interface/forms/newpatient/save.php

   1 <?php
   2 // This program is free software; you can redistribute it and/or
   3 // modify it under the terms of the GNU General Public License
   4 // as published by the Free Software Foundation; either version 2
   5 // of the License, or (at your option) any later version.
   6
   7 require_once("../../globals.php");
   8 require_once("$srcdir/forms.inc");
   9 require_once("$srcdir/sql.inc");
  10 require_once("$srcdir/encounter.inc");
  11 require_once("$srcdir/acl.inc");
  12 require_once("$srcdir/formatting.inc.php");
  13
  14 foreach ($_POST as $k => $var) {
  15   if (! is_array($var)) $_POST[$k] = mysql_escape_string($var);
  16   echo "$var\n";
  17 }
  18
  19 $conn = $GLOBALS['adodb']['db'];
  20
  21 // $date = $_POST["year"]."-".$_POST["month"]."-".$_POST["day"];
  22 // $onset_date = $_POST["onset_year"]."-".$_POST["onset_month"]."-".$_POST["onset_day"];
  23
  24 $date        = $_POST['form_date'];
  25 $onset_date  = $_POST['form_onset_date'];
  26 $sensitivity = $_POST['form_sensitivity'];
  27 $pc_catid    = $_POST['pc_catid'];
  28 $facility_id = $_POST['facility_id'];
  29 $reason      = $_POST['reason'];
  30 $mode        = $_POST['mode'];
  31 $referral_source = $_POST['form_referral_source'];
  32
  33 if ($GLOBALS['concurrent_layout'])
  34   $normalurl = "$rootdir/patient_file/encounter/encounter_top.php";
  35 else
  36   $normalurl = "$rootdir/patient_file/encounter/patient_encounter.php";
  37
  38 $nexturl = $normalurl;
  39
  40 if ($mode == 'new')
  41 {
  42   $provider_id = $userauthorized ? $_SESSION['authUserID'] : 0;
  43   $encounter = $conn->GenID("sequences");
  44   addForm($encounter, "New Patient Encounter",
  45     sqlInsert("INSERT INTO form_encounter SET " .
  46       "date = '$date', " .
  47       "onset_date = '$onset_date', " .
  48       "reason = '$reason', " .
  49       "pc_catid = '$pc_catid', " .
  50       "facility_id = '$facility_id', " .
  51       "sensitivity = '$sensitivity', " .
  52       "referral_source = '$referral_source', " .
  53       "pid = '$pid', " .
  54       "encounter = '$encounter', " .
  55       "provider_id = '$provider_id'"),
  56     "newpatient", $pid, $userauthorized, $date);
  57 }
  58 else if ($mode == 'update')
  59 {
  60   $id = $_POST["id"];
  61   $result = sqlQuery("SELECT encounter, sensitivity FROM form_encounter WHERE id = '$id'");
  62   if ($result['sensitivity'] && !acl_check('sensitivities', $result['sensitivity'])) {
  63    die("You are not authorized to see this encounter.");
  64   }
  65   $encounter = $result['encounter'];
  66   // See view.php to allow or disallow updates of the encounter date.
  67   // $datepart = $_POST["day"] ? "date = '$date', " : "";
  68   $datepart = acl_check('encounters', 'date_a') ? "date = '$date', " : "";
  69   sqlStatement("UPDATE form_encounter SET " .
  70     $datepart .
  71     "onset_date = '$onset_date', " .
  72     "reason = '$reason', " .
  73     "pc_catid = '$pc_catid', " .
  74     "facility_id = '$facility_id', " .
  75     "sensitivity = '$sensitivity', " .
  76     "referral_source = '$referral_source' " .
  77     "WHERE id = '$id'");
  78 }
  79 else {
  80   die("Unknown mode '$mode'");
  81 }
  82
  83 setencounter($encounter);
  84
  85 // Update the list of issues associated with this encounter.
  86 sqlStatement("DELETE FROM issue_encounter WHERE " .
  87   "pid = '$pid' AND encounter = '$encounter'");
  88 if (is_array($_POST['issues'])) {
  89   foreach ($_POST['issues'] as $issue) {
  90     $query = "INSERT INTO issue_encounter ( " .
  91       "pid, list_id, encounter " .
  92       ") VALUES ( " .
  93       "'$pid', '$issue', '$encounter'" .
  94     ")";
  95     sqlStatement($query);
  96   }
  97 }
  98
  99 // Custom for Chelsea FC.
 100 //
 101 if ($mode == 'new' && $GLOBALS['default_new_encounter_form'] == 'football_injury_audit') {
 102
 103   // If there are any "football injury" issues (medical problems without
 104   // "illness" in the title) linked to this encounter, but no encounter linked
 105   // to such an issue has the injury form in it, then present that form.
 106
 107   $lres = sqlStatement("SELECT list_id " .
 108     "FROM issue_encounter, lists WHERE " .
 109     "issue_encounter.pid = '$pid' AND " .
 110     "issue_encounter.encounter = '$encounter' AND " .
 111     "lists.id = issue_encounter.list_id AND " .
 112     "lists.type = 'medical_problem' AND " .
 113     "lists.title NOT LIKE '%Illness%'");
 114
 115   if (mysql_num_rows($lres)) {
 116     $nexturl = "$rootdir/patient_file/encounter/load_form.php?formname=" .
 117       $GLOBALS['default_new_encounter_form'];
 118     while ($lrow = sqlFetchArray($lres)) {
 119       $frow = sqlQuery("SELECT count(*) AS count " .
 120          "FROM issue_encounter, forms WHERE " .
 121          "issue_encounter.list_id = '" . $lrow['list_id'] . "' AND " .
 122          "forms.pid = issue_encounter.pid AND " .
 123          "forms.encounter = issue_encounter.encounter AND " .
 124          "forms.formdir = '" . $GLOBALS['default_new_encounter_form'] . "'");
 125       if ($frow['count']) $nexturl = $normalurl;
 126     }
 127   }
 128 }
 129 ?>
 130 <html>
 131 <body>
 132 <script language="Javascript">
 133 <?php if ($GLOBALS['concurrent_layout'] && $mode == 'new') { ?>
 134  parent.left_nav.setEncounter(<?php echo "'" . oeFormatShortDate($date) . "', $encounter, window.name"; ?>);
 135  parent.left_nav.setRadio(window.name, 'enc');
 136 <?php } ?>
 137  top.restoreSession();
 138  window.location="<?php echo $nexturl; ?>";
 139 </script>
 140
 141 </body>
 142 </html>