2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
8 $sanitize_all_escapes=true;
11 //STOP FAKE REGISTER GLOBALS
12 $fake_register_globals=false;
15 require_once("../../globals.php");
16 require_once("$srcdir/pnotes.inc");
17 require_once("$srcdir/patient.inc");
18 require_once("$srcdir/acl.inc");
19 require_once("$srcdir/log.inc");
20 require_once("$srcdir/options.inc.php");
21 require_once("$srcdir/classes/Document.class.php");
22 require_once("$srcdir/gprelations.inc.php");
23 require_once("$srcdir/formatting.inc.php");
25 if ($GLOBALS['concurrent_layout'] && $_GET['set_pid']) {
26 require_once("$srcdir/pid.inc");
27 setpid($_GET['set_pid']);
30 // Check authorization.
31 $thisauth = acl_check('patients', 'notes');
32 if ($thisauth != 'write' && $thisauth != 'addonly')
33 die(htmlspecialchars( xl('Not authorized'), ENT_NOQUOTES
));
34 $tmp = getPatientData($pid, "squad");
35 if ($tmp['squad'] && ! acl_check('squads', $tmp['squad']))
36 die(htmlspecialchars( xl('Not authorized for this squad.'), ENT_NOQUOTES
));
38 //the number of records to display per screen
41 $mode = $_REQUEST['mode'];
42 $offset = $_REQUEST['offset'];
43 $form_active = $_REQUEST['form_active'];
44 $form_inactive = $_REQUEST['form_inactive'];
45 $noteid = $_REQUEST['noteid'];
46 $form_doc_only = isset($_POST['mode']) ?
(empty($_POST['form_doc_only']) ?
0 : 1) : 1;
48 if (!isset($offset)) $offset = 0;
50 // if (!isset($active)) $active = "all";
54 if (!$form_inactive) $active = '1';
60 $form_active = $form_inactive = '1';
63 // form parameter docid can be passed to restrict the display to a document.
64 $docid = empty($_REQUEST['docid']) ?
0 : 0 +
$_REQUEST['docid'];
66 // this code handles changing the state of activity tags when the user updates
67 // them through the interface
69 if ($mode == "update") {
70 foreach ($_POST as $var => $val) {
71 if (strncmp($var, 'act', 3) == 0) {
72 $id = str_replace("act", "", $var);
73 if ($_POST["chk$id"]) {
79 setGpRelation(1, $docid, 6, $id, !empty($_POST["lnk$id"]));
84 elseif ($mode == "new") {
85 $note = $_POST['note'];
88 updatePnote($noteid, $note, $_POST['form_note_type'], $_POST['assigned_to']);
92 addPnote($pid, $note, $userauthorized, '1', $_POST['form_note_type'],
93 $_POST['assigned_to']);
96 elseif ($mode == "delete") {
99 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "pnotes: id ".$noteid);
106 $assigned_to = $_SESSION['authUser'];
108 $prow = getPnoteById($noteid, 'title,assigned_to,body');
109 $title = $prow['title'];
110 $assigned_to = $prow['assigned_to'];
113 // Get the users list. The "Inactive" test is a kludge, we should create
114 // a separate column for this.
115 $ures = sqlStatement("SELECT username, fname, lname FROM users " .
116 "WHERE username != '' AND active = 1 AND " .
117 "( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
118 "ORDER BY lname, fname");
121 $result = getPnotesByDate("", $active, 'id,date,body,user,activity,title,assigned_to',
127 <?php
html_header_show();?
>
129 <link rel
='stylesheet' href
="<?php echo $css_header;?>" type
="text/css">
131 <!-- supporting javascript code
-->
132 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.js"></script
>
133 <link rel
="stylesheet" type
="text/css" href
="../../../library/js/fancybox/jquery.fancybox-1.2.6.css" media
="screen" />
134 <script type
="text/javascript" src
="../../../library/dialog.js"></script
>
135 <script type
="text/javascript" src
="../../../library/js/jquery.1.3.2.js"></script
>
136 <script type
="text/javascript" src
="../../../library/js/common.js"></script
>
137 <script type
="text/javascript" src
="../../../library/js/fancybox/jquery.fancybox-1.2.6.js"></script
>
138 <script type
="text/javascript">
139 /// todo, move this to a common library
141 $
(document
).ready(function(){
143 $
("#dem_view").click( function() {
144 toggle( $
(this
), "#DEM" );
148 $
("#stats_div").load("stats.php");
149 $
("#notes_div").load("pnotes_fragment.php");
157 <body
class="body_top">
159 <div id
="pnotes"> <!-- large outer DIV
-->
161 <form border
='0' method
='post' name
='new_note' id
="new_note" action
='pnotes_full.php?docid=<?php echo htmlspecialchars( $docid, ENT_QUOTES); ?>'>
165 <span
class="title"><?php
echo htmlspecialchars( xl('Patient Notes'), ENT_NOQUOTES
); ?
></span
>
167 <div style
='float:left;margin-right:10px'>
168 <?php
echo htmlspecialchars( xl('for'), ENT_NOQUOTES
);?
> 
;<span
class="title">
169 <a href
="../summary/demographics.php" onclick
="top.restoreSession()"><?php
echo htmlspecialchars( getPatientName($pid), ENT_NOQUOTES
); ?
></a
></span
>
172 <a href
="pnotes_full_add.php" class="css_button iframe"><span
><?php
echo htmlspecialchars( xl('Add'), ENT_NOQUOTES
); ?
></span
></a
>
173 <a href
="demographics.php" <?php
if (!$GLOBALS['concurrent_layout']) echo "target='Main'"; ?
> class="css_button" onclick
="top.restoreSession()">
174 <span
><?php
echo htmlspecialchars( xl('View Patient'), ENT_NOQUOTES
);?
></span
>
182 $title_docname = " " . htmlspecialchars( xl("linked to document"), ENT_NOQUOTES
) . " ";
183 $d = new Document($docid);
184 $title_docname .= $d->get_url_file();
187 <input type
='hidden' name
='mode' id
="mode" value
="new">
188 <input type
='hidden' name
='offset' id
="offset" value
="<?php echo $offset ?>">
189 <input type
='hidden' name
='form_active' id
="form_active" value
="<?php echo htmlspecialchars( $form_active, ENT_QUOTES); ?>">
190 <input type
='hidden' name
='form_inactive' id
="form_inactive" value
="<?php echo htmlspecialchars( $form_inactive, ENT_QUOTES); ?>">
191 <input type
='hidden' name
='noteid' id
="noteid" value
="<?php echo htmlspecialchars( $noteid, ENT_QUOTES); ?>">
192 <input type
='hidden' name
='form_doc_only' id
="form_doc_only" value
="<?php echo htmlspecialchars( $form_doc_only, ENT_QUOTES); ?>">
197 //display all of the notes for the day, as well as others that are active from previous dates, up to a certain number, $N
200 // Get the billing note if there is one.
204 $sql = "select genericname2, genericval2 " .
205 "from patient_data where pid = ? limit 1";
206 $resnote = sqlQuery($sql, array($pid) );
207 if($resnote && $resnote['genericname2'] == 'Billing') {
208 $billing_note = $resnote['genericval2'];
209 $colorbeg = "<span style='color:red'>";
210 $colorend = "</span>";
213 //Display what the patient owes
214 $balance = get_patient_balance($pid);
217 <?php
if ($billing_note ||
$balance ) { ?
>
219 <div style
='margin-top:3px'>
222 if ($balance != "0") {
223 // $formatted = sprintf((xl('$').'%01.2f'), $balance);
224 $formatted = oeFormatMoney($balance);
225 echo " <tr class='text billing'>\n";
226 echo " <td>".$colorbeg . htmlspecialchars( xl('Balance Due'), ENT_NOQUOTES
) .
227 $colorend." ".$colorbeg. htmlspecialchars( $formatted, ENT_NOQUOTES
) .
233 echo " <tr class='text billing'>\n";
234 echo " <td>".$colorbeg . htmlspecialchars( xl('Billing Note'), ENT_NOQUOTES
) .
235 $colorend." ".$colorbeg . htmlspecialchars( $billing_note, ENT_NOQUOTES
) .
245 <form border
='0' method
='post' name
='update_activity' id
='update_activity'
246 action
="pnotes_full.php?docid=<?php echo htmlspecialchars( $docid, ENT_QUOTES); ?>">
247 <!-- start of previous notes DIV
-->
248 <div
class=pat_notes
>
249 <input type
='hidden' name
='mode' value
="update">
250 <input type
='hidden' name
='offset' id
='noteid' value
="<?php echo $offset;?>">
251 <input type
='hidden' name
='noteid' id
='noteid' value
="0">
252 <table border
='0' cellpadding
="1" class="text">
253 <?php
if ($result != ""): ?
>
255 <td colspan
='5' style
="padding: 5px;" >
256 <a href
="#" class="change_activity" ><span
><?php
echo htmlspecialchars( xl('Update Active'), ENT_NOQUOTES
); ?
></span
></a
>
258 <a href
="pnotes_full.php" class="" id
='Submit'><span
><?php
echo htmlspecialchars( xl('Refresh'), ENT_NOQUOTES
); ?
></span
></a
>
264 <table border
='0' cellpadding
="1" class="text" width
= "80%">
266 // display all of the notes for the day, as well as others that are active
267 // from previous dates, up to a certain number, $N
270 echo " <tr class=showborder_head align='left'>\n";
271 echo " <th style='width:100px';> </th>\n";
272 echo " <th>" . htmlspecialchars( xl('Active'), ENT_NOQUOTES
) . " </th>\n";
273 echo " <th>" . ($docid ?
htmlspecialchars( xl('Linked'), ENT_NOQUOTES
) : '') . "</th>\n";
274 echo " <th>" . htmlspecialchars( xl('Type'), ENT_NOQUOTES
) . "</th>\n";
275 echo " <th>" . htmlspecialchars( xl('Content'), ENT_NOQUOTES
) . "</th>\n";
279 foreach ($result as $iter) {
281 $row_note_id = $iter['id'];
285 if (isGpRelation(1, $docid, 6, $row_note_id)) {
289 // Skip unlinked notes if that is requested.
290 if ($form_doc_only) continue;
294 $body = $iter['body'];
295 if (preg_match('/^\d\d\d\d-\d\d-\d\d \d\d\:\d\d /', $body)) {
296 $body = nl2br(htmlspecialchars( oeFormatPatientNote($body), ENT_NOQUOTES
));
298 $body = htmlspecialchars( oeFormatSDFT(strtotime($iter['date'])).date(' H:i', strtotime($iter['date'])), ENT_NOQUOTES
) .
299 ' (' . htmlspecialchars( $iter['user'], ENT_NOQUOTES
) . ') ' . nl2br(htmlspecialchars( oeFormatPatientNote($body), ENT_NOQUOTES
));
302 if ($iter{"activity"}) {
303 $checked = "checked";
308 // highlight the row if it's been selected for updating
309 if ($_REQUEST['noteid'] == $row_note_id) {
310 echo " <tr height=20 class='noterow highlightcolor' id='".htmlspecialchars( $row_note_id, ENT_QUOTES
)."'>\n";
313 echo " <tr class='noterow' id='".htmlspecialchars( $row_note_id, ENT_QUOTES
)."'>\n";
317 echo " <td><a href='pnotes_full_add.php?trigger=edit¬eid=".htmlspecialchars( $row_note_id, ENT_QUOTES
).
318 "' class='css_button_small iframe'><span>". htmlspecialchars( xl('Edit'), ENT_NOQUOTES
) ."</span></a>\n";
320 // display, or not, a button to delete the note
321 // if the user is an admin or if they are the author of the note, they can delete it
322 $thisauth = acl_check('admin', 'super');
323 if (($iter['user'] == $_SESSION['authUser']) ||
($thisauth == 'write')) {
324 echo " <a href='#' class='deletenote css_button_small' id='del" . htmlspecialchars( $row_note_id, ENT_QUOTES
) .
325 "' title='" . htmlspecialchars( xl('Delete this note'), ENT_QUOTES
) . "'><span>" .
326 htmlspecialchars( xl('Delete'), ENT_NOQUOTES
) . "</span>\n";
331 echo " <td class='text bold'>\n";
332 echo " <input type='hidden' name='act".htmlspecialchars( $row_note_id, ENT_QUOTES
)."' value='1' />\n";
333 echo " <input type='checkbox' name='chk".htmlspecialchars( $row_note_id, ENT_QUOTES
)."' $checked />\n";
336 echo " <td class='text bold'>\n";
338 echo " <input type='checkbox' name='lnk".htmlspecialchars( $row_note_id, ENT_QUOTES
)."' $linked />\n";
342 echo " <td class='bold notecell' id='".htmlspecialchars( $row_note_id, ENT_QUOTES
)."'>" .
343 "<a href='pnotes_full_add.php?trigger=edit¬eid=".htmlspecialchars( $row_note_id, ENT_QUOTES
)."' class='iframe'>\n";
344 // Modified 6/2009 by BM to incorporate the patient notes into the list_options listings
345 echo generate_display_field(array('data_type'=>'1','list_id'=>'note_type'), $iter['title']);
348 echo " <td class='notecell' id='".htmlspecialchars( $row_note_id, ENT_QUOTES
)."'>\n";
357 print "<tr><td colspan='3' class='text'>" . htmlspecialchars( xl('None'), ENT_NOQUOTES
) . ".</td></tr>\n";
366 <table width
='400' border
='0' cellpadding
='0' cellspacing
='0'>
370 if ($offset > ($N-1)) {
371 echo " <a class='link' href='pnotes_full.php" .
372 "?docid=" . htmlspecialchars( $docid, ENT_QUOTES
) .
373 "&form_active=" . htmlspecialchars( $form_active, ENT_QUOTES
) .
374 "&form_inactive=" . htmlspecialchars( $form_inactive, ENT_QUOTES
) .
375 "&form_doc_only=" . htmlspecialchars( $form_doc_only, ENT_QUOTES
) .
376 "&offset=" . ($offset-$N) . "' onclick='top.restoreSession()'>[" .
377 htmlspecialchars( xl('Previous'), ENT_NOQUOTES
) . "]</a>\n";
383 if ($result_count == $N) {
384 echo " <a class='link' href='pnotes_full.php" .
385 "?docid=" . htmlspecialchars( $docid, ENT_QUOTES
) .
386 "&form_active=" . htmlspecialchars( $form_active, ENT_QUOTES
) .
387 "&form_inactive=" . htmlspecialchars( $form_inactive, ENT_QUOTES
) .
388 "&form_doc_only=" . htmlspecialchars( $form_doc_only, ENT_QUOTES
) .
389 "&offset=" . ($offset+
$N) . "' onclick='top.restoreSession()'>[" .
390 htmlspecialchars( xl('Next'), ENT_NOQUOTES
) . "]</a>\n";
397 </div
> <!-- close the previous
-notes DIV
-->
401 <script language
='JavaScript'>
404 if ($GLOBALS['concurrent_layout'] && $_GET['set_pid']) {
405 $ndata = getPatientData($pid, "fname, lname, pubpid");
407 parent
.left_nav
.setPatient(<?php
echo "'" . htmlspecialchars( $ndata['fname']." ".$ndata['lname'], ENT_QUOTES
) . "'," .
408 htmlspecialchars( $pid, ENT_QUOTES
) . ",'" . htmlspecialchars( $ndata['pubpid'], ENT_QUOTES
) . "',window.name"; ?
>);
409 parent
.left_nav
.setRadio(window
.name
, 'pno');
413 // If this note references a new patient document, pop up a display
416 if ($noteid /* && $title == 'New Document' */ ) {
417 $prow = getPnoteById($noteid, 'body');
418 if (preg_match('/New scanned document (\d+): [^\n]+\/([^\n]+)/', $prow['body'], $matches)) {
419 $docid = $matches[1];
420 $docname = $matches[2];
422 window
.open('../../../controller.php?document&retrieve&patient_id=<?php echo htmlspecialchars( $pid, ENT_QUOTES); ?>&document_id=<?php echo htmlspecialchars( $docid, ENT_QUOTES); ?>&<?php echo htmlspecialchars( $docname, ENT_QUOTES);?>&as_file=true',
423 '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
431 </div
> <!-- end outer
'pnotes' -->
435 <script language
="javascript">
437 // jQuery stuff to make the page a little easier to use
439 $
(document
).ready(function(){
440 $
("#appendnote").click(function() { AppendNote(); });
441 $
("#newnote").click(function() { NewNote(); });
442 $
("#printnote").click(function() { PrintNote(); });
444 $
(".change_activity").click(function() { top
.restoreSession(); $
("#update_activity").submit(); });
446 $
(".deletenote").click(function() { DeleteNote(this
); });
448 $
(".noterow").mouseover(function() { $
(this
).toggleClass("highlight"); });
449 $
(".noterow").mouseout(function() { $
(this
).toggleClass("highlight"); });
450 $
(".notecell").click(function() { EditNote(this
); });
454 var EditNote
= function(note
) {
455 top
.restoreSession();
456 $
("#noteid").val(note
.id
);
458 $
("#new_note").submit();
461 var NewNote
= function () {
462 top
.restoreSession();
463 $
("#noteid").val('');
464 $
("#new_note").submit();
467 var AppendNote
= function () {
468 top
.restoreSession();
469 $
("#new_note").submit();
472 var PrintNote
= function () {
473 top
.restoreSession();
474 window
.open('pnotes_print.php?noteid=<?php echo htmlspecialchars( $noteid, ENT_QUOTES); ?>', '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
477 var DeleteNote
= function(note
) {
478 if (confirm("<?php echo htmlspecialchars( xl('Are you sure you want to delete this note?','','','\n '), ENT_QUOTES) .
479 htmlspecialchars( xl('This action CANNOT be undone.'), ENT_QUOTES); ?>")) {
480 top
.restoreSession();
481 // strip the 'del' part of the object's ID
482 $
("#noteid").val(note
.id
.replace(/del
/, ""));
483 $
("#mode").val("delete");
484 $
("#new_note").submit();
