interface/patient_file/summary/pnotes.php

   1 <?php
   2
   3 //SANITIZE ALL ESCAPES
   4 $sanitize_all_escapes=true;
   5 //
   6
   7 //STOP FAKE REGISTER GLOBALS
   8 $fake_register_globals=false;
   9 //
  10
  11  require_once("../../globals.php");
  12  require_once("$srcdir/pnotes.inc");
  13  require_once("$srcdir/acl.inc");
  14  require_once("$srcdir/patient.inc");
  15  require_once("$srcdir/options.inc.php");
  16  require_once("$srcdir/classes/Document.class.php");
  17
  18  // form parameter docid can be passed to restrict the display to a document.
  19  $docid = empty($_REQUEST['docid']) ? 0 : intval($_REQUEST['docid']);
  20
  21  // form parameter orderid can be passed to restrict the display to a procedure order.
  22  $orderid = empty($_REQUEST['orderid']) ? 0 : intval($_REQUEST['orderid']);
  23
  24  $patient_id = $pid;
  25  if ($docid) {
  26   $row = sqlQuery("SELECT foreign_id FROM documents WHERE id = ?", array($docid));
  27   $patient_id = intval($row['foreign_id']);
  28  }
  29  else if ($orderid) {
  30   $row = sqlQuery("SELECT patient_id FROM procedure_order WHERE procedure_order_id = ?", array($orderid));
  31   $patient_id = intval($row['patient_id']);
  32  }
  33  $urlparms = "docid=$docid&orderid=$orderid";
  34 ?>
  35 <html>
  36 <head>
  37 <?php html_header_show();?>
  38
  39 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.js"></script>
  40 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
  41
  42 </head>
  43 <body class="body_bottom">
  44
  45 <?php
  46  $thisauth = acl_check('patients', 'notes');
  47  if ($thisauth) {
  48   $tmp = getPatientData($patient_id, "squad");
  49   if ($tmp['squad'] && ! acl_check('squads', $tmp['squad']))
  50    $thisauth = 0;
  51  }
  52  if (!$thisauth) {
  53   echo "<p>(" . htmlspecialchars( xl('Notes not authorized'), ENT_NOQUOTES) . ")</p>\n";
  54   echo "</body>\n</html>\n";
  55   exit();
  56  }
  57 ?>
  58
  59 <div id='pnotes'>
  60
  61 <?php if ( acl_check('patients', 'notes','',array('write','addonly') )): ?>
  62
  63 <?php if ($GLOBALS['concurrent_layout']) { ?>
  64 <a href="pnotes_full.php?<?php echo $urlparms; ?>" onclick="top.restoreSession()">
  65 <?php } else { ?>
  66 <a href="pnotes_full.php?<?php echo $urlparms; ?>" target="Main" onclick="top.restoreSession()">
  67 <?php } ?>
  68
  69 <span class="title"><?php echo htmlspecialchars( xl('Notes'), ENT_NOQUOTES); ?>
  70 <?php
  71   if ($docid) {
  72     echo " " . xlt("linked to document") . " ";
  73     $d = new Document($docid);
  74     echo $d->get_url_file();
  75   }
  76   else if ($orderid) {
  77     echo " " . xlt("linked to procedure order") . " $orderid";
  78   }
  79 ?>
  80 </span>
  81 <span class=more><?php echo htmlspecialchars( $tmore, ENT_NOQUOTES);?></span>
  82 </a>
  83 <?php endif; ?>
  84
  85 <br>
  86
  87 <table>
  88
  89 <?php
  90 //display all of the notes for the day, as well as others that are active from previous dates, up to a certain number, $N
  91 $N = 15;
  92
  93 // Get the billing note if there is one.
  94 $billing_note = "";
  95 $colorbeg = "";
  96 $colorend = "";
  97 $sql = "select genericname2, genericval2 " .
  98     "from patient_data where pid = ? limit 1";
  99 $resnote = sqlQuery($sql, array($patient_id) );
 100 if($resnote && $resnote['genericname2'] == 'Billing') {
 101   $billing_note = $resnote['genericval2'];
 102   $colorbeg = "<span style='color:red'>";
 103   $colorend = "</span>";
 104 }
 105
 106 //Display what the patient owes
 107 $balance = get_patient_balance($patient_id);
 108 if ($balance != "0") {
 109   $formatted = sprintf((xl('$').'%01.2f'), $balance);
 110   echo " <tr class='text billing'>\n";
 111   echo "  <td>" . $colorbeg . htmlspecialchars( xl('Balance Due'), ENT_NOQUOTES) .
 112     $colorend . "</td><td>" . $colorbeg .
 113     htmlspecialchars( $formatted, ENT_NOQUOTES) . $colorend."</td>\n";
 114   echo " </tr>\n";
 115 }
 116
 117 if ($billing_note) {
 118   echo " <tr class='text billing'>\n";
 119   echo "  <td>" . $colorbeg . htmlspecialchars( xl('Billing Note'), ENT_NOQUOTES) .
 120     $colorend . "</td><td>" . $colorbeg .
 121     htmlspecialchars( $billing_note, ENT_NOQUOTES) . $colorend . "</td>\n";
 122   echo " </tr>\n";
 123 }
 124
 125 //retrieve all active notes
 126 $result = getPnotesByDate("", 1, "id,date,body,user,title,assigned_to",
 127   $patient_id, "all", 0, '', $docid, '', $orderid);
 128
 129 if ($result != null) {
 130   $notes_count = 0;//number of notes so far displayed
 131   foreach ($result as $iter) {
 132
 133     if ($notes_count >= $N) {
 134       //we have more active notes to print, but we've reached our display maximum
 135       echo " <tr>\n";
 136       echo "  <td colspan='3' align='center'>\n";
 137       echo "   <a ";
 138       if (!$GLOBALS['concurrent_layout']) echo "target='Main' ";
 139       echo "href='pnotes_full.php?active=1&$urlparms" .
 140       "' class='alert' onclick='top.restoreSession()'>";
 141       echo htmlspecialchars( xl('Some notes were not displayed.','','',' '), ENT_NOQUOTES) .
 142         htmlspecialchars( xl('Click here to view all.'), ENT_NOQUOTES) . "</a>\n";
 143       echo "  </td>\n";
 144       echo " </tr>\n";
 145       break;
 146     }
 147
 148     $body = $iter['body'];
 149     if (preg_match('/^\d\d\d\d-\d\d-\d\d \d\d\:\d\d /', $body)) {
 150       $body = nl2br(htmlspecialchars( $body, ENT_NOQUOTES));
 151     } else {
 152       $body = htmlspecialchars( date('Y-m-d H:i', strtotime($iter['date'])), ENT_NOQUOTES) .
 153         ' (' . htmlspecialchars( $iter['user'], ENT_NOQUOTES) . ') ' . nl2br(htmlspecialchars( $body, ENT_NOQUOTES));
 154     }
 155
 156     echo " <tr class='text noterow' id='".htmlspecialchars( $iter['id'], ENT_QUOTES)."'>\n";
 157
 158     // Modified 6/2009 by BM to incorporate the patient notes into the list_options listings
 159     echo "  <td valign='top' class='bold'>";
 160     echo generate_display_field(array('data_type'=>'1','list_id'=>'note_type'), $iter['title']);
 161     echo "</td>\n";
 162
 163     echo "  <td valign='top'>$body</td>\n";
 164     echo " </tr>\n";
 165
 166     $notes_count++;
 167   }
 168 }
 169 ?>
 170
 171 </table>
 172
 173 </div> <!-- end pnotes -->
 174
 175 </body>
 176
 177 <script language="javascript">
 178 // jQuery stuff to make the page a little easier to use
 179
 180 $(document).ready(function(){
 181     $(".noterow").mouseover(function() { $(this).toggleClass("highlight"); });
 182     $(".noterow").mouseout(function() { $(this).toggleClass("highlight"); });
 183     $(".noterow").click(function() { EditNote(this); });
 184 });
 185
 186 var EditNote = function(note) {
 187 <?php if ( acl_check('patients', 'notes','',array('write','addonly') )): ?>
 188     top.restoreSession();
 189     <?php if (!$GLOBALS['concurrent_layout']): ?>
 190     top.Main.location.href = "pnotes_full.php?<?php echo $urlparms; ?>&noteid=" + note.id + "&active=1";
 191     <?php else: ?>
 192     location.href = "pnotes_full.php?<?php echo $urlparms; ?>&noteid=" + note.id + "&active=1";
 193     <?php endif; ?>
 194 <?php else: ?>
 195     // no-op
 196     alert("<?php echo htmlspecialchars( xl('You do not have access to view/edit this note'), ENT_QUOTES); ?>");
 197 <?php endif; ?>
 198 }
 199
 200 </script>
 201
 202 </html>