search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added access controls for encounter categories
[openemr.git] / library / parse_patient_xml.php
blobd19700e93ce12f2642f0a9f64fb02a20327eff76
1 <?php
2 /**
3 * library/parse_patient_xml.php Functions related to patient CCR/CCD/CCDA parsing.
4 *
5 * Functions related to patient CCR/CCD/CCDA parsing and insert/update to corresponding tables.
6 *
7 * Copyright (C) 2013 Z&H Consultancy Services Private Limited <sam@zhservices.com>
8 *
9 * LICENSE: This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 3
12 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
19 *
20 * @package OpenEMR
21 * @author Eldho Chacko <eldho@zhservices.com>
22 * @author Ajil P M <ajilpm@zhservices.com>
23 * @link http://www.open-emr.org
24 */
25
26
27
28 function parseXmlStream($content,$field_mapping)
29 {
30 $res = array();
31 $xml = new DOMDocument;
32 $xml->loadXML($content);
33 $xpath = new DOMXpath($xml);
34 $rootNamespace = $xml->lookupNamespaceUri($xml->namespaceURI);
35 $xpath->registerNamespace('x',$rootNamespace);
36 foreach($field_mapping as $skey=>$sval){
37 $path = preg_replace("/\/([a-zA-Z])/","/x:$1",$skey);
38 $elements = $xpath->query($path);
39 if(!is_null($elements)){
40 $ele_cnt = 1;
41 foreach($elements as $element){
42 foreach($sval as $field => $innerpath){
43 $ipath = preg_replace(array("/^([a-zA-Z])/","/\/([a-zA-Z])/"),array("x:$1","/x:$1"),$innerpath);
44 $val = $xpath->query($ipath, $element)->item(0)->textContent;
45 if($val){
46 $field_details = explode(':',$field);
47 $res[$field_details[0]][$ele_cnt][$field_details[1]] = $val;
48 }
49 }
50 $ele_cnt++;
51 }
52 }
53 }
54 return $res;
55 }
56
57 function insert_ccr_into_audit_data($var)
58 {
59 $audit_master_id_to_delete = $var['audit_master_id_to_delete'];
60 $approval_status = $var['approval_status'];
61 $type = $var['type'];
62 $ip_address = $var['ip_address'];
63 $field_name_value_array = $var['field_name_value_array'];
64 $entry_identification_array = $var['entry_identification_array'];
65 if($audit_master_id_to_delete){
66 $qry = "DELETE from audit_details WHERE audit_master_id=?";
67 sqlStatement($qry,array($audit_master_id_to_delete));
68 $qry = "DELETE from audit_master WHERE id=?";
69 sqlStatement($qry,array($audit_master_id_to_delete));
70 }
71 $master_query = "INSERT INTO audit_master SET pid = ?,approval_status = ?,ip_address = ?,type = ?";
72 $audit_master_id = sqlInsert($master_query,array(0,$approval_status,$ip_address,$type));
73 $detail_query = "INSERT INTO `audit_details` (`table_name`, `field_name`, `field_value`, `audit_master_id`, `entry_identification`) VALUES ";
74 $detail_query_array = '';
75 foreach($field_name_value_array as $key=>$val){
76 foreach($field_name_value_array[$key] as $cnt=>$field_details){
77 foreach($field_details as $field_name=>$field_value){
78 $detail_query .= "(? ,? ,? ,? ,?),";
79 $detail_query_array[] = $key;
80 $detail_query_array[] = trim($field_name);
81 $detail_query_array[] = trim($field_value);
82 $detail_query_array[] = $audit_master_id;
83 $detail_query_array[] = trim($entry_identification_array[$key][$cnt]);
84 }
85 }
86 }
87 $detail_query = substr($detail_query, 0, -1);
88 $detail_query = $detail_query.';';
89 sqlInsert($detail_query,$detail_query_array);
90 }
91
92 function insert_patient($audit_master_id)
93 {
94 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
95 $pid = $prow['pid'];
96 $res = sqlStatement("SELECT DISTINCT ad.table_name,entry_identification FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id AND am.approval_status = '1' AND am.id=? AND am.type=11 ORDER BY ad.id",array($audit_master_id));
97 $tablecnt = sqlNumRows($res);
98 while($row = sqlFetchArray($res)){
99 $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=? AND entry_identification=?",array($audit_master_id,$row['table_name'],$row['entry_identification']));
100 $table = $row['table_name'];
101 $newdata = array();
102 while($rowfield = sqlFetchArray($resfield)){
103 if($table == 'patient_data'){
104 if($rowfield['field_name'] == 'DOB'){
105 $newdata['patient_data'][$rowfield['field_name']] = substr($rowfield['field_value'],0,10);
106 }else{
107 $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
108 }
109 }elseif($table == 'lists1'){
110 $newdata['lists1'][$rowfield['field_name']] = $rowfield['field_value'];
111 }elseif($table == 'lists2'){
112 $newdata['lists2'][$rowfield['field_name']] = $rowfield['field_value'];
113 }elseif($table == 'prescriptions'){
114 $newdata['prescriptions'][$rowfield['field_name']] = $rowfield['field_value'];
115 }elseif($table == 'immunizations'){
116 $newdata['immunizations'][$rowfield['field_name']] = $rowfield['field_value'];
117 }elseif($table == 'procedure_result'){
118 $newdata['procedure_result'][$rowfield['field_name']] = $rowfield['field_value'];
119 }elseif($table == 'procedure_type'){
120 $newdata['procedure_type'][$rowfield['field_name']] = $rowfield['field_value'];
121 }elseif($table == 'misc_address_book'){
122 $newdata['misc_address_book'][$rowfield['field_name']] = $rowfield['field_value'];
123 }elseif($table == 'documents'){
124 $newdata['documents'][$rowfield['field_name']] = $rowfield['field_value'];
125 }
126 }
127 if($table == 'patient_data'){
128 updatePatientData($pid,$newdata['patient_data'],true);
129 }elseif($table == 'lists1'){
130 sqlInsert("INSERT INTO lists(".
131 "pid,diagnosis,activity".
132 ") VALUES (".
133 "'".add_escape_custom($pid)."',".
134 "'".add_escape_custom($newdata['lists1']['diagnosis'])."',".
135 "'".add_escape_custom($newdata['lists1']['activity'])."')"
136 );
137 }elseif($table == 'lists2'){
138 sqlInsert("INSERT INTO lists(".
139 "pid,date,type,title,diagnosis,reaction".
140 ") VALUES (".
141 "'".add_escape_custom($pid)."',".
142 "'".add_escape_custom($newdata['lists2']['date'])."',".
143 "'".add_escape_custom($newdata['lists2']['type'])."',".
144 "'".add_escape_custom($newdata['lists2']['title'])."',".
145 "'".add_escape_custom($newdata['lists2']['diagnosis'])."',".
146 "'".add_escape_custom($newdata['lists2']['reaction'])."')"
147 );
148 }elseif($table == 'prescriptions'){
149 sqlInsert("INSERT INTO prescriptions(".
150 "patient_id,date_added,active,drug,size,form,quantity".
151 ") VALUES (".
152 "'".add_escape_custom($pid)."',".
153 "'".add_escape_custom($newdata['prescriptions']['date_added'])."',".
154 "'".add_escape_custom($newdata['prescriptions']['active'])."',".
155 "'".add_escape_custom($newdata['prescriptions']['drug'])."',".
156 "'".add_escape_custom($newdata['prescriptions']['size'])."',".
157 "'".add_escape_custom($newdata['prescriptions']['form'])."',".
158 "'".add_escape_custom($newdata['prescriptions']['quantity'])."')"
159 );
160 }elseif($table == 'immunizations'){
161 sqlInsert("INSERT INTO immunizations(".
162 "patient_id,administered_date,note".
163 ") VALUES (".
164 "'".add_escape_custom($pid)."',".
165 "'".add_escape_custom($newdata['immunizations']['administered_date'])."',".
166 "'".add_escape_custom($newdata['immunizations']['note'])."')"
167 );
168 }elseif($table == 'procedure_result'){
169 /*sqlInsert("INSERT INTO procedure_result(".
170 "date,result,abnormal".
171 ") VALUES (".
172 "'".add_escape_custom($newdata['procedure_result']['date'])."',".
173 "'".add_escape_custom($newdata['procedure_result']['result'])."',".
174 "'".add_escape_custom($newdata['procedure_result']['abnormal'])."')"
175 );*/
176 }elseif($table == 'procedure_type'){
177 /*sqlInsert("INSERT INTO procedure_type(".
178 "name".
179 ") VALUES (".
180 "'".add_escape_custom($newdata['procedure_type']['name'])."')"
181 );*/
182 }elseif($table == 'misc_address_book'){
183 sqlInsert("INSERT INTO misc_address_book(".
184 "lname,fname,street,city,state,zip,phone".
185 ") VALUES (".
186 "'".add_escape_custom($newdata['misc_address_book']['lname'])."',".
187 "'".add_escape_custom($newdata['misc_address_book']['fname'])."',".
188 "'".add_escape_custom($newdata['misc_address_book']['street'])."',".
189 "'".add_escape_custom($newdata['misc_address_book']['city'])."',".
190 "'".add_escape_custom($newdata['misc_address_book']['state'])."',".
191 "'".add_escape_custom($newdata['misc_address_book']['zip'])."',".
192 "'".add_escape_custom($newdata['misc_address_book']['phone'])."')"
193 );
194 }elseif($table == 'documents'){
195 sqlQuery("UPDATE documents SET foreign_id = ? WHERE id =? ",array($pid,$newdata['documents']['id']));
196 }
197 }
198 sqlQuery("UPDATE audit_master SET approval_status=2 WHERE id=?",array($audit_master_id));
199 }
200
201 function createAuditArray($am_id,$table_name)
202 {
203 if(strpos($table_name,',')){
204 $tables = explode(',',$table_name);
205 $arr = array($am_id);
206 $table_qry = "";
207 for($i=0;$i<count($tables);$i++){
208 $table_qry .= "?,";
209 array_unshift($arr,$tables[$i]);
210 }
211 $table_qry = substr($table_qry,0,-1);
212 $query = sqlStatement("SELECT * FROM audit_master am LEFT JOIN audit_details ad ON ad.audit_master_id = am.id AND ad.table_name IN ($table_qry)
213 WHERE am.id = ? AND am.type = 11 AND am.approval_status = 1 ORDER BY ad.entry_identification,ad.field_name",$arr);
214 }else{
215 $query = sqlStatement("SELECT * FROM audit_master am LEFT JOIN audit_details ad ON ad.audit_master_id = am.id AND ad.table_name = ?
216 WHERE am.id = ? AND am.type = 11 AND am.approval_status = 1 ORDER BY ad.entry_identification,ad.field_name",array($table_name,$am_id));
217 }
218 $result = array();
219 while($res = sqlFetchArray($query)){
220 $result[$table_name][$res['entry_identification']][$res['field_name']] = $res['field_value'];
221 }
222 return $result;
223 }
224
225 function insertApprovedData($data)
226 {
227 $patient_data_fields = '';
228 $patient_data_values = array();
229 foreach($data as $key=>$val){
230 if(substr($key,-4) == '-sel'){
231 if(is_array($val)){
232 for($i=0;$i<count($val);$i++){
233 if($val[$i] == 'insert'){
234 if(substr($key,0,-4) == 'lists1'){
235 if($_REQUEST['lists1-activity'][$i] == 'Active'){
236 $activity = 1;
237 }elseif($_REQUEST['lists1-activity'][$i] == 'Inactive'){
238 $activity = 0;
239 }
240 $query = "INSERT INTO lists (pid,diagnosis,activity) VALUES (?,?,?)";
241 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['lists1-diagnosis'][$i],$activity));
242 }elseif(substr($key,0,-4) == 'lists2'){
243 $query = "INSERT INTO lists (pid,date,type,title,diagnosis,reaction) VALUES (?,?,?,?,?,?)";
244 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['lists2-date'][$i],$_REQUEST['lists2-type'][$i],$_REQUEST['lists2-title'][$i],$_REQUEST['lists2-diagnosis'][$i],$_REQUEST['lists2-reaction'][$i]));
245 }elseif(substr($key,0,-4) == 'prescriptions'){
246 if($_REQUEST['prescriptions-active'][$i] == 'Active'){
247 $active = 1;
248 }elseif($_REQUEST['prescriptions-active'][$i] == 'Inactive'){
249 $active = 0;
250 }
251 $query = "INSERT INTO prescriptions (patient_id,date_added,active,drug,size,form,quantity) VALUES (?,?,?,?,?,?,?)";
252 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['prescriptions-date_added'][$i],$active,$_REQUEST['prescriptions-drug'][$i],$_REQUEST['prescriptions-size'][$i],$_REQUEST['prescriptions-form'][$i],$_REQUEST['prescriptions-quantity'][$i]));
253 }elseif(substr($key,0,-4) == 'immunizations'){
254 $query = "INSERT INTO immunizations (patient_id,administered_date,note) VALUES (?,?,?)";
255 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['immunizations-administered_date'][$i],$_REQUEST['immunizations-note'][$i]));
256 }elseif(substr($key,0,-4) == 'procedure_result'){
257 //$query = "INSERT INTO procedure_type (name) VALUES (?)";
258 //sqlQuery($query,array($_REQUEST['procedure_type-name'][$i]));
259 //$query = "INSERT INTO procedure_result (date,result,abnormal) VALUES (?,?,?)";
260 //sqlQuery($query,array($_REQUEST['procedure_result-date'][$i],$active,$_REQUEST['procedure_result-abnormal'][$i]));
261 }
262 }elseif($val[$i] == 'update'){
263 if(substr($key,0,-4) == 'lists1'){
264 if($_REQUEST['lists1-activity'][$i] == 'Active'){
265 $activity = 1;
266 }elseif($_REQUEST['lists1-activity'][$i] == 'Inactive'){
267 $activity = 0;
268 }
269 $query = "UPDATE lists SET diagnosis=?,activity=? WHERE pid=? AND diagnosis=?";
270 sqlQuery($query,array($_REQUEST['lists1-diagnosis'][$i],$activity,$_REQUEST['pid'],$_REQUEST['lists1-old-diagnosis'][$i]));
271 }
272 }
273 }
274 }else{
275 if(substr($key,0,12) == 'patient_data'){
276 if($val == 'update'){
277 $var_name = substr($key,0,-4);
278 $field_name = substr($var_name,13);
279 $patient_data_fields .= $field_name.'=?,';
280 array_push($patient_data_values,$_REQUEST[$var_name]);
281 }
282 }
283 }
284 }
285 }
286 if(count($patient_data_values) > 0){
287 array_push($patient_data_values,$_REQUEST['pid']);
288 $patient_data_fields = substr($patient_data_fields,0,-1);
289 $query = "UPDATE patient_data SET $patient_data_fields WHERE pid=?";
290 sqlQuery($query,$patient_data_values);
291 }
292 sqlQuery("UPDATE documents SET foreign_id = ? WHERE id =? ",array($_REQUEST['pid'],$_REQUEST['doc_id']));
293 }
294
295 ?>
Mirror of official OpenEMR Sourceforge repository