portal/messaging/handle_note.php

   1 <?php
   2 /**
   3  *
   4  * Copyright (C) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
   5  *
   6  * LICENSE: This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  * @package OpenEMR
  20  * @author Jerry Padgett <sjpadgett@gmail.com>
  21  * @link http://www.open-emr.org
  22  */
  23
  24 session_start();
  25 if( isset( $_SESSION['pid'] ) && isset( $_SESSION['patient_portal_onsite_two'] ) ){
  26         $owner = $_SESSION['pid'];
  27         $ignoreAuth = true;
  28         $fake_register_globals=false;
  29         $sanitize_all_escapes=true;
  30         require_once ( dirname( __FILE__ ) . "/../../interface/globals.php" );
  31 } else{
  32         session_destroy();
  33         $ignoreAuth = false;
  34         $sanitize_all_escapes = true;
  35         $fake_register_globals = false;
  36         require_once ( dirname( __FILE__ ) . "/../../interface/globals.php" );
  37         if( ! isset( $_SESSION['authUserID'] ) ){
  38                 $landingpage = "index.php";
  39                 header( 'Location: ' . $landingpage );
  40                 exit();
  41         }
  42 }
  43
  44 require_once (dirname( __FILE__ ) . "/../lib/portal_mail.inc");
  45 require_once("$srcdir/pnotes.inc");
  46
  47 $task = $_POST ['task'];
  48 if (! $task)
  49         return 'no task';
  50
  51 $noteid = $_POST ['noteid'] ? $_POST ['noteid'] : 0;
  52 $reply_noteid = $_POST ['replyid'] ? $_POST ['replyid'] : 0;
  53 $owner = isset($_POST ['owner']) ? $_POST ['owner'] : $_SESSION ['pid'];
  54 $note = $_POST ['inputBody'];
  55 $title = $_POST ['title'];
  56 $sid=(int)$_POST ['sender_id'];
  57 $sn=$_POST ['sender_name'];
  58 $rid=(int)$_POST ['recipient_id'];
  59 $rn=$_POST ['recipient_name'];
  60 $header = '';
  61
  62 switch ($task) {
  63         case "forward" :
  64                 {
  65                         addPnote($rid, $note,1,1,$title ,$sn,'','New');
  66                         updatePortalMailMessageStatus ( $noteid, 'Forwarded' );
  67                         echo 'ok';
  68                 }
  69                 break;
  70         case "add" :
  71                 {
  72                         // each user has their own copy of message
  73                         sendMail ( $owner, $note, $title, $header, $noteid,$sid,$sn,$rid,$rn,'New' );
  74                         sendMail ( $rid, $note, $title, $header, $noteid,$sid,$sn,$rid,$rn,'New',$reply_noteid );
  75                         echo 'ok';
  76                 }
  77                 break;
  78         case "reply" :
  79                 {
  80                         sendMail ( $owner, $note, $title, $header, $noteid,$sid,$sn,$rid,$rn,'Reply','' );
  81                         sendMail ( $rid, $note, $title, $header, $noteid,$sid,$sn,$rid,$rn,'New',$reply_noteid );
  82                         echo 'ok';
  83                 }
  84                 break;
  85         case "delete" :
  86                 {
  87                         updatePortalMailMessageStatus ( $noteid, 'Delete' );
  88                         echo 'ok';
  89                 }
  90                 break;
  91         case "setread" :
  92                 {
  93                         if ($noteid > 0) {
  94                                 updatePortalMailMessageStatus ( $noteid, 'Read' );
  95                                 echo 'ok';
  96                         } else
  97                                 echo 'missing note id';
  98                 }
  99                 break;
 100                 case "getinbox" :
 101                         {
 102                                 if ($owner) {
 103                                         $result = getMails($owner,'inbox','','');
 104                                         echo json_encode($result);
 105                                 } else
 106                                         echo 'error';
 107                         }
 108                         break;
 109         case "getsent" :
 110                 {
 111                         if ($owner) {
 112                                 $result = getMails($owner,'sent','','');
 113                                 echo json_encode($result);
 114                         } else
 115                                 echo 'error';
 116                 }
 117                 break;
 118                 case "getall" :
 119                         {
 120                                 if ($owner) {
 121                                         $result = getMails($owner,'all','','');
 122                                         echo json_encode($result);
 123                                 } else
 124                                         echo 'error';
 125                         }
 126                         break;
 127                         case "getdeleted" :
 128                                 {
 129                                         if ($owner) {
 130                                                 $result = getMails($owner,'deleted','','');
 131                                                 echo json_encode($result);
 132                                         } else
 133                                                 echo 'error';
 134                                 }
 135                                 break;
 136 }
 137 if(isset($_REQUEST["submit"]))
 138         header("Location: {$_REQUEST["submit"]}");
 139 ?>