3 * Authorizations script.
6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
13 require_once("../../globals.php");
14 require_once("$srcdir/log.inc");
15 require_once("$srcdir/billing.inc");
16 require_once("$srcdir/forms.inc");
17 require_once("$srcdir/transactions.inc");
18 require_once("$srcdir/lists.inc");
19 require_once("$srcdir/patient.inc");
20 require_once("$srcdir/options.inc.php");
22 // The number of authorizations to display in the quick view:
23 // MAR 20041008 the full authorizations screen sucks... no links to the patient charts
24 // increase to a high number to make the mini frame more useful.
27 $atemp = sqlQuery("SELECT see_auth FROM users WHERE username = ?", array($_SESSION['authUser']));
28 $see_auth = $atemp['see_auth'];
30 $imauthorized = $_SESSION['userauthorized'] ||
$see_auth > 2;
32 // This authorizes everything for the specified patient.
33 if (isset($_GET["mode"]) && $_GET["mode"] == "authorize" && $imauthorized) {
34 if (!verifyCsrfToken($_GET["csrf_token_form"])) {
35 die(xlt('Authentication Error'));
38 $retVal = getProviderId($_SESSION['authUser']);
39 newEvent("authorize", $_SESSION["authUser"], $_SESSION["authProvider"], 1, $_GET["pid"]);
40 sqlStatement("update billing set authorized=1 where pid=?", array($_GET["pid"]));
41 sqlStatement("update forms set authorized=1 where pid=?", array($_GET["pid"]));
42 sqlStatement("update pnotes set authorized=1 where pid=?", array($_GET["pid"]));
43 sqlStatement("update transactions set authorized=1 where pid=?", array($_GET["pid"]));
48 <?php
html_header_show();?
>
49 <link rel
='stylesheet' href
="<?php echo $css_header;?>" type
="text/css">
50 <script type
="text/javascript" src
="<?php echo $GLOBALS['assets_static_relative']; ?>/manual-added-packages/jquery-min-1-2-2/index.js"></script
>
52 /* min & max buttons are hidden in the newer concurrent layout */
57 cursor
: pointer
; cursor
: hand
;
58 <?php
echo "display: none;"; ?
>
64 cursor
: pointer
; cursor
: hand
;
65 <?php
echo "display: none;"; ?
>
69 <body
class="body_bottom">
71 <!-- 'buttons' to min
/max the bottom frame
-JRM
-->
72 <div id
="max" title
="Restore this information">
73 <img src
="<?php echo $GLOBALS['webroot']; ?>/images/max.gif">
75 <div id
="min" title
="Minimize this information">
76 <img src
="<?php echo $GLOBALS['webroot']; ?>/images/min.gif">
79 <?php
if ($imauthorized) { ?
>
81 <a href
='authorizations_full.php' onclick
='top.restoreSession()'>
82 <?php
echo xlt('Authorizations'); ?
> <span
class='more'><?php
echo text($tmore); ?
></span
></a
>
89 if ($imauthorized && $see_auth > 1) {
96 //fetch billing information:
97 if ($res = sqlStatement("select *, concat(u.fname,' ', u.lname) as user " .
98 "from billing LEFT JOIN users as u on billing.user = u.id where " .
99 "billing.authorized = 0 and billing.activity = 1 and " .
100 "groupname = ?", array($groupname))) {
101 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
102 $result1[$iter] = $row;
106 foreach ($result1 as $iter) {
107 $authorize{$iter{"pid"}}{"billing"} .= "<span class=text>" .
108 text($iter{"code_text"} . " " . date("n/j/Y", strtotime($iter{"date"}))) .
114 //fetch transaction information:
115 if ($res = sqlStatement("select * from transactions where " .
116 "authorized = 0 and groupname = ?", array($groupname))) {
117 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
118 $result2[$iter] = $row;
122 foreach ($result2 as $iter) {
123 $authorize{$iter{"pid"}}{"transaction"} .= "<span class=text>" .
124 text($iter{"title"} . ": " . (strterm($iter{"body"}, 25)) . " " . date("n/j/Y", strtotime($iter{"date"}))) .
130 if (empty($GLOBALS['ignore_pnotes_authorization'])) {
131 //fetch pnotes information:
132 if ($res = sqlStatement("select * from pnotes where authorized = 0 and " .
133 "groupname = ?", array($groupname))) {
134 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
135 $result3[$iter] = $row;
139 foreach ($result3 as $iter) {
140 $authorize{$iter{"pid"}}{"pnotes"} .= "<span class=text>" .
141 text((strterm($iter{"body"}, 25)) . " " . date("n/j/Y", strtotime($iter{"date"}))) .
148 //fetch forms information:
149 if ($res = sqlStatement("select * from forms where authorized = 0 and " .
150 "groupname = ?", array($groupname))) {
151 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
152 $result4[$iter] = $row;
156 foreach ($result4 as $iter) {
157 $authorize{$iter{"pid"}}{"forms"} .= "<span class=text>" .
158 text($iter{"form_name"} . " " . date("n/j/Y", strtotime($iter{"date"}))) .
165 <table border
='0' cellpadding
='0' cellspacing
='2' width
='100%'>
173 while (list($ppid,$patient) = each($authorize)) {
174 $name = getPatientData($ppid);
176 // If I want to see mine only and this patient is not mine, skip it.
177 if ($see_auth == 2 && $_SESSION['authUserID'] != $name['id']) {
182 print "<tr><td colspan='5' align='center'><a" .
183 " href='authorizations_full.php?active=1' class='alert' onclick='top.restoreSession()'>" .
184 xlt('Some authorizations were not displayed. Click here to view all') .
189 echo "<tr><td valign='top'>";
190 // Clicking the patient name will load both frames for that patient,
191 // as demographics.php takes care of loading the bottom frame.
192 echo "<a href='$rootdir/patient_file/summary/demographics.php?set_pid=" .
193 attr(urlencode($ppid)) . "' target='RTop' onclick='top.restoreSession()'>";
195 echo "<span class='bold'>" . text($name{"fname"}) . " " .
196 text($name{"lname"}) . "</span></a><br>" .
197 "<a class=link_submit href='authorizations.php?mode=authorize" .
198 "&pid=" . attr(urlencode($ppid)) . "&csrf_token_form=" . attr(urlencode(collectCsrfToken())) . "' onclick='top.restoreSession()'>" .
199 xlt('Authorize') . "</a></td>\n";
202 //Michael A Rowley MD 20041012.
203 // added below 4 lines to add provider to authorizations for ez reference.
204 $providerID = sqlFetchArray(sqlStatement(
205 "select providerID from patient_data where pid=?", array($ppid) ));
206 $userID=$providerID{"providerID"};
207 $providerName = sqlFetchArray(sqlStatement(
208 "select lname from users where id=?", array($userID) ));
210 // Don't use sqlQuery because there might be no match.
211 $providerName = sqlFetchArray(sqlStatement(
212 "select lname from users where id = ?",
213 array($name['providerID'])
216 echo "<td valign=top><span class=bold>".xlt('Provider').":</span><span class=text><br>" .
217 text($providerName{"lname"}) . "</td>\n";
218 echo "<td valign=top><span class=bold>".xlt('Billing').":</span><span class=text><br>" .
219 $patient{"billing"} . "</td>\n";
220 echo "<td valign=top><span class=bold>".xlt('Transactions').":</span><span class=text><br>" .
221 $patient{"transaction"} . "</td>\n";
222 echo "<td valign=top><span class=bold>".xlt('Patient Notes').":</span><span class=text><br>" .
223 $patient{"pnotes"} . "</td>\n";
224 echo "<td valign=top><span class=bold>".xlt('Encounter Forms').":</span><span class=text><br>" .
225 $patient{"forms"} . "</td>\n";
241 <script language
='JavaScript'>
243 /* added to adjust the height of this frame by the min/max buttons */
245 $
(document
).ready(function(){
247 $
(".noterow").mouseover(function() { $
(this
).toggleClass("highlight"); });
248 $
(".noterow").mouseout(function() { $
(this
).toggleClass("highlight"); });
249 $
(".noterow").click(function() { EditNote(this
); });
253 var EditNote
= function(note
) {
254 var parts
= note
.id
.split("~");
256 top
.restoreSession();
257 location
.href
= "<?php echo $GLOBALS['webroot']; ?>/interface/patient_file/summary/pnotes_full.php?noteid=" + parts
[1] +
"&set_pid=" + parts
[0] +
"&active=1";
260 alert("<?php echo xls('You do not have access to view/edit this note'); ?>");