interface/forms/functional_cognitive_status/save.php

   1 <?php
   2 // +-----------------------------------------------------------------------------+
   3 // Copyright (C) 2015 Z&H Consultancy Services Private Limited <sam@zhservices.com>
   4 //
   5 //
   6 // This program is free software; you can redistribute it and/or
   7 // modify it under the terms of the GNU General Public License
   8 // as published by the Free Software Foundation; either version 2
   9 // of the License, or (at your option) any later version.
  10 //
  11 //
  12 // This program is distributed in the hope that it will be useful,
  13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 // GNU General Public License for more details.
  16 //
  17 //
  18 // A copy of the GNU General Public License is included along with this program:
  19 // openemr/interface/login/GnuGPL.html
  20 // For more information write to the Free Software
  21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  22 //
  23 // Author:   Jacob T Paul <jacob@zhservices.com>
  24 //           Vinish K <vinish@zhservices.com>
  25 //
  26 // +------------------------------------------------------------------------------+
  27
  28 //SANITIZE ALL ESCAPES
  29 $sanitize_all_escapes = $_POST['true'];
  30
  31 //STOP FAKE REGISTER GLOBALS
  32 $fake_register_globals = $_POST['false'];
  33
  34 include_once("../../globals.php");
  35 include_once("$srcdir/api.inc");
  36 include_once("$srcdir/forms.inc");
  37 require_once("$srcdir/formdata.inc.php");
  38
  39 if (!$encounter) { // comes from globals.php
  40     die(xlt("Internal error: we do not seem to be in an encounter!"));
  41 }
  42
  43 $id = 0 + (isset($_GET['id']) ? $_GET['id'] : '');
  44 $code = $_POST["code"];
  45 $code_text = $_POST["codetext"];
  46 $code_date = $_POST["code_date"];
  47 $code_des = $_POST["description"];
  48 $code_activity = $_POST["activity1"];
  49
  50 if ($id && $id != 0) {
  51     sqlStatement("DELETE FROM `form_functional_cognitive_status` WHERE id=? AND pid = ? AND encounter = ?", array($id, $_SESSION["pid"], $_SESSION["encounter"]));
  52     $newid = $id;
  53 } else {
  54     $res2 = sqlStatement("SELECT MAX(id) as largestId FROM `form_functional_cognitive_status`");
  55     $getMaxid = sqlFetchArray($res2);
  56     if ($getMaxid['largestId']) {
  57         $newid = $getMaxid['largestId'] + 1;
  58     } else {
  59         $newid = 1;
  60     }
  61     addForm($encounter, "Functional and Cognitive Status Form", $newid, "functional_cognitive_status", $_SESSION["pid"], $userauthorized);
  62 }
  63 $code_text = array_filter($code_text);
  64
  65 if (!empty($code_text)) {
  66     foreach ($code_text as $key => $codeval):
  67         $sets = "id    = ". add_escape_custom($newid) .",
  68             pid        = ". add_escape_custom($_SESSION["pid"]) .",
  69             groupname  = '" . add_escape_custom($_SESSION["authProvider"]) . "',
  70             user       = '" . add_escape_custom($_SESSION["authUser"]) . "',
  71             encounter  = '" . add_escape_custom($_SESSION["encounter"]) . "',
  72             authorized = ". add_escape_custom($userauthorized) .",
  73             activity   = '" . add_escape_custom($code_activity[$key]) . "',
  74             code       = '" . add_escape_custom($code[$key]) . "',
  75             codetext   = '" . add_escape_custom($code_text[$key]) . "',
  76             description= '" . add_escape_custom($code_des[$key]) . "',
  77             date       =  '" . add_escape_custom($code_date[$key]) . "'";
  78         sqlInsert("INSERT INTO form_functional_cognitive_status SET $sets");
  79     endforeach;
  80 }
  81 $_SESSION["encounter"] = $encounter;
  82 formHeader("Redirecting....");
  83 formJump();
  84 formFooter();
  85 ?>
  86