2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__
)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__
)."/../../library/options.inc.php");
45 if(!extension_loaded("soap")){
48 require_once("server_med_rec.php");
49 require_once("factory_class.php");
50 class UserService
extends Userforms
54 * To display the patient uploaded files/pdf patient wise
56 public function patientuploadedfiles($data){
57 if($this->valid($data[0])){
63 ad.field_value AS doc_name,
67 ad2.field_value AS file_name,
68 ad3.field_value AS pat_comments
71 JOIN audit_master AS am
72 ON am.id = ad.audit_master_id
73 LEFT JOIN patient_data AS pd
75 JOIN audit_details AS ad2
76 ON am.id = ad2.audit_master_id
77 AND ad2.field_name = 'dlm_filename'
78 JOIN audit_details AS ad3
79 ON am.id = ad3.audit_master_id
80 AND ad3.field_name = 'dld_patient_comments'
81 WHERE ad.field_name = 'dlm_document_name'
82 AND approval_status = '1'
87 $query .= " AND am.id = ?";
88 $res = sqlStatement($query,array($data[1]));
90 $res = sqlStatement($query);
93 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
102 public function createandstoretodirectory($data){
104 if($this->valid($data[0])){
107 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
108 if(is_dir($savedpath));
111 mkdir($savedpath,0777,true);
112 chmod($savedpath, 0777);
114 $handler = fopen($savedpath."/".$file_name,"w");
115 fwrite($handler, base64_decode($data));
117 chmod($savedpath."/".$file_name,0777);
120 throw new SoapFault("Server", "credentials failed");
125 * To move category,rename filename,input note and to move to new patient#
127 public function documents_update($data){
128 if($this->valid($data[0])){
129 $_POST['process'] = true;
130 $_POST['new_category_id'] = $data[1];
131 $_POST['new_patient_id'] = $data[4];
134 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
135 elseif($data[9] == 1)
136 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
137 elseif($data[9] == 4)
138 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
140 "pdf"=>"application/pdf"
141 ,"exe"=>"application/octet-stream"
142 ,"zip"=>"application/zip"
143 ,"docx"=>"application/msword"
144 ,"doc"=>"application/msword"
145 ,"xls"=>"application/vnd.ms-excel"
146 ,"ppt"=>"application/vnd.ms-powerpoint"
152 ,"wav"=>"audio/x-wav"
153 ,"mpeg"=>"video/mpeg"
156 ,"mov"=>"video/quicktime"
157 ,"avi"=>"video/x-msvideo"
160 ,"jsc"=>"application/javascript"
161 ,"js"=>"application/javascript"
167 $extension = strtolower(end(explode('.',$file_path)));
168 $mime_types = $mime_types[$extension];
169 $_FILES['file']['name'][0] = $data[6];
170 $_FILES['file']['type'][0] = $mime_types;
171 $_FILES['file']['tmp_name'][0] = $file_path;
172 $_FILES['file']['error'][0] = 0;
173 $_FILES['file']['size'][0] = filesize($file_path);
174 $_POST['category_id'] = $_POST['new_category_id'];
175 $_POST['patient_id'] = $_POST['new_patient_id'];
176 $_GET['patient_id'] = $_POST['patient_id'];
177 $_POST['destination'] = $data[3];
179 $cdoc = new C_Document();
180 $cdoc->upload_action_process();
181 if($GLOBALS['document_storage_method']==0){
183 copy($file_path,$cdoc->file_path
.$data[3]);
185 copy($file_path,$cdoc->file_path
.$data[6]);
187 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
189 $_POST['encrypted'] = '';
190 $_POST['passphrase'] = '';
191 $_POST['process'] = true;
192 $_POST['foreign_id'] = $foreign_id['id'];
193 $_POST['note'] = $data[7];
194 $cdoc->note_action_process($_GET['patient_id']);
195 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
196 sqlQuery($sql_patient_no,array($data[2],$data[8]));
202 * To display the files/pdfforms patient wise
204 public function userslistportal($data){
205 if($this->valid($data[0])){
211 dlm.dlm_document_name,
217 dld.dld_master_docid,
219 dld.dld_patient_comments,
225 documents_legal_master AS dlm
226 LEFT OUTER JOIN documents_legal_detail AS dld
227 ON dlm.dlm_document_id = dld_master_docid
228 JOIN patient_data AS pd
229 ON dld.dld_pid = pd.pid
230 WHERE dlm.dlm_effective_date <= NOW()
231 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
232 AND dld.dld_id IS NOT NULL
233 AND dld.dld_signed IN (1,2,4)
234 AND dld.dld_moved = 0
235 ORDER BY dld.dld_pid ASC ";
237 $res = sqlStatement($query);
239 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
249 * To display the category list in Move To Category option
251 public function category_list($data){
252 if($this->valid($data[0])){
254 $query = "SELECT * FROM categories";
255 $res = sqlStatement($query);
257 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
266 //Converts a text to xml format.Format is as follows
267 public function text_to_xml($data){
268 if($this->valid($data[0])){
270 $doc = new DOMDocument();
271 $doc->formatOutput
= true;
273 $root = $doc->createElement( "root" );
274 $doc->appendChild( $root );
276 $level = $doc->createElement( "level" );
277 $root->appendChild( $level );
279 $element = $doc->createElement( "text" );
280 $element->appendChild(
281 $doc->createTextNode( $text )
283 $level->appendChild( $element );
284 return $doc->saveXML();
287 throw new SoapFault("Server", "credentials failed");
291 //Accepts an array and returns the result in xml format.Format is as follows
294 public function function_return_to_xml($var=array()){
296 $doc = new DOMDocument();
297 $doc->formatOutput
= true;
299 $root = $doc->createElement( "root" );
300 $doc->appendChild( $root );
303 $level = $doc->createElement( "level" );
304 $root->appendChild( $level );
305 foreach($var as $key=>$value){
306 $element = $doc->createElement( "$key" );
307 $element->appendChild(
308 $doc->createTextNode( $value )
310 $level->appendChild( $element );
313 return $doc->saveXML();
317 //When a filled PDf is rejected During audit , the file is deleted
320 public function delete_file($data){
321 if($this->valid($data[0])){
322 $file_name_with_path=$data[1];
323 @unlink
($file_name_with_path);
326 throw new SoapFault("Server", "credentials failed");
331 //Accepts a file path.Fetches the file in xml format.
332 //Transfer the file to portal in XML format
333 public function file_to_xml($data){
334 if($this->valid($data[0])){
335 $file_name_with_path=$data[1];
336 $path_parts = pathinfo($file_name_with_path);
337 $handler = fopen($file_name_with_path,"rb");
338 $returnData = fread($handler,filesize($file_name_with_path));
340 $doc = new DOMDocument();
341 $doc->formatOutput
= true;
343 $root = $doc->createElement( "root" );
344 $doc->appendChild( $root );
346 $level = $doc->createElement( "level" );
347 $root->appendChild( $level );
349 $filename = $doc->createElement( "name" );
350 $filename->appendChild(
351 $doc->createTextNode( $path_parts['basename'] )
353 $level->appendChild( $filename );
355 $type = $doc->createElement( "type" );
357 $doc->createTextNode( $path_parts['extension'] )
359 $level->appendChild( $type );
360 $content = $doc->createElement( "file" );
361 $content->appendChild(
362 $doc->createTextNode( base64_encode($returnData) )
364 $level->appendChild( $content );
365 return $doc->saveXML();
368 throw new SoapFault("Server", "credentials failed");
373 //File teceived from the portal side is saved to OpenEMR
375 public function store_to_file($data){
376 if($this->valid($data[0])){
377 $file_name_with_path=$data[1];
379 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
380 if(is_dir($savedpath));
383 mkdir($savedpath,0777);
384 chmod($savedpath, 0777);
386 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
387 if(is_dir($savedpath));
390 mkdir($savedpath,0777);
391 chmod($savedpath, 0777);
393 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
394 if(is_dir($savedpath));
397 mkdir($savedpath,0777);
398 chmod($savedpath, 0777);
400 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
401 if(is_dir($savedpath));
404 mkdir($savedpath,0777);
405 chmod($savedpath, 0777);
407 $handler = fopen($file_name_with_path,"w");
408 fwrite($handler, base64_decode($data));
410 chmod($file_name_with_path,0777);
413 throw new SoapFault("Server", "credentials failed");
418 //receive a batch of function calls received from Portal, execute it and return the results to the portal
419 //The results will be stored in the key, which is received from portal.
422 static public function batch_despatch($var,$func,$data_credentials){
424 if(UserService
::valid($data_credentials)){
425 require_once("../../library/invoice_summary.inc.php");
426 require_once("../../library/options.inc.php");
427 require_once("../../library/acl.inc");
428 require_once("../../library/patient.inc");
429 if($func=='ar_responsible_party')
432 $encounter_id=$var['encounter'];
433 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
434 return UserService
::function_return_to_xml($x);
436 elseif($func=='getInsuranceData')
439 $given=$var['given'];
440 $x=getInsuranceData($pid,$type,$given);
441 return UserService
::function_return_to_xml($x);
443 elseif($func=='generate_select_list')
445 $tag_name=$var['tag_name'];
446 $list_id=$var['list_id'];
447 $currvalue=$var['currvalue'];
448 $title=$var['title'];
449 $empty_name=$var['empty_name'];
450 $class=$var['class'];
451 $onchange=$var['onchange'];
452 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
453 return UserService
::function_return_to_xml($x);
455 elseif($func=='xl_layout_label')
457 $constant=$var['constant'];
458 $x['xl_layout_label']=xl_layout_label($constant);
459 return UserService
::function_return_to_xml($x);
461 elseif($func=='generate_form_field')
464 $currvalue=$var['currvalue'];
466 generate_form_field($frow,$currvalue);
467 $x['generate_form_field']=ob_get_contents();
469 return UserService
::function_return_to_xml($x);
471 elseif($func=='getInsuranceProviders')
474 $provider=$var['provider'];
475 $insurancei=getInsuranceProviders();
479 elseif($func=='get_layout_form_value')
482 $_POST=$var['post_array'];
483 $x['get_layout_form_value']=get_layout_form_value($frow);
484 return UserService
::function_return_to_xml($x);
486 elseif($func=='updatePatientData')
488 $patient_data=$var['patient_data'];
489 $create=$var['create'];
490 updatePatientData($pid,$patient_data,$create);
492 return UserService
::function_return_to_xml($x);
494 elseif($func=='updateEmployerData')
496 $employer_data=$var['employer_data'];
497 $create=$var['create'];
498 updateEmployerData($pid,$employer_data,$create);
500 return UserService
::function_return_to_xml($x);
502 elseif($func=='newHistoryData')
504 newHistoryData($pid);
506 return UserService
::function_return_to_xml($x);
508 elseif($func=='newInsuranceData')
511 foreach($var as $key=>$value)
513 if($key>=3)//first 3 need to be skipped.
515 $var[$key]=formData($value);
519 $parameters[$key]=$var[$key];
522 $parameters[12]=fixDate($parameters[12]);
523 $parameters[27]=fixDate($parameters[27]);
524 call_user_func_array('newInsuranceData',$parameters);
526 return UserService
::function_return_to_xml($x);
528 elseif($func=='generate_layout_validation')
530 $form_id=$var['form_id'];
532 generate_layout_validation($form_id);
538 throw new SoapFault("Server", "credentials failed");
542 //Writing patient credentials to table
543 public function insert_login_details($var)
546 $data_credentials=$var[0];
547 if(UserService
::valid($data_credentials))
549 $username=$var['username'];
550 $authPass=$var['authPass'];
551 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
552 sqlInsert($query,array($pid,$username,$authPass));
556 throw new SoapFault("Server", "credentials failed");
562 //Updating the password on a password change
564 public function update_password($var){
565 $data_credentials=$var[0];
567 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
568 $status = $var['new_pwd_status'];
569 $pwd=$var['new_pwd'];
570 $oldpwd = $var['old_pwd'];
576 $where = "portal_pwd_status=? and pid=?";
577 $set= "portal_pwd=?,portal_pwd_status=?";
586 $set= "portal_pwd=? ";
591 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
592 $res=sqlStatement($qry,array($pid,$oldpwd));
593 if(sqlNumRows($res)>0)
595 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
596 sqlStatement($qry,$setarray);
605 throw new SoapFault("Server", "credentials failed");
612 public function update_openemr_appointment($var)
614 $data_credentials=$var[0];
615 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
616 foreach($var[1] as $key=>$value)
618 $eid=explode('_',$var[1][$key]);
619 if($eid[0]=='calendar')
621 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
623 elseif($eid[0]=='audit')
625 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
630 throw new SoapFault("Server", "credentials failed");
635 //Marking the Documents as ready to be signed
637 public function update_dlm_dld($var)
639 $data_credentials=$var[0];
640 if(UserService
::valid($data_credentials)){
642 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
643 sqlStatement($qry,array($var['dld_id']));
646 throw new SoapFault("Server", "credentials failed");
651 //Setting PDF documets approve /denial status
653 public function update_dld_approve_deny($data){
654 if($this->valid($data[0])){
655 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
656 sqlStatement($qry,$data[1]);
659 throw new SoapFault("Server", "credentials failed");
663 //Marking PDF documets as signed
665 public function update_dld_signed($data){
666 if($this->valid($data[0])){
667 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
668 sqlStatement($qry,$data[1]);
671 throw new SoapFault("Server", "credentials failed");
675 //Marking PDF documets for audit.
677 public function update_dld_pending($data){
678 if($this->valid($data[0])){
679 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
680 sqlStatement($qry,$data[1]);
683 throw new SoapFault("Server", "credentials failed");
689 public function insert_dld($data){
691 if(UserService
::valid($data[0])=='existingpatient' || UserService
::valid($data[0])=='newpatient'){
692 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
693 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
696 throw new SoapFault("Server", "credentials failed");
701 //Inserting the entries for Master PDF documents uploaded
703 public function insert_dlm($data){
704 if($this->valid($data[0])=='oemruser'){
705 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
706 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
709 throw new SoapFault("Server", "credentials failed");
714 //REceive an array of Select cases from portal execute it and return
715 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
717 public function batch_select($data){
718 if($this->valid($data[0])){
720 foreach($batch as $key=>$value)
722 $batchkey=$value['batchkey'];
723 $case=$value['case'];
724 $param=$value['param'];
727 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
730 return $return_array;
733 throw new SoapFault("Server", "credentials failed");
738 //Receive a batch of function calls from portal and execute it through batch despatch Function
739 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
741 public function batch_function($data){
742 if($this->valid($data[0])){
744 foreach($batch as $key=>$value)
746 $batchkey=$value['batchkey'];
747 $function=$value['funcname'];
748 $param=$value['param'];
750 $res=call_user_func_array("UserService::$function",$param);
751 $return_array[$batchkey]=$res;
753 return $return_array;
756 throw new SoapFault("Server", "credentials failed");
760 //Execute a batch of functions received from portal. But this function is limited to
761 // the functions written in the myportal module.
763 public function multiplecall($data){
765 foreach($batch as $key=>$value)
767 $batchkey=$value['batchkey'];
768 $function=$value['funcname'];
769 $param=$value['param'];
771 array_unshift($param,$data[0]);
774 $res= UserService
::$function($param);
775 $return_array[$batchkey]=$res;
777 return $return_array;
783 public function getversion($data){
788 public function loginchecking($data){
789 if($this->valid($data[0])=='existingpatient' ||
$this->valid($data[0])=='newpatient'){
790 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
791 return $this->resourcetoxml($res);
797 //Execute a query and return its results.
799 public function selectquery($data){
802 $utype = $this->valid($data[0]);
804 $newobj = factoryclass
::dynamic_class_factory($utype);
805 $sql_result_setarr = $newobj->query_formation($data[1]);
806 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
807 return $this->resourcetoxml($sql_result_set);
811 //Return an SQL resultset as an XML
814 public function resourcetoxml($sql_result_set){
815 $doc = new DOMDocument();
816 $doc->formatOutput
= true;
818 $root = $doc->createElement( "root" );
819 $doc->appendChild( $root );
820 while($row = sqlFetchArray($sql_result_set))
822 $level = $doc->createElement( "level" );
823 $root->appendChild( $level );
824 foreach($row as $key=>$value){
825 $element = $doc->createElement( "$key" );
826 $element->appendChild(
827 $doc->createTextNode( $value )
829 $level->appendChild( $element );
832 return $doc->saveXML();
835 //Writing facility payment configuration to table
836 public function save_payment_configuration($var){
837 $data_credentials=$var[0];
838 if(UserService
::valid($data_credentials))
840 if($var['service'] == 'paypal'){
841 if($var['paypal'] != ''){
842 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
843 sqlStatement($update_sql,array($var['login_id']));
845 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
846 sqlStatement($save_sql,array($var['service'],$var['login_id']));
848 }elseif($var['service'] == 'authorize_net'){
849 if($var['authorize_net'] != ''){
850 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
851 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
853 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
854 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
860 throw new SoapFault("Server", "credentials failed");
864 //Writing patient's authorizenet profile id to table
865 public function insert_authorizenet_details($var){
867 $data_credentials=$var[0];
868 if(UserService
::valid($data_credentials))
870 $authorizenetid=$var['authorizenetid'];
871 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
872 sqlInsert($query,array($authorizenetid,$pid));
876 throw new SoapFault("Server", "credentials failed");
880 public function valid($credentials){
881 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
882 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
883 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
890 $tim = strtotime(gmdate("Y-m-d H:m"));
891 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
892 if(sqlNumRows($res)){
893 if($GLOBALS['validated_offsite_portal'] !=true){
898 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
899 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
901 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
904 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
907 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+
3600)).$credentials[3])==$credentials[2]){
910 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||
$GLOBALS['validated_offsite_portal']==true){
911 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
912 if($credentials[4] == 'existingpatient'){
913 if(UserService
::validcredential($credentials)){
920 elseif($credentials[4] == 'oemruser'){
922 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
925 elseif($credentials[4] == 'newpatient'){
926 if(UserService
::validcredential($credentials)){
931 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
934 if($okE==1 ||
$okN == 2 ||
$okN == 1 ||
$okO == 1){
936 $GLOBALS['pid'] = $prow['pid'];
938 $_GET['site'] = $credentials[0];
940 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
941 if(strtolower($portal['allow_patient_portal'])!='yes')
944 $GLOBALS['validated_offsite_portal'] = true;
949 return 'existingpatient';
964 public function validcredential($credentials){
965 $tim = strtotime(gmdate("Y-m-d H:m"));
967 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
968 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
971 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
974 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+
3600)).$credentials[8])==$credentials[7]){
982 //for checking the connection
986 public function check_connection($data){
987 if($this->valid($data[0])){
995 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
996 $server->setClass('UserService');
997 $server->setPersistence(SOAP_PERSISTENCE_SESSION
);