3 * Document Template Download Module.
5 * Copyright (C) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
6 * Copyright (C) 2013-2014 Rod Roark <rod@sunsetsystems.com>
8 * LICENSE: This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>.
20 * @author Jerry Padgett <sjpadgett@gmail.com>
21 * @author Rod Roark <rod@sunsetsystems.com>
22 * @link http://www.open-emr.org
25 // This module downloads a specified document template to the browser after
26 // substituting relevant patient data into its variables.
27 require_once(dirname(__file__
) . "/../verify_session.php");
29 require_once($GLOBALS['srcdir'] . '/acl.inc');
30 require_once($GLOBALS['srcdir'] . '/htmlspecialchars.inc.php');
31 require_once($GLOBALS['srcdir'] . '/formdata.inc.php');
32 require_once($GLOBALS['srcdir'] . '/formatting.inc.php');
33 require_once($GLOBALS['srcdir'] . '/appointments.inc.php');
34 require_once($GLOBALS['srcdir'] . '/options.inc.php');
36 $form_filename = $_POST['docid'];
38 // $user = strip_escape_custom($_POST['user']);
40 $nextLocation = 0; // offset to resume scanning
41 $keyLocation = false; // offset of a potential {string} to replace
42 $keyLength = 0; // length of {string} to replace
43 $groupLevel = 0; // 0 if not in a {GRP} section
44 $groupCount = 0; // 0 if no items in the group yet
45 $itemSeparator = '; '; // separator between group items
46 $tcnt = $grcnt = $ckcnt = 0;
49 // Flags to ignore new lines
51 // Check if the current location has the specified {string}.
52 function keySearch(&$s, $key)
54 global $keyLocation, $keyLength;
55 $keyLength = strlen($key);
56 if ($keyLength == 0) {
60 return $key == substr($s, $keyLocation, $keyLength);
63 // Replace the {string} at the current location with the specified data.
64 // Also update the location to resume scanning accordingly.
65 function keyReplace(&$s, $data)
67 global $keyLocation, $keyLength, $nextLocation;
68 $nextLocation = $keyLocation +
strlen($data);
69 return substr($s, 0, $keyLocation) . $data . substr($s, $keyLocation +
$keyLength);
72 // Do some final processing of field data before it's put into the document.
73 function dataFixup($data, $title = '')
75 global $groupLevel, $groupCount, $itemSeparator;
77 // Replace some characters that can mess up XML without assuming XML content type.
78 $data = str_replace('&', '[and]', $data);
79 $data = str_replace('<', '[less]', $data);
80 $data = str_replace('>', '[greater]', $data);
81 // If in a group, include labels and separators.
84 $data = $title . ': ' . $data;
88 $data = $itemSeparator . $data;
98 // Return a string naming all issues for the specified patient and issue type.
99 function getIssues($type)
101 // global $itemSeparator;
103 $lres = sqlStatement("SELECT title, comments FROM lists WHERE " . "pid = ? AND type = ? AND enddate IS NULL " . "ORDER BY begdate", array(
107 while ($lrow = sqlFetchArray($lres)) {
112 $tmp .= $lrow['title'];
113 if ($lrow['comments']) {
114 $tmp .= ' (' . $lrow['comments'] . ')';
121 // Top level function for scanning and replacement of a file's contents.
124 global $ptrow, $hisrow, $enrow, $nextLocation, $keyLocation, $keyLength;
125 global $groupLevel, $groupCount, $itemSeparator, $pid, $encounter;
126 global $tcnt, $grcnt, $ckcnt;
132 while (($keyLocation = strpos($s, '{', $nextLocation)) !== false) {
133 $nextLocation = $keyLocation +
1;
135 if (keySearch($s, '{PatientSignature}')) {
136 $fn = $GLOBALS['web_root'] . '/portal/sign/assets/signhere.png';
138 $sigfld .= '<img style="cursor:pointer;color:red" class="signature" type="patient-signature" id="patientSignature" onclick="getSignature(this)"' . 'alt="' . xla("Click in signature on file") . '" src="' . $fn . '">';
139 $sigfld .= '</span>';
140 $s = keyReplace($s, $sigfld);
141 } else if (keySearch($s, '{AdminSignature}')) {
142 $fn = $GLOBALS['web_root'] . '/portal/sign/assets/signhere.png';
144 $sigfld .= '<img style="cursor:pointer;color:red" class="signature" type="admin-signature" id="adminSignature" onclick="getSignature(this)"' . 'alt="' . xla("Click in signature on file") . '" src="' . $fn . '">';
145 $sigfld .= '</span>';
146 $s = keyReplace($s, $sigfld);
147 } else if (keySearch($s, '{ParseAsHTML}')) {
149 $s = keyReplace($s, "");
150 } else if (keySearch($s, '{TextInput}')) {
152 $sigfld .= '<input class="templateInput" type="text" style="color:black;" data-textvalue="" onblur="templateText(this);">';
153 $sigfld .= '</span>';
154 $s = keyReplace($s, $sigfld);
155 } else if (keySearch($s, '{smTextInput}')) {
157 $sigfld .= '<input class="templateInput" type="text" style="color:black;max-width:50px;" data-textvalue="" onblur="templateText(this);">';
158 $sigfld .= '</span>';
159 $s = keyReplace($s, $sigfld);
160 } else if (keySearch($s, '{CheckMark}')) {
162 $sigfld = '<span class="checkMark" data-id="check' . $ckcnt . '">';
163 $sigfld .= '<input type="checkbox" id="check' . $ckcnt . '" data-value="" onclick="templateCheckMark(this);">';
164 $sigfld .= '</span>';
165 $s = keyReplace($s, $sigfld);
166 } else if (keySearch($s, '{ynRadioGroup}')) {
168 $sigfld = '<span class="ynuGroup" data-value="N/A" data-id="' . $grcnt . '" id="rgrp' . $grcnt . '">';
169 $sigfld .= '<label><input onclick="templateRadio(this)" type="radio" name="ynradio' . $grcnt . '" data-id="' . $grcnt . '" value="Yes">' . xlt("Yes") . '</label>';
170 $sigfld .= '<label><input onclick="templateRadio(this)" type="radio" name="ynradio' . $grcnt . '" data-id="' . $grcnt . '" value="No">' . xlt("No") . '</label>';
171 $sigfld .= '<label><input onclick="templateRadio(this)" type="radio" name="ynradio' . $grcnt . '" checked="checked" data-id="' . $grcnt . '" value="N/A">N/A</label>';
172 $sigfld .= '</span>';
173 $s = keyReplace($s, $sigfld);
174 } else if (keySearch($s, '{PatientName}')) {
175 $tmp = $ptrow['fname'];
176 if ($ptrow['mname']) {
181 $tmp .= $ptrow['mname'];
184 if ($ptrow['lname']) {
189 $tmp .= $ptrow['lname'];
192 $s = keyReplace($s, dataFixup($tmp, xl('Name')));
193 } else if (keySearch($s, '{PatientID}')) {
194 $s = keyReplace($s, dataFixup($ptrow['pubpid'], xl('Chart ID')));
195 } else if (keySearch($s, '{Address}')) {
196 $s = keyReplace($s, dataFixup($ptrow['street'], xl('Street')));
197 } else if (keySearch($s, '{City}')) {
198 $s = keyReplace($s, dataFixup($ptrow['city'], xl('City')));
199 } else if (keySearch($s, '{State}')) {
200 $s = keyReplace($s, dataFixup(getListItemTitle('state', $ptrow['state']), xl('State')));
201 } else if (keySearch($s, '{Zip}')) {
202 $s = keyReplace($s, dataFixup($ptrow['postal_code'], xl('Postal Code')));
203 } else if (keySearch($s, '{PatientPhone}')) {
204 $ptphone = $ptrow['phone_contact'];
205 if (empty($ptphone)) {
206 $ptphone = $ptrow['phone_home'];
209 if (empty($ptphone)) {
210 $ptphone = $ptrow['phone_cell'];
213 if (empty($ptphone)) {
214 $ptphone = $ptrow['phone_biz'];
217 if (preg_match("/([2-9]\d\d)\D*(\d\d\d)\D*(\d\d\d\d)/", $ptphone, $tmp)) {
218 $ptphone = '(' . $tmp[1] . ')' . $tmp[2] . '-' . $tmp[3];
221 $s = keyReplace($s, dataFixup($ptphone, xl('Phone')));
222 } else if (keySearch($s, '{PatientDOB}')) {
223 $s = keyReplace($s, dataFixup(oeFormatShortDate($ptrow['DOB']), xl('Birth Date')));
224 } else if (keySearch($s, '{PatientSex}')) {
225 $s = keyReplace($s, dataFixup(getListItemTitle('sex', $ptrow['sex']), xl('Sex')));
226 } else if (keySearch($s, '{DOS}')) {
227 // $s = @keyReplace($s, dataFixup(oeFormatShortDate(substr($enrow['date'], 0, 10)), xl('Service Date'))); // changed DOS to todays date- add future enc DOS
228 $s = @keyReplace
($s, dataFixup(oeFormatShortDate(substr(date("Y-m-d"), 0, 10)), xl('Service Date')));
229 } else if (keySearch($s, '{ChiefComplaint}')) {
230 $cc = $enrow['reason'];
231 $patientid = $ptrow['pid'];
232 $DOS = substr($enrow['date'], 0, 10);
233 // Prefer appointment comment if one is present.
234 $evlist = fetchEvents($DOS, $DOS, " AND pc_pid = '$patientid' ");
235 foreach ($evlist as $tmp) {
236 if ($tmp['pc_pid'] == $pid && ! empty($tmp['pc_hometext'])) {
237 $cc = $tmp['pc_hometext'];
241 $s = keyReplace($s, dataFixup($cc, xl('Chief Complaint')));
242 } else if (keySearch($s, '{ReferringDOC}')) {
243 $tmp = empty($ptrow['ur_fname']) ?
'' : $ptrow['ur_fname'];
244 if (! empty($ptrow['ur_mname'])) {
249 $tmp .= $ptrow['ur_mname'];
252 if (! empty($ptrow['ur_lname'])) {
257 $tmp .= $ptrow['ur_lname'];
260 $s = keyReplace($s, dataFixup($tmp, xl('Referer')));
261 } else if (keySearch($s, '{Allergies}')) {
262 $tmp = generate_plaintext_field(array(
266 $s = keyReplace($s, dataFixup($tmp, xl('Allergies')));
267 } else if (keySearch($s, '{Medications}')) {
268 $s = keyReplace($s, dataFixup(getIssues('medication'), xl('Medications')));
269 } else if (keySearch($s, '{ProblemList}')) {
270 $s = keyReplace($s, dataFixup(getIssues('medical_problem'), xl('Problem List')));
271 } // This tag indicates the fields from here until {/GRP} are a group of fields
272 // separated by semicolons. Fields with no data are omitted, and fields with
273 // data are prepended with their field label from the form layout.
274 else if (keySearch($s, '{GRP}')) {
277 $s = keyReplace($s, '');
278 } else if (keySearch($s, '{/GRP}')) {
279 if ($groupLevel > 0) {
283 $s = keyReplace($s, '');
284 } // This is how we specify the separator between group items in a way that
285 // is independent of the document format. Whatever is between {ITEMSEP} and
286 // {/ITEMSEP} is the separator string. Default is "; ".
287 else if (preg_match('/^\{ITEMSEP\}(.*?)\{\/ITEMSEP\}/', substr($s, $keyLocation), $matches)) {
288 $itemSeparator = $matches[1];
289 $keyLength = strlen($matches[0]);
290 $s = keyReplace($s, '');
291 } // This handles keys like {LBFxxx:fieldid} for layout-based encounter forms.
292 else if (preg_match('/^\{(LBF\w+):(\w+)\}/', substr($s, $keyLocation), $matches)) {
293 $formname = $matches[1];
294 $fieldid = $matches[2];
295 $keyLength = 3 +
strlen($formname) +
strlen($fieldid);
299 $frow = sqlQuery("SELECT * FROM layout_options " . "WHERE form_id = ? AND field_id = ? LIMIT 1", array(
303 if (! empty($frow)) {
304 $ldrow = sqlQuery("SELECT ld.field_value " . "FROM lbf_data AS ld, forms AS f WHERE " . "f.pid = ? AND f.encounter = ? AND f.formdir = ? AND f.deleted = 0 AND " . "ld.form_id = f.form_id AND ld.field_id = ? " . "ORDER BY f.form_id DESC LIMIT 1", array(
310 if (! empty($ldrow)) {
311 $currvalue = $ldrow['field_value'];
312 $title = $frow['title'];
315 if ($currvalue !== '') {
316 $data = generate_plaintext_field($frow, $currvalue);
320 $s = keyReplace($s, dataFixup($data, $title));
321 } // This handles keys like {DEM:fieldid} and {HIS:fieldid}.
322 else if (preg_match('/^\{(DEM|HIS):(\w+)\}/', substr($s, $keyLocation), $matches)) {
323 $formname = $matches[1];
324 $fieldid = $matches[2];
325 $keyLength = 3 +
strlen($formname) +
strlen($fieldid);
329 $frow = sqlQuery("SELECT * FROM layout_options " . "WHERE form_id = ? AND field_id = ? LIMIT 1", array(
333 if (! empty($frow)) {
334 $tmprow = $formname == 'DEM' ?
$ptrow : $hisrow;
335 if (isset($tmprow[$fieldid])) {
336 $currvalue = $tmprow[$fieldid];
337 $title = $frow['title'];
340 if ($currvalue !== '') {
341 $data = generate_plaintext_field($frow, $currvalue);
345 $s = keyReplace($s, dataFixup($data, $title));
347 } // End if { character found.
351 // Get patient demographic info.
352 $ptrow = sqlQuery("SELECT pd.*, " . "ur.fname AS ur_fname, ur.mname AS ur_mname, ur.lname AS ur_lname, ur.title AS ur_title, ur.specialty AS ur_specialty " . "FROM patient_data AS pd " . "LEFT JOIN users AS ur ON ur.id = pd.ref_providerID " . "WHERE pd.pid = ?", array(
356 $hisrow = sqlQuery("SELECT * FROM history_data WHERE pid = ? " . "ORDER BY date DESC LIMIT 1", array(
362 // Get some info for the currently selected encounter.
364 $enrow = sqlQuery("SELECT * FROM form_encounter WHERE pid = ? AND " . "encounter = ?", array(
370 $templatedir = $GLOBALS['OE_SITE_DIR'] . '/documents/onsite_portal_documents/templates';
371 $templatepath = "$templatedir/$form_filename";
372 // test if this is folder with template, if not, must be for a specific patient
373 if (! file_exists($templatepath)) {
374 $templatepath = "$templatedir/" . $pid . "/$form_filename";
377 // Create a temporary file to hold the output.
378 $fname = tempnam($GLOBALS['temporary_files_dir'], 'OED');
380 // Get mime type in a way that works with old and new PHP releases.
381 $mimetype = 'application/octet-stream';
382 $ext = strtolower(array_pop((explode('.', $fname))));
383 if ('dotx' == $ext) {
384 // PHP does not seem to recognize this type.
385 $mimetype = 'application/msword';
386 } else if (function_exists('finfo_open')) {
387 $finfo = finfo_open(FILEINFO_MIME_TYPE
);
388 $mimetype = finfo_file($finfo, $templatepath);
390 } else if (function_exists('mime_content_type')) {
391 $mimetype = mime_content_type($templatepath);
394 $mimetype = 'application/msword';
395 } else if ('dot' == $ext) {
396 $mimetype = 'application/msword';
397 } else if ('htm' == $ext) {
398 $mimetype = 'text/html';
399 } else if ('html' == $ext) {
400 $mimetype = 'text/html';
401 } else if ('odt' == $ext) {
402 $mimetype = 'application/vnd.oasis.opendocument.text';
403 } else if ('ods' == $ext) {
404 $mimetype = 'application/vnd.oasis.opendocument.spreadsheet';
405 } else if ('ott' == $ext) {
406 $mimetype = 'application/vnd.oasis.opendocument.text';
407 } else if ('pdf' == $ext) {
408 $mimetype = 'application/pdf';
409 } else if ('ppt' == $ext) {
410 $mimetype = 'application/vnd.ms-powerpoint';
411 } elseif ('ps' == $ext) {
412 $mimetype = 'application/postscript';
413 } else if ('rtf' == $ext) {
414 $mimetype = 'application/rtf';
415 } else if ('txt' == $ext) {
416 $mimetype = 'text/plain';
417 } else if ('xls' == $ext) {
418 $mimetype = 'application/vnd.ms-excel';
422 $zipin = new ZipArchive();
423 if ($zipin->open($templatepath) === true) {
425 // Must be a zip archive.
426 $zipout = new ZipArchive();
427 $zipout->open($fname, ZipArchive
::OVERWRITE
);
428 for ($i = 0; $i < $zipin->numFiles
; ++
$i) {
429 $ename = $zipin->getNameIndex($i);
430 $edata = $zipin->getFromIndex($i);
431 $edata = doSubs($edata);
433 $zipout->addFromString($ename, $edata);
440 // Not a zip archive.
441 $edata = file_get_contents($templatepath);
442 $edata = doSubs($edata);
443 if ($html_flag) { // return raw html template
445 } else { // add br for lf in text template
446 $html = nl2br($edata);