search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix sql-injection vulnerability in CDR engine
[openemr.git] / patients / summary_pat_portal.php
blob98f8cc0c98f83f6797c25d0d85239b678d07fe4c
1 <?php
2
3 // Copyright (C) 2011 by following authors:
4 // - Cassian LUP <cassi.lup@gmail.com>
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10
11 //SANITIZE ALL ESCAPES
12 // (note this is already completed by the script that includes this
13 // get_patient_info.php )
14
15 //STOP FAKE REGISTER GLOBALS
16 // (note this is already completed by the script that includes this
17 // get_patient_info.php )
18
19 //continue session
20 session_start();
21
22 //landing page definition -- where to go if something goes wrong
23 $landingpage = "index.php?site=".$_SESSION['site_id'];
24 //
25
26 // kick out if patient not authenticated
27 if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
28 $pid = $_SESSION['pid'];
29 }
30 else {
31 session_destroy();
32 header('Location: '.$landingpage.'&w');
33 exit;
34 }
35 //
36
37 $ignoreAuth = true;
38 global $ignoreAuth;
39
40 require_once("../interface/globals.php");
41 require_once("$srcdir/patient.inc");
42 require_once("$srcdir/acl.inc");
43 require_once("$srcdir/classes/Address.class.php");
44 require_once("$srcdir/classes/InsuranceCompany.class.php");
45 require_once("$srcdir/classes/Document.class.php");
46 require_once("$srcdir/options.inc.php");
47 require_once("../interface/patient_file/history/history.inc.php");
48 require_once("$srcdir/formatting.inc.php");
49 require_once("$srcdir/edi.inc");
50 include_once("$srcdir/lists.inc");
51
52 ?>
53 <html>
54
55 <head>
56 <?php html_header_show(); ?>
57 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
58 <link rel="stylesheet" type="text/css" href="<?php echo $web_root; ?>/library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" />
59 <link rel="stylesheet" type="text/css" href="<?php echo $web_root; ?>/library/dynarch_calendar.css">
60 <script type="text/javascript" src="<?php echo $web_root; ?>/library/textformat.js"></script>
61 <script type="text/javascript" src="<?php echo $web_root; ?>/library/dynarch_calendar.js"></script>
62 <?php include_once("{$GLOBALS['srcdir']}/dynarch_calendar_en.inc.php"); ?>
63 <script type="text/javascript" src="<?php echo $web_root; ?>/library/dynarch_calendar_setup.js"></script>
64 <script type="text/javascript" src="<?php echo $web_root; ?>/library/dialog.js"></script>
65 <script type="text/javascript" src="<?php echo $web_root; ?>/library/js/jquery.1.3.2.js"></script>
66 <script type="text/javascript" src="<?php echo $web_root; ?>/library/js/common.js"></script>
67 <script type="text/javascript" src="<?php echo $web_root; ?>/library/js/fancybox/jquery.fancybox-1.2.6.js"></script>
68 <link rel="stylesheet" href="css/base.css" type="text/css"/>
69 <link rel="stylesheet" href="css/tables.css" type="text/css"/>
70 <script type="text/javascript" language="JavaScript">
71
72 function refreshme() {
73 location.reload();
74 }
75
76 function toggleIndicator(target,div) {
77
78 $mode = $(target).find(".indicator").text();
79 if ( $mode == "<?php echo htmlspecialchars(xl('collapse'),ENT_QUOTES); ?>" ) {
80 $(target).find(".indicator").text( "<?php echo htmlspecialchars(xl('expand'),ENT_QUOTES); ?>" );
81 $("#"+div).hide();
82 } else {
83 $(target).find(".indicator").text( "<?php echo htmlspecialchars(xl('collapse'),ENT_QUOTES); ?>" );
84 $("#"+div).show();
85 }
86 }
87
88 function refreshAppointments() {
89 $("#appointments_ps_expand").load("get_appointments.php", { 'embeddedScreen' : true }, function() {
90 $(".edit_event").fancybox({
91 'overlayOpacity' : 0.0,
92 'showCloseButton' : true,
93 'centerOnScroll' : false,
94 'autoscale' : true,
95 'hihdeOnContentClick' : false,
96 'callbackOnClose' : function() {
97 refreshAppointments();
98 }
99 });
100 });
101 }
102
103 function show_date_fun(){
104 if(document.getElementById('show_date').checked == true){
105 document.getElementById('date_div').style.display = '';
106 }else{
107 document.getElementById('date_div').style.display = 'none';
108 }
109 return;
110 }
111
112 $(document).ready(function(){
113
114 // load divs
115 $("#labtestresults_ps_expand").load("get_lab_results.php", { 'embeddedScreen' : true }, function() {
116 // (note need to place javascript code here also to get the dynamic link to work)
117 $(".medium_modal").fancybox( {
118 'overlayOpacity' : 0.0,
119 'showCloseButton' : true,
120 'frameHeight' : 500,
121 'frameWidth' : 800,
122 'centerOnScroll' : false,
123 'callbackOnClose' : function() {
124 refreshme();
125 }
126 });
127 });
128 $("#problemlist_ps_expand").load("get_problems.php", { 'embeddedScreen' : true }, function() {
129 // (note need to place javascript code here also to get the dynamic link to work)
130 $(".medium_modal").fancybox( {
131 'overlayOpacity' : 0.0,
132 'showCloseButton' : true,
133 'frameHeight' : 500,
134 'frameWidth' : 800,
135 'centerOnScroll' : false,
136 'callbackOnClose' : function() {
137 refreshme();
138 }
139 });
140 });
141 $("#medicationlist_ps_expand").load("get_medications.php", { 'embeddedScreen' : true }, function() {
142 // (note need to place javascript code here also to get the dynamic link to work)
143 $(".medium_modal").fancybox( {
144 'overlayOpacity' : 0.0,
145 'showCloseButton' : true,
146 'frameHeight' : 500,
147 'frameWidth' : 800,
148 'centerOnScroll' : false,
149 'callbackOnClose' : function() {
150 refreshme();
151 }
152 });
153 });
154 $("#medicationallergylist_ps_expand").load("get_allergies.php", { 'embeddedScreen' : true }, function() {
155 // (note need to place javascript code here also to get the dynamic link to work)
156 $(".medium_modal").fancybox( {
157 'overlayOpacity' : 0.0,
158 'showCloseButton' : true,
159 'frameHeight' : 500,
160 'frameWidth' : 800,
161 'centerOnScroll' : false,
162 'callbackOnClose' : function() {
163 refreshme();
164 }
165 });
166 });
167
168 refreshAppointments();
169
170 // fancy box
171 enable_modals();
172
173 // modal for dialog boxes
174 $(".large_modal").fancybox( {
175 'overlayOpacity' : 0.0,
176 'showCloseButton' : true,
177 'frameHeight' : 600,
178 'frameWidth' : 1000,
179 'centerOnScroll' : false
180 });
181
182 // modal for image viewer
183 $(".image_modal").fancybox( {
184 'overlayOpacity' : 0.0,
185 'showCloseButton' : true,
186 'centerOnScroll' : false,
187 'autoscale' : true
188 });
189
190 $(".add_event").fancybox( {
191 'overlayOpacity' : 0.0,
192 'showCloseButton' : true,
193 'centerOnScroll' : false,
194 'autoscale' : true,
195 'hideOnContentClick' : false,
196 'onClose' : function() {
197 refreshme();
198 }
199 });
200
201 $(".generateCCR").click(
202 function() {
203 if(document.getElementById('show_date').checked == true){
204 if(document.getElementById('Start').value == '' || document.getElementById('End').value == ''){
205 alert('<?php echo addslashes( xl('Please select a start date and end date')) ?>');
206 return false;
207 }
208 }
209 var ccrAction = document.getElementsByName('ccrAction');
210 ccrAction[0].value = 'generate';
211 var raw = document.getElementsByName('raw');
212 raw[0].value = 'no';
213 ccr_form.setAttribute("target", "_blank");
214 $("#ccr_form").submit();
215 ccr_form.setAttribute("target", "");
216 });
217 $(".generateCCR_raw").click(
218 function() {
219 var ccrAction = document.getElementsByName('ccrAction');
220 ccrAction[0].value = 'generate';
221 var raw = document.getElementsByName('raw');
222 raw[0].value = 'yes';
223 ccr_form.setAttribute("target", "_blank");
224 $("#ccr_form").submit();
225 ccr_form.setAttribute("target", "");
226 });
227 $(".generateCCR_download_h").click(
228 function() {
229 var ccrAction = document.getElementsByName('ccrAction');
230 ccrAction[0].value = 'generate';
231 var raw = document.getElementsByName('raw');
232 raw[0].value = 'hybrid';
233 $("#ccr_form").submit();
234 });
235 $(".generateCCR_download_p").click(
236 function() {
237 if(document.getElementById('show_date').checked == true){
238 if(document.getElementById('Start').value == '' || document.getElementById('End').value == ''){
239 alert('<?php echo addslashes( xl('Please select a start date and end date')) ?>');
240 return false;
241 }
242 }
243 var ccrAction = document.getElementsByName('ccrAction');
244 ccrAction[0].value = 'generate';
245 var raw = document.getElementsByName('raw');
246 raw[0].value = 'pure';
247 $("#ccr_form").submit();
248 });
249 $(".viewCCD").click(
250 function() {
251 var ccrAction = document.getElementsByName('ccrAction');
252 ccrAction[0].value = 'viewccd';
253 var raw = document.getElementsByName('raw');
254 raw[0].value = 'no';
255 ccr_form.setAttribute("target", "_blank");
256 $("#ccr_form").submit();
257 ccr_form.setAttribute("target", "");
258 });
259 $(".viewCCD_raw").click(
260 function() {
261 var ccrAction = document.getElementsByName('ccrAction');
262 ccrAction[0].value = 'viewccd';
263 var raw = document.getElementsByName('raw');
264 raw[0].value = 'yes';
265 ccr_form.setAttribute("target", "_blank");
266 $("#ccr_form").submit();
267 ccr_form.setAttribute("target", "");
268 });
269 $(".viewCCD_download").click(
270 function() {
271 var ccrAction = document.getElementsByName('ccrAction');
272 ccrAction[0].value = 'viewccd';
273 var raw = document.getElementsByName('raw');
274 raw[0].value = 'pure';
275 $("#ccr_form").submit();
276 });
277 <?php if ($GLOBALS['phimail_enable']==true && $GLOBALS['phimail_ccr_enable']==true) { ?>
278 $(".viewCCR_send_dialog").click(
279 function() {
280 $("#ccr_send_dialog").toggle();
281 });
282 $(".viewCCR_transmit").click(
283 function() {
284 $(".viewCCR_transmit").attr('disabled','disabled');
285 var ccrAction = document.getElementsByName('ccrAction');
286 ccrAction[0].value = 'generate';
287 var ccrRecipient = $("#ccr_send_to").val();
288 var raw = document.getElementsByName('raw');
289 raw[0].value = 'send '+ccrRecipient;
290 if(ccrRecipient=="") {
291 $("#ccr_send_message").html("<?php
292 echo htmlspecialchars(xl('Please enter a valid Direct Address above.'), ENT_QUOTES);?>");
293 $("#ccr_send_result").show();
294 } else {
295 $(".viewCCR_transmit").attr('disabled','disabled');
296 $("#ccr_send_message").html("<?php
297 echo htmlspecialchars(xl('Working... this may take a minute.'), ENT_QUOTES);?>");
298 $("#ccr_send_result").show();
299 var action=$("#ccr_form").attr('action');
300 $.post(action, {ccrAction:'generate',raw:'send '+ccrRecipient,requested_by:'patient'},
301 function(data) {
302 if(data=="SUCCESS") {
303 $("#ccr_send_message").html("<?php
304 echo htmlspecialchars(xl('Your message was submitted for delivery to'), ENT_QUOTES);
305 ?> "+ccrRecipient);
306 $("#ccr_send_to").val("");
307 } else {
308 $("#ccr_send_message").html(data);
309 }
310 $(".viewCCR_transmit").removeAttr('disabled');
311 });
312 }
313 });
314 <?php }
315 if ($GLOBALS['phimail_enable']==true && $GLOBALS['phimail_ccd_enable']==true) { ?>
316 $(".viewCCD_send_dialog").click(
317 function() {
318 $("#ccd_send_dialog").toggle();
319 });
320 $(".viewCCD_transmit").click(
321 function() {
322 $(".viewCCD_transmit").attr('disabled','disabled');
323 var ccrAction = document.getElementsByName('ccrAction');
324 ccrAction[0].value = 'viewccd';
325 var ccdRecipient = $("#ccd_send_to").val();
326 var raw = document.getElementsByName('raw');
327 raw[0].value = 'send '+ccdRecipient;
328 if(ccdRecipient=="") {
329 $("#ccd_send_message").html("<?php
330 echo htmlspecialchars(xl('Please enter a valid Direct Address above.'), ENT_QUOTES);?>");
331 $("#ccd_send_result").show();
332 } else {
333 $(".viewCCD_transmit").attr('disabled','disabled');
334 $("#ccd_send_message").html("<?php
335 echo htmlspecialchars(xl('Working... this may take a minute.'), ENT_QUOTES);?>");
336 $("#ccd_send_result").show();
337 var action=$("#ccr_form").attr('action');
338 $.post(action, {ccrAction:'viewccd',raw:'send '+ccdRecipient,requested_by:'patient'},
339 function(data) {
340 if(data=="SUCCESS") {
341 $("#ccd_send_message").html("<?php
342 echo htmlspecialchars(xl('Your message was submitted for delivery to'), ENT_QUOTES);
343 ?> "+ccdRecipient);
344 $("#ccd_send_to").val("");
345 } else {
346 $("#ccd_send_message").html(data);
347 }
348 $(".viewCCD_transmit").removeAttr('disabled');
349 });
350 }
351 });
352 <?php } ?>
353
354 });
355
356 </script>
357
358 </head>
359
360 <body class="body_top">
361
362 <div id="wrapper" class="lefttop" style="width: 700px;">
363 <h2 class="heading"><?php echo htmlspecialchars( xl('Patient Portal'), ENT_NOQUOTES); ?></h2>
364
365 <?php
366 $result = getPatientData($pid);
367 ?>
368 <?php echo htmlspecialchars( xl('Welcome'), ENT_NOQUOTES); ?> <b><?php echo htmlspecialchars($result['fname']." ".$result['lname'],ENT_NOQUOTES); ?></b>
369
370 <div style='margin-top:10px'> <!-- start main content div -->
371 <table border="0" cellspacing="0" cellpadding="0" width="100%">
372 <tr>
373 <td align="left" valign="top">
374 <!-- start left column div -->
375 <div style='float:left; margin-right:20px'>
376 <table cellspacing=0 cellpadding=0>
377 <?php if ( $GLOBALS['activate_ccr_ccd_report'] ) { // show CCR/CCD reporting options ?>
378 <tr>
379 <td width='650px'>
380 <?php
381 // Reports widget
382 $widgetTitle = xl("Reports");
383 $widgetLabel = "reports";
384 $widgetButtonLabel = xl("");
385 $widgetButtonClass = "hidden";
386 $linkMethod = "html";
387 $bodyClass = "notab";
388 $widgetAuth = false;
389 $fixedWidth = true;
390 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel,
391 $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass,
392 $widgetAuth, $fixedWidth);
393 ?>
394 <br/>
395 <div style='margin-left:3em; margin-right:3em; padding:1em; border:1px solid blue;' class='text'>
396 <div id="ccr_report">
397 <form name='ccr_form' id='ccr_form' method='post' action='../ccr/createCCR.php?portal_auth=1'>
398 <span class='text'><b><?php echo htmlspecialchars( xl('Continuity of Care Record (CCR)'), ENT_NOQUOTES); ?></b></span>&nbsp;&nbsp;
399 <br/>
400 <span class='text'>(<?php echo htmlspecialchars( xl('Pop ups need to be enabled to see these reports'), ENT_NOQUOTES); ?>)</span>
401 <br/>
402 <br/>
403 <input type='hidden' name='ccrAction'>
404 <input type='hidden' name='raw'>
405 <input type="checkbox" name="show_date" id="show_date" onchange="show_date_fun();" ><span class='text'><?php echo htmlspecialchars( xl('Use Date Range'), ENT_NOQUOTES); ?>
406 <br>
407 <div id="date_div" style="display:none" >
408 <br>
409 <table border="0" cellpadding="0" cellspacing="0" >
410 <tr>
411 <td>
412 <span class='bold'><?php echo htmlspecialchars( xl('Start Date'), ENT_NOQUOTES);?>: </span>
413 </td>
414 <td>
415 <input type='text' size='10' name='Start' id='Start'
416 onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)'
417 title='<?php echo htmlspecialchars( xl('yyyy-mm-dd'), ENT_QUOTES); ?>' />
418 <img src='../interface/pic/show_calendar.gif' align='absbottom' width='24' height='22'
419 id='img_start' border='0' alt='[?]' style='cursor:pointer'
420 title='<?php echo htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES); ?>' >
421 <script LANGUAGE="JavaScript">
422 Calendar.setup({inputField:"Start", ifFormat:"%Y-%m-%d", button:"img_start"});
423 </script>
424 </td>
425 <td>
426 &nbsp;
427 <span class='bold'><?php echo htmlspecialchars( xl('End Date'), ENT_NOQUOTES);?>: </span>
428 </td>
429 <td>
430 <input type='text' size='10' name='End' id='End'
431 onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)'
432 title='<?php echo htmlspecialchars( xl('yyyy-mm-dd'), ENT_QUOTES); ?>' />
433 <img src='../interface/pic/show_calendar.gif' align='absbottom' width='24' height='22'
434 id='img_end' border='0' alt='[?]' style='cursor:pointer'
435 title='<?php echo htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES); ?>' >
436 <script LANGUAGE="JavaScript">
437 Calendar.setup({inputField:"End", ifFormat:"%Y-%m-%d", button:"img_end"});
438 </script>
439 </td>
440 </tr>
441 </table>
442 </div>
443 <br>
444 <input type="button" class="generateCCR" value="<?php echo htmlspecialchars( xl('View/Print'), ENT_QUOTES); ?>" />
445 <!-- <input type="button" class="generateCCR_download_h" value="<?php echo htmlspecialchars( xl('Download'), ENT_QUOTES); ?>" /> -->
446 <input type="button" class="generateCCR_download_p" value="<?php echo htmlspecialchars( xl('Download'), ENT_QUOTES); ?>" />
447 <!-- <input type="button" class="generateCCR_raw" value="<?php echo htmlspecialchars( xl('Raw Report'), ENT_QUOTES); ?>" /> -->
448 <?php if ($GLOBALS['phimail_enable']==true && $GLOBALS['phimail_ccr_enable']==true) { ?>
449 <input type="button" class="viewCCR_send_dialog" value="<?php echo htmlspecialchars( xl('Transmit', ENT_QUOTES)); ?>" />
450 <br>
451 <div id="ccr_send_dialog" style="display:none" >
452 <br>
453 <table border="0" cellpadding="0" cellspacing="0" >
454 <tr>
455 <td>
456 <span class='bold'><?php echo htmlspecialchars( xl('Enter Recipient\'s Direct Address'), ENT_NOQUOTES);?>: </span>
457 <input type="text" size="64" name="ccr_send_to" id="ccr_send_to" value="">
458 <input type="button" class="viewCCR_transmit" value="<?php echo htmlspecialchars( xl('Send', ENT_QUOTES)); ?>" />
459 <div id="ccr_send_result" style="display:none" >
460 <span class="text" id="ccr_send_message"></span>
461 </div>
462 </td>
463 </tr>
464 </table>
465 </div>
466 <?php } ?>
467 <hr/>
468 <span class='text'><b><?php echo htmlspecialchars( xl('Continuity of Care Document (CCD)'), ENT_NOQUOTES); ?></b></span>&nbsp;&nbsp;
469 <br/>
470 <span class='text'>(<?php echo htmlspecialchars( xl('Pop ups need to be enabled to see these reports'), ENT_NOQUOTES); ?>)</span>
471 <br/>
472 <br/>
473 <input type="button" class="viewCCD" value="<?php echo htmlspecialchars( xl('View/Print', ENT_QUOTES)); ?>" />
474 <input type="button" class="viewCCD_download" value="<?php echo htmlspecialchars( xl('Download', ENT_QUOTES)); ?>" />
475 <!-- <input type="button" class="viewCCD_raw" value="<?php echo htmlspecialchars( xl('Raw Report', ENT_QUOTES)); ?>" /> -->
476 <?php if ($GLOBALS['phimail_enable']==true && $GLOBALS['phimail_ccd_enable']==true) { ?>
477 <input type="button" class="viewCCD_send_dialog" value="<?php echo htmlspecialchars( xl('Transmit', ENT_QUOTES)); ?>" />
478 <br>
479 <div id="ccd_send_dialog" style="display:none" >
480 <br>
481 <table border="0" cellpadding="0" cellspacing="0" >
482 <tr>
483 <td>
484 <span class='bold'><?php echo htmlspecialchars( xl('Enter Recipient\'s Direct Address'), ENT_NOQUOTES);?>: </span>
485 <input type="text" size="64" name="ccd_send_to" id="ccd_send_to" value="">
486 <input type="button" class="viewCCD_transmit" value="<?php echo htmlspecialchars( xl('Send', ENT_QUOTES)); ?>" />
487 <div id="ccd_send_result" style="display:none" >
488 <span class="text" id="ccd_send_message"></span>
489 </div>
490 </td>
491 </tr>
492 </table>
493 </div>
494 <?php } ?>
495 </form>
496 </div>
497 </div>
498 <br/>
499 </div>
500 </td>
501 </tr>
502 <?php } // end CCR/CCD reporting options ?>
503
504 <?php echo "<tr><td width='650px'>";
505 // Lab tests results expand collapse widget
506 $widgetTitle = xl("Lab Test Results");
507 $widgetLabel = "labtestresults";
508 $widgetButtonLabel = xl("");
509 $widgetButtonClass = "hidden";
510 $linkMethod = "html";
511 $bodyClass = "notab";
512 $widgetAuth = false;
513 $fixedWidth = true;
514 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel,
515 $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass,
516 $widgetAuth, $fixedWidth);
517 ?>
518
519 <br/>
520 <div style='margin-left:10px' class='text'><img src='images/ajax-loader.gif'/></div><br/>
521 </div>
522 </td>
523 </tr>
524 <?php echo "<tr><td width='650px'>";
525 // problem list collapse widget
526 $widgetTitle = xl("Problem List");
527 $widgetLabel = "problemlist";
528 $widgetButtonLabel = xl("");
529 $widgetButtonClass = "hidden";
530 $linkMethod = "html";
531 $bodyClass = "notab";
532 $widgetAuth = false;
533 $fixedWidth = true;
534 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel , $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass, $widgetAuth, $fixedWidth); ?>
535
536 </div>
537 </td>
538 </tr>
539
540 <tr>
541 <td width='650px'>
542 <?php
543 // medication list expand collapse widget
544 $widgetTitle = xl("Medication List");
545 $widgetLabel = "medicationlist";
546 $widgetButtonLabel = xl("");
547 $widgetButtonClass = "hidden";
548 $linkMethod = "html";
549 $bodyClass = "notab";
550 $widgetAuth = false;
551 $fixedWidth = true;
552 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel,
553 $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass,
554 $widgetAuth, $fixedWidth);
555 ?>
556 <br/>
557 <div style='margin-left:10px' class='text'><img src='images/ajax-loader.gif'/></div><br/>
558 </div>
559 </td>
560 </tr>
561
562 <tr>
563 <td width='650px'>
564 <?php // medication allergy expand collapse widget
565 $widgetTitle = xl("Medication Allergy List");
566 $widgetLabel = "medicationallergylist";
567 $widgetButtonLabel = xl("");
568 $widgetButtonClass = "";
569 $linkMethod = "html";
570 $bodyClass = "notab";
571 $widgetAuth = false;
572 $fixedWidth = true;
573 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel,
574 $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass,
575 $widgetAuth, $fixedWidth);
576 ?>
577 <br/>
578 <div style='margin-left:10px' class='text'><img src='images/ajax-loader.gif'/></div><br/>
579 </div>
580 </td>
581 </tr>
582 <tr>
583 <td>
584
585 <?php
586 // Show current and upcoming appointments.
587 $query = "SELECT e.pc_eid, e.pc_aid, e.pc_title, e.pc_eventDate, " .
588 "e.pc_startTime, e.pc_hometext, u.fname, u.lname, u.mname, " .
589 "c.pc_catname " .
590 "FROM openemr_postcalendar_events AS e, users AS u, " .
591 "openemr_postcalendar_categories AS c WHERE " .
592 "e.pc_pid = ? AND e.pc_eventDate >= CURRENT_DATE AND " .
593 "u.id = e.pc_aid AND e.pc_catid = c.pc_catid " .
594 "ORDER BY e.pc_eventDate, e.pc_startTime";
595 //echo $query;
596 $res = sqlStatement($query, array($pid) );
597
598 // appointments expand collapse widget
599 $widgetTitle = xl("Appointments");
600 $widgetLabel = "appointments";
601 $widgetButtonLabel = xl("Add");
602 $widgetButtonLink = "add_edit_event_user.php?pid=".htmlspecialchars($pid, ENT_QUOTES);
603 $widgetButtonClass = "edit_event iframe";
604 $linkMethod = "";
605 $bodyClass = "summary_item small";
606 if ($GLOBALS['portal_onsite_appt_modify']) {
607 $widgetAuth = true;
608 }
609 else {
610 $widgetAuth = false;
611 }
612 $fixedWidth = false;
613
614 expand_collapse_widget($widgetTitle, $widgetLabel, $widgetButtonLabel , $widgetButtonLink, $widgetButtonClass, $linkMethod, $bodyClass, $widgetAuth, $fixedWidth);
615
616 $count = 0;
617
618 ?>
619 <div id='stats_div' style="display:none">
620 <div style='margin-left:10px' class='text'><img src='images/ajax-loader.gif'/></div>
621 </div>
622
623 </td>
624 </tr>
625 </table>
626
627 </div>
628
629 </td>
630
631 </tr>
632 </table>
633
634 </div> <!-- end main content div -->
635
636 <input type="button" style="text-align: right;" value="<?php echo xl('Log Out'); ?>" onclick="window.location = 'logout.php'"/>
637
638 <input type="button" style="text-align: right;" value="<?php echo xl('Change Password'); ?>" onclick="window.location = '<?php echo $landingpage."&password_update=1";?>'"/>
639
640
641 </wrapper>
642
643 </body>
644 </html>
Mirror of official OpenEMR Sourceforge repository