2 // Copyright (C) 2007-2010 Rod Roark <rod@sunsetsystems.com>
3 // Copyright © 2010 by Andrew Moore <amoore@cpan.org>
4 // Copyright © 2010 by "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
11 // Functions for managing the lists and layouts
13 // Note: there are translation wrappers for the lists and layout labels
14 // at library/translation.inc.php. The functions are titled
15 // xl_list_label() and xl_layout_label() and are controlled by the
16 // $GLOBALS['translate_lists'] and $GLOBALS['translate_layout']
17 // flags in globals.php
19 // Documentation for layout_options.edit_options:
21 // C = Capitalize first letter of each word (text fields)
22 // D = Check for duplicates in New Patient form
23 // G = Graphable (for numeric fields in forms supporting historical data)
24 // H = Read-only field copied from static history
25 // L = Lab Order ("ord_lab") types only (address book)
26 // N = Show in New Patient form
27 // O = Procedure Order ("ord_*") types only (address book)
28 // R = Distributor types only (address book)
29 // U = Capitalize all letters (text fields)
30 // V = Vendor types only (address book)
31 // 1 = Write Once (not editable when not empty) (text fields)
33 require_once("formdata.inc.php");
34 require_once("formatting.inc.php");
35 require_once("user.inc");
39 function get_pharmacies() {
40 return sqlStatement("SELECT d.id, d.name, a.line1, a.city, " .
41 "p.area_code, p.prefix, p.number FROM pharmacies AS d " .
42 "LEFT OUTER JOIN addresses AS a ON a.foreign_id = d.id " .
43 "LEFT OUTER JOIN phone_numbers AS p ON p.foreign_id = d.id " .
45 "ORDER BY name, area_code, prefix, number");
48 // Function to generate a drop-list.
50 function generate_select_list($tag_name, $list_id, $currvalue, $title,
51 $empty_name=' ', $class='', $onchange='', $tag_id = '', $custom_attributes = null )
54 $tag_name_esc = htmlspecialchars( $tag_name, ENT_QUOTES
);
55 $s .= "<select name='$tag_name_esc'";
56 $tag_id_esc = $tag_name_esc;
57 if ( $tag_id != '' ) {
58 $tag_id_esc = htmlspecialchars( $tag_id, ENT_QUOTES
);
60 $s .= " id='$tag_id_esc'";
61 if ($class) $s .= " class='$class'";
62 if ($onchange) $s .= " onchange='$onchange'";
63 if ( $custom_attributes != null && is_array($custom_attributes) ) {
64 foreach ( $custom_attributes as $attr => $val ) {
65 if ( isset($custom_attributes[$attr] ) ) {
66 $s .= " ".htmlspecialchars( $attr, ENT_QUOTES
)."='".htmlspecialchars( $val, ENT_QUOTES
)."'";
70 $selectTitle = htmlspecialchars( $title, ENT_QUOTES
);
71 $s .= " title='$selectTitle'>";
72 $selectEmptyName = htmlspecialchars( xl($empty_name), ENT_NOQUOTES
);
73 if ($empty_name) $s .= "<option value=''>" . $selectEmptyName . "</option>";
74 $lres = sqlStatement("SELECT * FROM list_options " .
75 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
76 $got_selected = FALSE;
77 while ($lrow = sqlFetchArray($lres)) {
78 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
79 $s .= "<option value='$optionValue'";
80 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
81 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
86 $optionLabel = htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
87 $s .= ">$optionLabel</option>\n";
89 if (!$got_selected && strlen($currvalue) > 0) {
90 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
91 $s .= "<option value='$currescaped' selected>* $currescaped *</option>";
93 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_QUOTES
);
94 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
95 $s .= " <font color='red' title='$fontTitle'>$fontText!</font>";
103 // $frow is a row from the layout_options table.
104 // $currvalue is the current value, if any, of the associated item.
106 function generate_form_field($frow, $currvalue) {
107 global $rootdir, $date_init;
109 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
111 $data_type = $frow['data_type'];
112 $field_id = $frow['field_id'];
113 $list_id = $frow['list_id'];
114 // escaped variables to use in html
115 $field_id_esc= htmlspecialchars( $field_id, ENT_QUOTES
);
116 $list_id_esc = htmlspecialchars( $list_id, ENT_QUOTES
);
118 // Added 5-09 by BM - Translate description if applicable
119 $description = (isset($frow['description']) ?
htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES
) : '');
121 // added 5-2009 by BM to allow modification of the 'empty' text title field.
122 // Can pass $frow['empty_title'] with this variable, otherwise
123 // will default to 'Unassigned'.
124 // modified 6-2009 by BM to allow complete skipping of the 'empty' text title
125 // if make $frow['empty_title'] equal to 'SKIP'
127 if (isset($frow['empty_title'])) {
128 if ($frow['empty_title'] == "SKIP") {
129 //do not display an 'empty' choice
131 $empty_title = "Unassigned";
134 $empty_title = $frow['empty_title'];
138 $empty_title = "Unassigned";
141 // generic single-selection list
142 if ($data_type == 1) {
143 echo generate_select_list("form_$field_id", $list_id, $currvalue,
144 $description, $showEmpty ?
$empty_title : '');
148 else if ($data_type == 2) {
149 $fldlength = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
150 $maxlength = $frow['max_length'];
151 $string_maxlength = "";
152 // if max_length is set to zero, then do not set a maxlength
153 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
154 echo "<input type='text'" .
155 " name='form_$field_id_esc'" .
156 " id='form_$field_id_esc'" .
157 " size='$fldlength'" .
158 " $string_maxlength" .
159 " title='$description'" .
160 " value='$currescaped'";
161 if (strpos($frow['edit_options'], 'C') !== FALSE)
162 echo " onchange='capitalizeMe(this)'";
163 else if (strpos($frow['edit_options'], 'U') !== FALSE)
164 echo " onchange='this.value = this.value.toUpperCase()'";
165 $tmp = htmlspecialchars( $GLOBALS['gbl_mask_patient_id'], ENT_QUOTES
);
166 if ($field_id == 'pubpid' && strlen($tmp) > 0) {
167 echo " onkeyup='maskkeyup(this,\"$tmp\")'";
168 echo " onblur='maskblur(this,\"$tmp\")'";
170 if (strpos($frow['edit_options'], '1') !== FALSE && strlen($currescaped) > 0)
175 // long or multi-line text field
176 else if ($data_type == 3) {
177 $textCols = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
178 $textRows = htmlspecialchars( $frow['fld_rows'], ENT_QUOTES
);
180 " name='form_$field_id_esc'" .
181 " id='form_$field_id_esc'" .
182 " title='$description'" .
183 " cols='$textCols'" .
184 " rows='$textRows'>" .
185 $currescaped . "</textarea>";
189 else if ($data_type == 4) {
190 echo "<input type='text' size='10' name='form_$field_id_esc' id='form_$field_id_esc'" .
191 " value='$currescaped'" .
192 " title='$description'" .
193 " onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' />" .
194 "<img src='$rootdir/pic/show_calendar.gif' align='absbottom' width='24' height='22'" .
195 " id='img_$field_id_esc' border='0' alt='[?]' style='cursor:pointer'" .
196 " title='" . htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES
) . "' />";
197 $date_init .= " Calendar.setup({inputField:'form_$field_id', ifFormat:'%Y-%m-%d', button:'img_$field_id'});\n";
200 // provider list, local providers only
201 else if ($data_type == 10) {
202 $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " .
203 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
204 "AND authorized = 1 " .
205 "ORDER BY lname, fname");
206 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
207 echo "<option value=''>" . htmlspecialchars(xl($empty_title), ENT_NOQUOTES
) . "</option>";
208 while ($urow = sqlFetchArray($ures)) {
209 $uname = htmlspecialchars( $urow['fname'] . ' ' . $urow['lname'], ENT_NOQUOTES
);
210 $optionId = htmlspecialchars( $urow['id'], ENT_QUOTES
);
211 echo "<option value='$optionId'";
212 if ($urow['id'] == $currvalue) echo " selected";
213 echo ">$uname</option>";
218 // provider list, including address book entries with an NPI number
219 else if ($data_type == 11) {
220 $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " .
221 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
222 "AND ( authorized = 1 OR ( username = '' AND npi != '' ) ) " .
223 "ORDER BY lname, fname");
224 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
225 echo "<option value=''>" . htmlspecialchars( xl('Unassigned'), ENT_NOQUOTES
) . "</option>";
226 while ($urow = sqlFetchArray($ures)) {
227 $uname = htmlspecialchars( $urow['fname'] . ' ' . $urow['lname'], ENT_NOQUOTES
);
228 $optionId = htmlspecialchars( $urow['id'], ENT_QUOTES
);
229 echo "<option value='$optionId'";
230 if ($urow['id'] == $currvalue) echo " selected";
231 echo ">$uname</option>";
237 else if ($data_type == 12) {
238 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
239 echo "<option value='0'></option>";
240 $pres = get_pharmacies();
241 while ($prow = sqlFetchArray($pres)) {
243 $optionValue = htmlspecialchars( $key, ENT_QUOTES
);
244 $optionLabel = htmlspecialchars( $prow['name'] . ' ' . $prow['area_code'] . '-' .
245 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
246 $prow['line1'] . ' / ' . $prow['city'], ENT_NOQUOTES
);
247 echo "<option value='$optionValue'";
248 if ($currvalue == $key) echo " selected";
249 echo ">$optionLabel</option>";
255 else if ($data_type == 13) {
256 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
257 echo "<option value=''> </option>";
258 $squads = acl_get_squads();
260 foreach ($squads as $key => $value) {
261 $optionValue = htmlspecialchars( $key, ENT_QUOTES
);
262 $optionLabel = htmlspecialchars( $value[3], ENT_NOQUOTES
);
263 echo "<option value='$optionValue'";
264 if ($currvalue == $key) echo " selected";
265 echo ">$optionLabel</option>\n";
271 // Address book, preferring organization name if it exists and is not in
272 // parentheses, and excluding local users who are not providers.
273 // Supports "referred to" practitioners and facilities.
274 // Alternatively the letter L in edit_options means that abook_type
275 // must be "ord_lab", indicating types used with the procedure
276 // lab ordering system.
277 // Alternatively the letter O in edit_options means that abook_type
278 // must begin with "ord_", indicating types used with the procedure
280 // Alternatively the letter V in edit_options means that abook_type
281 // must be "vendor", indicating the Vendor type.
282 // Alternatively the letter R in edit_options means that abook_type
283 // must be "dist", indicating the Distributor type.
284 else if ($data_type == 14) {
285 if (strpos($frow['edit_options'], 'L') !== FALSE)
286 $tmp = "abook_type = 'ord_lab'";
287 else if (strpos($frow['edit_options'], 'O') !== FALSE)
288 $tmp = "abook_type LIKE 'ord\\_%'";
289 else if (strpos($frow['edit_options'], 'V') !== FALSE)
290 $tmp = "abook_type LIKE 'vendor%'";
291 else if (strpos($frow['edit_options'], 'R') !== FALSE)
292 $tmp = "abook_type LIKE 'dist'";
294 $tmp = "( username = '' OR authorized = 1 )";
295 $ures = sqlStatement("SELECT id, fname, lname, organization, username FROM users " .
296 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
298 "ORDER BY organization, lname, fname");
299 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
300 echo "<option value=''>" . htmlspecialchars( xl('Unassigned'), ENT_NOQUOTES
) . "</option>";
301 while ($urow = sqlFetchArray($ures)) {
302 $uname = $urow['organization'];
303 if (empty($uname) ||
substr($uname, 0, 1) == '(') {
304 $uname = $urow['lname'];
305 if ($urow['fname']) $uname .= ", " . $urow['fname'];
307 $optionValue = htmlspecialchars( $urow['id'], ENT_QUOTES
);
308 $optionLabel = htmlspecialchars( $uname, ENT_NOQUOTES
);
309 echo "<option value='$optionValue'";
310 $title = $urow['username'] ?
xl('Local') : xl('External');
311 $optionTitle = htmlspecialchars( $title, ENT_QUOTES
);
312 echo " title='$optionTitle'";
313 if ($urow['id'] == $currvalue) echo " selected";
314 echo ">$optionLabel</option>";
320 else if ($data_type == 15) {
321 $fldlength = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
322 $maxlength = $frow['max_length'];
323 $string_maxlength = "";
324 // if max_length is set to zero, then do not set a maxlength
325 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
326 echo "<input type='text'" .
327 " name='form_$field_id_esc'" .
328 " id='form_related_code'" .
329 " size='$fldlength'" .
330 " $string_maxlength" .
331 " title='$description'" .
332 " value='$currescaped'" .
333 " onclick='sel_related(this)' readonly" .
337 // a set of labeled checkboxes
338 else if ($data_type == 21) {
339 // In this special case, fld_length is the number of columns generated.
340 $cols = max(1, $frow['fld_length']);
341 $avalue = explode('|', $currvalue);
342 $lres = sqlStatement("SELECT * FROM list_options " .
343 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
344 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
345 $tdpct = (int) (100 / $cols);
346 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
347 $option_id = $lrow['option_id'];
348 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
349 // if ($count) echo "<br />";
350 if ($count %
$cols == 0) {
351 if ($count) echo "</tr>";
354 echo "<td width='$tdpct%'>";
355 echo "<input type='checkbox' name='form_{$field_id_esc}[$option_id_esc]' id='form_{$field_id_esc}[$option_id_esc]' value='1'";
356 if (in_array($option_id, $avalue)) echo " checked";
358 // Added 5-09 by BM - Translate label if applicable
359 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
365 if ($count > $cols) {
366 // Add some space after multiple rows of checkboxes.
367 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
368 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
374 // a set of labeled text input fields
375 else if ($data_type == 22) {
376 $tmp = explode('|', $currvalue);
378 foreach ($tmp as $value) {
379 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
380 $avalue[$matches[1]] = $matches[2];
383 $lres = sqlStatement("SELECT * FROM list_options " .
384 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
385 echo "<table cellpadding='0' cellspacing='0'>";
386 while ($lrow = sqlFetchArray($lres)) {
387 $option_id = $lrow['option_id'];
388 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
389 $maxlength = $frow['max_length'];
390 $string_maxlength = "";
391 // if max_length is set to zero, then do not set a maxlength
392 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
393 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
395 // Added 5-09 by BM - Translate label if applicable
396 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
397 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
398 $optionValue = htmlspecialchars( $avalue[$option_id], ENT_QUOTES
);
399 echo "<td><input type='text'" .
400 " name='form_{$field_id_esc}[$option_id_esc]'" .
401 " id='form_{$field_id_esc}[$option_id_esc]'" .
402 " size='$fldlength'" .
403 " $string_maxlength" .
404 " value='$optionValue'";
405 echo " /></td></tr>";
410 // a set of exam results; 3 radio buttons and a text field:
411 else if ($data_type == 23) {
412 $tmp = explode('|', $currvalue);
414 foreach ($tmp as $value) {
415 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
416 $avalue[$matches[1]] = $matches[2];
419 $maxlength = $frow['max_length'];
420 $string_maxlength = "";
421 // if max_length is set to zero, then do not set a maxlength
422 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
423 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
424 $lres = sqlStatement("SELECT * FROM list_options " .
425 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
426 echo "<table cellpadding='0' cellspacing='0'>";
427 echo "<tr><td> </td><td class='bold'>" .
428 htmlspecialchars( xl('N/A'), ENT_NOQUOTES
) .
429 " </td><td class='bold'>" .
430 htmlspecialchars( xl('Nor'), ENT_NOQUOTES
) . " </td>" .
431 "<td class='bold'>" .
432 htmlspecialchars( xl('Abn'), ENT_NOQUOTES
) . " </td><td class='bold'>" .
433 htmlspecialchars( xl('Date/Notes'), ENT_NOQUOTES
) . "</td></tr>";
434 while ($lrow = sqlFetchArray($lres)) {
435 $option_id = $lrow['option_id'];
436 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
437 $restype = substr($avalue[$option_id], 0, 1);
438 $resnote = substr($avalue[$option_id], 2);
440 // Added 5-09 by BM - Translate label if applicable
441 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
443 for ($i = 0; $i < 3; ++
$i) {
444 $inputValue = htmlspecialchars( $i, ENT_QUOTES
);
445 echo "<td><input type='radio'" .
446 " name='radio_{$field_id_esc}[$option_id_esc]'" .
447 " id='radio_{$field_id_esc}[$option_id_esc]'" .
448 " value='$inputValue'";
449 if ($restype === "$i") echo " checked";
452 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
453 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
454 echo "<td><input type='text'" .
455 " name='form_{$field_id_esc}[$option_id_esc]'" .
456 " id='form_{$field_id_esc}[$option_id_esc]'" .
457 " size='$fldlength'" .
458 " $string_maxlength" .
459 " value='$resnote' /></td>";
465 // the list of active allergies for the current patient
466 // this is read-only!
467 else if ($data_type == 24) {
468 $query = "SELECT title, comments FROM lists WHERE " .
469 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
471 // echo "<!-- $query -->\n"; // debugging
472 $lres = sqlStatement($query, array($GLOBALS['pid']));
474 while ($lrow = sqlFetchArray($lres)) {
475 if ($count++
) echo "<br />";
476 echo htmlspecialchars( $lrow['title'], ENT_NOQUOTES
);
477 if ($lrow['comments']) echo ' (' . htmlspecialchars( $lrow['comments'], ENT_NOQUOTES
) . ')';
481 // a set of labeled checkboxes, each with a text field:
482 else if ($data_type == 25) {
483 $tmp = explode('|', $currvalue);
485 foreach ($tmp as $value) {
486 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
487 $avalue[$matches[1]] = $matches[2];
490 $maxlength = $frow['max_length'];
491 $string_maxlength = "";
492 // if max_length is set to zero, then do not set a maxlength
493 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
494 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
495 $lres = sqlStatement("SELECT * FROM list_options " .
496 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
497 echo "<table cellpadding='0' cellspacing='0'>";
498 while ($lrow = sqlFetchArray($lres)) {
499 $option_id = $lrow['option_id'];
500 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
501 $restype = substr($avalue[$option_id], 0, 1);
502 $resnote = substr($avalue[$option_id], 2);
504 // Added 5-09 by BM - Translate label if applicable
505 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
507 $option_id = htmlspecialchars( $option_id, ENT_QUOTES
);
508 echo "<td><input type='checkbox' name='check_{$field_id_esc}[$option_id_esc]' id='check_{$field_id_esc}[$option_id_esc]' value='1'";
509 if ($restype) echo " checked";
510 echo " /> </td>";
511 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
512 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
513 echo "<td><input type='text'" .
514 " name='form_{$field_id_esc}[$option_id_esc]'" .
515 " id='form_{$field_id_esc}[$option_id_esc]'" .
516 " size='$fldlength'" .
517 " $string_maxlength" .
518 " value='$resnote' /></td>";
524 // single-selection list with ability to add to it
525 else if ($data_type == 26) {
526 echo "<select class='addtolistclass_$list_id_esc' name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
527 if ($showEmpty) echo "<option value=''>" . htmlspecialchars( xl($empty_title), ENT_QUOTES
) . "</option>";
528 $lres = sqlStatement("SELECT * FROM list_options " .
529 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
530 $got_selected = FALSE;
531 while ($lrow = sqlFetchArray($lres)) {
532 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
533 echo "<option value='$optionValue'";
534 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
535 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
538 $got_selected = TRUE;
540 // Added 5-09 by BM - Translate label if applicable
541 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . "</option>\n";
543 if (!$got_selected && strlen($currvalue) > 0) {
544 echo "<option value='$currescaped' selected>* $currescaped *</option>";
546 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_NOQUOTES
);
547 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
548 echo " <font color='red' title='$fontTitle'>$fontText!</font>";
553 // show the add button if user has access to correct list
554 $inputValue = htmlspecialchars( xl('Add'), ENT_QUOTES
);
555 $outputAddButton = "<input type='button' id='addtolistid_".$list_id_esc."' fieldid='form_".$field_id_esc."' class='addtolist' value='$inputValue'>";
556 if (aco_exist('lists', $list_id)) {
557 // a specific aco exist for this list, so ensure access
558 if (acl_check('lists', $list_id)) echo $outputAddButton;
561 // no specific aco exist for this list, so check for access to 'default' list
562 if (acl_check('lists', 'default')) echo $outputAddButton;
566 // a set of labeled radio buttons
567 else if ($data_type == 27) {
568 // In this special case, fld_length is the number of columns generated.
569 $cols = max(1, $frow['fld_length']);
570 $lres = sqlStatement("SELECT * FROM list_options " .
571 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
572 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
573 $tdpct = (int) (100 / $cols);
574 $got_selected = FALSE;
575 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
576 $option_id = $lrow['option_id'];
577 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
578 if ($count %
$cols == 0) {
579 if ($count) echo "</tr>";
582 echo "<td width='$tdpct%'>";
583 echo "<input type='radio' name='form_{$field_id_esc}' id='form_{$field_id_esc}[$option_id_esc]' value='$option_id_esc'";
584 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
585 (strlen($currvalue) > 0 && $option_id == $currvalue))
588 $got_selected = TRUE;
590 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
595 if ($count > $cols) {
596 // Add some space after multiple rows of radio buttons.
597 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
598 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
602 if (!$got_selected && strlen($currvalue) > 0) {
603 $fontTitle = htmlspecialchars( xl('Please choose a valid selection.'), ENT_QUOTES
);
604 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
605 echo "$currescaped <font color='red' title='$fontTitle'>$fontText!</font>";
609 // special case for history of lifestyle status; 3 radio buttons and a date text field:
610 // VicarePlus :: A selection list box for smoking status:
611 else if ($data_type == 28 ||
$data_type == 32) {
612 $tmp = explode('|', $currvalue);
613 switch(count($tmp)) {
632 $resdate = $restype = "";
635 $restype = $resdate = $resnote = "";
638 $maxlength = $frow['max_length'];
639 $string_maxlength = "";
640 // if max_length is set to zero, then do not set a maxlength
641 if ($maxlength) $string_maxlength = "maxlength='".attr($maxlength)."'";
642 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
644 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
645 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
646 $resdate = htmlspecialchars( $resdate, ENT_QUOTES
);
647 echo "<table cellpadding='0' cellspacing='0'>";
649 if ($data_type == 28)
652 echo "<td><input type='text'" .
653 " name='form_$field_id_esc'" .
654 " id='form_$field_id_esc'" .
655 " size='$fldlength'" .
656 " $string_maxlength" .
657 " value='$resnote' /> </td>";
658 echo "<td class='bold'> ".
659 " ".
660 htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
662 else if($data_type == 32)
665 echo "<tr><td><input type='text'" .
666 " name='form_text_$field_id_esc'" .
667 " id='form_text_$field_id_esc'" .
668 " size='$fldlength'" .
669 " $string_maxlength" .
670 " value='$resnote' /> </td></tr>";
672 //Selection list for smoking status
673 $onchange = 'radioChange(this.options[this.selectedIndex].value)';//VicarePlus :: The javascript function for selection list.
674 echo generate_select_list("form_$field_id", $list_id, $reslist,
675 $description, $showEmpty ?
$empty_title : '', '', $onchange)."</td>";
676 echo "<td class='bold'> ".htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
679 echo "<td><input type='radio'" .
680 " name='radio_{$field_id_esc}'" .
681 " id='radio_{$field_id_esc}[current]'" .
682 " value='current".$field_id_esc."'";
683 if ($restype == "current".$field_id) echo " checked";
684 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Current'), ENT_NOQUOTES
)." </td>";
686 echo "<td><input type='radio'" .
687 " name='radio_{$field_id_esc}'" .
688 " id='radio_{$field_id_esc}[quit]'" .
689 " value='quit".$field_id_esc."'";
690 if ($restype == "quit".$field_id) echo " checked";
691 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Quit'), ENT_NOQUOTES
)." </td>";
693 echo "<td><input type='text' size='6' name='date_$field_id_esc' id='date_$field_id_esc'" .
694 " value='$resdate'" .
695 " title='$description'" .
696 " onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' />" .
697 "<img src='$rootdir/pic/show_calendar.gif' align='absbottom' width='24' height='22'" .
698 " id='img_$field_id_esc' border='0' alt='[?]' style='cursor:pointer'" .
699 " title='" . htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES
) . "' /> </td>";
700 $date_init .= " Calendar.setup({inputField:'date_$field_id', ifFormat:'%Y-%m-%d', button:'img_$field_id'});\n";
702 echo "<td><input type='radio'" .
703 " name='radio_{$field_id_esc}'" .
704 " id='radio_{$field_id_esc}[never]'" .
705 " value='never".$field_id_esc."'";
706 if ($restype == "never".$field_id) echo " checked";
707 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Never'), ENT_NOQUOTES
)." </td>";
709 echo "<td><input type='radio'" .
710 " name='radio_{$field_id}'" .
711 " id='radio_{$field_id}[not_applicable]'" .
712 " value='not_applicable".$field_id."'";
713 if ($restype == "not_applicable".$field_id) echo " checked";
714 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('N/A'), ENT_QUOTES
)." </td>";
719 // static text. read-only, of course.
720 else if ($data_type == 31) {
721 echo nl2br($frow['description']);
724 //VicarePlus :: A single selection list for Race and Ethnicity, which is specialized to check the 'ethrace' list if the entry does not exist in the list_id of the given list. At some point in the future (when able to input two lists via the layouts engine), this function could be expanded to allow using any list as a backup entry.
725 else if ($data_type == 33) {
726 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
727 if ($showEmpty) echo "<option value=''>" . htmlspecialchars( xl($empty_title), ENT_QUOTES
) . "</option>";
728 $lres = sqlStatement("SELECT * FROM list_options " .
729 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
730 $got_selected = FALSE;
731 while ($lrow = sqlFetchArray($lres)) {
732 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
733 echo "<option value='$optionValue'";
734 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
735 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
738 $got_selected = TRUE;
741 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . "</option>\n";
743 if (!$got_selected && strlen($currvalue) > 0)
745 //Check 'ethrace' list if the entry does not exist in the list_id of the given list(Race or Ethnicity).
747 $lrow = sqlQuery("SELECT title FROM list_options " .
748 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
751 $s = htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
752 echo "<option value='$currvalue' selected> $s </option>";
757 echo "<option value='$currescaped' selected>* $currescaped *</option>";
759 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_NOQUOTES
);
760 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
761 echo " <font color='red' title='$fontTitle'>$fontText!</font>";
768 else if($data_type == 34){
769 $arr = explode("|*|*|*|",$currvalue);
770 echo "<a href='../../../library/custom_template/custom_template.php?type=form_{$field_id}&contextName=".htmlspecialchars($list_id_esc,ENT_QUOTES
)."' class='iframe_medium' style='text-decoration:none;color:black;'>";
771 echo "<div id='form_{$field_id}_div' class='text-area'>".htmlspecialchars($arr[0],ENT_QUOTES
)."</div>";
772 echo "<div style='display:none'><textarea name='form_{$field_id}' id='form_{$field_id}' stye='display:none'>".$currvalue."</textarea></div>";
776 //facilities drop-down list
777 else if ($data_type == 35) {
778 if (empty($currvalue)){
781 dropdown_facility($selected = $currvalue, $name = "form_$field_id_esc", $allow_unspecified = true, $allow_allfacilities = false);
786 function generate_print_field($frow, $currvalue) {
787 global $rootdir, $date_init;
789 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
791 $data_type = $frow['data_type'];
792 $field_id = $frow['field_id'];
793 $list_id = $frow['list_id'];
794 $fld_length = $frow['fld_length'];
796 $description = htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES
);
798 // Can pass $frow['empty_title'] with this variable, otherwise
799 // will default to 'Unassigned'.
800 // If it is 'SKIP' then an empty text title is completely skipped.
802 if (isset($frow['empty_title'])) {
803 if ($frow['empty_title'] == "SKIP") {
804 //do not display an 'empty' choice
806 $empty_title = "Unassigned";
809 $empty_title = $frow['empty_title'];
813 $empty_title = "Unassigned";
816 // generic single-selection list
817 if ($data_type == 1 ||
$data_type == 26 ||
$data_type == 33) {
818 if (empty($fld_length)) {
819 if ($list_id == 'titles') {
827 $lrow = sqlQuery("SELECT title FROM list_options " .
828 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue));
829 $tmp = xl_list_label($lrow['title']);
830 if (empty($tmp)) $tmp = "($currvalue)";
832 /*****************************************************************
833 echo "<input type='text'" .
834 " size='$fld_length'" .
838 *****************************************************************/
839 if ($tmp === '') { $tmp = ' '; }
840 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
845 else if ($data_type == 2 ||
$data_type == 15) {
846 /*****************************************************************
847 echo "<input type='text'" .
848 " size='$fld_length'" .
849 " value='$currescaped'" .
852 *****************************************************************/
853 if ($currescaped === '') $currescaped = ' ';
857 // long or multi-line text field
858 else if ($data_type == 3) {
859 $fldlength = htmlspecialchars( $fld_length, ENT_QUOTES
);
860 $maxlength = htmlspecialchars( $frow['fld_rows'], ENT_QUOTES
);
862 " cols='$fldlength'" .
863 " rows='$maxlength'>" .
864 $currescaped . "</textarea>";
868 else if ($data_type == 4) {
869 /*****************************************************************
870 echo "<input type='text' size='10'" .
871 " value='$currescaped'" .
872 " title='$description'" .
875 *****************************************************************/
876 if ($currvalue === '') { $tmp = oeFormatShortDate(' '); }
877 else { $tmp = htmlspecialchars( oeFormatShortDate($currvalue), ENT_QUOTES
); }
882 else if ($data_type == 10 ||
$data_type == 11) {
885 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
886 "WHERE id = ?", array($currvalue) );
887 $tmp = ucwords($urow['fname'] . " " . $urow['lname']);
888 if (empty($tmp)) $tmp = "($currvalue)";
890 /*****************************************************************
891 echo "<input type='text'" .
892 " size='$fld_length'" .
896 *****************************************************************/
897 if ($tmp === '') { $tmp = ' '; }
898 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
903 else if ($data_type == 12) {
906 $pres = get_pharmacies();
907 while ($prow = sqlFetchArray($pres)) {
909 if ($currvalue == $key) {
910 $tmp = $prow['name'] . ' ' . $prow['area_code'] . '-' .
911 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
912 $prow['line1'] . ' / ' . $prow['city'];
915 if (empty($tmp)) $tmp = "($currvalue)";
917 /*****************************************************************
918 echo "<input type='text'" .
919 " size='$fld_length'" .
923 *****************************************************************/
924 if ($tmp === '') { $tmp = ' '; }
925 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
930 else if ($data_type == 13) {
933 $squads = acl_get_squads();
935 foreach ($squads as $key => $value) {
936 if ($currvalue == $key) {
941 if (empty($tmp)) $tmp = "($currvalue)";
943 /*****************************************************************
944 echo "<input type='text'" .
945 " size='$fld_length'" .
949 *****************************************************************/
950 if ($tmp === '') { $tmp = ' '; }
951 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
956 else if ($data_type == 14) {
959 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
960 "WHERE id = ?", array($currvalue) );
961 $uname = $urow['lname'];
962 if ($urow['fname']) $uname .= ", " . $urow['fname'];
964 if (empty($tmp)) $tmp = "($currvalue)";
966 /*****************************************************************
967 echo "<input type='text'" .
968 " size='$fld_length'" .
972 *****************************************************************/
973 if ($tmp === '') { $tmp = ' '; }
974 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
978 // a set of labeled checkboxes
979 else if ($data_type == 21) {
980 // In this special case, fld_length is the number of columns generated.
981 $cols = max(1, $fld_length);
982 $avalue = explode('|', $currvalue);
983 $lres = sqlStatement("SELECT * FROM list_options " .
984 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
985 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
986 $tdpct = (int) (100 / $cols);
987 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
988 $option_id = $lrow['option_id'];
989 if ($count %
$cols == 0) {
990 if ($count) echo "</tr>";
993 echo "<td width='$tdpct%'>";
994 echo "<input type='checkbox'";
995 if (in_array($option_id, $avalue)) echo " checked";
996 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
1001 if ($count > $cols) {
1002 // Add some space after multiple rows of checkboxes.
1003 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
1004 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
1010 // a set of labeled text input fields
1011 else if ($data_type == 22) {
1012 $tmp = explode('|', $currvalue);
1014 foreach ($tmp as $value) {
1015 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1016 $avalue[$matches[1]] = $matches[2];
1019 $lres = sqlStatement("SELECT * FROM list_options " .
1020 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1021 echo "<table cellpadding='0' cellspacing='0'>";
1022 while ($lrow = sqlFetchArray($lres)) {
1023 $option_id = $lrow['option_id'];
1024 $fldlength = empty($fld_length) ?
20 : $fld_length;
1025 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
1026 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1027 $inputValue = htmlspecialchars( $avalue[$option_id], ENT_QUOTES
);
1028 echo "<td><input type='text'" .
1029 " size='$fldlength'" .
1030 " value='$inputValue'" .
1037 // a set of exam results; 3 radio buttons and a text field:
1038 else if ($data_type == 23) {
1039 $tmp = explode('|', $currvalue);
1041 foreach ($tmp as $value) {
1042 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1043 $avalue[$matches[1]] = $matches[2];
1046 $fldlength = empty($fld_length) ?
20 : $fld_length;
1047 $lres = sqlStatement("SELECT * FROM list_options " .
1048 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1049 echo "<table cellpadding='0' cellspacing='0'>";
1050 echo "<tr><td> </td><td class='bold'>" .
1051 htmlspecialchars( xl('N/A'), ENT_NOQUOTES
) .
1052 " </td><td class='bold'>" .
1053 htmlspecialchars( xl('Nor'), ENT_NOQUOTES
) . " </td>" .
1054 "<td class='bold'>" .
1055 htmlspecialchars( xl('Abn'), ENT_NOQUOTES
) . " </td><td class='bold'>" .
1056 htmlspecialchars( xl('Date/Notes'), ENT_NOQUOTES
) . "</td></tr>";
1057 while ($lrow = sqlFetchArray($lres)) {
1058 $option_id = $lrow['option_id'];
1059 $restype = substr($avalue[$option_id], 0, 1);
1060 $resnote = substr($avalue[$option_id], 2);
1061 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
1062 for ($i = 0; $i < 3; ++
$i) {
1063 echo "<td><input type='radio'";
1064 if ($restype === "$i") echo " checked";
1067 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1068 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1069 echo "<td><input type='text'" .
1070 " size='$fldlength'" .
1071 " value='$resnote'" .
1072 " class='under' /></td>" .
1078 // the list of active allergies for the current patient
1079 // this is read-only!
1080 else if ($data_type == 24) {
1081 $query = "SELECT title, comments FROM lists WHERE " .
1082 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
1084 $lres = sqlStatement($query, array($GLOBALS['pid']) );
1086 while ($lrow = sqlFetchArray($lres)) {
1087 if ($count++
) echo "<br />";
1088 echo htmlspecialchars( $lrow['title'], ENT_QUOTES
);
1089 if ($lrow['comments']) echo htmlspecialchars( ' (' . $lrow['comments'] . ')', ENT_QUOTES
);
1093 // a set of labeled checkboxes, each with a text field:
1094 else if ($data_type == 25) {
1095 $tmp = explode('|', $currvalue);
1097 foreach ($tmp as $value) {
1098 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1099 $avalue[$matches[1]] = $matches[2];
1102 $fldlength = empty($fld_length) ?
20 : $fld_length;
1103 $lres = sqlStatement("SELECT * FROM list_options " .
1104 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1105 echo "<table cellpadding='0' cellspacing='0'>";
1106 while ($lrow = sqlFetchArray($lres)) {
1107 $option_id = $lrow['option_id'];
1108 $restype = substr($avalue[$option_id], 0, 1);
1109 $resnote = substr($avalue[$option_id], 2);
1110 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
1111 echo "<td><input type='checkbox'";
1112 if ($restype) echo " checked";
1113 echo " /> </td>";
1114 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1115 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1116 echo "<td><input type='text'" .
1117 " size='$fldlength'" .
1118 " value='$resnote'" .
1126 // a set of labeled radio buttons
1127 else if ($data_type == 27) {
1128 // In this special case, fld_length is the number of columns generated.
1129 $cols = max(1, $frow['fld_length']);
1130 $lres = sqlStatement("SELECT * FROM list_options " .
1131 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1132 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
1133 $tdpct = (int) (100 / $cols);
1134 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
1135 $option_id = $lrow['option_id'];
1136 if ($count %
$cols == 0) {
1137 if ($count) echo "</tr>";
1140 echo "<td width='$tdpct%'>";
1141 echo "<input type='radio'";
1142 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
1143 (strlen($currvalue) > 0 && $option_id == $currvalue))
1147 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
1152 if ($count > $cols) {
1153 // Add some space after multiple rows of radio buttons.
1154 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
1155 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
1161 // special case for history of lifestyle status; 3 radio buttons and a date text field:
1162 else if ($data_type == 28 ||
$data_type == 32) {
1163 $tmp = explode('|', $currvalue);
1164 switch(count($tmp)) {
1183 $resdate = $restype = "";
1186 $restype = $resdate = $resnote = "";
1189 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
1190 echo "<table cellpadding='0' cellspacing='0'>";
1192 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1193 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1194 $resdate = htmlspecialchars( $resdate, ENT_QUOTES
);
1195 if($data_type == 28)
1197 echo "<td><input type='text'" .
1198 " size='$fldlength'" .
1200 " value='$resnote' /></td>";
1201 echo "<td class='bold'> ".
1202 " ".
1203 htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
1205 else if($data_type == 32)
1207 echo "<tr><td><input type='text'" .
1208 " size='$fldlength'" .
1210 " value='$resnote' /></td></tr>";
1212 $smoking_status_title = generate_display_field(array('data_type'=>'1','list_id'=>$list_id),$reslist);
1213 echo "<td><input type='text'" .
1214 " size='$fldlength'" .
1216 " value='$smoking_status_title' /></td>";
1217 echo "<td class='bold'> ".htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
1219 echo "<td><input type='radio'";
1220 if ($restype == "current".$field_id) echo " checked";
1221 echo "/>".htmlspecialchars( xl('Current'), ENT_NOQUOTES
)." </td>";
1223 echo "<td><input type='radio'";
1224 if ($restype == "current".$field_id) echo " checked";
1225 echo "/>".htmlspecialchars( xl('Quit'), ENT_NOQUOTES
)." </td>";
1227 echo "<td><input type='text' size='6'" .
1228 " value='$resdate'" .
1232 echo "<td><input type='radio'";
1233 if ($restype == "current".$field_id) echo " checked";
1234 echo " />".htmlspecialchars( xl('Never'), ENT_NOQUOTES
)."</td>";
1236 echo "<td><input type='radio'";
1237 if ($restype == "not_applicable".$field_id) echo " checked";
1238 echo " />".htmlspecialchars( xl('N/A'), ENT_NOQUOTES
)." </td>";
1243 // static text. read-only, of course.
1244 else if ($data_type == 31) {
1245 echo nl2br($frow['description']);
1248 else if($data_type == 34){
1249 echo "<a href='../../../library/custom_template/custom_template.php?type=form_{$field_id}&contextName=".htmlspecialchars($list_id_esc,ENT_QUOTES
)."' class='iframe_medium' style='text-decoration:none;color:black;'>";
1250 echo "<div id='form_{$field_id}_div' class='text-area'></div>";
1251 echo "<div style='display:none'><textarea name='form_{$field_id}' id='form_{$field_id}' stye='display:none'></textarea></div>";
1255 //facilities drop-down list
1256 else if ($data_type == 35) {
1257 if (empty($currvalue)){
1260 dropdown_facility($selected = $currvalue, $name = "form_$field_id_esc", $allow_unspecified = true, $allow_allfacilities = false);
1265 function generate_display_field($frow, $currvalue) {
1266 $data_type = $frow['data_type'];
1267 $field_id = isset($frow['field_id']) ?
$frow['field_id'] : null;
1268 $list_id = $frow['list_id'];
1271 // generic selection list or the generic selection list with add on the fly
1272 // feature, or radio buttons
1273 if ($data_type == 1 ||
$data_type == 26 ||
$data_type == 27 ||
$data_type == 33) {
1274 $lrow = sqlQuery("SELECT title FROM list_options " .
1275 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
1276 $s = htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
1277 //For lists Race and Ethnicity if there is no matching value in the corresponding lists check ethrace list
1278 if ($lrow == 0 && $data_type == 33)
1281 $lrow_ethrace = sqlQuery("SELECT title FROM list_options " .
1282 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
1283 $s = htmlspecialchars(xl_list_label($lrow_ethrace['title']),ENT_NOQUOTES
);
1287 // simple text field
1288 else if ($data_type == 2) {
1289 $s = htmlspecialchars($currvalue,ENT_NOQUOTES
);
1292 // long or multi-line text field
1293 else if ($data_type == 3) {
1294 $s = nl2br(htmlspecialchars($currvalue,ENT_NOQUOTES
));
1298 else if ($data_type == 4) {
1299 $s = htmlspecialchars(oeFormatShortDate($currvalue),ENT_NOQUOTES
);
1303 else if ($data_type == 10 ||
$data_type == 11) {
1304 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
1305 "WHERE id = ?", array($currvalue) );
1306 $s = htmlspecialchars(ucwords($urow['fname'] . " " . $urow['lname']),ENT_NOQUOTES
);
1310 else if ($data_type == 12) {
1311 $pres = get_pharmacies();
1312 while ($prow = sqlFetchArray($pres)) {
1314 if ($currvalue == $key) {
1315 $s .= htmlspecialchars($prow['name'] . ' ' . $prow['area_code'] . '-' .
1316 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
1317 $prow['line1'] . ' / ' . $prow['city'],ENT_NOQUOTES
);
1323 else if ($data_type == 13) {
1324 $squads = acl_get_squads();
1326 foreach ($squads as $key => $value) {
1327 if ($currvalue == $key) {
1328 $s .= htmlspecialchars($value[3],ENT_NOQUOTES
);
1335 else if ($data_type == 14) {
1336 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
1337 "WHERE id = ?", array($currvalue));
1338 $uname = $urow['lname'];
1339 if ($urow['fname']) $uname .= ", " . $urow['fname'];
1340 $s = htmlspecialchars($uname,ENT_NOQUOTES
);
1344 else if ($data_type == 15) {
1345 $s = htmlspecialchars($currvalue,ENT_NOQUOTES
);
1348 // a set of labeled checkboxes
1349 else if ($data_type == 21) {
1350 $avalue = explode('|', $currvalue);
1351 $lres = sqlStatement("SELECT * FROM list_options " .
1352 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1354 while ($lrow = sqlFetchArray($lres)) {
1355 $option_id = $lrow['option_id'];
1356 if (in_array($option_id, $avalue)) {
1357 if ($count++
) $s .= "<br />";
1359 // Added 5-09 by BM - Translate label if applicable
1360 $s .= htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
1366 // a set of labeled text input fields
1367 else if ($data_type == 22) {
1368 $tmp = explode('|', $currvalue);
1370 foreach ($tmp as $value) {
1371 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1372 $avalue[$matches[1]] = $matches[2];
1375 $lres = sqlStatement("SELECT * FROM list_options " .
1376 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1377 $s .= "<table cellpadding='0' cellspacing='0'>";
1378 while ($lrow = sqlFetchArray($lres)) {
1379 $option_id = $lrow['option_id'];
1380 if (empty($avalue[$option_id])) continue;
1382 // Added 5-09 by BM - Translate label if applicable
1383 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . ": </td>";
1385 $s .= "<td class='text' valign='top'>" . htmlspecialchars($avalue[$option_id],ENT_NOQUOTES
) . "</td></tr>";
1390 // a set of exam results; 3 radio buttons and a text field:
1391 else if ($data_type == 23) {
1392 $tmp = explode('|', $currvalue);
1394 foreach ($tmp as $value) {
1395 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1396 $avalue[$matches[1]] = $matches[2];
1399 $lres = sqlStatement("SELECT * FROM list_options " .
1400 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1401 $s .= "<table cellpadding='0' cellspacing='0'>";
1402 while ($lrow = sqlFetchArray($lres)) {
1403 $option_id = $lrow['option_id'];
1404 $restype = substr($avalue[$option_id], 0, 1);
1405 $resnote = substr($avalue[$option_id], 2);
1406 if (empty($restype) && empty($resnote)) continue;
1408 // Added 5-09 by BM - Translate label if applicable
1409 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . " </td>";
1411 $restype = ($restype == '1') ?
xl('Normal') : (($restype == '2') ?
xl('Abnormal') : xl('N/A'));
1412 // $s .= "<td class='text' valign='top'>$restype</td></tr>";
1413 // $s .= "<td class='text' valign='top'>$resnote</td></tr>";
1414 $s .= "<td class='text' valign='top'>" . htmlspecialchars($restype,ENT_NOQUOTES
) . " </td>";
1415 $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . "</td>";
1421 // the list of active allergies for the current patient
1422 else if ($data_type == 24) {
1423 $query = "SELECT title, comments FROM lists WHERE " .
1424 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
1426 // echo "<!-- $query -->\n"; // debugging
1427 $lres = sqlStatement($query, array($GLOBALS['pid']) );
1429 while ($lrow = sqlFetchArray($lres)) {
1430 if ($count++
) $s .= "<br />";
1431 $s .= htmlspecialchars($lrow['title'],ENT_NOQUOTES
);
1432 if ($lrow['comments']) $s .= ' (' . htmlspecialchars($lrow['comments'],ENT_NOQUOTES
) . ')';
1436 // a set of labeled checkboxes, each with a text field:
1437 else if ($data_type == 25) {
1438 $tmp = explode('|', $currvalue);
1440 foreach ($tmp as $value) {
1441 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1442 $avalue[$matches[1]] = $matches[2];
1445 $lres = sqlStatement("SELECT * FROM list_options " .
1446 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1447 $s .= "<table cellpadding='0' cellspacing='0'>";
1448 while ($lrow = sqlFetchArray($lres)) {
1449 $option_id = $lrow['option_id'];
1450 $restype = substr($avalue[$option_id], 0, 1);
1451 $resnote = substr($avalue[$option_id], 2);
1452 if (empty($restype) && empty($resnote)) continue;
1454 // Added 5-09 by BM - Translate label if applicable
1455 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . " </td>";
1457 $restype = $restype ?
xl('Yes') : xl('No');
1458 $s .= "<td class='text' valign='top'>" . htmlspecialchars($restype,ENT_NOQUOTES
) . "</td></tr>";
1459 $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . "</td></tr>";
1465 // special case for history of lifestyle status; 3 radio buttons and a date text field:
1466 // VicarePlus :: A selection list for smoking status.
1467 else if ($data_type == 28 ||
$data_type == 32) {
1468 $tmp = explode('|', $currvalue);
1469 switch(count($tmp)) {
1488 $resdate = $restype = "";
1491 $restype = $resdate = $resnote = "";
1494 $s .= "<table cellpadding='0' cellspacing='0'>";
1498 if ($restype == "current".$field_id) $res = xl('Current');
1499 if ($restype == "quit".$field_id) $res = xl('Quit');
1500 if ($restype == "never".$field_id) $res = xl('Never');
1501 if ($restype == "not_applicable".$field_id) $res = xl('N/A');
1502 // $s .= "<td class='text' valign='top'>$restype</td></tr>";
1503 // $s .= "<td class='text' valign='top'>$resnote</td></tr>";
1504 if ($data_type == 28)
1506 if (!empty($resnote)) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . " </td>";
1508 //VicarePlus :: Tobacco field has a listbox, text box, date field and 3 radio buttons.
1509 else if ($data_type == 32)
1511 if (!empty($reslist)) $s .= "<td class='text' valign='top'>" . generate_display_field(array('data_type'=>'1','list_id'=>$list_id),$reslist) . " </td>";
1512 if (!empty($resnote)) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . " </td>";
1515 if (!empty($res)) $s .= "<td class='text' valign='top'><b>" . htmlspecialchars(xl('Status'),ENT_NOQUOTES
) . "</b>: " . htmlspecialchars($res,ENT_NOQUOTES
) . " </td>";
1516 if ($restype == "quit".$field_id) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resdate,ENT_NOQUOTES
) . " </td>";
1521 // static text. read-only, of course.
1522 else if ($data_type == 31) {
1523 $s .= nl2br($frow['description']);
1526 else if($data_type == 34){
1527 $arr = explode("|*|*|*|",$currvalue);
1528 for($i=0;$i<sizeof($arr);$i++
){
1534 else if ($data_type == 35) {
1535 $urow = sqlQuery("SELECT id, name FROM facility ".
1536 "WHERE id = ?", array($currvalue) );
1537 $s = htmlspecialchars($urow['name'],ENT_NOQUOTES
);
1543 $CPR = 4; // cells per row of generic data
1548 function disp_end_cell() {
1549 global $item_count, $cell_count;
1550 if ($item_count > 0) {
1556 function disp_end_row() {
1557 global $cell_count, $CPR;
1559 if ($cell_count > 0) {
1560 for (; $cell_count < $CPR; ++
$cell_count) echo "<td></td>";
1566 function disp_end_group() {
1568 if (strlen($last_group) > 0) {
1573 function display_layout_rows($formtype, $result1, $result2='') {
1574 global $item_count, $cell_count, $last_group, $CPR;
1576 $fres = sqlStatement("SELECT * FROM layout_options " .
1577 "WHERE form_id = ? AND uor > 0 " .
1578 "ORDER BY group_name, seq", array($formtype) );
1580 while ($frow = sqlFetchArray($fres)) {
1581 $this_group = $frow['group_name'];
1582 $titlecols = $frow['titlecols'];
1583 $datacols = $frow['datacols'];
1584 $data_type = $frow['data_type'];
1585 $field_id = $frow['field_id'];
1586 $list_id = $frow['list_id'];
1589 if ($formtype == 'DEM') {
1590 if ($GLOBALS['athletic_team']) {
1591 // Skip fitness level and return-to-play date because those appear
1592 // in a special display/update form on this page.
1593 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1595 if (strpos($field_id, 'em_') === 0) {
1596 // Skip employer related fields, if it's disabled.
1597 if ($GLOBALS['omit_employers']) continue;
1598 $tmp = substr($field_id, 3);
1599 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1602 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1606 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1609 // Handle a data category (group) change.
1610 if (strcmp($this_group, $last_group) != 0) {
1611 $group_name = substr($this_group, 1);
1612 // totally skip generating the employer category, if it's disabled.
1613 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1615 $last_group = $this_group;
1618 // filter out all the empty field data from the patient report.
1619 if (!empty($currvalue) && !($currvalue == '0000-00-00 00:00:00')) {
1620 // Handle starting of a new row.
1621 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1625 echo "<td class='groupname'>";
1626 //echo "<td class='groupname' style='padding-right:5pt' valign='top'>";
1627 //echo "<font color='#008800'>$group_name</font>";
1629 // Added 5-09 by BM - Translate label if applicable
1630 echo htmlspecialchars(xl_layout_label($group_name),ENT_NOQUOTES
);
1634 //echo "<td class='' style='padding-right:5pt' valign='top'>";
1635 echo "<td valign='top'> ";
1640 if ($item_count == 0 && $titlecols == 0) $titlecols = 1;
1642 // Handle starting of a new label cell.
1643 if ($titlecols > 0) {
1645 //echo "<td class='label' colspan='$titlecols' valign='top'";
1646 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1647 echo "<td class='label' colspan='$titlecols_esc' ";
1648 //if ($cell_count == 2) echo " style='padding-left:10pt'";
1650 $cell_count +
= $titlecols;
1654 // Added 5-09 by BM - Translate label if applicable
1655 if ($frow['title']) echo htmlspecialchars(xl_layout_label($frow['title']).":",ENT_NOQUOTES
); else echo " ";
1657 // Handle starting of a new data cell.
1658 if ($datacols > 0) {
1660 //echo "<td class='text data' colspan='$datacols' valign='top'";
1661 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1662 echo "<td class='text data' colspan='$datacols_esc'";
1663 //if ($cell_count > 0) echo " style='padding-left:5pt'";
1665 $cell_count +
= $datacols;
1669 echo generate_display_field($frow, $currvalue);
1676 function display_layout_tabs($formtype, $result1, $result2='') {
1677 global $item_count, $cell_count, $last_group, $CPR;
1679 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1680 "WHERE form_id = ? AND uor > 0 " .
1681 "ORDER BY group_name, seq", array($formtype) );
1684 while ($frow = sqlFetchArray($fres)) {
1685 $this_group = $frow['group_name'];
1686 $group_name = substr($this_group, 1);
1688 <li
<?php
echo $first ?
'class="current"' : '' ?
>>
1689 <a href
="/play/javascript-tabbed-navigation/" id
="header_tab_<?php echo ".htmlspecialchars($group_name,ENT_QUOTES
)."?>">
1690 <?php
echo htmlspecialchars(xl_layout_label($group_name),ENT_NOQUOTES
); ?
></a
>
1697 function display_layout_tabs_data($formtype, $result1, $result2='') {
1698 global $item_count, $cell_count, $last_group, $CPR;
1700 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1701 "WHERE form_id = ? AND uor > 0 " .
1702 "ORDER BY group_name, seq", array($formtype));
1705 while ($frow = sqlFetchArray($fres)) {
1706 $this_group = isset($frow['group_name']) ?
$frow['group_name'] : "" ;
1707 $titlecols = isset($frow['titlecols']) ?
$frow['titlecols'] : "";
1708 $datacols = isset($frow['datacols']) ?
$frow['datacols'] : "";
1709 $data_type = isset($frow['data_type']) ?
$frow['data_type'] : "";
1710 $field_id = isset($frow['field_id']) ?
$frow['field_id'] : "";
1711 $list_id = isset($frow['list_id']) ?
$frow['list_id'] : "";
1714 $group_fields_query = sqlStatement("SELECT * FROM layout_options " .
1715 "WHERE form_id = ? AND uor > 0 AND group_name = ? " .
1716 "ORDER BY seq", array($formtype, $this_group) );
1719 <div
class="tab <?php echo $first ? 'current' : '' ?>">
1720 <table border
='0' cellpadding
='0'>
1723 while ($group_fields = sqlFetchArray($group_fields_query)) {
1725 $titlecols = $group_fields['titlecols'];
1726 $datacols = $group_fields['datacols'];
1727 $data_type = $group_fields['data_type'];
1728 $field_id = $group_fields['field_id'];
1729 $list_id = $group_fields['list_id'];
1732 if ($formtype == 'DEM') {
1733 if ($GLOBALS['athletic_team']) {
1734 // Skip fitness level and return-to-play date because those appear
1735 // in a special display/update form on this page.
1736 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1738 if (strpos($field_id, 'em_') === 0) {
1739 // Skip employer related fields, if it's disabled.
1740 if ($GLOBALS['omit_employers']) continue;
1741 $tmp = substr($field_id, 3);
1742 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1745 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1749 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1752 // Handle a data category (group) change.
1753 if (strcmp($this_group, $last_group) != 0) {
1754 $group_name = substr($this_group, 1);
1755 // totally skip generating the employer category, if it's disabled.
1756 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1757 $last_group = $this_group;
1760 // Handle starting of a new row.
1761 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1766 if ($item_count == 0 && $titlecols == 0) {
1770 // Handle starting of a new label cell.
1771 if ($titlecols > 0) {
1773 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1774 echo "<td class='label' colspan='$titlecols_esc' ";
1776 $cell_count +
= $titlecols;
1780 // Added 5-09 by BM - Translate label if applicable
1781 if ($group_fields['title']) echo htmlspecialchars(xl_layout_label($group_fields['title']).":",ENT_NOQUOTES
); else echo " ";
1783 // Handle starting of a new data cell.
1784 if ($datacols > 0) {
1786 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1787 echo "<td class='text data' colspan='$datacols_esc'";
1789 $cell_count +
= $datacols;
1793 echo generate_display_field($group_fields, $currvalue);
1810 function display_layout_tabs_data_editable($formtype, $result1, $result2='') {
1811 global $item_count, $cell_count, $last_group, $CPR;
1813 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1814 "WHERE form_id = ? AND uor > 0 " .
1815 "ORDER BY group_name, seq", array($formtype) );
1818 while ($frow = sqlFetchArray($fres)) {
1819 $this_group = $frow['group_name'];
1820 $group_name = substr($this_group, 1);
1821 $group_name_esc = htmlspecialchars( $group_name, ENT_QUOTES
);
1822 $titlecols = $frow['titlecols'];
1823 $datacols = $frow['datacols'];
1824 $data_type = $frow['data_type'];
1825 $field_id = $frow['field_id'];
1826 $list_id = $frow['list_id'];
1829 $group_fields_query = sqlStatement("SELECT * FROM layout_options " .
1830 "WHERE form_id = ? AND uor > 0 AND group_name = ? " .
1831 "ORDER BY seq", array($formtype,$this_group) );
1834 <div
class="tab <?php echo $first ? 'current' : '' ?>" id
="tab_<?php echo $group_name_esc?>" >
1835 <table border
='0' cellpadding
='0'>
1838 while ($group_fields = sqlFetchArray($group_fields_query)) {
1840 $titlecols = $group_fields['titlecols'];
1841 $datacols = $group_fields['datacols'];
1842 $data_type = $group_fields['data_type'];
1843 $field_id = $group_fields['field_id'];
1844 $list_id = $group_fields['list_id'];
1847 if ($formtype == 'DEM') {
1848 if ($GLOBALS['athletic_team']) {
1849 // Skip fitness level and return-to-play date because those appear
1850 // in a special display/update form on this page.
1851 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1853 if (strpos($field_id, 'em_') === 0) {
1854 // Skip employer related fields, if it's disabled.
1855 if ($GLOBALS['omit_employers']) continue;
1856 $tmp = substr($field_id, 3);
1857 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1860 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1864 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1867 // Handle a data category (group) change.
1868 if (strcmp($this_group, $last_group) != 0) {
1869 $group_name = substr($this_group, 1);
1870 // totally skip generating the employer category, if it's disabled.
1871 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1872 $last_group = $this_group;
1875 // Handle starting of a new row.
1876 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1881 if ($item_count == 0 && $titlecols == 0) {
1885 // Handle starting of a new label cell.
1886 if ($titlecols > 0) {
1888 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1889 echo "<td class='label' colspan='$titlecols_esc' ";
1891 $cell_count +
= $titlecols;
1895 // Added 5-09 by BM - Translate label if applicable
1896 if ($group_fields['title']) echo (htmlspecialchars( xl_layout_label($group_fields['title']), ENT_NOQUOTES
).":"); else echo " ";
1898 // Handle starting of a new data cell.
1899 if ($datacols > 0) {
1901 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1902 echo "<td class='text data' colspan='$datacols_esc'";
1904 $cell_count +
= $datacols;
1908 echo generate_form_field($group_fields, $currvalue);
1922 // From the currently posted HTML form, this gets the value of the
1923 // field corresponding to the provided layout_options table row.
1925 function get_layout_form_value($frow) {
1926 // Bring in $sanitize_all_escapes variable, which will decide
1927 // the variable escaping method.
1928 global $sanitize_all_escapes;
1930 $maxlength = $frow['max_length'];
1931 $data_type = $frow['data_type'];
1932 $field_id = $frow['field_id'];
1934 if (isset($_POST["form_$field_id"])) {
1935 if ($data_type == 21) {
1936 // $_POST["form_$field_id"] is an array of checkboxes and its keys
1937 // must be concatenated into a |-separated string.
1938 foreach ($_POST["form_$field_id"] as $key => $val) {
1939 if (strlen($value)) $value .= '|';
1943 else if ($data_type == 22) {
1944 // $_POST["form_$field_id"] is an array of text fields to be imploded
1945 // into "key:value|key:value|...".
1946 foreach ($_POST["form_$field_id"] as $key => $val) {
1947 $val = str_replace('|', ' ', $val);
1948 if (strlen($value)) $value .= '|';
1949 $value .= "$key:$val";
1952 else if ($data_type == 23) {
1953 // $_POST["form_$field_id"] is an array of text fields with companion
1954 // radio buttons to be imploded into "key:n:notes|key:n:notes|...".
1955 foreach ($_POST["form_$field_id"] as $key => $val) {
1956 $restype = $_POST["radio_{$field_id}"][$key];
1957 if (empty($restype)) $restype = '0';
1958 $val = str_replace('|', ' ', $val);
1959 if (strlen($value)) $value .= '|';
1960 $value .= "$key:$restype:$val";
1963 else if ($data_type == 25) {
1964 // $_POST["form_$field_id"] is an array of text fields with companion
1965 // checkboxes to be imploded into "key:n:notes|key:n:notes|...".
1966 foreach ($_POST["form_$field_id"] as $key => $val) {
1967 $restype = empty($_POST["check_{$field_id}"][$key]) ?
'0' : '1';
1968 $val = str_replace('|', ' ', $val);
1969 if (strlen($value)) $value .= '|';
1970 $value .= "$key:$restype:$val";
1973 else if ($data_type == 28 ||
$data_type == 32) {
1974 // $_POST["form_$field_id"] is an date text fields with companion
1975 // radio buttons to be imploded into "notes|type|date".
1976 $restype = $_POST["radio_{$field_id}"];
1977 if (empty($restype)) $restype = '0';
1978 $resdate = str_replace('|', ' ', $_POST["date_$field_id"]);
1979 $resnote = str_replace('|', ' ', $_POST["form_$field_id"]);
1980 if ($data_type == 32)
1982 //VicarePlus :: Smoking status data is imploded into "note|type|date|list".
1983 $reslist = str_replace('|', ' ', $_POST["form_$field_id"]);
1984 $res_text_note = str_replace('|', ' ', $_POST["form_text_$field_id"]);
1985 $value = "$res_text_note|$restype|$resdate|$reslist";
1988 $value = "$resnote|$restype|$resdate";
1991 $value = $_POST["form_$field_id"];
1995 // Better to die than to silently truncate data!
1996 if ($maxlength && $maxlength != 0 && strlen($value) > $maxlength)
1997 die(htmlspecialchars( xl('ERROR: Field') . " '$field_id' " . xl('is too long'), ENT_NOQUOTES
) .
1998 ":<br /> <br />".htmlspecialchars( $value, ENT_NOQUOTES
));
2000 // Make sure the return value is quote-safe.
2001 if ($sanitize_all_escapes) {
2002 //escapes already removed and using binding/placemarks in sql calls
2003 // so only need to trim value
2004 return trim($value);
2007 //need to explicitly prepare value
2008 return formTrim($value);
2012 // Generate JavaScript validation logic for the required fields.
2014 function generate_layout_validation($form_id) {
2015 $fres = sqlStatement("SELECT * FROM layout_options " .
2016 "WHERE form_id = ? AND uor > 0 AND field_id != '' " .
2017 "ORDER BY group_name, seq", array($form_id) );
2019 while ($frow = sqlFetchArray($fres)) {
2020 if ($frow['uor'] < 2) continue;
2021 $data_type = $frow['data_type'];
2022 $field_id = $frow['field_id'];
2023 $fldtitle = $frow['title'];
2024 if (!$fldtitle) $fldtitle = $frow['description'];
2025 $fldname = htmlspecialchars( "form_$field_id", ENT_QUOTES
);
2026 switch($data_type) {
2035 " if (f.$fldname.selectedIndex <= 0) {\n" .
2036 " if (f.$fldname.focus) f.$fldname.focus();\n" .
2037 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
2040 case 27: // radio buttons
2043 " for (; i < f.$fldname.length; ++i) if (f.$fldname[i].checked) break;\n" .
2044 " if (i >= f.$fldname.length) {\n" .
2045 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
2053 " if (trimlen(f.$fldname.value) == 0) {\n" .
2054 " if (f.$fldname.focus) f.$fldname.focus();\n" .
2055 " $('#" . $fldname . "').parents('div.tab').each( function(){ var tabHeader = $('#header_' + $(this).attr('id') ); tabHeader.css('color','red'); } ); " .
2056 " $('#" . $fldname . "').attr('style','background:red'); \n" .
2057 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
2059 " $('#" . $fldname . "').attr('style',''); " .
2060 " $('#" . $fldname . "').parents('div.tab').each( function(){ var tabHeader = $('#header_' + $(this).attr('id') ); tabHeader.css('color',''); } ); " .
2068 * DROPDOWN FOR FACILITIES
2070 * build a dropdown with all facilities
2072 * @param string $selected - name of the currently selected facility
2073 * use '0' for "unspecified facility"
2074 * use '' for "All facilities" (the default)
2075 * @param string $name - the name/id for select form (defaults to "form_facility")
2076 * @param boolean $allow_unspecified - include an option for "unspecified" facility
2078 * @return void - just echo the html encoded string
2080 * Note: This should become a data-type at some point, according to Brady
2082 function dropdown_facility($selected = '', $name = 'form_facility', $allow_unspecified = true, $allow_allfacilities = true) {
2083 $have_selected = false;
2084 $query = "SELECT id, name FROM facility ORDER BY name";
2085 $fres = sqlStatement($query);
2087 $name = htmlspecialchars($name, ENT_QUOTES
);
2088 echo " <select name=\"$name\" id=\"$name\">\n";
2090 if ($allow_allfacilities) {
2092 $option_selected_attr = '';
2093 if ($selected == '') {
2094 $option_selected_attr = ' selected="selected"';
2095 $have_selected = true;
2097 $option_content = htmlspecialchars('-- ' . xl('All Facilities') . ' --', ENT_NOQUOTES
);
2098 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2099 } elseif ($allow_unspecified) {
2100 $option_value = '0';
2101 $option_selected_attr = '';
2102 if ( $selected == '0' ) {
2103 $option_selected_attr = ' selected="selected"';
2104 $have_selected = true;
2106 $option_content = htmlspecialchars('-- ' . xl('Unspecified') . ' --', ENT_NOQUOTES
);
2107 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2110 while ($frow = sqlFetchArray($fres)) {
2111 $facility_id = $frow['id'];
2112 $option_value = htmlspecialchars($facility_id, ENT_QUOTES
);
2113 $option_selected_attr = '';
2114 if ($selected == $facility_id) {
2115 $option_selected_attr = ' selected="selected"';
2116 $have_selected = true;
2118 $option_content = htmlspecialchars($frow['name'], ENT_NOQUOTES
);
2119 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2122 if ($allow_unspecified && $allow_allfacilities) {
2123 $option_value = '0';
2124 $option_selected_attr = '';
2125 if ( $selected == '0' ) {
2126 $option_selected_attr = ' selected="selected"';
2127 $have_selected = true;
2129 $option_content = htmlspecialchars('-- ' . xl('Unspecified') . ' --', ENT_NOQUOTES
);
2130 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2133 if (!$have_selected) {
2134 $option_value = htmlspecialchars($selected, ENT_QUOTES
);
2135 $option_label = htmlspecialchars('(' . xl('Do not change') . ')', ENT_QUOTES
);
2136 $option_content = htmlspecialchars(xl('Missing or Invalid'), ENT_NOQUOTES
);
2137 echo " <option value='$option_value' label='$option_label' selected='selected'>$option_content</option>\n";
2139 echo " </select>\n";
2142 // Expand Collapse Widget
2143 // This forms the header and functionality component of the widget. The information that is displayed
2144 // then follows this function followed by a closing div tag
2146 // $title is the title of the section (already translated)
2147 // $label is identifier used in the tag id's and sql columns
2148 // $buttonLabel is the button label text (already translated)
2149 // $buttonLink is the button link information
2150 // $buttonClass is any additional needed class elements for the button tag
2151 // $linkMethod is the button link method ('javascript' vs 'html')
2152 // $bodyClass is to set class(es) of the body
2153 // $auth is a flag to decide whether to show the button
2154 // $fixedWidth is to flag whether width is fixed
2155 // $forceExpandAlways is a flag to force the widget to always be expanded
2157 function expand_collapse_widget($title, $label, $buttonLabel, $buttonLink, $buttonClass, $linkMethod, $bodyClass, $auth, $fixedWidth, $forceExpandAlways=false) {
2159 echo "<div class='section-header'>";
2162 echo "<div class='section-header-dynamic'>";
2166 // show button, since authorized
2167 // first prepare class string
2169 $class_string = "css_button_small ".htmlspecialchars( $buttonClass, ENT_NOQUOTES
);
2172 $class_string = "css_button_small";
2174 // next, create the link
2175 if ($linkMethod == "javascript") {
2176 echo "<td><a class='" . $class_string . "' href='javascript:;' onclick='" . $buttonLink . "'";
2179 echo "<td><a class='" . $class_string . "' href='" . $buttonLink . "'";
2180 if (!isset($_SESSION['patient_portal_onsite'])) {
2181 // prevent an error from occuring when calling the function from the patient portal
2182 echo " onclick='top.restoreSession()'";
2185 if (!$GLOBALS['concurrent_layout']) {
2186 echo " target='Main'";
2189 htmlspecialchars( $buttonLabel, ENT_NOQUOTES
) . "</span></a></td>";
2191 if ($forceExpandAlways){
2192 // Special case to force the widget to always be expanded
2193 echo "<td><span class='text'><b>" . htmlspecialchars( $title, ENT_NOQUOTES
) . "</b></span>";
2194 $indicatorTag ="style='display:none'";
2196 $indicatorTag = isset($indicatorTag) ?
$indicatorTag : "";
2197 echo "<td><a " . $indicatorTag . " href='javascript:;' class='small' onclick='toggleIndicator(this,\"" .
2198 htmlspecialchars( $label, ENT_QUOTES
) . "_ps_expand\")'><span class='text'><b>";
2199 echo htmlspecialchars( $title, ENT_NOQUOTES
) . "</b></span>";
2201 if (isset($_SESSION['patient_portal_onsite'])) {
2202 // collapse all entries in the patient portal
2203 $text = xl('expand');
2205 else if (getUserSetting($label."_ps_expand")) {
2206 $text = xl('collapse');
2209 $text = xl('expand');
2211 echo " (<span class='indicator'>" . htmlspecialchars($text, ENT_QUOTES
) .
2212 "</span>)</a></td>";
2213 echo "</tr></table>";
2215 if ($forceExpandAlways) {
2216 // Special case to force the widget to always be expanded
2219 else if (isset($_SESSION['patient_portal_onsite'])) {
2220 // collapse all entries in the patient portal
2221 $styling = "style='display:none'";
2223 else if (getUserSetting($label."_ps_expand")) {
2227 $styling = "style='display:none'";
2230 $styling .= " class='" . $bodyClass . "'";
2232 //next, create the first div tag to hold the information
2233 // note the code that calls this function will then place the ending div tag after the data
2234 echo "<div id='" . htmlspecialchars( $label, ENT_QUOTES
) . "_ps_expand' " . $styling . ">";
2237 //billing_facility fuction will give the dropdown list which contain billing faciliies.
2238 function billing_facility($name,$select){
2239 $qsql = sqlStatement("SELECT id, name FROM facility WHERE billing_location = 1");
2240 echo " <select id='".htmlspecialchars($name, ENT_QUOTES
)."' name='".htmlspecialchars($name, ENT_QUOTES
)."'>";
2241 while ($facrow = sqlFetchArray($qsql)) {
2242 $selected = ( $facrow['id'] == $select ) ?
'selected="selected"' : '' ;
2243 echo "<option value=".htmlspecialchars($facrow['id'],ENT_QUOTES
)." $selected>".htmlspecialchars($facrow['name'], ENT_QUOTES
)."</option>";
