The new changes helps serve two important aspects
authorTeny <teny@zhservices.com>
Wed, 12 Dec 2012 14:32:26 +0000 (12 20:02 +0530)
committerbradymiller <bradymiller@users.sourceforge.net>
Thu, 13 Dec 2012 01:41:57 +0000 (12 17:41 -0800)
1)The approved forms of the patients can be viewed by the provider in portal activity.
  From here the provider can move the category of the forms.
2)Now the patient can upload image files and pdfs through patient portal.The approved files will be listed in
  the new category movement option.

Changed the code as mentioned in Git Hub comments.

Signed-off-by: Teny <teny@zhservices.com>
myportal/soap_service/server_audit.php
myportal/soap_service/server_existingpatient.php
myportal/soap_service/server_newpatient.php
myportal/soap_service/server_oemruser.php
myportal/soap_service/server_side.php
sql/4_1_1-to-4_1_2_upgrade.sql
sql/database.sql
version.php

index ed855f8..6aba0c1 100644 (file)
@@ -113,7 +113,7 @@ class UserAudit extends UserMail{
   public function update_audited_data($var)
        {
              $data_credentials=$var[0];
-       $validtables = array("patient_data","employer_data","insurance_data","history_data","openemr_postcalendar_events","ar_session");
+       $validtables = array("patient_data","employer_data","insurance_data","history_data","openemr_postcalendar_events","ar_session","documents_legal_master","documents_legal_detail");
         if(UserService::valid($data_credentials)){
              $audit_master_id = $var['audit_master_id'];
              $res = sqlStatement("SELECT * FROM  audit_master  where id=? and  approval_status='1' and  type='3' ",array($audit_master_id));
@@ -121,7 +121,7 @@ class UserAudit extends UserMail{
                   {
                    return;
                   }
-             $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=?",array($audit_master_id));
+             $res = sqlStatement("SELECT DISTINCT ad.table_name,am.id,am.pid FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id and am.approval_status in ('1','4') and am.id=? ORDER BY ad.id",array($audit_master_id));
              $tablecnt = sqlNumRows($res);
              while($row = sqlFetchArray($res)){
                $pid=$row['pid'];
@@ -160,6 +160,14 @@ class UserAudit extends UserMail{
                                  if($table=='ar_session'){
                                        $newdata['ar_session'][$rowfield['field_name']]=$rowfield['field_value'];
                                  }
+                                 
+                                 if($table=='documents_legal_master'){
+                                       $newdata['documents_legal_master'][$rowfield['field_name']]=$rowfield['field_value'];
+                                 }
+
+                                 if($table=='documents_legal_detail'){
+                                       $newdata['documents_legal_detail'][$rowfield['field_name']]=$rowfield['field_value'];
+                                 }                               
 
                            }
                            require_once("../../library/invoice_summary.inc.php");
@@ -242,7 +250,50 @@ class UserAudit extends UserMail{
                                    "'" . add_escape_custom($pid) . "', " .
                                    "'" . add_escape_custom($newdata['ar_session']['payment_method']) . "')"
                                  );
+                           }                       
+                           elseif($table=='documents_legal_master'){
+                             $master_doc_id = sqlInsert("INSERT INTO documents_legal_master ( " .
+                                   "dlm_category,dlm_subcategory,dlm_document_name,dlm_filepath,dlm_facility,dlm_provider,dlm_sign_height,dlm_sign_width,dlm_filename,dlm_effective_date,dlm_version,content,dlm_savedsign,dlm_review,dlm_upload_type" .
+                                   ") VALUES ( " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_category']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_subcategory']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_document_name']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filepath']."/$pid") . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_facility']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_provider']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_height']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_sign_width']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_filename']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_effective_date']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_version']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['content']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_savedsign']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_review']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_master']['dlm_upload_type']) . "')"
+                                 );
                            }
+                           elseif($table=='documents_legal_detail'){
+                             sqlInsert("INSERT INTO documents_legal_detail ( " .
+                                   "dld_pid,dld_facility,dld_provider,dld_encounter,dld_master_docid,dld_signed,dld_signed_time,dld_filepath,dld_filename,dld_signing_person,dld_sign_level,dld_content,dld_file_for_pdf_generation,dld_denial_reason,dld_moved,dld_patient_comments" .
+                                   ") VALUES ( " .
+                                   "'" . add_escape_custom($pid) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_facility']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_provider']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_encounter']) . "', " .
+                                   "'" . add_escape_custom($master_doc_id) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signed_time']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filepath']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_filename']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_signing_person']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_sign_level']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_content']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_file_for_pdf_generation']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_denial_reason']) . "', " .
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_moved']) . "', " .   
+                                   "'" . add_escape_custom($newdata['documents_legal_detail']['dld_patient_comments']) . "')"
+                                 );
+                           }                       
                         }
                     else{
                            throw new SoapFault("Server", "Table Not Supported error message");
index ce341d1..fa9bd95 100644 (file)
@@ -470,7 +470,7 @@ class existingpatient {
                         
             case 'G2':
                     $query = "SELECT * FROM documents_legal_master AS dlm WHERE dlm_subcategory <> ? and dlm_effective_date <= now() AND
-                    dlm_effective_date<>? AND dlm_document_id Not IN (SELECT distinct(dld_master_docid) FROM documents_legal_detail WHERE
+                    dlm_effective_date<>? AND dlm_upload_type = '0' AND dlm_document_id Not IN (SELECT distinct(dld_master_docid) FROM documents_legal_detail WHERE
                     dld_id IS NOT NULL AND dld_pid=?)";
                             array_push($data[1],$pid);
                             return array($query,$data[1]);
@@ -501,6 +501,13 @@ class existingpatient {
                             array_push($data[1],$pid);
                             return array($query,$data[1]);
                             break;
+            case 'G6':
+                    $query = "SELECT * FROM documents_legal_master AS dlm LEFT OUTER JOIN documents_legal_detail as dld ON
+                    dlm_document_id=dld_master_docid WHERE dlm_subcategory <> ? and dlm_effective_date <= now() AND dlm_effective_date<>?
+                    AND dld_id IS NOT NULL AND (dld_signed = ? OR dlm_upload_type = '1') AND dld_pid=? ORDER BY dlm_effective_date DESC";
+                            array_push($data[1],$pid);
+                            return array($query,$data[1]);
+                            break;                     
                         
             case 'F1':
             //Patient details .
index 3c7e8b1..c49a791 100644 (file)
@@ -213,7 +213,7 @@ class newpatient{
                         
             case 'G2':
             $query = "SELECT * FROM documents_legal_master AS dlm WHERE dlm_subcategory <> ? and dlm_effective_date <= now() AND
-            dlm_effective_date<>? AND dlm_document_id Not IN (SELECT distinct(dld_master_docid) FROM documents_legal_detail WHERE
+            dlm_effective_date<>? AND dlm_upload_type = '0' AND dlm_document_id Not IN (SELECT distinct(dld_master_docid) FROM documents_legal_detail WHERE
             dld_id IS NOT NULL AND dld_pid=?)";
             array_push($data[1],$pid);
             return array($query,$data[1]);
@@ -244,6 +244,14 @@ class newpatient{
             array_push($data[1],$pid);
             return array($query,$data[1]);
             break;
+
+            case 'G6':
+            $query = "SELECT * FROM documents_legal_master AS dlm LEFT OUTER JOIN documents_legal_detail as dld ON
+            dlm_document_id=dld_master_docid WHERE dlm_subcategory <> ? and dlm_effective_date <= now() AND dlm_effective_date<>?
+            AND dld_id IS NOT NULL AND (dld_signed = ? OR dlm_upload_type = '1') AND dld_pid=? ORDER BY dlm_effective_date DESC";
+            array_push($data[1],$pid);
+            return array($query,$data[1]);
+            break;     
                         
             case 'F1':
             //Patient details . 
index ac80926..1992f43 100644 (file)
@@ -195,7 +195,7 @@ class OEMRUser{
             case 'F5':
             //signing
             $query="select * from documents_legal_master LEFT OUTER JOIN documents_legal_categories ON dlm_category=dlc_id WHERE
-            dlm_subcategory <> ? and  dlm_filename<>''";
+            dlm_subcategory <> ? and  dlm_filename<>'' and dlm_upload_type = 0";
             return array($query,$data[1]);
             break;
             
@@ -221,7 +221,12 @@ class OEMRUser{
             $query = "SELECT option_id, title FROM list_options WHERE list_id = 'payment_gateways' ORDER BY seq";
             return array($query);
             break;
-            
+
+           case 'F13':
+            $query = "SELECT pid ,fname,lname,mname,DOB FROM patient_data
+                   where  fname like ? or lname like ? or mname like ? or 
+                   CONCAT(lname,' ',fname,' ',mname) like ? or pid like ? ORDER BY lname";
+            return array($query,array($data[1]."%",$data[1]."%",$data[1]."%",$data[1]."%",$data[1]."%"));
         }
     }
 }
index ce418a8..177854e 100644 (file)
@@ -39,6 +39,7 @@ $ignoreAuth=true;
 ob_start();
 
 require_once("../../interface/globals.php");
+require_once(dirname(__FILE__)."/../../controllers/C_Document.class.php");
 $err = '';
 if(!extension_loaded("soap")){
   dl("php_soap.dll");
@@ -47,6 +48,219 @@ require_once("server_med_rec.php");
 require_once("factory_class.php");
 class UserService extends Userforms
 {
+
+/**  
+* To display the patient uploaded files/pdf patient wise
+*/
+  public function patientuploadedfiles($data){
+    if($this->valid($data[0])){
+      ob_start();
+      $query   = "
+        SELECT
+          am.id,
+          am.pid,
+          ad.field_value AS doc_name,
+          pd.fname,
+          pd.lname,
+          pd.mname,
+          ad2.field_value AS file_name,
+          ad3.field_value AS pat_comments
+        FROM
+          audit_details AS ad 
+          JOIN audit_master AS am 
+            ON am.id = ad.audit_master_id 
+          LEFT JOIN patient_data AS pd 
+            ON am.pid = pd.pid
+          JOIN audit_details AS ad2 
+            ON am.id = ad2.audit_master_id
+            AND ad2.field_name = 'dlm_filename'
+          JOIN audit_details AS ad3 
+            ON am.id = ad3.audit_master_id
+            AND ad3.field_name = 'dld_patient_comments'                                                
+        WHERE ad.field_name = 'dlm_document_name'   
+          AND approval_status = '1' 
+          AND am.type = '4'
+          ORDER BY am.pid ASC
+      ";        
+      if(!empty($data[1])){
+        $query .= " AND am.id = ?";
+        $res = sqlStatement($query,array($data[1]));
+      }else{
+        $res = sqlStatement($query);
+      }                  
+      if ($res) {
+        for($iter=0; $row=sqlFetchArray($res); $iter++) {
+          $all[$iter] = $row;
+        }
+      }
+      $v = ob_get_clean();
+      return $all;
+    }
+  }  
+    
+  public function createandstoretodirectory($data){
+    global $pid;
+    if($this->valid($data[0])){
+      $file_name=$data[1];
+      $data=$data[2];
+      $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
+      if(is_dir($savedpath));
+      else
+      {
+        mkdir($savedpath,0777,true);
+        chmod($savedpath, 0777);
+      }
+      $handler = fopen($savedpath."/".$file_name,"w");
+      fwrite($handler, base64_decode($data));
+      fclose($handler);
+      chmod($savedpath."/".$file_name,0777);
+    }
+    else{
+      throw new SoapFault("Server", "credentials failed");
+    }    
+  }
+  
+/**  
+* To move category,rename filename,input note and to move to new patient#
+*/
+  public function documents_update($data){
+    if($this->valid($data[0])){
+      $_POST['process'] = true;
+      $_POST['new_category_id'] = $data[1];
+      $_POST['new_patient_id']  = $data[4];
+      $file_path = '';
+      if($data[9] == 2)
+       $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
+      elseif($data[9] == 1)
+       $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
+      elseif($data[9] == 4)
+       $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];        
+      $mime_types = array(
+             "pdf"=>"application/pdf"
+             ,"exe"=>"application/octet-stream"
+             ,"zip"=>"application/zip"
+             ,"docx"=>"application/msword"
+             ,"doc"=>"application/msword"
+             ,"xls"=>"application/vnd.ms-excel"
+             ,"ppt"=>"application/vnd.ms-powerpoint"
+             ,"gif"=>"image/gif"
+             ,"png"=>"image/png"
+             ,"jpeg"=>"image/jpg"
+             ,"jpg"=>"image/jpg"
+             ,"mp3"=>"audio/mpeg"
+             ,"wav"=>"audio/x-wav"
+             ,"mpeg"=>"video/mpeg"
+             ,"mpg"=>"video/mpeg"
+             ,"mpe"=>"video/mpeg"
+             ,"mov"=>"video/quicktime"
+             ,"avi"=>"video/x-msvideo"
+             ,"3gp"=>"video/3gpp"
+             ,"css"=>"text/css"
+             ,"jsc"=>"application/javascript"
+             ,"js"=>"application/javascript"
+             ,"php"=>"text/html"
+             ,"htm"=>"text/html"
+             ,"html"=>"text/html"
+      );
+  
+      $extension = strtolower(end(explode('.',$file_path)));
+      $mime_types = $mime_types[$extension];
+      $_FILES['file']['name'][0]     = $data[6];
+      $_FILES['file']['type'][0]     = $mime_types;
+      $_FILES['file']['tmp_name'][0] = $file_path;
+      $_FILES['file']['error'][0]    = 0;
+      $_FILES['file']['size'][0]     = filesize($file_path);
+      $_POST['category_id']          = $_POST['new_category_id'];
+      $_POST['patient_id']           = $_POST['new_patient_id'];
+      $_GET['patient_id']            = $_POST['patient_id'];
+      $_POST['destination']          = $data[3];
+
+      $cdoc = new C_Document();      
+      $cdoc->upload_action_process();
+      if($GLOBALS['document_storage_method']==0){
+       if($data[3])
+         copy($file_path,$cdoc->file_path.$data[3]);
+       else
+         copy($file_path,$cdoc->file_path.$data[6]);
+      }
+      $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
+      unset($_POST);
+      $_POST['encrypted']  = '';
+      $_POST['passphrase'] = '';
+      $_POST['process']    = true;
+      $_POST['foreign_id'] = $foreign_id['id'];
+      $_POST['note']       = $data[7];
+      $cdoc->note_action_process($_GET['patient_id']);
+      $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
+      sqlQuery($sql_patient_no,array($data[2],$data[8]));
+      unset($_POST);      
+    }
+  }  
+/** 
+* To display the files/pdfforms patient wise
+*/
+  public function userslistportal($data){
+    if($this->valid($data[0])){
+      ob_start();
+      $query   = "SELECT
+                    dlm.dlm_upload_type,
+                    dld.dld_id,
+                    dld.dld_pid,
+                    dlm.dlm_document_name,
+                    dlm.dlm_document_id,
+                    dlm.dlm_filename,
+                    dld.dld_filename,
+                    dld.dld_signed,
+                    dlm.dlm_filename,
+                    dld.dld_master_docid,
+                    dld.dld_signed,
+                    dld.dld_patient_comments,
+                    dld.dld_moved,  
+                    pd.fname,
+                    pd.lname,
+                    pd.mname
+                  FROM
+                    documents_legal_master AS dlm 
+                    LEFT OUTER JOIN documents_legal_detail AS dld 
+                      ON dlm.dlm_document_id = dld_master_docid 
+                    JOIN patient_data AS pd 
+                      ON dld.dld_pid = pd.pid 
+                  WHERE dlm.dlm_effective_date <= NOW() 
+                    AND dlm.dlm_effective_date <> '0000-00-00 00:00:00' 
+                    AND dld.dld_id IS NOT NULL 
+                    AND dld.dld_signed IN (1,2,4) 
+                    AND dld.dld_moved = 0 
+                  ORDER BY dld.dld_pid ASC ";
+                 
+      $res = sqlStatement($query);
+      if ($res) {
+       for($iter=0; $row=sqlFetchArray($res); $iter++) {
+           $all[$iter] = $row;
+       }
+      } 
+      $v = ob_get_clean();
+      return $all;
+    }
+  }
+
+/**  
+* To display the category list in Move To Category option
+*/
+  public function category_list($data){
+    if($this->valid($data[0])){
+      ob_start();
+       $query = "SELECT * FROM categories";
+       $res = sqlStatement($query);
+      if ($res) {
+       for($iter=0; $row=sqlFetchArray($res); $iter++) {
+           $all[$iter] = $row;
+       }
+      }       
+      $v = ob_get_clean();
+      return $all;
+    }
+  }   
     
 //Converts a text to xml format.Format is as follows
   public function text_to_xml($data){
@@ -559,7 +773,7 @@ static  public function batch_despatch($var,$func,$data_credentials){
 
 
   public function getversion($data){
-         return '1.1';
+         return '1.2';
     }
     
     
index 1d927c4..36f49d2 100644 (file)
@@ -70,3 +70,15 @@ CREATE TABLE `report_results` (
 ALTER TABLE `version` ADD COLUMN `v_acl` int(11) NOT NULL DEFAULT 0;
 #EndIf
 
+#IfMissingColumn documents_legal_detail dld_moved
+ALTER TABLE `documents_legal_detail` ADD COLUMN `dld_moved` tinyint(4) NOT NULL DEFAULT '0'; 
+#EndIf
+
+
+#IfMissingColumn documents_legal_detail dld_patient_comments
+ALTER TABLE `documents_legal_detail` ADD COLUMN `dld_patient_comments` text COMMENT 'Patient comments stored here';
+#EndIf
+
+#IfMissingColumn documents_legal_master dlm_upload_type
+ALTER TABLE `documents_legal_master` ADD COLUMN `dlm_upload_type` tinyint(4) DEFAULT '0' COMMENT '0-Provider Uploaded,1-Patient Uploaded';
+#EndIf
index fec8e72..73f7152 100644 (file)
@@ -68,7 +68,7 @@ CREATE TABLE `audit_master` (
   `created_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `modified_time` datetime NOT NULL,
   `ip_address` varchar(100) NOT NULL,
-  `type` tinyint(4) NOT NULL COMMENT '1-new patient,2-existing patient,3-change is only in the document,5-random key,10-Appointment',
+  `type` tinyint(4) NOT NULL COMMENT '1-new patient,2-existing patient,3-change is only in the document,4-Patient upload,5-random key,10-Appointment',
   PRIMARY KEY (`id`)
 ) ENGINE=MyISAM AUTO_INCREMENT=1;
 
@@ -639,7 +639,7 @@ CREATE TABLE `documents_legal_detail` (
   `dld_provider` int(10) unsigned DEFAULT NULL,
   `dld_encounter` int(10) unsigned DEFAULT NULL,
   `dld_master_docid` int(10) unsigned NOT NULL,
-  `dld_signed` smallint(5) unsigned NOT NULL COMMENT '0-Not Signed or Cannot Sign(Layout),1-Signed,2-Ready to sign,3-Denied(Pat Regi),10-Save(Layout)',
+  `dld_signed` smallint(5) unsigned NOT NULL COMMENT '0-Not Signed or Cannot Sign(Layout),1-Signed,2-Ready to sign,3-Denied(Pat Regi),4-Patient Upload,10-Save(Layout)',
   `dld_signed_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
   `dld_filepath` varchar(75) DEFAULT NULL,
   `dld_filename` varchar(45) NOT NULL,
@@ -648,6 +648,8 @@ CREATE TABLE `documents_legal_detail` (
   `dld_content` varchar(50) NOT NULL COMMENT 'Layout sign position',
   `dld_file_for_pdf_generation` blob NOT NULL COMMENT 'The filled details in the fdf file is stored here.Patient Registration Screen',
   `dld_denial_reason` longtext NOT NULL,
+  `dld_moved` tinyint(4) NOT NULL DEFAULT '0',
+  `dld_patient_comments` text COMMENT 'Patient comments stored here',
   PRIMARY KEY (`dld_id`)
 ) ENGINE=MyISAM AUTO_INCREMENT=1 ;
 
@@ -674,6 +676,7 @@ CREATE TABLE `documents_legal_master` (
   `content` varchar(255) NOT NULL,
   `dlm_savedsign` varchar(255) DEFAULT NULL COMMENT '0-Yes 1-No',
   `dlm_review` varchar(255) DEFAULT NULL COMMENT '0-Yes 1-No',
+  `dlm_upload_type` tinyint(4) DEFAULT '0' COMMENT '0-Provider Uploaded,1-Patient Uploaded',
   PRIMARY KEY (`dlm_document_id`)
 ) ENGINE=MyISAM COMMENT='List of Master Docs to be signed' AUTO_INCREMENT=1 ;
 
index d3b7d5a..695233f 100644 (file)
@@ -17,7 +17,7 @@ $v_realpatch = '0';
 // is a database change in the course of development.  It is used
 // internally to determine when a database upgrade is needed.
 //
-$v_database = 82;
+$v_database = 83;
 
 // Access control version identifier, this is to be incremented whenever there
 // is a access control change in the course of development.  It is used