3 * delete tool, for logging and removing patient data.
5 * Called from many different pages.
7 * Copyright (C) 2005-2011 Rod Roark <rod@sunsetsystems.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
15 * @author Rod Roark <rod@sunsetsystems.com>
16 * @link http://www.open-emr.org
19 require_once('../globals.php');
20 require_once($GLOBALS['srcdir'].'/log.inc');
21 require_once($GLOBALS['srcdir'].'/acl.inc');
22 require_once($GLOBALS['srcdir'].'/sl_eob.inc.php');
24 $patient = $_REQUEST['patient'];
25 $encounterid = $_REQUEST['encounterid'];
26 $formid = $_REQUEST['formid'];
27 $issue = $_REQUEST['issue'];
28 $document = $_REQUEST['document'];
29 $payment = $_REQUEST['payment'];
30 $billing = $_REQUEST['billing'];
31 $transaction = $_REQUEST['transaction'];
35 // Delete rows, with logging, for the specified table using the
36 // specified WHERE clause.
38 function row_delete($table, $where) {
39 $tres = sqlStatement("SELECT * FROM $table WHERE $where");
41 while ($trow = sqlFetchArray($tres)) {
43 foreach ($trow as $key => $value) {
44 if (! $value ||
$value == '0000-00-00 00:00:00') continue;
45 if ($logstring) $logstring .= " ";
46 $logstring .= $key . "='" . addslashes($value) . "'";
48 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "$table: $logstring");
52 $query = "DELETE FROM $table WHERE $where";
53 echo $query . "<br>\n";
58 // Deactivate rows, with logging, for the specified table using the
59 // specified SET and WHERE clauses.
61 function row_modify($table, $set, $where) {
62 if (sqlQuery("SELECT * FROM $table WHERE $where")) {
63 newEvent("deactivate", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "$table: $where");
64 $query = "UPDATE $table SET $set WHERE $where";
65 echo $query . "<br>\n";
70 // We use this to put dashes, colons, etc. back into a timestamp.
72 function decorateString($fmt, $str) {
75 $fc = substr($fmt, 0, 1);
76 $fmt = substr($fmt, 1);
78 $res .= substr($str, 0, 1);
79 $str = substr($str, 1);
87 // Delete and undo product sales for a given patient or visit.
88 // This is special because it has to replace the inventory.
90 function delete_drug_sales($patient_id, $encounter_id=0) {
91 $where = $encounter_id ?
"ds.encounter = '$encounter_id'" :
92 "ds.pid = '$patient_id' AND ds.encounter != 0";
93 sqlStatement("UPDATE drug_sales AS ds, drug_inventory AS di " .
94 "SET di.on_hand = di.on_hand + ds.quantity " .
95 "WHERE $where AND di.inventory_id = ds.inventory_id");
97 row_delete("drug_sales", "encounter = '$encounter_id'");
100 row_delete("drug_sales", "pid = '$patient_id'");
104 // Delete a form's data from its form-specific table.
106 function form_delete($formdir, $formid) {
107 $formdir = ($formdir == 'newpatient') ?
'encounter' : $formdir;
108 if (substr($formdir,0,3) == 'LBF')
109 row_delete("lbf_data", "form_id = '$formid'");
111 row_delete("form_$formdir", "id = '$formid'");
114 // Delete a specified document including its associated relations and file.
116 function delete_document($document) {
117 $trow = sqlQuery("SELECT url FROM documents WHERE id = '$document'");
119 row_delete("categories_to_documents", "document_id = '$document'");
120 row_delete("documents", "id = '$document'");
121 row_delete("gprelations", "type1 = 1 AND id1 = '$document'");
122 if (substr($url, 0, 7) == 'file://') {
123 @unlink
(substr($url, 7));
129 <?php
html_header_show();?
>
130 <title
><?php
xl('Delete Patient, Encounter, Form, Issue, Document, Payment, Billing or Transaction','e'); ?
></title
>
131 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
134 td
{ font
-size
:10pt
; }
137 <script language
="javascript">
138 function submit_form()
140 document
.deletefrm
.submit();
142 // Java script function for closing the popup
143 function popup_close() {
144 if(parent
.$
==undefined
) {
148 parent
.$
.fn
.fancybox
.close();
154 <body
class="body_top">
156 // If the delete is confirmed...
158 if ($_POST['form_submit']) {
161 if (!acl_check('admin', 'super')) die("Not authorized!");
162 row_modify("billing" , "activity = 0", "pid = '$patient'");
163 row_modify("pnotes" , "deleted = 1" , "pid = '$patient'");
164 // row_modify("prescriptions" , "active = 0" , "patient_id = '$patient'");
165 row_delete("prescriptions" , "patient_id = '$patient'");
166 row_delete("claims" , "patient_id = '$patient'");
167 delete_drug_sales($patient);
168 row_delete("payments" , "pid = '$patient'");
169 row_delete("ar_activity" , "pid = '$patient'");
170 row_delete("openemr_postcalendar_events", "pc_pid = '$patient'");
171 row_delete("immunizations" , "patient_id = '$patient'");
172 row_delete("issue_encounter", "pid = '$patient'");
173 row_delete("lists" , "pid = '$patient'");
174 row_delete("transactions" , "pid = '$patient'");
175 row_delete("employer_data" , "pid = '$patient'");
176 row_delete("history_data" , "pid = '$patient'");
177 row_delete("insurance_data" , "pid = '$patient'");
179 $res = sqlStatement("SELECT * FROM forms WHERE pid = '$patient'");
180 while ($row = sqlFetchArray($res)) {
181 form_delete($row['formdir'], $row['form_id']);
183 row_delete("forms", "pid = '$patient'");
185 // integration_mapping is used for sql-ledger and is virtually obsolete now.
186 $row = sqlQuery("SELECT id FROM patient_data WHERE pid = '$patient'");
187 row_delete("integration_mapping", "local_table = 'patient_data' AND " .
188 "local_id = '" . $row['id'] . "'");
190 // Delete all documents for the patient.
191 $res = sqlStatement("SELECT id FROM documents WHERE foreign_id = '$patient'");
192 while ($row = sqlFetchArray($res)) {
193 delete_document($row['id']);
196 // This table exists only for athletic teams.
197 $tmp = sqlQuery("SHOW TABLES LIKE 'daily_fitness'");
199 row_delete("daily_fitness", "pid = '$patient'");
202 row_delete("patient_data", "pid = '$patient'");
204 else if ($encounterid) {
205 if (!acl_check('admin', 'super')) die("Not authorized!");
206 row_modify("billing", "activity = 0", "encounter = '$encounterid'");
207 delete_drug_sales(0, $encounterid);
208 row_delete("ar_activity", "encounter = '$encounterid'");
209 row_delete("claims", "encounter_id = '$encounterid'");
210 row_delete("issue_encounter", "encounter = '$encounterid'");
211 $res = sqlStatement("SELECT * FROM forms WHERE encounter = '$encounterid'");
212 while ($row = sqlFetchArray($res)) {
213 form_delete($row['formdir'], $row['form_id']);
215 row_delete("forms", "encounter = '$encounterid'");
218 if (!acl_check('admin', 'super')) die("Not authorized!");
219 $row = sqlQuery("SELECT * FROM forms WHERE id = '$formid'");
220 $formdir = $row['formdir'];
221 if (! $formdir) die("There is no form with id '$formid'");
222 form_delete($formdir, $row['form_id']);
223 row_delete("forms", "id = '$formid'");
226 if (!acl_check('admin', 'super')) die("Not authorized!");
227 row_delete("issue_encounter", "list_id = '$issue'");
228 row_delete("lists", "id = '$issue'");
230 else if ($document) {
231 if (!acl_check('admin', 'super')) die("Not authorized!");
232 delete_document($document);
235 if (!acl_check('admin', 'super')) die("Not authorized!");
236 list($patient_id, $timestamp, $ref_id) = explode(".", $payment);
237 $timestamp = decorateString('....-..-.. ..:..:..', $timestamp);
238 $payres = sqlStatement("SELECT * FROM payments WHERE " .
239 "pid = '$patient_id' AND dtime = '$timestamp'");
240 while ($payrow = sqlFetchArray($payres)) {
241 // Delete the payment.
242 row_delete("ar_activity",
243 "pid = '$patient_id' AND " .
244 "session_id = '$ref_id'");
245 row_delete("ar_session",
246 "patient_id = '$patient_id' AND " .
247 "session_id = '$ref_id'");
248 if ($payrow['amount2'] != 0) {
249 if ($GLOBALS['oer_config']['ws_accounting']['enabled'] === 2) {
251 if ($payrow['method']) {
252 $thissrc .= $payrow['method'];
253 if ($payrow['source']) $thissrc .= ' ' . $payrow['source'];
255 $thissrc .= ' front office reversal';
256 $session_id = 0; // Is this OK?
257 arPostPayment($patient_id, $payrow['encounter'], $session_id,
258 0 - $payrow['amount2'], '', 0, $thissrc, 0);
261 // Look up the matching invoice and post an offsetting payment.
263 $invnum = "$patient_id." . $payrow['encounter'];
265 if ($payrow['method']) {
266 $thissrc .= $payrow['method'];
267 if ($payrow['source']) $thissrc .= ' ' . $payrow['source'];
269 $thissrc .= ' front office reversal';
270 $trans_id = SLQueryValue("SELECT id FROM ar WHERE " .
271 "ar.invnumber = '$invnum' LIMIT 1");
273 slPostPayment($trans_id, 0 - $payrow['amount2'], date('Y-m-d'),
276 $info_msg .= "Invoice '$invnum' not found; could not delete its " .
277 "payment of \$" . $payrow['amount2'] . ". ";
282 row_delete("payments", "id = '" . $payrow['id'] . "'");
286 if (!acl_check('acct','disc')) die("Not authorized!");
287 list($patient_id, $encounter_id) = explode(".", $billing);
288 if ($GLOBALS['oer_config']['ws_accounting']['enabled'] === 2) {
289 sqlStatement("DELETE FROM ar_activity WHERE " .
290 "pid = '$patient_id' AND encounter = '$encounter_id'");
291 sqlStatement("DELETE ar_session FROM ar_session LEFT JOIN " .
292 "ar_activity ON ar_session.session_id = ar_activity.session_id " .
293 "WHERE ar_activity.session_id IS NULL");
294 row_modify("billing", "activity = 0",
295 "pid = '$patient_id' AND " .
296 "encounter = '$encounter_id' AND " .
297 "code_type = 'COPAY' AND " .
299 sqlStatement("UPDATE form_encounter SET last_level_billed = 0, " .
300 "last_level_closed = 0, stmt_count = 0, last_stmt_date = NULL " .
301 "WHERE pid = '$patient_id' AND encounter = '$encounter_id'");
305 $trans_id = SLQueryValue("SELECT id FROM ar WHERE ar.invnumber = '$billing' LIMIT 1");
307 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "Invoice $billing from SQL-Ledger");
308 SLQuery("DELETE FROM acc_trans WHERE trans_id = '$trans_id'");
309 if ($sl_err) die($sl_err);
310 SLQuery("DELETE FROM invoice WHERE trans_id = '$trans_id'");
311 if ($sl_err) die($sl_err);
312 SLQuery("DELETE FROM ar WHERE id = '$trans_id'");
313 if ($sl_err) die($sl_err);
315 $info_msg .= "Invoice '$billing' not found!";
319 sqlStatement("UPDATE drug_sales SET billed = 0 WHERE " .
320 "pid = '$patient_id' AND encounter = '$encounter_id'");
321 updateClaim(true, $patient_id, $encounter_id, -1, -1, 1, 0, ''); // clears for rebilling
323 else if ($transaction) {
324 if (!acl_check('admin', 'super')) die("Not authorized!");
325 row_delete("transactions", "id = '$transaction'");
328 die("Nothing was recognized to delete!");
331 if (! $info_msg) $info_msg = xl('Delete successful.');
333 // Close this window and tell our opener that it's done.
335 echo "<script language='JavaScript'>\n";
336 if ($info_msg) echo " alert('$info_msg');\n";
337 if ($encounterid) //this code need to be same as 'parent.imdeleted($encounterid)' when the popup is div like
339 echo "window.opener.imdeleted($encounterid);\n";
343 echo "parent.imdeleted();\n";
345 echo "</script></body></html>\n";
350 <form method
='post' name
="deletefrm" action
='deleter.php?patient=<?php echo $patient ?>&encounterid=<?php echo $encounterid ?>&formid=<?php echo $formid ?>&issue=<?php echo $issue ?>&document=<?php echo $document ?>&payment=<?php echo $payment ?>&billing=<?php echo $billing ?>&transaction=<?php echo $transaction ?>' onsubmit
="javascript:alert('1');document.deleform.submit();">
352 <p
class="text"> 
;<br
><?php
xl('Do you really want to delete','e'); ?
>
356 echo xl('patient') . " $patient";
357 } else if ($encounterid) {
358 echo xl('encounter') . " $encounterid";
359 } else if ($formid) {
360 echo xl('form') . " $formid";
362 echo xl('issue') . " $issue";
363 } else if ($document) {
364 echo xl('document') . " $document";
365 } else if ($payment) {
366 echo xl('payment') . " $payment";
367 } else if ($billing) {
368 echo xl('invoice') . " $billing";
369 } else if ($transaction) {
370 echo xl('transaction') . " $transaction";
372 ?
> <?php
xl('and all subordinate data? This action will be logged','e'); ?
>!</p
>
376 <p
class="text"> 
;<br
>
377 <a href
="#" onclick
="submit_form()" class="css_button"><span
><?php
xl('Yes, Delete and Log','e'); ?
></span
></a
>
378 <input type
='hidden' name
='form_submit' value
=<?php
xl('Yes, Delete and Log','e','\'','\''); ?
>/>
379 <a href
='#' class="css_button" onclick
=popup_close();><span
><?php
echo xl('No, Cancel');?
></span
></a
>