portal/messaging/handle_note.php

   1 <?php
   2 /**
   3  *
   4  * Copyright (C) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
   5  *
   6  * LICENSE: This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  * @package OpenEMR
  20  * @author Jerry Padgett <sjpadgett@gmail.com>
  21  * @link http://www.open-emr.org
  22  */
  23 session_start();
  24 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
  25     $ignoreAuth = true;
  26     require_once (dirname(__FILE__) . "/../../interface/globals.php");
  27 } else {
  28     session_destroy();
  29     $ignoreAuth = false;
  30     require_once (dirname(__FILE__) . "/../../interface/globals.php");
  31     if (! isset($_SESSION['authUserID'])) {
  32         $landingpage = "index.php";
  33         header('Location: ' . $landingpage);
  34         exit();
  35     }
  36 }
  37
  38 require_once (dirname(__FILE__) . "/../lib/portal_mail.inc");
  39 require_once ("$srcdir/pnotes.inc");
  40
  41 $task = $_POST['task'];
  42 if (! $task)
  43     return 'no task';
  44
  45 $noteid = $_POST['noteid'] ? $_POST['noteid'] : 0;
  46 $notejson = $_POST['notejson'] ? json_decode($_POST['notejson'], true) : 0;
  47 $reply_noteid = $_POST['replyid'] ? $_POST['replyid'] : 0;
  48 $owner = isset($_POST['owner']) ? $_POST['owner'] : $_SESSION['pid'];
  49 $note = $_POST['inputBody'];
  50 $title = $_POST['title'];
  51 $sid = $_POST['sender_id'];
  52 $sn = $_POST['sender_name'];
  53 $rid = $_POST['recipient_id'];
  54 $rn = $_POST['recipient_name'];
  55 $header = '';
  56
  57 switch ($task) {
  58     case "forward":
  59         $pid = isset($_POST['pid']) ? $_POST['pid'] : 0;
  60         addPnote($pid, $note, 1, 1, $title, $sid, '', 'New');
  61         updatePortalMailMessageStatus($noteid, 'Sent');
  62         echo 'ok';
  63          break;
  64     case "add":
  65         // each user has their own copy of message
  66         sendMail($owner, $note, $title, $header, $noteid, $sid, $sn, $rid, $rn, 'New');
  67         sendMail($rid, $note, $title, $header, $noteid, $sid, $sn, $rid, $rn, 'New', $reply_noteid);
  68         echo 'ok';
  69         break;
  70     case "reply":
  71         sendMail($owner, $note, $title, $header, $noteid, $sid, $sn, $rid, $rn, 'Reply', '');
  72         sendMail($rid, $note, $title, $header, $noteid, $sid, $sn, $rid, $rn, 'New', $reply_noteid);
  73         echo 'ok';
  74         break;
  75     case "delete":
  76         updatePortalMailMessageStatus($noteid, 'Delete');
  77         echo 'ok';
  78         break;
  79     case "massdelete":
  80         foreach ($notejson as $deleteid) {
  81             updatePortalMailMessageStatus($deleteid, 'Delete');
  82             echo 'ok';
  83         }
  84         break;
  85     case "setread":
  86         if ($noteid > 0) {
  87             updatePortalMailMessageStatus($noteid, 'Read');
  88             echo 'ok';
  89         } else {
  90             echo 'missing note id';
  91         }
  92         break;
  93     case "getinbox":
  94         if ($owner) {
  95             $result = getMails($owner, 'inbox', '', '');
  96             echo json_encode($result);
  97         } else {
  98             echo 'error';
  99         }
 100         break;
 101     case "getsent":
 102         if ($owner) {
 103             $result = getMails($owner, 'sent', '', '');
 104             echo json_encode($result);
 105         } else {
 106             echo 'error';
 107         }
 108         break;
 109     case "getall":
 110         if ($owner) {
 111             $result = getMails($owner, 'all', '', '');
 112             echo json_encode($result);
 113         } else {
 114             echo 'error';
 115         }
 116         break;
 117     case "getdeleted":
 118         if ($owner) {
 119             $result = getMails($owner, 'deleted', '', '');
 120             echo json_encode($result);
 121         } else {
 122             echo 'error';
 123         }
 124         break;
 125     default:
 126         echo 'failed';
 127         break;
 128 }
 129 if (isset($_REQUEST["submit"]))
 130     header("Location: {$_REQUEST["submit"]}");