2 // Copyright (C) 2006-2011 Rod Roark <rod@sunsetsystems.com>
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
12 require_once("../globals.php");
13 require_once("$srcdir/acl.inc");
14 require_once("drugs.inc.php");
15 require_once("$srcdir/options.inc.php");
18 $drug_id = $_REQUEST['drug'];
22 if (!acl_check('admin', 'drugs')) {
23 die(xlt('Not authorized'));
26 // Format dollars for display.
28 function bucks($amount)
31 $amount = sprintf("%.2f", $amount);
32 if ($amount != 0.00) {
40 // Write a line of data for one template to the form.
42 function writeTemplateLine($selector, $dosage, $period, $quantity, $refills, $prices, $taxrates)
48 echo " <td class='tmplcell drugsonly'>";
49 echo "<input type='text' name='form_tmpl[$tmpl_line_no][selector]' value='" . attr($selector) . "' size='8' maxlength='100'>";
51 echo " <td class='tmplcell drugsonly'>";
52 echo "<input type='text' name='form_tmpl[$tmpl_line_no][dosage]' value='" . attr($dosage) . "' size='6' maxlength='10'>";
54 echo " <td class='tmplcell drugsonly'>";
55 generate_form_field(array(
57 'field_id' => 'tmpl[' . $tmpl_line_no . '][period]',
58 'list_id' => 'drug_interval',
59 'empty_title' => 'SKIP'
62 echo " <td class='tmplcell drugsonly'>";
63 echo "<input type='text' name='form_tmpl[$tmpl_line_no][quantity]' value='" . attr($quantity) . "' size='3' maxlength='7'>";
65 echo " <td class='tmplcell drugsonly'>";
66 echo "<input type='text' name='form_tmpl[$tmpl_line_no][refills]' value='" . attr($refills) . "' size='3' maxlength='5'>";
68 foreach ($prices as $pricelevel => $price) {
69 echo " <td class='tmplcell'>";
70 echo "<input type='text' name='form_tmpl[$tmpl_line_no][price][" . attr($pricelevel) . "]' value='" . attr($price) . "' size='6' maxlength='12'>";
74 $pres = sqlStatement("SELECT option_id FROM list_options " .
75 "WHERE list_id = 'taxrate' AND activity = 1 ORDER BY seq");
76 while ($prow = sqlFetchArray($pres)) {
77 echo " <td class='tmplcell'>";
78 echo "<input type='checkbox' name='form_tmpl[$tmpl_line_no][taxrate][" . attr($prow['option_id']) . "]' value='1'";
79 if (strpos(":$taxrates", $prow['option_id']) !== false) {
89 // Translation for form fields used in SQL queries.
91 function escapedff($name)
93 return add_escape_custom(trim($_POST[$name]));
95 function numericff($name)
97 $field = trim($_POST[$name]) +
0;
98 return add_escape_custom($field);
103 <?php
html_header_show(); ?
>
104 <title
><?php
echo $drug_id ?
xlt("Edit") : xlt("Add New");
105 echo ' ' . xlt('Drug'); ?
></title
>
106 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
109 td
{ font
-size
:10pt
; }
111 <?php
if ($GLOBALS['sell_non_drug_products'] == 2) { ?
>
112 .drugsonly
{ display
:none
; }
117 <?php
if (empty($GLOBALS['ippf_specific'])) { ?
>
118 .ippfonly
{ display
:none
; }
125 <script type
="text/javascript" src
="<?php echo $webroot ?>/interface/main/tabs/js/include_opener.js"></script
>
126 <script type
="text/javascript" src
="../../library/topdialog.js"></script
>
127 <script type
="text/javascript" src
="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script
>
128 <script type
="text/javascript" src
="../../library/textformat.js"></script
>
130 <script language
="JavaScript">
132 <?php
require($GLOBALS['srcdir'] . "/restoreSession.php"); ?
>
134 // This is for callback by the find-code popup.
135 // Appends to or erases the current list of related codes.
136 function set_related(codetype
, code
, selector
, codedesc
) {
137 var f
= document
.forms
[0];
138 var s
= f
.form_related_code
.value
;
140 if (s
.length
> 0) s +
= ';';
141 s +
= codetype +
':' + code
;
145 f
.form_related_code
.value
= s
;
148 // This invokes the find-code popup.
149 function sel_related() {
150 dlgopen('../patient_file/encounter/find_code_popup.php', '_blank', 500, 400);
157 <body
class="body_top">
159 // If we are saving, then save and close the window.
160 // First check for duplicates.
162 if ($_POST['form_save']) {
163 $crow = sqlQuery("SELECT COUNT(*) AS count FROM drugs WHERE " .
164 "name = '" . escapedff('form_name') . "' AND " .
165 "form = '" . escapedff('form_form') . "' AND " .
166 "size = '" . escapedff('form_size') . "' AND " .
167 "unit = '" . escapedff('form_unit') . "' AND " .
168 "route = '" . escapedff('form_route') . "' AND " .
169 "drug_id != ?", array($drug_id));
170 if ($crow['count']) {
171 $alertmsg = addslashes(xl('Cannot add this entry because it already exists!'));
175 if (($_POST['form_save'] ||
$_POST['form_delete']) && !$alertmsg) {
178 if ($_POST['form_save']) { // updating an existing drug
179 sqlStatement("UPDATE drugs SET " .
180 "name = '" . escapedff('form_name') . "', " .
181 "ndc_number = '" . escapedff('form_ndc_number') . "', " .
182 "drug_code = '" . escapedff('form_drug_code') . "', " .
183 "on_order = '" . escapedff('form_on_order') . "', " .
184 "reorder_point = '" . escapedff('form_reorder_point') . "', " .
185 "max_level = '" . escapedff('form_max_level') . "', " .
186 "form = '" . escapedff('form_form') . "', " .
187 "size = '" . escapedff('form_size') . "', " .
188 "unit = '" . escapedff('form_unit') . "', " .
189 "route = '" . escapedff('form_route') . "', " .
190 "cyp_factor = '" . numericff('form_cyp_factor') . "', " .
191 "related_code = '" . escapedff('form_related_code') . "', " .
192 "allow_multiple = " . (empty($_POST['form_allow_multiple' ]) ?
0 : 1) . ", " .
193 "allow_combining = " . (empty($_POST['form_allow_combining']) ?
0 : 1) . ", " .
194 "active = " . (empty($_POST['form_active']) ?
0 : 1) . " " .
195 "WHERE drug_id = ?", array($drug_id));
196 sqlStatement("DELETE FROM drug_templates WHERE drug_id = ?", array($drug_id));
198 if (acl_check('admin', 'super')) {
199 sqlStatement("DELETE FROM drug_inventory WHERE drug_id = ?", array($drug_id));
200 sqlStatement("DELETE FROM drug_templates WHERE drug_id = ?", array($drug_id));
201 sqlStatement("DELETE FROM drugs WHERE drug_id = ?", array($drug_id));
202 sqlStatement("DELETE FROM prices WHERE pr_id = ? AND pr_selector != ''", array($drug_id));
205 } else if ($_POST['form_save']) { // saving a new drug
207 $drug_id = sqlInsert("INSERT INTO drugs ( " .
208 "name, ndc_number, drug_code, on_order, reorder_point, max_level, form, " .
209 "size, unit, route, cyp_factor, related_code, " .
210 "allow_multiple, allow_combining, active " .
212 "'" . escapedff('form_name') . "', " .
213 "'" . escapedff('form_ndc_number') . "', " .
214 "'" . escapedff('form_drug_code') . "', " .
215 "'" . escapedff('form_on_order') . "', " .
216 "'" . escapedff('form_reorder_point') . "', " .
217 "'" . escapedff('form_max_level') . "', " .
218 "'" . escapedff('form_form') . "', " .
219 "'" . escapedff('form_size') . "', " .
220 "'" . escapedff('form_unit') . "', " .
221 "'" . escapedff('form_route') . "', " .
222 "'" . numericff('form_cyp_factor') . "', " .
223 "'" . escapedff('form_related_code') . "', " .
224 (empty($_POST['form_allow_multiple' ]) ?
0 : 1) . ", " .
225 (empty($_POST['form_allow_combining']) ?
0 : 1) . ", " .
226 (empty($_POST['form_active']) ?
0 : 1) .
230 if ($_POST['form_save'] && $drug_id) {
231 $tmpl = $_POST['form_tmpl'];
232 // If using the simplified drug form, then force the one and only
233 // selector name to be the same as the product name.
234 if ($GLOBALS['sell_non_drug_products'] == 2) {
235 $tmpl["1"]['selector'] = $_POST['form_name'];
238 sqlStatement("DELETE FROM prices WHERE pr_id = ? AND pr_selector != ''", array($drug_id));
239 for ($lino = 1; isset($tmpl["$lino"]['selector']); ++
$lino) {
240 $iter = $tmpl["$lino"];
241 $selector = trim($iter['selector']);
244 if (!empty($iter['taxrate'])) {
245 foreach ($iter['taxrate'] as $key => $value) {
246 $taxrates .= "$key:";
251 "INSERT INTO drug_templates ( " .
252 "drug_id, selector, dosage, period, quantity, refills, taxrates " .
253 ") VALUES ( ?, ?, ?, ?, ?, ?, ? )",
254 array($drug_id, $selector, trim($iter['dosage']), trim($iter['period']),
255 trim($iter['quantity']),
256 trim($iter['refills']),
260 // Add prices for this drug ID and selector.
261 foreach ($iter['price'] as $key => $value) {
265 "INSERT INTO prices ( " .
266 "pr_id, pr_selector, pr_level, pr_price ) VALUES ( " .
268 array($drug_id, $selector, $key, $value)
271 } // end foreach price
272 } // end if selector is present
273 } // end for each selector
274 // Save warehouse-specific mins and maxes for this drug.
275 sqlStatement("DELETE FROM product_warehouse WHERE pw_drug_id = ?", array($drug_id));
276 foreach ($_POST['form_wh_min'] as $whid => $whmin) {
278 $whmax = 0 +
$_POST['form_wh_max'][$whid];
279 if ($whmin != 0 ||
$whmax != 0) {
280 sqlStatement("INSERT INTO product_warehouse ( " .
281 "pw_drug_id, pw_warehouse, pw_min_level, pw_max_level ) VALUES ( " .
282 "?, ?, ?, ? )", array($drug_id, $whid, $whmin, $whmax));
285 } // end if saving a drug
287 // Close this window and redisplay the updated list of drugs.
289 echo "<script language='JavaScript'>\n";
291 echo " alert('$info_msg');\n";
294 echo " if (opener.refreshme) opener.refreshme();\n";
296 echo " window.location.href='add_edit_lot.php?drug=$drug_id&lot=0'\n";
298 echo " window.close();\n";
301 echo "</script></body></html>\n";
306 $row = sqlQuery("SELECT * FROM drugs WHERE drug_id = ?", array($drug_id));
307 $tres = sqlStatement("SELECT * FROM drug_templates WHERE " .
308 "drug_id = ? ORDER BY selector", array($drug_id));
313 'allow_multiple' => '1',
314 'allow_combining' => '',
317 'reorder_point' => '0',
324 'related_code' => '',
329 <form method
='post' name
='theform' action
='add_edit_drug.php?drug=<?php echo $drug_id; ?>'>
332 <table border
='0' width
='100%'>
335 <td valign
='top' nowrap
><b
><?php
echo xlt('Name'); ?
>:</b
></td
>
337 <input type
='text' size
='40' name
='form_name' maxlength
='80' value
='<?php echo attr($row['name
']) ?>' style
='width:100%' />
342 <td valign
='top' nowrap
><b
><?php
echo xlt('Active'); ?
>:</b
></td
>
344 <input type
='checkbox' name
='form_active' value
='1'<?php
345 if ($row['active']) {
352 <td valign
='top' nowrap
><b
><?php
echo xlt('Allow'); ?
>:</b
></td
>
354 <input type
='checkbox' name
='form_allow_multiple' value
='1'<?php
355 if ($row['allow_multiple']) {
358 <?php
echo xlt('Multiple Lots'); ?
>  
;
359 <input type
='checkbox' name
='form_allow_combining' value
='1'<?php
360 if ($row['allow_combining']) {
363 <?php
echo xlt('Combining Lots'); ?
>
368 <td valign
='top' nowrap
><b
><?php
echo xlt('NDC Number'); ?
>:</b
></td
>
370 <input type
='text' size
='40' name
='form_ndc_number' maxlength
='20'
371 value
='<?php echo attr($row['ndc_number
']) ?>' style
='width:100%'
372 onkeyup
='maskkeyup(this,"<?php echo addslashes($GLOBALS['gbl_mask_product_id
']); ?>")'
373 onblur
='maskblur(this,"<?php echo addslashes($GLOBALS['gbl_mask_product_id
']); ?>")'
378 <td valign
='top' nowrap
><b
><?php
echo xlt('Drug Code'); ?
>:</b
></td
>
380 <input type
='text' size
='5' name
='form_drug_code' maxlength
='10'
381 value
='<?php echo attr($row['drug_code
']) ?>'
386 <td valign
='top' nowrap
><b
><?php
echo xlt('On Order'); ?
>:</b
></td
>
388 <input type
='text' size
='5' name
='form_on_order' maxlength
='7' value
='<?php echo attr($row['on_order
']) ?>' />
393 <td valign
='top' nowrap
><b
><?php
echo xlt('Limits'); ?
>:</b
></td
>
397 <td valign
='top' nowrap
> 
;</td
>
398 <td valign
='top' nowrap
><?php
echo xlt('Global'); ?
></td
>
400 // One column header per warehouse title.
402 $pwres = sqlStatement(
403 "SELECT lo.option_id, lo.title, " .
404 "pw.pw_min_level, pw.pw_max_level " .
405 "FROM list_options AS lo " .
406 "LEFT JOIN product_warehouse AS pw ON " .
407 "pw.pw_drug_id = ? AND " .
408 "pw.pw_warehouse = lo.option_id WHERE " .
409 "lo.list_id = 'warehouse' AND lo.activity = 1 ORDER BY lo.seq, lo.title",
412 while ($pwrow = sqlFetchArray($pwres)) {
414 echo " <td valign='top' nowrap>" .
415 text($pwrow['title']) . "</td>\n";
420 <td valign
='top' nowrap
><?php
echo xlt('Min'); ?
> 
;</td
>
422 <input type
='text' size
='5' name
='form_reorder_point' maxlength
='7'
423 value
='<?php echo attr($row['reorder_point
']) ?>'
424 title
='<?php echo xla('Reorder point
, 0 if not applicable
'); ?>'
428 foreach ($pwarr as $pwrow) {
429 echo " <td valign='top'>";
430 echo "<input type='text' name='form_wh_min[" .
431 attr($pwrow['option_id']) .
432 "]' value='" . attr(0 +
$pwrow['pw_min_level']) . "' size='5' " .
433 "title='" . xla('Warehouse minimum, 0 if not applicable') . "' />";
434 echo " </td>\n";
439 <td valign
='top' nowrap
><?php
echo xlt('Max'); ?
> 
;</td
>
441 <input type
='text' size
='5' name
='form_max_level' maxlength
='7'
442 value
='<?php echo attr($row['max_level
']) ?>'
443 title
='<?php echo xla('Maximum reasonable inventory
, 0 if not applicable
'); ?>'
447 foreach ($pwarr as $pwrow) {
448 echo " <td valign='top'>";
449 echo "<input type='text' name='form_wh_max[" .
450 htmlspecialchars($pwrow['option_id']) .
451 "]' value='" . attr(0 +
$pwrow['pw_max_level']) . "' size='5' " .
452 "title='" . xla('Warehouse maximum, 0 if not applicable') . "' />";
461 <tr
class='drugsonly'>
462 <td valign
='top' nowrap
><b
><?php
echo xlt('Form'); ?
>:</b
></td
>
465 generate_form_field(array('data_type'=>1,'field_id'=>'form','list_id'=>'drug_form','empty_title'=>'SKIP'), $row['form']);
470 <tr
class='drugsonly'>
471 <td valign
='top' nowrap
><b
><?php
echo xlt('Pill Size'); ?
>:</b
></td
>
473 <input type
='text' size
='5' name
='form_size' maxlength
='7' value
='<?php echo attr($row['size
']) ?>' />
477 <tr
class='drugsonly'>
478 <td valign
='top' nowrap
><b
><?php
echo xlt('Units'); ?
>:</b
></td
>
481 generate_form_field(array('data_type'=>1,'field_id'=>'unit','list_id'=>'drug_units','empty_title'=>'SKIP'), $row['unit']);
486 <tr
class='drugsonly'>
487 <td valign
='top' nowrap
><b
><?php
echo xlt('Route'); ?
>:</b
></td
>
490 generate_form_field(array('data_type'=>1,'field_id'=>'route','list_id'=>'drug_route','empty_title'=>'SKIP'), $row['route']);
495 <tr
class='ippfonly'>
496 <td valign
='top' nowrap
><b
><?php
echo xlt('CYP Factor'); ?
>:</b
></td
>
498 <input type
='text' size
='10' name
='form_cyp_factor' maxlength
='20' value
='<?php echo attr($row['cyp_factor
']) ?>' />
503 <td valign
='top' nowrap
><b
><?php
echo xlt('Relate To'); ?
>:</b
></td
>
505 <input type
='text' size
='50' name
='form_related_code'
506 value
='<?php echo attr($row['related_code
']) ?>' onclick
='sel_related()'
507 title
='<?php echo xla('Click to select related code
'); ?>'
508 style
='width:100%' readonly
/>
513 <td valign
='top' nowrap
>
514 <b
><?php
echo $GLOBALS['sell_non_drug_products'] == 2 ?
xlt('Fees') : xlt('Templates'); ?
>:</b
>
517 <table border
='0' width
='100%'>
519 <td
class='drugsonly'><b
><?php
echo xlt('Name'); ?
></b
></td
>
520 <td
class='drugsonly'><b
><?php
echo xlt('Schedule'); ?
></b
></td
>
521 <td
class='drugsonly'><b
><?php
echo xlt('Interval'); ?
></b
></td
>
522 <td
class='drugsonly'><b
><?php
echo xlt('Qty'); ?
></b
></td
>
523 <td
class='drugsonly'><b
><?php
echo xlt('Refills'); ?
></b
></td
>
525 // Show a heading for each price level. Also create an array of prices
526 // for new template lines.
527 $emptyPrices = array();
528 $pres = sqlStatement("SELECT option_id, title FROM list_options " .
529 "WHERE list_id = 'pricelevel' AND activity = 1 ORDER BY seq");
530 while ($prow = sqlFetchArray($pres)) {
531 $emptyPrices[$prow['option_id']] = '';
533 generate_display_field(array('data_type'=>'1','list_id'=>'pricelevel'), $prow['option_id']) .
537 // Show a heading for each tax rate.
538 $pres = sqlStatement("SELECT option_id, title FROM list_options " .
539 "WHERE list_id = 'taxrate' AND activity = 1 ORDER BY seq");
540 while ($prow = sqlFetchArray($pres)) {
542 generate_display_field(array('data_type'=>'1','list_id'=>'taxrate'), $prow['option_id']) .
548 $blank_lines = $GLOBALS['sell_non_drug_products'] == 2 ?
1 : 3;
550 while ($trow = sqlFetchArray($tres)) {
551 $blank_lines = $GLOBALS['sell_non_drug_products'] == 2 ?
0 : 1;
552 $selector = $trow['selector'];
553 // Get array of prices.
555 $pres = sqlStatement(
556 "SELECT lo.option_id, p.pr_price " .
557 "FROM list_options AS lo LEFT OUTER JOIN prices AS p ON " .
558 "p.pr_id = ? AND p.pr_selector = ? AND " .
559 "p.pr_level = lo.option_id " .
560 "WHERE lo.list_id = 'pricelevel' AND lo.activity = 1 ORDER BY lo.seq",
561 array($drug_id, $selector)
563 while ($prow = sqlFetchArray($pres)) {
564 $prices[$prow['option_id']] = $prow['pr_price'];
579 for ($i = 0; $i < $blank_lines; ++
$i) {
580 $selector = $GLOBALS['sell_non_drug_products'] == 2 ?
$row['name'] : '';
581 writeTemplateLine($selector, '', '', '', '', $emptyPrices, '');
591 <input type
='submit' name
='form_save' value
='<?php echo xla('Save
'); ?>' />
593 <?php
if (acl_check('admin', 'super')) { ?
>
595 <input type
='submit' name
='form_delete' value
='<?php echo xla('Delete
'); ?>' style
='color:red' />
599 <input type
='button' value
='<?php echo xla('Cancel
'); ?>' onclick
='window.close()' />
606 <script language
="JavaScript">
609 echo "alert('" . htmlentities($alertmsg) . "');\n";