patients/get_allergies.php

   1 <?php
   2  // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
   3  //
   4  // This program is free software; you can redistribute it and/or
   5  // modify it under the terms of the GNU General Public License
   6  // as published by the Free Software Foundation; either version 2
   7  // of the License, or (at your option) any later version.
   8
   9         //SANITIZE ALL ESCAPES
  10         $sanitize_all_escapes=true;
  11
  12         //STOP FAKE REGISTER GLOBALS
  13         $fake_register_globals=false;
  14
  15         //landing page definition -- where to go if something goes wrong
  16         $landingpage = "index.php";
  17         //
  18
  19         // kick out if patient not authenticated
  20         session_start();
  21         if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
  22                 $pid = $_SESSION['pid'];
  23         }
  24         else {
  25                 session_destroy();
  26                 header('Location: '.$landingpage.'?w');
  27                 exit;
  28         }
  29         //
  30
  31         $ignoreAuth=true;
  32         require_once('../interface/globals.php');
  33
  34         $sql = "SELECT * FROM lists WHERE pid = ? AND type = 'allergy' ORDER BY begdate";
  35
  36         $res = sqlStatement($sql, array($pid) );
  37
  38         if(sqlNumRows($res)>0)
  39         {
  40                 ?>
  41                 <table class="class1">
  42                         <tr class="header">
  43                                 <th><?php echo htmlspecialchars( xl('Title'),ENT_NOQUOTES); ?></th>
  44                                 <th><?php echo htmlspecialchars( xl('Reported Date'),ENT_NOQUOTES); ?></th>
  45                                 <th><?php echo htmlspecialchars( xl('Start Date'),ENT_NOQUOTES); ?></th>
  46                                 <th><?php echo htmlspecialchars( xl('End Date'),ENT_NOQUOTES); ?></th>
  47                                 <th><?php echo htmlspecialchars( xl('Referrer'),ENT_NOQUOTES); ?></th>
  48                         </tr>
  49                 <?php
  50                 $even=false;
  51                 while ($row = sqlFetchArray($res)) {
  52                         if ($even) {
  53                                 $class="class1_even";
  54                                 $even=false;
  55                         } else {
  56                                 $class="class1_odd";
  57                                 $even=true;
  58                         }
  59                         echo "<tr class='".$class."'>";
  60                         echo "<td>".htmlspecialchars( $row['title'],ENT_NOQUOTES)."</td>";
  61                         echo "<td>".htmlspecialchars( $row['date'],ENT_NOQUOTES)."</td>";
  62                         echo "<td>".htmlspecialchars( $row['begdate'],ENT_NOQUOTES)."</td>";
  63                         echo "<td>".htmlspecialchars( $row['enddate'],ENT_NOQUOTES)."</td>";
  64                         echo "<td>".htmlspecialchars( $row['referredby'],ENT_NOQUOTES)."</td>";
  65                         echo "</tr>";
  66                 }
  67                 echo "</table>";
  68         }
  69         else
  70         {
  71                 echo htmlspecialchars( xl("No Results"),ENT_NOQUOTES);
  72         }
  73 ?>