search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Additional mods to previous commit (still discussing UTF8 enforcing)
[openemr.git] / patients / get_lab_results.php
blobc667064a49c063a56a63211cea315e86a7085b00
1 <?php
2 // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8
9 //SANITIZE ALL ESCAPES
10 $sanitize_all_escapes=true;
11
12 //STOP FAKE REGISTER GLOBALS
13 $fake_register_globals=false;
14
15 //continue session
16 session_start();
17 //
18
19 //landing page definition -- where to go if something goes wrong
20 $landingpage = "index.php?site=".$_SESSION['site_id'];
21 //
22
23 // kick out if patient not authenticated
24 if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
25 $pid = $_SESSION['pid'];
26 }
27 else {
28 session_destroy();
29 header('Location: '.$landingpage.'&w');
30 exit;
31 }
32 //
33
34 $ignoreAuth=true;
35 require_once('../interface/globals.php');
36 require_once('../library/options.inc.php');
37
38 $selects =
39 "po.procedure_order_id, po.date_ordered, pc.procedure_order_seq, " .
40 "pt1.procedure_type_id AS order_type_id, pc.procedure_name, " .
41 "pr.procedure_report_id, pr.date_report, pr.date_collected, pr.specimen_num, " .
42 "pr.report_status, pr.review_status";
43
44 $joins =
45 "JOIN procedure_order_code AS pc ON pc.procedure_order_id = po.procedure_order_id " .
46 "LEFT JOIN procedure_type AS pt1 ON pt1.lab_id = po.lab_id AND pt1.procedure_code = pc.procedure_code " .
47 "LEFT JOIN procedure_report AS pr ON pr.procedure_order_id = po.procedure_order_id AND " .
48 "pr.procedure_order_seq = pc.procedure_order_seq";
49
50 $orderby =
51 "po.date_ordered, po.procedure_order_id, " .
52 "pc.procedure_order_seq, pr.procedure_report_id";
53
54 $where = "1 = 1";
55
56 $res = sqlStatement("SELECT $selects " .
57 "FROM procedure_order AS po $joins " .
58 "WHERE po.patient_id = ? AND $where " .
59 "ORDER BY $orderby", array($pid));
60
61 if(sqlNumRows($res)>0)
62 {
63 ?>
64 <table class="class1">
65 <tr class="header">
66 <th><?php echo htmlspecialchars( xl('Order Date'),ENT_NOQUOTES); ?></th>
67 <th><?php echo htmlspecialchars( xl('Order Name'),ENT_NOQUOTES); ?></th>
68 <th><?php echo htmlspecialchars( xl('Result Name'),ENT_NOQUOTES); ?></th>
69 <th><?php echo htmlspecialchars( xl('Abnormal'),ENT_NOQUOTES); ?></th>
70 <th><?php echo htmlspecialchars( xl('Value'),ENT_NOQUOTES); ?></th>
71 <th><?php echo htmlspecialchars( xl('Range'),ENT_NOQUOTES); ?></th>
72 <th><?php echo htmlspecialchars( xl('Units'),ENT_NOQUOTES); ?></th>
73 <th><?php echo htmlspecialchars( xl('Result Status'),ENT_NOQUOTES); ?></th>
74 <th><?php echo htmlspecialchars( xl('Report Status'),ENT_NOQUOTES); ?></th>
75 </tr>
76 <?php
77 $even=false;
78
79 while ($row = sqlFetchArray($res)) {
80 $order_type_id = empty($row['order_type_id' ]) ? 0 : ($row['order_type_id' ] + 0);
81 $report_id = empty($row['procedure_report_id']) ? 0 : ($row['procedure_report_id'] + 0);
82
83 $selects = "pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units, " .
84 "pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id, " .
85 "pt2.name AS name, pt2.description, pt2.seq AS seq, " .
86 "ps.procedure_result_id, ps.result_code AS result_code, ps.result_text, ps.abnormal, ps.result, " .
87 "ps.range, ps.result_status, ps.facility, ps.comments, ps.units, ps.comments";
88
89 // procedure_type_id for order:
90 $pt2cond = "pt2.parent = $order_type_id AND " .
91 "(pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%')";
92
93 // pr.procedure_report_id or 0 if none:
94 $pscond = "ps.procedure_report_id = $report_id";
95
96 $joincond = "ps.result_code = pt2.procedure_code";
97
98 // This union emulates a full outer join. The idea is to pick up all
99 // result types defined for this order type, as well as any actual
100 // results that do not have a matching result type.
101 $query = "(SELECT $selects FROM procedure_type AS pt2 " .
102 "LEFT JOIN procedure_result AS ps ON $pscond AND $joincond " .
103 "WHERE $pt2cond" .
104 ") UNION (" .
105 "SELECT $selects FROM procedure_result AS ps " .
106 "LEFT JOIN procedure_type AS pt2 ON $pt2cond AND $joincond " .
107 "WHERE $pscond) " .
108 "ORDER BY seq, name, procedure_type_id, result_code";
109
110 $rres = sqlStatement($query);
111 while ($rrow = sqlFetchArray($rres)) {
112
113 if ($even) {
114 $class="class1_even";
115 $even=false;
116 } else {
117 $class="class1_odd";
118 $even=true;
119 }
120 $date=explode('-',$row['date_ordered']);
121 echo "<tr class='".$class."'>";
122 echo "<td>".htmlspecialchars($date[1]."/".$date[2]."/".$date[0],ENT_NOQUOTES)."</td>";
123 echo "<td>".htmlspecialchars($row['procedure_name'],ENT_NOQUOTES)."</td>";
124 echo "<td>".htmlspecialchars($rrow['name'],ENT_NOQUOTES)."</td>";
125 echo "<td>".generate_display_field(array('data_type'=>'1','list_id'=>'proc_res_abnormal'),$rrow['abnormal'])."</td>";
126 echo "<td>".htmlspecialchars($row['result'],ENT_NOQUOTES)."</td>";
127 echo "<td>".htmlspecialchars($rrow['pt2_range'],ENT_NOQUOTES)."</td>";
128 echo "<td>".generate_display_field(array('data_type'=>'1','list_id'=>'proc_unit'),$rrow['pt2_units'])."</td>";
129 echo "<td>".generate_display_field(array('data_type'=>'1','list_id'=>'proc_res_status'),$rrow['result_status'])."</td>";
130 echo "<td>".generate_display_field(array('data_type'=>'1','list_id'=>'proc_rep_status'),$row['report_status'])."</td>";
131 echo "</tr>";
132
133 }
134
135 }
136
137 echo "</table>";
138 }
139 else
140 {
141 echo htmlspecialchars( xl("No Results"),ENT_NOQUOTES);
142 }
143 ?>
Mirror of official OpenEMR Sourceforge repository