ?, ?)";
57 array_push($arraySqlBind, $encounter, $form_name, $form_id, $pid, $user, $group, $authorized, $formdir, $therapy_group);
58 return sqlInsert($sql, $arraySqlBind);
59 }
60
61 function authorizeForm($id, $authorized = "1")
62 {
63 sqlQuery("UPDATE forms SET authorized = ? WHERE id = ? AND deleted = 0", array($authorized, $id));
64 }
65
66 function getEncounters($pid, $dateStart = '', $dateEnd = '', $encounterRuleType = '')
67 {
68 $arraySqlBind = array();
69
70 if ($encounterRuleType) {
71 // Only collect certain type of encounters (list_options item from the rule_enc_types list that is mapped via enc_category_map table)
72 $from = "form_encounter LEFT JOIN enc_category_map ON (form_encounter.pc_catid = enc_category_map.main_cat_id)";
73 $where = "enc_category_map.rule_enc_id = ? and ";
74 array_push($arraySqlBind, $encounterRuleType);
75 } else {
76 // Collect all encounters
77 $from = "form_encounter";
78 }
79
80 if ($dateStart && $dateEnd) {
81 $where .= "form_encounter.pid = ? and form_encounter.date >= ? and form_encounter.date <= ?";
82 array_push($arraySqlBind, $pid, $dateStart, $dateEnd);
83 } elseif ($dateStart && !$dateEnd) {
84 $where .= "form_encounter.pid = ? and form_encounter.date >= ?";
85 array_push($arraySqlBind, $pid, $dateStart);
86 } elseif (!$dateStart && $dateEnd) {
87 $where .= "form_encounter.pid = ? and form_encounter.date <= ?";
88 array_push($arraySqlBind, $pid, $dateEnd);
89 } else {
90 $where .= "form_encounter.pid = ?";
91 array_push($arraySqlBind, $pid);
92 }
93
94 //Not table escaping $from since this is hard-coded above and can include more than just a table name
95 $res = sqlStatement("SELECT distinct encounter FROM " . $from . " WHERE " . $where . " ORDER by date desc", $arraySqlBind);
96
97 $all = [];
98 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
99 $all[$iter] = $row;
100 }
101
102 return $all;
103 }
104
105 function getEncounterDateByEncounter($encounter)
106 {
107 global $attendant_type;
108 $table = $attendant_type == 'pid' ? 'form_encounter' : 'form_groups_encounter';
109 // $sql = "select date from forms where encounter='$encounter' order by date";
110 $sql = "SELECT date FROM " . escape_table_name($table) . " WHERE encounter = ? ORDER BY date";
111 return sqlQuery($sql, array($encounter));
112 }
113
114 function getProviderIdOfEncounter($encounter)
115 {
116 global $attendant_type;
117 $table = $attendant_type == 'pid' ? 'form_encounter' : 'form_groups_encounter';
118 $sql = "SELECT provider_id FROM " . escape_table_name($table) . " WHERE encounter=? ORDER BY date";
119 $res = sqlQuery($sql, array($encounter));
120 return $res['provider_id'];
121 }
122
123 function getFormNameByFormdirAndFormid($formdir, $form_id)
124 {
125 return sqlQuery("SELECT form_name FROM forms WHERE formdir = ? AND form_id = ? AND deleted = 0", array($formdir, $form_id));
126 }
127
128 function getFormIdByFormdirAndFormid($formdir, $form_id)
129 {
130 $result = sqlQuery("select id from forms where formdir = ? and form_id = ? and deleted = 0 ", array( $formdir, $form_id ));
131 return $result['id'];
132 }
133
134 function getFormNameByFormdir($formdir)
135 {
136 return sqlQuery("SELECT form_name FROM forms WHERE formdir = ? AND deleted = 0", array($formdir));
137 }
138
139 function getDocumentsByEncounter($patientID = null, $encounterID = null)
140 {
141 $allDocuments = null;
142 $currentEncounter = ( $encounterID ) ? $encounterID : $_SESSION['encounter'];
143 $currentPatient = ( $patientID ) ? $patientID : $_SESSION['pid'];
144
145 if ($currentPatient != "" && $currentEncounter != "") {
146 $sql = "SELECT d.id, d.type, d.url, d.name as document_name, d.docdate, d.list_id, c.name, d.encounter_id FROM documents AS d, categories_to_documents AS cd,
147 categories AS c WHERE d.foreign_id = ? AND d.encounter_id=? AND cd.document_id = d.id AND c.id = cd.category_id ORDER BY d.docdate DESC, d.id DESC";
148 $res = sqlStatement($sql, array($currentPatient,$currentEncounter));
149
150 while ($row = sqlFetchArray($res)) {
151 $allDocuments[] = $row;
152 }
153 }
154
155 return $allDocuments;
156 }
157
158 function hasFormPermission($formDir)
159 {
160 // get the aco spec from registry table
161 $formRow = sqlQuery("SELECT aco_spec FROM registry WHERE directory = ?", array($formDir));
162 $permission = explode('|', ($formRow['aco_spec'] ?? ''));
163 return AclMain::aclCheckCore($permission[0], $permission[1] ?? null);
164 }
Mirror of official OpenEMR Sourceforge repository