search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit helps in the following
[openemr.git] / myportal / soap_service / server_side.php
blob5c7f31703270f538b4cf78a7aad776e9c2697650
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10 //
11 //
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
16 //
17 //
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
26 //
27 // +------------------------------------------------------------------------------+
28
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
31 //
32
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
35 //
36
37 global $ISSUE_TYPES;
38 $ignoreAuth=true;
39 ob_start();
40
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__)."/../../library/options.inc.php");
44 $err = '';
45 if(!extension_loaded("soap")){
46 dl("php_soap.dll");
47 }
48 require_once("server_med_rec.php");
49 require_once("factory_class.php");
50 class UserService extends Userforms
51 {
52
53 /**
54 * To display the patient uploaded files/pdf patient wise
55 */
56 public function patientuploadedfiles($data){
57 if($this->valid($data[0])){
58 ob_start();
59 $query = "
60 SELECT
61 am.id,
62 am.pid,
63 ad.field_value AS doc_name,
64 pd.fname,
65 pd.lname,
66 pd.mname,
67 ad2.field_value AS file_name,
68 ad3.field_value AS pat_comments
69 FROM
70 audit_details AS ad
71 JOIN audit_master AS am
72 ON am.id = ad.audit_master_id
73 LEFT JOIN patient_data AS pd
74 ON am.pid = pd.pid
75 JOIN audit_details AS ad2
76 ON am.id = ad2.audit_master_id
77 AND ad2.field_name = 'dlm_filename'
78 JOIN audit_details AS ad3
79 ON am.id = ad3.audit_master_id
80 AND ad3.field_name = 'dld_patient_comments'
81 WHERE ad.field_name = 'dlm_document_name'
82 AND approval_status = '1'
83 AND am.type = '4'
84 ORDER BY am.pid ASC
85 ";
86 if(!empty($data[1])){
87 $query .= " AND am.id = ?";
88 $res = sqlStatement($query,array($data[1]));
89 }else{
90 $res = sqlStatement($query);
91 }
92 if ($res) {
93 for($iter=0; $row=sqlFetchArray($res); $iter++) {
94 $all[$iter] = $row;
95 }
96 }
97 $v = ob_get_clean();
98 return $all;
99 }
100 }
101
102 public function createandstoretodirectory($data){
103 global $pid;
104 if($this->valid($data[0])){
105 $file_name=$data[1];
106 $data=$data[2];
107 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
108 if(is_dir($savedpath));
109 else
110 {
111 mkdir($savedpath,0777,true);
112 chmod($savedpath, 0777);
113 }
114 $handler = fopen($savedpath."/".$file_name,"w");
115 fwrite($handler, base64_decode($data));
116 fclose($handler);
117 chmod($savedpath."/".$file_name,0777);
118 }
119 else{
120 throw new SoapFault("Server", "credentials failed");
121 }
122 }
123
124 /**
125 * To move category,rename filename,input note and to move to new patient#
126 */
127 public function documents_update($data){
128 if($this->valid($data[0])){
129 $_POST['process'] = true;
130 $_POST['new_category_id'] = $data[1];
131 $_POST['new_patient_id'] = $data[4];
132 $file_path = '';
133 if($data[9] == 2)
134 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
135 elseif($data[9] == 1)
136 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
137 elseif($data[9] == 4)
138 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
139 $mime_types = array(
140 "pdf"=>"application/pdf"
141 ,"exe"=>"application/octet-stream"
142 ,"zip"=>"application/zip"
143 ,"docx"=>"application/msword"
144 ,"doc"=>"application/msword"
145 ,"xls"=>"application/vnd.ms-excel"
146 ,"ppt"=>"application/vnd.ms-powerpoint"
147 ,"gif"=>"image/gif"
148 ,"png"=>"image/png"
149 ,"jpeg"=>"image/jpg"
150 ,"jpg"=>"image/jpg"
151 ,"mp3"=>"audio/mpeg"
152 ,"wav"=>"audio/x-wav"
153 ,"mpeg"=>"video/mpeg"
154 ,"mpg"=>"video/mpeg"
155 ,"mpe"=>"video/mpeg"
156 ,"mov"=>"video/quicktime"
157 ,"avi"=>"video/x-msvideo"
158 ,"3gp"=>"video/3gpp"
159 ,"css"=>"text/css"
160 ,"jsc"=>"application/javascript"
161 ,"js"=>"application/javascript"
162 ,"php"=>"text/html"
163 ,"htm"=>"text/html"
164 ,"html"=>"text/html"
165 );
166
167 $extension = strtolower(end(explode('.',$file_path)));
168 $mime_types = $mime_types[$extension];
169 $_FILES['file']['name'][0] = $data[6];
170 $_FILES['file']['type'][0] = $mime_types;
171 $_FILES['file']['tmp_name'][0] = $file_path;
172 $_FILES['file']['error'][0] = 0;
173 $_FILES['file']['size'][0] = filesize($file_path);
174 $_POST['category_id'] = $_POST['new_category_id'];
175 $_POST['patient_id'] = $_POST['new_patient_id'];
176 $_GET['patient_id'] = $_POST['patient_id'];
177 $_POST['destination'] = $data[3];
178
179 $cdoc = new C_Document();
180 $cdoc->upload_action_process();
181 if($GLOBALS['document_storage_method']==0){
182 if($data[3])
183 copy($file_path,$cdoc->file_path.$data[3]);
184 else
185 copy($file_path,$cdoc->file_path.$data[6]);
186 }
187 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
188 unset($_POST);
189 $_POST['encrypted'] = '';
190 $_POST['passphrase'] = '';
191 $_POST['process'] = true;
192 $_POST['foreign_id'] = $foreign_id['id'];
193 $_POST['note'] = $data[7];
194 $cdoc->note_action_process($_GET['patient_id']);
195 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
196 sqlQuery($sql_patient_no,array($data[2],$data[8]));
197 unset($_POST);
198 }
199 }
200
201 /**
202 * To display the files/pdfforms patient wise
203 */
204 public function userslistportal($data){
205 if($this->valid($data[0])){
206 ob_start();
207 $query = "SELECT
208 dlm.dlm_upload_type,
209 dld.dld_id,
210 dld.dld_pid,
211 dlm.dlm_document_name,
212 dlm.dlm_document_id,
213 dlm.dlm_filename,
214 dld.dld_filename,
215 dld.dld_signed,
216 dlm.dlm_filename,
217 dld.dld_master_docid,
218 dld.dld_signed,
219 dld.dld_patient_comments,
220 dld.dld_moved,
221 pd.fname,
222 pd.lname,
223 pd.mname
224 FROM
225 documents_legal_master AS dlm
226 LEFT OUTER JOIN documents_legal_detail AS dld
227 ON dlm.dlm_document_id = dld_master_docid
228 JOIN patient_data AS pd
229 ON dld.dld_pid = pd.pid
230 WHERE dlm.dlm_effective_date <= NOW()
231 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
232 AND dld.dld_id IS NOT NULL
233 AND dld.dld_signed IN (1,2,4)
234 AND dld.dld_moved = 0
235 ORDER BY dld.dld_pid ASC ";
236
237 $res = sqlStatement($query);
238 if ($res) {
239 for($iter=0; $row=sqlFetchArray($res); $iter++) {
240 $all[$iter] = $row;
241 }
242 }
243 $v = ob_get_clean();
244 return $all;
245 }
246 }
247
248 /**
249 * To display the category list in Move To Category option
250 */
251 public function category_list($data){
252 if($this->valid($data[0])){
253 ob_start();
254 $query = "SELECT * FROM categories";
255 $res = sqlStatement($query);
256 if ($res) {
257 for($iter=0; $row=sqlFetchArray($res); $iter++) {
258 $all[$iter] = $row;
259 }
260 }
261 $v = ob_get_clean();
262 return $all;
263 }
264 }
265
266 //Converts a text to xml format.Format is as follows
267 public function text_to_xml($data){
268 if($this->valid($data[0])){
269 $text = $data[1];
270 $doc = new DOMDocument();
271 $doc->formatOutput = true;
272
273 $root = $doc->createElement( "root" );
274 $doc->appendChild( $root );
275
276 $level = $doc->createElement( "level" );
277 $root->appendChild( $level );
278
279 $element = $doc->createElement( "text" );
280 $element->appendChild(
281 $doc->createTextNode( $text )
282 );
283 $level->appendChild( $element );
284 return $doc->saveXML();
285 }
286 else{
287 throw new SoapFault("Server", "credentials failed");
288 }
289 }
290
291 //Accepts an array and returns the result in xml format.Format is as follows
292
293
294 public function function_return_to_xml($var=array()){
295
296 $doc = new DOMDocument();
297 $doc->formatOutput = true;
298
299 $root = $doc->createElement( "root" );
300 $doc->appendChild( $root );
301
302
303 $level = $doc->createElement( "level" );
304 $root->appendChild( $level );
305 foreach($var as $key=>$value){
306 $element = $doc->createElement( "$key" );
307 $element->appendChild(
308 $doc->createTextNode( $value )
309 );
310 $level->appendChild( $element );
311 }
312
313 return $doc->saveXML();
314
315 }
316
317 //When a filled PDf is rejected During audit , the file is deleted
318
319
320 public function delete_file($data){
321 if($this->valid($data[0])){
322 $file_name_with_path=$data[1];
323 @unlink($file_name_with_path);
324 }
325 else{
326 throw new SoapFault("Server", "credentials failed");
327 }
328 }
329
330
331 //Accepts a file path.Fetches the file in xml format.
332 //Transfer the file to portal in XML format
333 public function file_to_xml($data){
334 if($this->valid($data[0])){
335 $file_name_with_path=$data[1];
336 $path_parts = pathinfo($file_name_with_path);
337 $handler = fopen($file_name_with_path,"rb");
338 $returnData = fread($handler,filesize($file_name_with_path));
339 fclose($handler);
340 $doc = new DOMDocument();
341 $doc->formatOutput = true;
342
343 $root = $doc->createElement( "root" );
344 $doc->appendChild( $root );
345
346 $level = $doc->createElement( "level" );
347 $root->appendChild( $level );
348
349 $filename = $doc->createElement( "name" );
350 $filename->appendChild(
351 $doc->createTextNode( $path_parts['basename'] )
352 );
353 $level->appendChild( $filename );
354
355 $type = $doc->createElement( "type" );
356 $type->appendChild(
357 $doc->createTextNode( $path_parts['extension'] )
358 );
359 $level->appendChild( $type );
360 $content = $doc->createElement( "file" );
361 $content->appendChild(
362 $doc->createTextNode( base64_encode($returnData) )
363 );
364 $level->appendChild( $content );
365 return $doc->saveXML();
366 }
367 else{
368 throw new SoapFault("Server", "credentials failed");
369 }
370 }
371
372
373 //File teceived from the portal side is saved to OpenEMR
374
375 public function store_to_file($data){
376 if($this->valid($data[0])){
377 $file_name_with_path=$data[1];
378 $data=$data[2];
379 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
380 if(is_dir($savedpath));
381 else
382 {
383 mkdir($savedpath,0777);
384 chmod($savedpath, 0777);
385 }
386 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
387 if(is_dir($savedpath));
388 else
389 {
390 mkdir($savedpath,0777);
391 chmod($savedpath, 0777);
392 }
393 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
394 if(is_dir($savedpath));
395 else
396 {
397 mkdir($savedpath,0777);
398 chmod($savedpath, 0777);
399 }
400 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
401 if(is_dir($savedpath));
402 else
403 {
404 mkdir($savedpath,0777);
405 chmod($savedpath, 0777);
406 }
407 $handler = fopen($file_name_with_path,"w");
408 fwrite($handler, base64_decode($data));
409 fclose($handler);
410 chmod($file_name_with_path,0777);
411 }
412 else{
413 throw new SoapFault("Server", "credentials failed");
414 }
415 }
416
417
418 //receive a batch of function calls received from Portal, execute it and return the results to the portal
419 //The results will be stored in the key, which is received from portal.
420
421
422 static public function batch_despatch($var,$func,$data_credentials){
423 global $pid;
424 if(UserService::valid($data_credentials)){
425 require_once("../../library/invoice_summary.inc.php");
426 require_once("../../library/options.inc.php");
427 require_once("../../library/acl.inc");
428 require_once("../../library/patient.inc");
429 if($func=='ar_responsible_party')
430 {
431 $patient_id=$pid;
432 $encounter_id=$var['encounter'];
433 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
434 return UserService::function_return_to_xml($x);
435 }
436 elseif($func=='getInsuranceData')
437 {
438 $type=$var['type'];
439 $given=$var['given'];
440 $x=getInsuranceData($pid,$type,$given);
441 return UserService::function_return_to_xml($x);
442 }
443 elseif($func=='generate_select_list')
444 {
445 $tag_name=$var['tag_name'];
446 $list_id=$var['list_id'];
447 $currvalue=$var['currvalue'];
448 $title=$var['title'];
449 $empty_name=$var['empty_name'];
450 $class=$var['class'];
451 $onchange=$var['onchange'];
452 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
453 return UserService::function_return_to_xml($x);
454 }
455 elseif($func=='xl_layout_label')
456 {
457 $constant=$var['constant'];
458 $x['xl_layout_label']=xl_layout_label($constant);
459 return UserService::function_return_to_xml($x);
460 }
461 elseif($func=='generate_form_field')
462 {
463 $frow=$var['frow'];
464 $currvalue=$var['currvalue'];
465 ob_start();
466 generate_form_field($frow,$currvalue);
467 $x['generate_form_field']=ob_get_contents();
468 ob_end_clean();
469 return UserService::function_return_to_xml($x);
470 }
471 elseif($func=='getInsuranceProviders')
472 {
473 $i=$var['i'];
474 $provider=$var['provider'];
475 $insurancei=getInsuranceProviders();
476 $x=$insurancei;
477 return $x;
478 }
479 elseif($func=='get_layout_form_value')
480 {
481 $frow=$var['frow'];
482 $_POST=$var['post_array'];
483 $x['get_layout_form_value']=get_layout_form_value($frow);
484 return UserService::function_return_to_xml($x);
485 }
486 elseif($func=='updatePatientData')
487 {
488 $patient_data=$var['patient_data'];
489 $create=$var['create'];
490 updatePatientData($pid,$patient_data,$create);
491 $x['ok']='ok';
492 return UserService::function_return_to_xml($x);
493 }
494 elseif($func=='updateEmployerData')
495 {
496 $employer_data=$var['employer_data'];
497 $create=$var['create'];
498 updateEmployerData($pid,$employer_data,$create);
499 $x['ok']='ok';
500 return UserService::function_return_to_xml($x);
501 }
502 elseif($func=='newHistoryData')
503 {
504 newHistoryData($pid);
505 $x['ok']='ok';
506 return UserService::function_return_to_xml($x);
507 }
508 elseif($func=='newInsuranceData')
509 {
510 $_POST=$var[0];
511 foreach($var as $key=>$value)
512 {
513 if($key>=3)//first 3 need to be skipped.
514 {
515 $var[$key]=formData($value);
516 }
517 if($key>=1)
518 {
519 $parameters[$key]=$var[$key];
520 }
521 }
522 $parameters[12]=fixDate($parameters[12]);
523 $parameters[27]=fixDate($parameters[27]);
524 call_user_func_array('newInsuranceData',$parameters);
525 $x['ok']='ok';
526 return UserService::function_return_to_xml($x);
527 }
528 elseif($func=='generate_layout_validation')
529 {
530 $form_id=$var['form_id'];
531 ob_start();
532 generate_layout_validation($form_id);
533 $x = ob_get_clean();
534 return $x;
535 }
536 }
537 else{
538 throw new SoapFault("Server", "credentials failed");
539 }
540 }
541
542 //Writing patient credentials to table
543 public function insert_login_details($var)
544 {
545 global $pid;
546 $data_credentials=$var[0];
547 if(UserService::valid($data_credentials))
548 {
549 $username=$var['username'];
550 $authPass=$var['authPass'];
551 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
552 sqlInsert($query,array($pid,$username,$authPass));
553 }
554 else
555 {
556 throw new SoapFault("Server", "credentials failed");
557 }
558 }
559
560
561
562 //Updating the password on a password change
563
564 public function update_password($var){
565 $data_credentials=$var[0];
566 global $pid;
567 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
568 $status = $var['new_pwd_status'];
569 $pwd=$var['new_pwd'];
570 $oldpwd = $var['old_pwd'];
571 $set = '';
572 $setarray = '';
573 $where = '';
574 if($status)
575 {
576 $where = "portal_pwd_status=? and pid=?";
577 $set= "portal_pwd=?,portal_pwd_status=?";
578 $setarray[]=$pwd;
579 $setarray[]=$status;
580 $setarray[]=0;
581 $setarray[]=$pid;
582 }
583
584 else
585 {
586 $set= "portal_pwd=? ";
587 $setarray[]=$pwd;
588 $where = " pid=?";
589 $setarray[]=$pid;
590 }
591 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
592 $res=sqlStatement($qry,array($pid,$oldpwd));
593 if(sqlNumRows($res)>0)
594 {
595 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
596 sqlStatement($qry,$setarray);
597 return 'ok';
598 }
599 else
600 {
601 return 'notok';
602 }
603 }
604 else{
605 throw new SoapFault("Server", "credentials failed");
606 }
607 }
608
609 //appointment update
610
611
612 public function update_openemr_appointment($var)
613 {
614 $data_credentials=$var[0];
615 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
616 foreach($var[1] as $key=>$value)
617 {
618 $eid=explode('_',$var[1][$key]);
619 if($eid[0]=='calendar')
620 {
621 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
622 }
623 elseif($eid[0]=='audit')
624 {
625 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
626 }
627 }
628 }
629 else{
630 throw new SoapFault("Server", "credentials failed");
631 }
632 }
633
634
635 //Marking the Documents as ready to be signed
636
637 public function update_dlm_dld($var)
638 {
639 $data_credentials=$var[0];
640 if(UserService::valid($data_credentials)){
641
642 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
643 sqlStatement($qry,array($var['dld_id']));
644 }
645 else{
646 throw new SoapFault("Server", "credentials failed");
647 }
648 }
649
650
651 //Setting PDF documets approve /denial status
652
653 public function update_dld_approve_deny($data){
654 if($this->valid($data[0])){
655 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
656 sqlStatement($qry,$data[1]);
657 }
658 else{
659 throw new SoapFault("Server", "credentials failed");
660 }
661 }
662
663 //Marking PDF documets as signed
664
665 public function update_dld_signed($data){
666 if($this->valid($data[0])){
667 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
668 sqlStatement($qry,$data[1]);
669 }
670 else{
671 throw new SoapFault("Server", "credentials failed");
672 }
673 }
674
675 //Marking PDF documets for audit.
676
677 public function update_dld_pending($data){
678 if($this->valid($data[0])){
679 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
680 sqlStatement($qry,$data[1]);
681 }
682 else{
683 throw new SoapFault("Server", "credentials failed");
684 }
685 }
686
687
688
689 public function insert_dld($data){
690 global $pid;
691 if(UserService::valid($data[0])=='existingpatient' || UserService::valid($data[0])=='newpatient'){
692 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
693 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
694 }
695 else{
696 throw new SoapFault("Server", "credentials failed");
697 }
698 }
699
700
701 //Inserting the entries for Master PDF documents uploaded
702
703 public function insert_dlm($data){
704 if($this->valid($data[0])=='oemruser'){
705 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
706 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
707 }
708 else{
709 throw new SoapFault("Server", "credentials failed");
710 }
711 }
712
713
714 //REceive an array of Select cases from portal execute it and return
715 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
716
717 public function batch_select($data){
718 if($this->valid($data[0])){
719 $batch = $data[1];
720 foreach($batch as $key=>$value)
721 {
722 $batchkey=$value['batchkey'];
723 $case=$value['case'];
724 $param=$value['param'];
725 $arrproc[] = $case;
726 $arrproc[] = $param;
727 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
728 $arrproc=null;
729 }
730 return $return_array;
731 }
732 else{
733 throw new SoapFault("Server", "credentials failed");
734 }
735 }
736
737
738 //Receive a batch of function calls from portal and execute it through batch despatch Function
739 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
740
741 public function batch_function($data){
742 if($this->valid($data[0])){
743 $batch = $data[1];
744 foreach($batch as $key=>$value)
745 {
746 $batchkey=$value['batchkey'];
747 $function=$value['funcname'];
748 $param=$value['param'];
749 $param[]=$data[0];
750 $res=call_user_func_array("UserService::$function",$param);
751 $return_array[$batchkey]=$res;
752 }
753 return $return_array;
754 }
755 else{
756 throw new SoapFault("Server", "credentials failed");
757 }
758 }
759
760 //Execute a batch of functions received from portal. But this function is limited to
761 // the functions written in the myportal module.
762
763 public function multiplecall($data){
764 $batch = $data[1];
765 foreach($batch as $key=>$value)
766 {
767 $batchkey=$value['batchkey'];
768 $function=$value['funcname'];
769 $param=$value['param'];
770 if(is_array($param))
771 array_unshift($param,$data[0]);
772 else
773 $param[]=$data[0];
774 $res= UserService::$function($param);
775 $return_array[$batchkey]=$res;
776 }
777 return $return_array;
778 }
779
780
781
782
783 public function getversion($data){
784 return '1.3';
785 }
786
787
788 public function loginchecking($data){
789 if($this->valid($data[0])=='existingpatient' || $this->valid($data[0])=='newpatient'){
790 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
791 return $this->resourcetoxml($res);
792 }
793
794 return false;
795 }
796
797 //Execute a query and return its results.
798
799 public function selectquery($data){
800 //global $pid;
801 $sql_result_set='';
802 $utype = $this->valid($data[0]);
803 if($utype){
804 $newobj = factoryclass::dynamic_class_factory($utype);
805 $sql_result_setarr = $newobj->query_formation($data[1]);
806 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
807 return $this->resourcetoxml($sql_result_set);
808 }
809 }
810
811 //Return an SQL resultset as an XML
812
813
814 public function resourcetoxml($sql_result_set){
815 $doc = new DOMDocument();
816 $doc->formatOutput = true;
817
818 $root = $doc->createElement( "root" );
819 $doc->appendChild( $root );
820 while($row = sqlFetchArray($sql_result_set))
821 {
822 $level = $doc->createElement( "level" );
823 $root->appendChild( $level );
824 foreach($row as $key=>$value){
825 $element = $doc->createElement( "$key" );
826 $element->appendChild(
827 $doc->createTextNode( $value )
828 );
829 $level->appendChild( $element );
830 }
831 }
832 return $doc->saveXML();
833 }
834
835 //Writing facility payment configuration to table
836 public function save_payment_configuration($var){
837 $data_credentials=$var[0];
838 if(UserService::valid($data_credentials))
839 {
840 if($var['service'] == 'paypal'){
841 if($var['paypal'] != ''){
842 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
843 sqlStatement($update_sql,array($var['login_id']));
844 }else{
845 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
846 sqlStatement($save_sql,array($var['service'],$var['login_id']));
847 }
848 }elseif($var['service'] == 'authorize_net'){
849 if($var['authorize_net'] != ''){
850 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
851 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
852 }else{
853 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
854 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
855 }
856 }
857 }
858 else
859 {
860 throw new SoapFault("Server", "credentials failed");
861 }
862 }
863
864 //Writing patient's authorizenet profile id to table
865 public function insert_authorizenet_details($var){
866 global $pid;
867 $data_credentials=$var[0];
868 if(UserService::valid($data_credentials))
869 {
870 $authorizenetid=$var['authorizenetid'];
871 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
872 sqlInsert($query,array($authorizenetid,$pid));
873 }
874 else
875 {
876 throw new SoapFault("Server", "credentials failed");
877 }
878 }
879
880 public function valid($credentials){
881 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
882 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
883 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
884 global $pid;
885 $ok=0;
886 $okE=0;
887 $okN=0;
888 $okO=0;
889 $okP=0;
890 $tim = strtotime(gmdate("Y-m-d H:m"));
891 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
892 if(sqlNumRows($res)){
893 if($GLOBALS['validated_offsite_portal'] !=true){
894 return false;
895 }
896 }
897 else{
898 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
899 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
900 }
901 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
902 $ok =1;
903 }
904 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
905 $ok =1;
906 }
907 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+3600)).$credentials[3])==$credentials[2]){
908 $ok =1;
909 }
910 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||$GLOBALS['validated_offsite_portal']==true){
911 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
912 if($credentials[4] == 'existingpatient'){
913 if(UserService::validcredential($credentials)){
914 $okE = 1;
915 }
916 else{
917 return false;
918 }
919 }
920 elseif($credentials[4] == 'oemruser'){
921 if($credentials[9])
922 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
923 $okO = 1;
924 }
925 elseif($credentials[4] == 'newpatient'){
926 if(UserService::validcredential($credentials)){
927 $okN = 2;
928 }
929 else{
930 $okN = 1;
931 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
932 }
933 }
934 if($okE==1 || $okN == 2 || $okN == 1 || $okO == 1){
935 $pid = $prow['pid'];
936 $GLOBALS['pid'] = $prow['pid'];
937 }
938 $_GET['site'] = $credentials[0];
939 if($okE==1){
940 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
941 if(strtolower($portal['allow_patient_portal'])!='yes')
942 return false;
943 }
944 $GLOBALS['validated_offsite_portal'] = true;
945 if($okO){
946 return 'oemruser';
947 }
948 elseif($okE){
949 return 'existingpatient';
950 }
951 elseif($okN){
952 return 'newpatient';
953 }
954 return false;
955 }
956 else{
957 return false;
958 }
959 }
960
961
962
963
964 public function validcredential($credentials){
965 $tim = strtotime(gmdate("Y-m-d H:m"));
966 if($credentials[6]){
967 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
968 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
969 return true;
970 }
971 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
972 return true;
973 }
974 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+3600)).$credentials[8])==$credentials[7]){
975 return true;
976 }
977 }
978 return false;
979 }
980
981
982 //for checking the connection
983
984
985
986 public function check_connection($data){
987 if($this->valid($data[0])){
988 return 'ok';
989 }
990 else{
991 return 'notok';
992 }
993 }
994 }
995 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
996 $server->setClass('UserService');
997 $server->setPersistence(SOAP_PERSISTENCE_SESSION);
998 $server->handle();
999 ?>
Mirror of official OpenEMR Sourceforge repository