2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
8 $sanitize_all_escapes=true;
11 //STOP FAKE REGISTER GLOBALS
12 $fake_register_globals=false;
15 require_once("../../globals.php");
16 require_once("$srcdir/pnotes.inc");
17 require_once("$srcdir/patient.inc");
18 require_once("$srcdir/acl.inc");
19 require_once("$srcdir/log.inc");
20 require_once("$srcdir/options.inc.php");
21 require_once("$srcdir/classes/Document.class.php");
22 require_once("$srcdir/gprelations.inc.php");
24 if ($GLOBALS['concurrent_layout'] && $_GET['set_pid']) {
25 require_once("$srcdir/pid.inc");
26 setpid($_GET['set_pid']);
29 // form parameter docid can be passed to restrict the display to a document.
30 $docid = empty($_REQUEST['docid']) ?
0 : intval($_REQUEST['docid']);
32 // form parameter orderid can be passed to restrict the display to a procedure order.
33 $orderid = empty($_REQUEST['orderid']) ?
0 : intval($_REQUEST['orderid']);
37 $row = sqlQuery("SELECT foreign_id FROM documents WHERE id = ?", array($docid));
38 $patient_id = intval($row['foreign_id']);
41 $row = sqlQuery("SELECT patient_id FROM procedure_order WHERE procedure_order_id = ?", array($orderid));
42 $patient_id = intval($row['patient_id']);
45 // Check authorization.
46 if (!acl_check('patients','notes','',array('write','addonly') ))
47 die(htmlspecialchars( xl('Not authorized'), ENT_NOQUOTES
));
48 $tmp = getPatientData($patient_id, "squad");
49 if ($tmp['squad'] && ! acl_check('squads', $tmp['squad']))
50 die(htmlspecialchars( xl('Not authorized for this squad.'), ENT_NOQUOTES
));
52 //the number of records to display per screen
55 $mode = $_REQUEST['mode'];
56 $offset = $_REQUEST['offset'];
57 $form_active = $_REQUEST['form_active'];
58 $form_inactive = $_REQUEST['form_inactive'];
59 $noteid = $_REQUEST['noteid'];
60 $form_doc_only = isset($_POST['mode']) ?
(empty($_POST['form_doc_only']) ?
0 : 1) : 1;
62 if (!isset($offset)) $offset = 0;
64 // if (!isset($active)) $active = "all";
68 if (!$form_inactive) $active = '1';
74 $form_active = $form_inactive = '1';
77 // this code handles changing the state of activity tags when the user updates
78 // them through the interface
80 if ($mode == "update") {
81 foreach ($_POST as $var => $val) {
82 if (strncmp($var, 'act', 3) == 0) {
83 $id = str_replace("act", "", $var);
84 if ($_POST["chk$id"]) {
90 setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk$id"]));
93 setGpRelation(2, $orderid, 6, $id, !empty($_POST["lnk$id"]));
98 elseif ($mode == "new") {
99 $note = $_POST['note'];
101 updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']);
105 $noteid = addPnote($patient_id, $note, $userauthorized, '1', $_POST['form_note_type'],
106 $_POST['assigned_to']);
109 setGpRelation(1, $docid, 6, $noteid);
112 setGpRelation(2, $orderid, 6, $noteid);
116 elseif ($mode == "delete") {
118 deletePnote($noteid);
119 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], "pnotes: id ".$noteid);
126 $assigned_to = $_SESSION['authUser'];
128 $prow = getPnoteById($noteid, 'title,assigned_to,body');
129 $title = $prow['title'];
130 $assigned_to = $prow['assigned_to'];
133 // Get the users list. The "Inactive" test is a kludge, we should create
134 // a separate column for this.
135 $ures = sqlStatement("SELECT username, fname, lname FROM users " .
136 "WHERE username != '' AND active = 1 AND " .
137 "( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
138 "ORDER BY lname, fname");
140 $pres = getPatientData($patient_id, "lname, fname");
141 $patientname = $pres['lname'] . ", " . $pres['fname'];
144 $result = getPnotesByDate("", $active, 'id,date,body,user,activity,title,assigned_to',
145 $patient_id, $N, $offset);
150 <?php
html_header_show();?
>
152 <link rel
='stylesheet' href
="<?php echo $css_header;?>" type
="text/css">
154 <!-- supporting javascript code
-->
155 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.js"></script
>
156 <link rel
="stylesheet" type
="text/css" href
="../../../library/js/fancybox/jquery.fancybox-1.2.6.css" media
="screen" />
157 <script type
="text/javascript" src
="../../../library/dialog.js"></script
>
158 <script type
="text/javascript" src
="../../../library/js/jquery.1.3.2.js"></script
>
159 <script type
="text/javascript" src
="../../../library/js/common.js"></script
>
160 <script type
="text/javascript" src
="../../../library/js/fancybox/jquery.fancybox-1.2.6.js"></script
>
161 <script type
="text/javascript">
162 function submitform(attr
) {
164 document
.forms
[0].submit();
168 <body
class="body_top">
170 <div id
="pnotes"> <!-- large outer DIV
-->
175 $title_docname .= " " . xl("linked to document") . " ";
176 $d = new Document($docid);
177 $title_docname .= $d->get_url_file();
180 $title_docname .= " " . xl("linked to procedure order") . " $orderid";
183 $urlparms = "docid=$docid&orderid=$orderid";
186 <form border
='0' method
='post' name
='new_note' id
="new_note" target
="_parent"
187 action
='pnotes_full.php?<?php echo $urlparms; ?>'>
190 <div style
='float:left; margin-right: 5px'>
191 <span
class="title"><?php
echo xlt('Patient Note') . $title_docname; ?
></span
>
194 <?php
if ($noteid) { ?
>
195 <!-- existing note
-->
196 <a href
="#" class="css_button" id
="printnote"><span
><?php
echo htmlspecialchars( xl('Print'), ENT_NOQUOTES
); ?
></span
></a
>
198 <a
class="css_button large_button" id
='cancel' href
='javascript:;'>
199 <span
class='css_button_span large_button_span'><?php
echo htmlspecialchars( xl('Cancel'), ENT_NOQUOTES
);?
></span
>
206 <input type
='hidden' name
='mode' id
="mode" value
="new">
207 <input type
='hidden' name
='trigger' id
="trigger" value
="add">
208 <input type
='hidden' name
='offset' id
="offset" value
="<?php echo $offset ?>">
209 <input type
='hidden' name
='form_active' id
="form_active" value
="<?php echo htmlspecialchars( $form_active, ENT_QUOTES) ?>">
210 <input type
='hidden' name
='form_inactive' id
="form_inactive" value
="<?php echo htmlspecialchars( $form_inactive, ENT_QUOTES) ?>">
211 <input type
='hidden' name
='noteid' id
="noteid" value
="<?php echo htmlspecialchars( $noteid, ENT_QUOTES) ?>">
212 <input type
='hidden' name
='form_doc_only' id
="form_doc_only" value
="<?php echo htmlspecialchars( $form_doc_only, ENT_QUOTES) ?>">
213 <table border
='0' cellspacing
='8'>
218 // Modified 6/2009 by BM to incorporate the patient notes into the list_options listings
219 echo htmlspecialchars( xl('Amend Existing Note'), ENT_NOQUOTES
) .
220 "<b> "" . generate_display_field(array('data_type'=>'1','list_id'=>'note_type'), $title) . ""</b>\n";
222 echo htmlspecialchars( xl('Add New Note'), ENT_NOQUOTES
) . "\n";
231 <b
><?php
echo htmlspecialchars( xl('Type'), ENT_NOQUOTES
); ?
>:</b
>
233 // Added 6/2009 by BM to incorporate the patient notes into the list_options listings
234 generate_form_field(array('data_type'=>1,'field_id'=>'note_type','list_id'=>'note_type','empty_title'=>'SKIP'), $title);
237 <b
><?php
echo htmlspecialchars( xl('To'), ENT_NOQUOTES
); ?
>:</b
>
238 <select name
='assigned_to'>
239 <option value
=''>** <?php
echo htmlspecialchars( xl('Close'), ENT_NOQUOTES
); ?
> **</option
>
241 while ($urow = sqlFetchArray($ures)) {
242 echo " <option value='" . htmlspecialchars( $urow['username'], ENT_QUOTES
) . "'";
243 if ($urow['username'] == $assigned_to) echo " selected";
244 echo ">" . htmlspecialchars( $urow['lname'], ENT_NOQUOTES
);
245 if ($urow['fname']) echo htmlspecialchars( ", ".$urow['fname'], ENT_NOQUOTES
);
256 $body = $prow['body'];
257 $body = preg_replace(array('/(\sto\s)-patient-(\))/', '/(:\d{2}\s\()' . $patient_id . '(\sto\s)/'), '${1}' . $patientname . '${2}', $body);
258 $body = nl2br(htmlspecialchars( $body, ENT_NOQUOTES
));
259 echo "<div class='text'>".$body."</div>";
263 <textarea name
='note' id
='note' rows
='4' cols
='58'></textarea
>
265 <?php
if ($noteid) { ?
>
266 <!-- existing note
-->
267 <a href
="#" class="css_button" id
="newnote" title
="<?php echo htmlspecialchars( xl('Add as a new note'), ENT_QUOTES); ?>" ><span
><?php
echo htmlspecialchars( xl('Save as new note'), ENT_NOQUOTES
); ?
></span
></a
>
268 <a href
="#" class="css_button" id
="appendnote" title
="<?php echo htmlspecialchars( xl('Append to the existing note'), ENT_QUOTES); ?>"><span
><?php
echo htmlspecialchars( xl('Append this note'), ENT_NOQUOTES
); ?
></span
></a
>
270 <a href
="#" class="css_button" id
="newnote" title
="<?php echo htmlspecialchars( xl('Add as a new note'), ENT_QUOTES); ?>" ><span
><?php
echo htmlspecialchars( xl('Save as new note'), ENT_NOQUOTES
); ?
></span
></a
>
278 <form border
='0' method
='post' name
='update_activity' id
='update_activity'
279 action
="pnotes_full.php?<?php echo $urlparms; ?>">
281 <!-- start of previous notes DIV
-->
282 <div
class=pat_notes
>
285 <input type
='hidden' name
='mode' value
="update">
286 <input type
='hidden' name
='offset' id
='noteid' value
="<?php echo $offset;?>">
287 <input type
='hidden' name
='noteid' id
='noteid' value
="0">
290 <table width
='400' border
='0' cellpadding
='0' cellspacing
='0'>
294 if ($offset > ($N-1)) {
295 echo " <a class='link' href='pnotes_full.php" .
297 "&form_active=" . htmlspecialchars( $form_active, ENT_QUOTES
) .
298 "&form_inactive=" . htmlspecialchars( $form_inactive, ENT_QUOTES
) .
299 "&form_doc_only=" . htmlspecialchars( $form_doc_only, ENT_QUOTES
) .
300 "&offset=" . ($offset-$N) . "' onclick='top.restoreSession()'>[" .
301 htmlspecialchars( xl('Previous'), ENT_NOQUOTES
) . "]</a>\n";
307 if ($result_count == $N) {
308 echo " <a class='link' href='pnotes_full.php" .
310 "&form_active=" . htmlspecialchars( $form_active, ENT_QUOTES
) .
311 "&form_inactive=" . htmlspecialchars( $form_inactive, ENT_QUOTES
) .
312 "&form_doc_only=" . htmlspecialchars( $form_doc_only, ENT_QUOTES
) .
313 "&offset=" . ($offset+
$N) . "' onclick='top.restoreSession()'>[" .
314 htmlspecialchars( xl('Next'), ENT_NOQUOTES
) . "]</a>\n";
321 </div
> <!-- close the previous
-notes DIV
-->
323 <script language
='JavaScript'>
326 if ($GLOBALS['concurrent_layout'] && $_GET['set_pid']) {
327 $ndata = getPatientData($patient_id, "fname, lname, pubpid");
329 parent
.left_nav
.setPatient(<?php
echo "'" . htmlspecialchars( $ndata['fname']." ".$ndata['lname'], ENT_QUOTES
) . "',$patient_id,'" . htmlspecialchars( $ndata['pubpid'], ENT_QUOTES
) . "',window.name"; ?
>);
330 parent
.left_nav
.setRadio(window
.name
, 'pno');
334 // If this note references a new patient document, pop up a display
337 if ($noteid /* && $title == 'New Document' */ ) {
338 $prow = getPnoteById($noteid, 'body');
339 if (preg_match('/New scanned document (\d+): [^\n]+\/([^\n]+)/', $prow['body'], $matches)) {
340 $docid = $matches[1];
341 $docname = $matches[2];
343 window
.open('../../../controller.php?document&retrieve&patient_id=<?php echo htmlspecialchars( $patient_id, ENT_QUOTES) ?>&document_id=<?php echo htmlspecialchars( $docid, ENT_QUOTES) ?>&<?php echo htmlspecialchars( $docname, ENT_QUOTES)?>&as_file=true',
344 '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
352 </div
> <!-- end outer
'pnotes' -->
356 <script language
="javascript">
358 // jQuery stuff to make the page a little easier to use
360 $
(document
).ready(function(){
361 $
("#appendnote").click(function() { AppendNote(); });
362 $
("#newnote").click(function() { NewNote(); });
363 $
("#printnote").click(function() { PrintNote(); });
365 $
(".change_activity").click(function() { top
.restoreSession(); $
("#update_activity").submit(); });
367 $
(".deletenote").click(function() { DeleteNote(this
); });
369 $
(".noterow").mouseover(function() { $
(this
).toggleClass("highlight"); });
370 $
(".noterow").mouseout(function() { $
(this
).toggleClass("highlight"); });
371 $
(".notecell").click(function() { EditNote(this
); });
375 var EditNote
= function(note
) {
376 top
.restoreSession();
377 $
("#noteid").val(note
.id
);
379 $
("#new_note").submit();
382 var NewNote
= function () {
383 top
.restoreSession();
384 $
("#noteid").val('');
385 $
("#new_note").submit();
388 var AppendNote
= function () {
389 top
.restoreSession();
390 $
("#new_note").submit();
393 var PrintNote
= function () {
394 top
.restoreSession();
395 window
.open('pnotes_print.php?noteid=<?php echo htmlspecialchars( $noteid, ENT_QUOTES); ?>', '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
398 var DeleteNote
= function(note
) {
399 if (confirm("<?php echo htmlspecialchars( xl('Are you sure you want to delete this note?','','','\n ').xl('This action CANNOT be undone.'), ENT_QUOTES); ?>")) {
400 top
.restoreSession();
401 // strip the 'del' part of the object's ID
402 $
("#noteid").val(note
.id
.replace(/del
/, ""));
403 $
("#mode").val("delete");
404 $
("#new_note").submit();
409 $
(document
).ready(function(){
410 $
("#cancel").click(function() {
411 parent
.$
.fn
.fancybox
.close();