search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Security Fix (xss)
[openemr.git] / custom / export_labworks.php
blobd412c3aac49ff7f86b78c94201ac9fd71daa1e90
1 <?php
2
3 // Copyright (C) 2005 Rod Roark <rod@sunsetsystems.com>
4 //
5 // This program is free software; you can redistribute it and/or
6 // modify it under the terms of the GNU General Public License
7 // as published by the Free Software Foundation; either version 2
8 // of the License, or (at your option) any later version.
9
10 /////////////////////////////////////////////////////////////////////
11 // This program exports patient demographics on demand and sends
12 // them to an Atlas LabWorks server to facilitate lab requisitions.
13 /////////////////////////////////////////////////////////////////////
14
15 include_once("../interface/globals.php");
16 include_once("../library/patient.inc");
17
18 // FTP parameters that you must customize. If you are not sending
19 // then set $FTP_SERVER to an empty string.
20 //
21 $FTP_SERVER = "192.168.0.30";
22 $FTP_USER = "openemr";
23 $FTP_PASS = "secret";
24 $FTP_DIR = "";
25
26 // This is the destination directory on the local machine for the
27 // exported data. Required even if FTP is used.
28 //
29 $EXPORT_PATH = "/tmp/labworks";
30
31 $out = "";
32
33 // Add a string to output with some basic sanitizing.
34 function Add($field) {
35 global $out;
36 $out .= "^" . trim(str_replace(array("\r", "\n", "\t"), " ", $field));
37 }
38
39 // Remove all non-digits from a string.
40 function Digits($field) {
41 return preg_replace("/\D/", "", $field);
42 }
43
44 // Translate sex.
45 function Sex($field) {
46 $sex = strtoupper(substr(trim($field), 0, 1));
47 if ($sex != "M" && $sex != "F") $sex = "U";
48 return $sex;
49 }
50
51 // Translate a date.
52 function LWDate($field) {
53 $tmp = fixDate($field);
54 return substr($tmp, 5, 2) . substr($tmp, 8, 2) . substr($tmp, 0, 4);
55 }
56
57 // Translate insurance type.
58 function InsType($field) {
59 if (! $field) return "";
60 if ($field == 2) return "Medicare";
61 if ($field == 3) return "Medicaid";
62 return "Other";
63 }
64
65 // Error abort function that does not leave the system locked.
66 function mydie($msg) {
67 global $EXPORT_PATH;
68 rename("$EXPORT_PATH/locked", "$EXPORT_PATH/unlocked");
69 die($msg);
70 }
71
72 $alertmsg = ""; // anything here pops up in an alert box
73
74 // This mess gets all the info for the patient.
75 //
76 $insrow = array();
77 foreach (array('primary','secondary') as $value) {
78 $insrow[] = sqlQuery("SELECT id FROM insurance_data WHERE " .
79 "pid = '$pid' AND type = '$value' ORDER BY date DESC LIMIT 1");
80 }
81 $query = "SELECT " .
82 "p.pubpid, p.fname, p.mname, p.lname, p.DOB, p.providerID, " .
83 "p.ss, p.street, p.city, p.state, p.postal_code, p.phone_home, p.sex, " .
84 "i1.policy_number AS policy1, i1.group_number AS group1, i1.provider as provider1, " .
85 "i1.subscriber_fname AS fname1, i1.subscriber_mname AS mname1, i1.subscriber_lname AS lname1, " .
86 "i1.subscriber_street AS sstreet1, i1.subscriber_city AS scity1, i1.subscriber_state AS sstate1, " .
87 "i1.subscriber_postal_code AS szip1, i1.subscriber_relationship AS relationship1, " .
88 "c1.name AS name1, c1.freeb_type AS instype1, " .
89 "a1.line1 AS street11, a1.line2 AS street21, a1.city AS city1, a1.state AS state1, " .
90 "a1.zip AS zip1, a1.plus_four AS zip41, " .
91 "i2.policy_number AS policy2, i2.group_number AS group2, i2.provider as provider2, " .
92 "i2.subscriber_fname AS fname2, i2.subscriber_mname AS mname2, i2.subscriber_lname AS lname2, " .
93 "i2.subscriber_relationship AS relationship2, " .
94 "c2.name AS name2, c2.freeb_type AS instype2, " .
95 "a2.line1 AS street12, a2.line2 AS street22, a2.city AS city2, a2.state AS state2, " .
96 "a2.zip AS zip2, a2.plus_four AS zip42 " .
97 "FROM patient_data AS p " .
98 // "LEFT OUTER JOIN insurance_data AS i1 ON i1.pid = p.pid AND i1.type = 'primary' " .
99 // "LEFT OUTER JOIN insurance_data AS i2 ON i2.pid = p.pid AND i2.type = 'secondary' " .
100 "LEFT OUTER JOIN insurance_data AS i1 ON i1.id = '" . $insrow[0]['id'] . "' " .
101 "LEFT OUTER JOIN insurance_data AS i2 ON i2.id = '" . $insrow[1]['id'] . "' " .
102 //
103 "LEFT OUTER JOIN insurance_companies AS c1 ON c1.id = i1.provider " .
104 "LEFT OUTER JOIN insurance_companies AS c2 ON c2.id = i2.provider " .
105 "LEFT OUTER JOIN addresses AS a1 ON a1.foreign_id = c1.id " .
106 "LEFT OUTER JOIN addresses AS a2 ON a2.foreign_id = c2.id " .
107 "WHERE p.pid = '$pid' LIMIT 1";
108
109 $row = sqlFetchArray(sqlStatement($query));
110
111 // Get primary care doc info. If none was selected in the patient
112 // demographics then pick the #1 doctor in the clinic.
113 //
114 $query = "select id, fname, mname, lname from users where authorized = 1";
115 if ($row['providerID']) {
116 $query .= " AND id = " . $row['providerID'];
117 } else {
118 $query .= " ORDER BY id LIMIT 1";
119 }
120 $prow = sqlFetchArray(sqlStatement($query));
121
122 // Patient Section.
123 //
124 $out .= $pid; // patient id
125 Add($row['pubpid']); // chart number
126 Add($row['lname']); // last name
127 Add($row['fname']); // first name
128 Add(substr($row['mname'], 0, 1)); // middle initial
129 Add(""); // alias
130 Add(Digits($row['ss'])); // ssn
131 Add(LWDate($row['DOB'])); // dob
132 Add(Sex($row['sex'])); // gender
133 Add(""); // notes
134 Add($row['street']); // address 1
135 Add(""); // address2
136 Add($row['city']); // city
137 Add($row['state']); // state
138 Add($row['postal_code']); // zip
139 Add(Digits($row['phone_home'])); // home phone
140
141 // Guarantor Section. OpenEMR does not have guarantors so we use the primary
142 // insurance subscriber if there is one, otherwise the patient.
143 //
144 if (trim($row['lname1'])) {
145 Add($row['lname1']);
146 Add($row['fname1']);
147 Add(substr($row['mname1'], 0, 1));
148 Add($row['sstreet1']);
149 Add("");
150 Add($row['scity1']);
151 Add($row['sstate1']);
152 Add($row['szip1']);
153 } else {
154 Add($row['lname']);
155 Add($row['fname']);
156 Add(substr($row['mname'], 0, 1));
157 Add($row['street']);
158 Add("");
159 Add($row['city']);
160 Add($row['state']);
161 Add($row['postal_code']);
162 }
163
164 // Primary Insurance Section.
165 //
166 Add($row['provider1']);
167 Add($row['name1']);
168 Add($row['street11']);
169 Add($row['street21']);
170 Add($row['city1']);
171 Add($row['state1']);
172 Add($row['zip1']);
173 Add("");
174 Add(InsType($row['instype1']));
175 Add($row['fname1'] . " " . $row['lname1']);
176 Add(ucfirst($row['relationship1']));
177 Add($row['group1']);
178 Add($row['policy1']);
179
180 // Secondary Insurance Section.
181 //
182 Add($row['provider2']);
183 Add($row['name2']);
184 Add($row['street12']);
185 Add($row['street22']);
186 Add($row['city2']);
187 Add($row['state2']);
188 Add($row['zip2']);
189 Add("");
190 Add(InsType($row['instype2']));
191 Add($row['fname2'] . " " . $row['lname2']);
192 Add(ucfirst($row['relationship2']));
193 Add($row['group2']);
194 Add($row['policy2']);
195
196 // Primary Care Physician Section.
197 //
198 Add($prow['id']);
199 Add($prow['lname']);
200 Add($prow['fname']);
201 Add(substr($prow['mname'], 0, 1));
202 Add(""); // UPIN not available
203
204 // All done.
205 $out .= "\rEND";
206
207 // In case this is the very first time.
208 if (! file_exists($EXPORT_PATH)) {
209 mkdir($EXPORT_PATH);
210 @touch("$EXPORT_PATH/unlocked");
211 }
212
213 // Serialize the following code; collisions would be very bad.
214 if (! rename("$EXPORT_PATH/unlocked", "$EXPORT_PATH/locked"))
215 die("Export seems to be in use by someone else; please try again.");
216
217 // Figure out what to use for the target filename.
218 $dh = opendir($EXPORT_PATH);
219 if (! $dh) mydie("Cannot read $EXPORT_PATH");
220 $nextnumber = 1;
221 while (false !== ($filename = readdir($dh))) {
222 if (preg_match("/PMI(\d{8})\.DEM/", $filename, $matches)) {
223 $tmp = 1 + $matches[1];
224 if ($tmp > $nextnumber) {
225 $nextnumber = $tmp;
226 }
227 }
228 }
229 closedir($dh);
230 $fnprefix = sprintf("PMI%08.0f.", $nextnumber);
231 $initialname = $fnprefix . "creating";
232 $finalname = $fnprefix . "DEM";
233 $initialpath = "$EXPORT_PATH/$initialname";
234 $finalpath = "$EXPORT_PATH/$finalname";
235
236 // Write the file locally with a temporary version of the name.
237 @touch($initialpath); // work around possible php bug
238 $fh = @fopen($initialpath, "w");
239 if (! $fh) mydie("Unable to open $initialpath for writing");
240 fwrite($fh, $out);
241 fclose($fh);
242
243 // Rename the local file.
244 rename($initialpath, $finalpath);
245
246 // Delete old stuff to avoid uncontrolled growth.
247 if ($nextnumber > 5) {
248 @unlink("$EXPORT_PATH/PMI%08.0f.DEM", $nextnumber - 5);
249 }
250
251 // End of serialized code.
252 rename("$EXPORT_PATH/locked", "$EXPORT_PATH/unlocked");
253
254 // If we have an ftp server, send it there and then rename it.
255 if ($FTP_SERVER) {
256 $ftpconn = ftp_connect($FTP_SERVER) or die("FTP connection failed");
257 ftp_login($ftpconn, $FTP_USER, $FTP_PASS) or die("FTP login failed");
258 if ($FTP_DIR) ftp_chdir($ftpconn, $FTP_DIR) or die("FTP chdir failed");
259 ftp_put($ftpconn, $initialname, $finalpath, FTP_BINARY) or die("FTP put failed");
260 ftp_rename($ftpconn, $initialname, $finalname) or die("FTP rename failed");
261 ftp_close($ftpconn);
262 }
263 ?>
264 <html>
265 <head>
266 <?php html_header_show();?>
267 <link rel=stylesheet href="<?php echo $css_header;?>" type="text/css">
268 <title>Export Patient Demographics</title>
269 </head>
270 <body>
271 <center>
272 <p>&nbsp;</p>
273 <p>Demographics for <?php echo $row['fname'] . " " . $row['lname'] ?>
274 have been exported to LabWorks.</p>
275 <p>&nbsp;</p>
276 <form>
277 <p><input type='button' value='OK' onclick='window.close()' /></p>
278 </form>
279 </center>
280 </body>
281 </html>
Mirror of official OpenEMR Sourceforge repository