patients/get_problems.php

   1 <?php
   2  // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
   3  //
   4  // This program is free software; you can redistribute it and/or
   5  // modify it under the terms of the GNU General Public License
   6  // as published by the Free Software Foundation; either version 2
   7  // of the License, or (at your option) any later version.
   8
   9         //SANITIZE ALL ESCAPES
  10         $sanitize_all_escapes=true;
  11
  12         //STOP FAKE REGISTER GLOBALS
  13         $fake_register_globals=false;
  14
  15         //landing page definition -- where to go if something goes wrong
  16         $landingpage = "index.php";
  17         //
  18
  19         // kick out if patient not authenticated
  20         session_start();
  21         if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
  22                 $pid = $_SESSION['pid'];
  23         }
  24         else {
  25                 session_destroy();
  26                 header('Location: '.$landingpage.'?w');
  27                 exit;
  28         }
  29         //
  30
  31         $ignoreAuth=true;
  32         include_once('../interface/globals.php');
  33
  34         $sql = "SELECT * FROM lists WHERE pid = ? AND type = 'medical_problem' ORDER BY begdate";
  35
  36         $res = sqlStatement($sql, array($pid) );
  37
  38         if(sqlNumRows($res)>0)
  39         {
  40                 ?>
  41                 <table class="class1">
  42                         <tr class="header">
  43                                 <th><?php echo htmlspecialchars( xl('Title'),ENT_NOQUOTES);?></th>
  44                                 <th><?php echo htmlspecialchars( xl('Reported Date'),ENT_NOQUOTES);?></th>
  45                                 <th><?php echo htmlspecialchars( xl('Start Date'),ENT_NOQUOTES);?></th>
  46                                 <th><?php echo htmlspecialchars( xl('End Date'),ENT_NOQUOTES);?></th>
  47                         </tr>
  48                 <?php
  49                 $even=false;
  50                 while ($row = sqlFetchArray($res)) {
  51                         if ($even) {
  52                                 $class="class1_even";
  53                                 $even=false;
  54                         } else {
  55                                 $class="class1_odd";
  56                                 $even=true;
  57                         }
  58                         echo "<tr class='".$class."'>";
  59                         echo "<td>".htmlspecialchars($row['title'],ENT_NOQUOTES)."</td>";
  60                         echo "<td>".htmlspecialchars($row['date'],ENT_NOQUOTES)."</td>";
  61                         echo "<td>".htmlspecialchars($row['begdate'],ENT_NOQUOTES)."</td>";
  62                         echo "<td>".htmlspecialchars($row['enddate'],ENT_NOQUOTES)."</td>";
  63                         echo "</tr>";
  64                 }
  65                 echo "</table>";
  66         }
  67         else
  68         {
  69                 echo htmlspecialchars( xl("No Results"),ENT_NOQUOTES);
  70         }
  71 ?>