interface/forms/care_plan/save.php

   1 <?php
   2
   3 // +-----------------------------------------------------------------------------+
   4 // Copyright (C) 2015 Z&H Consultancy Services Private Limited <sam@zhservices.com>
   5 //
   6 //
   7 // This program is free software; you can redistribute it and/or
   8 // modify it under the terms of the GNU General Public License
   9 // as published by the Free Software Foundation; either version 2
  10 // of the License, or (at your option) any later version.
  11 //
  12 //
  13 // This program is distributed in the hope that it will be useful,
  14 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  15 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16 // GNU General Public License for more details.
  17 //
  18 //
  19 // A copy of the GNU General Public License is included along with this program:
  20 // openemr/interface/login/GnuGPL.html
  21 // For more information write to the Free Software
  22 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  23 //
  24 // Author:   Jacob T Paul <jacob@zhservices.com>
  25 //           Vinish K <vinish@zhservices.com>
  26 //
  27 // +------------------------------------------------------------------------------+
  28
  29 //SANITIZE ALL ESCAPES
  30 $sanitize_all_escapes = $_POST['true'];
  31
  32 //STOP FAKE REGISTER GLOBALS
  33 $fake_register_globals = $_POST['false'];
  34
  35 include_once("../../globals.php");
  36 include_once("$srcdir/api.inc");
  37 include_once("$srcdir/forms.inc");
  38
  39 if (!$encounter) { // comes from globals.php
  40     die(xlt("Internal error: we do not seem to be in an encounter!"));
  41 }
  42
  43 $id = 0 + (isset($_GET['id']) ? $_GET['id'] : '');
  44 $code = $_POST["code"];
  45 $code_text = $_POST["codetext"];
  46 $code_date = $_POST["code_date"];
  47 $code_des = $_POST["description"];
  48 $count = $_POST["count"];
  49 $care_plan_type = $_POST['care_plan_type'];
  50
  51 if ($id && $id != 0) {
  52     sqlStatement("DELETE FROM `form_care_plan` WHERE id=? AND pid = ? AND encounter = ?", array($id, $_SESSION["pid"], $_SESSION["encounter"]));
  53     $newid = $id;
  54 } else {
  55     $res2 = sqlStatement("SELECT MAX(id) as largestId FROM `form_care_plan`");
  56     $getMaxid = sqlFetchArray($res2);
  57     if ($getMaxid['largestId']) {
  58         $newid = $getMaxid['largestId'] + 1;
  59     } else {
  60         $newid = 1;
  61     }
  62     addForm($encounter, "Care Plan Form", $newid, "care_plan", $_SESSION["pid"], $userauthorized);
  63 }
  64
  65 $count = array_filter($count);
  66 if (!empty($count)) {
  67     foreach ($count as $key => $codeval):
  68       $code_val = $code[$key] ? $code[$key] : 0;
  69       $codetext_val = $code_text[$key] ? $code_text[$key] :'NULL';
  70       $description_val = $code_des[$key] ? $code_des[$key] : 'NULL';
  71       $care_plan_type_val = $care_plan_type[$key] ? $care_plan_type[$key] : 'NULL';
  72         $sets = "id    = ". add_escape_custom($newid) .",
  73             pid        = ". add_escape_custom($_SESSION["pid"]) .",
  74             groupname  = '" . add_escape_custom($_SESSION["authProvider"]) . "',
  75             user       = '" . add_escape_custom($_SESSION["authUser"]) . "',
  76             encounter  = '" . add_escape_custom($_SESSION["encounter"]) . "',
  77             authorized = ". add_escape_custom($userauthorized) .",
  78             activity   = 1,
  79             code       = '" . add_escape_custom($code_val) . "',
  80             codetext   = '" . add_escape_custom($codetext_val) . "',
  81             description= '" . add_escape_custom($description_val) . "',
  82             date       =  '" . add_escape_custom($code_date[$key]) . "',
  83             care_plan_type = '" .add_escape_custom($care_plan_type_val). "'";
  84         sqlInsert("INSERT INTO form_care_plan SET $sets");
  85     endforeach;
  86 }
  87 $_SESSION["encounter"] = $encounter;
  88 formHeader("Redirecting....");
  89 formJump();
  90 formFooter();
  91 ?>
  92