search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
more bug fixes (#1917)
[openemr.git] / interface / main / authorizations / authorizations.php
blob5090f357387c0dd4ab9b598645f898d92d3869f7
1 <?php
2 /**
3 * Authorizations script.
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
10 */
11
12
13 require_once("../../globals.php");
14 require_once("$srcdir/log.inc");
15 require_once("$srcdir/billing.inc");
16 require_once("$srcdir/forms.inc");
17 require_once("$srcdir/transactions.inc");
18 require_once("$srcdir/lists.inc");
19 require_once("$srcdir/patient.inc");
20 require_once("$srcdir/options.inc.php");
21
22 // The number of authorizations to display in the quick view:
23 // MAR 20041008 the full authorizations screen sucks... no links to the patient charts
24 // increase to a high number to make the mini frame more useful.
25 $N = 50;
26
27 $atemp = sqlQuery("SELECT see_auth FROM users WHERE username = ?", array($_SESSION['authUser']));
28 $see_auth = $atemp['see_auth'];
29
30 $imauthorized = $_SESSION['userauthorized'] || $see_auth > 2;
31
32 // This authorizes everything for the specified patient.
33 if (isset($_GET["mode"]) && $_GET["mode"] == "authorize" && $imauthorized) {
34 if (!verifyCsrfToken($_GET["csrf_token_form"])) {
35 die(xlt('Authentication Error'));
36 }
37
38 $retVal = getProviderId($_SESSION['authUser']);
39 newEvent("authorize", $_SESSION["authUser"], $_SESSION["authProvider"], 1, $_GET["pid"]);
40 sqlStatement("update billing set authorized=1 where pid=?", array($_GET["pid"]));
41 sqlStatement("update forms set authorized=1 where pid=?", array($_GET["pid"]));
42 sqlStatement("update pnotes set authorized=1 where pid=?", array($_GET["pid"]));
43 sqlStatement("update transactions set authorized=1 where pid=?", array($_GET["pid"]));
44 }
45 ?>
46 <html>
47 <head>
48 <?php html_header_show();?>
49 <link rel='stylesheet' href="<?php echo $css_header;?>" type="text/css">
50 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative']; ?>/manual-added-packages/jquery-min-1-2-2/index.js"></script>
51 <style>
52 /* min & max buttons are hidden in the newer concurrent layout */
53 #min {
54 float: right;
55 padding: 3px;
56 margin: 2px;
57 cursor: pointer; cursor: hand;
58 <?php echo "display: none;"; ?>
59 }
60 #max {
61 float: right;
62 padding: 3px;
63 margin: 2px;
64 cursor: pointer; cursor: hand;
65 <?php echo "display: none;"; ?>
66 }
67 </style>
68 </head>
69 <body class="body_bottom">
70
71 <!-- 'buttons' to min/max the bottom frame -JRM -->
72 <div id="max" title="Restore this information">
73 <img src="<?php echo $GLOBALS['webroot']; ?>/images/max.gif">
74 </div>
75 <div id="min" title="Minimize this information">
76 <img src="<?php echo $GLOBALS['webroot']; ?>/images/min.gif">
77 </div>
78
79 <?php if ($imauthorized) { ?>
80 <span class='title'>
81 <a href='authorizations_full.php' onclick='top.restoreSession()'>
82 <?php echo xlt('Authorizations'); ?> <span class='more'><?php echo text($tmore); ?></span></a>
83 <?php
84 }
85 ?>
86 </span>
87
88 <?php
89 if ($imauthorized && $see_auth > 1) {
90 // provider
91 // billing
92 // forms
93 // pnotes
94 // transactions
95
96 //fetch billing information:
97 if ($res = sqlStatement("select *, concat(u.fname,' ', u.lname) as user " .
98 "from billing LEFT JOIN users as u on billing.user = u.id where " .
99 "billing.authorized = 0 and billing.activity = 1 and " .
100 "groupname = ?", array($groupname))) {
101 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
102 $result1[$iter] = $row;
103 }
104
105 if ($result1) {
106 foreach ($result1 as $iter) {
107 $authorize{$iter{"pid"}}{"billing"} .= "<span class=text>" .
108 text($iter{"code_text"} . " " . date("n/j/Y", strtotime($iter{"date"}))) .
109 "</span><br>\n";
110 }
111 }
112 }
113
114 //fetch transaction information:
115 if ($res = sqlStatement("select * from transactions where " .
116 "authorized = 0 and groupname = ?", array($groupname))) {
117 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
118 $result2[$iter] = $row;
119 }
120
121 if ($result2) {
122 foreach ($result2 as $iter) {
123 $authorize{$iter{"pid"}}{"transaction"} .= "<span class=text>" .
124 text($iter{"title"} . ": " . (strterm($iter{"body"}, 25)) . " " . date("n/j/Y", strtotime($iter{"date"}))) .
125 "</span><br>\n";
126 }
127 }
128 }
129
130 if (empty($GLOBALS['ignore_pnotes_authorization'])) {
131 //fetch pnotes information:
132 if ($res = sqlStatement("select * from pnotes where authorized = 0 and " .
133 "groupname = ?", array($groupname))) {
134 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
135 $result3[$iter] = $row;
136 }
137
138 if ($result3) {
139 foreach ($result3 as $iter) {
140 $authorize{$iter{"pid"}}{"pnotes"} .= "<span class=text>" .
141 text((strterm($iter{"body"}, 25)) . " " . date("n/j/Y", strtotime($iter{"date"}))) .
142 "</span><br>\n";
143 }
144 }
145 }
146 }
147
148 //fetch forms information:
149 if ($res = sqlStatement("select * from forms where authorized = 0 and " .
150 "groupname = ?", array($groupname))) {
151 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
152 $result4[$iter] = $row;
153 }
154
155 if ($result4) {
156 foreach ($result4 as $iter) {
157 $authorize{$iter{"pid"}}{"forms"} .= "<span class=text>" .
158 text($iter{"form_name"} . " " . date("n/j/Y", strtotime($iter{"date"}))) .
159 "</span><br>\n";
160 }
161 }
162 }
163 ?>
164
165 <table border='0' cellpadding='0' cellspacing='2' width='100%'>
166 <tr>
167 <td valign='top'>
168
169 <?php
170 if ($authorize) {
171 $count = 0;
172
173 while (list($ppid,$patient) = each($authorize)) {
174 $name = getPatientData($ppid);
175
176 // If I want to see mine only and this patient is not mine, skip it.
177 if ($see_auth == 2 && $_SESSION['authUserID'] != $name['id']) {
178 continue;
179 }
180
181 if ($count >= $N) {
182 print "<tr><td colspan='5' align='center'><a" .
183 " href='authorizations_full.php?active=1' class='alert' onclick='top.restoreSession()'>" .
184 xlt('Some authorizations were not displayed. Click here to view all') .
185 "</a></td></tr>\n";
186 break;
187 }
188
189 echo "<tr><td valign='top'>";
190 // Clicking the patient name will load both frames for that patient,
191 // as demographics.php takes care of loading the bottom frame.
192 echo "<a href='$rootdir/patient_file/summary/demographics.php?set_pid=" .
193 attr(urlencode($ppid)) . "' target='RTop' onclick='top.restoreSession()'>";
194
195 echo "<span class='bold'>" . text($name{"fname"}) . " " .
196 text($name{"lname"}) . "</span></a><br>" .
197 "<a class=link_submit href='authorizations.php?mode=authorize" .
198 "&pid=" . attr(urlencode($ppid)) . "&csrf_token_form=" . attr(urlencode(collectCsrfToken())) . "' onclick='top.restoreSession()'>" .
199 xlt('Authorize') . "</a></td>\n";
200
201 /****
202 //Michael A Rowley MD 20041012.
203 // added below 4 lines to add provider to authorizations for ez reference.
204 $providerID = sqlFetchArray(sqlStatement(
205 "select providerID from patient_data where pid=?", array($ppid) ));
206 $userID=$providerID{"providerID"};
207 $providerName = sqlFetchArray(sqlStatement(
208 "select lname from users where id=?", array($userID) ));
209 ****/
210 // Don't use sqlQuery because there might be no match.
211 $providerName = sqlFetchArray(sqlStatement(
212 "select lname from users where id = ?",
213 array($name['providerID'])
214 ));
215
216 echo "<td valign=top><span class=bold>".xlt('Provider').":</span><span class=text><br>" .
217 text($providerName{"lname"}) . "</td>\n";
218 echo "<td valign=top><span class=bold>".xlt('Billing').":</span><span class=text><br>" .
219 $patient{"billing"} . "</td>\n";
220 echo "<td valign=top><span class=bold>".xlt('Transactions').":</span><span class=text><br>" .
221 $patient{"transaction"} . "</td>\n";
222 echo "<td valign=top><span class=bold>".xlt('Patient Notes').":</span><span class=text><br>" .
223 $patient{"pnotes"} . "</td>\n";
224 echo "<td valign=top><span class=bold>".xlt('Encounter Forms').":</span><span class=text><br>" .
225 $patient{"forms"} . "</td>\n";
226 echo "</tr>\n";
227
228 $count++;
229 }
230 }
231 ?>
232
233 </td>
234
235 </tr>
236 </table>
237
238 <?php } ?>
239
240 </body>
241 <script language='JavaScript'>
242
243 /* added to adjust the height of this frame by the min/max buttons */
244 var origRows = null;
245 $(document).ready(function(){
246
247 $(".noterow").mouseover(function() { $(this).toggleClass("highlight"); });
248 $(".noterow").mouseout(function() { $(this).toggleClass("highlight"); });
249 $(".noterow").click(function() { EditNote(this); });
250
251 });
252
253 var EditNote = function(note) {
254 var parts = note.id.split("~");
255 <?php if (true) : ?>
256 top.restoreSession();
257 location.href = "<?php echo $GLOBALS['webroot']; ?>/interface/patient_file/summary/pnotes_full.php?noteid=" + parts[1] + "&set_pid=" + parts[0] + "&active=1";
258 <?php else : ?>
259 // no-op
260 alert("<?php echo xls('You do not have access to view/edit this note'); ?>");
261 <?php endif; ?>
262 }
263
264 </script>
265
266 </html>
Mirror of official OpenEMR Sourceforge repository