bug fix for developer demos
[openemr.git] / myportal / soap_service / server_side.php
blobf2b94977f20844290990099e61aadf2ef0458a2f
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
37 global $ISSUE_TYPES;
38 $ignoreAuth=true;
39 ob_start();
41 require_once("../../interface/globals.php");
42 $err = '';
43 if(!extension_loaded("soap")){
44 dl("php_soap.dll");
46 require_once("server_med_rec.php");
47 require_once("factory_class.php");
48 class UserService extends Userforms
51 //Converts a text to xml format.Format is as follows
52 public function text_to_xml($data){
53 if($this->valid($data[0])){
54 $text = $data[1];
55 $doc = new DOMDocument();
56 $doc->formatOutput = true;
58 $root = $doc->createElement( "root" );
59 $doc->appendChild( $root );
61 $level = $doc->createElement( "level" );
62 $root->appendChild( $level );
64 $element = $doc->createElement( "text" );
65 $element->appendChild(
66 $doc->createTextNode( $text )
68 $level->appendChild( $element );
69 return $doc->saveXML();
71 else{
72 throw new SoapFault("Server", "credentials failed");
76 //Accepts an array and returns the result in xml format.Format is as follows
79 public function function_return_to_xml($var=array()){
81 $doc = new DOMDocument();
82 $doc->formatOutput = true;
84 $root = $doc->createElement( "root" );
85 $doc->appendChild( $root );
88 $level = $doc->createElement( "level" );
89 $root->appendChild( $level );
90 foreach($var as $key=>$value){
91 $element = $doc->createElement( "$key" );
92 $element->appendChild(
93 $doc->createTextNode( $value )
95 $level->appendChild( $element );
98 return $doc->saveXML();
102 //When a filled PDf is rejected During audit , the file is deleted
105 public function delete_file($data){
106 if($this->valid($data[0])){
107 $file_name_with_path=$data[1];
108 @unlink($file_name_with_path);
110 else{
111 throw new SoapFault("Server", "credentials failed");
116 //Accepts a file path.Fetches the file in xml format.
117 //Transfer the file to portal in XML format
118 public function file_to_xml($data){
119 if($this->valid($data[0])){
120 $file_name_with_path=$data[1];
121 $path_parts = pathinfo($file_name_with_path);
122 $handler = fopen($file_name_with_path,"rb");
123 $returnData = fread($handler,filesize($file_name_with_path));
124 fclose($handler);
125 $doc = new DOMDocument();
126 $doc->formatOutput = true;
128 $root = $doc->createElement( "root" );
129 $doc->appendChild( $root );
131 $level = $doc->createElement( "level" );
132 $root->appendChild( $level );
134 $filename = $doc->createElement( "name" );
135 $filename->appendChild(
136 $doc->createTextNode( $path_parts['basename'] )
138 $level->appendChild( $filename );
140 $type = $doc->createElement( "type" );
141 $type->appendChild(
142 $doc->createTextNode( $path_parts['extension'] )
144 $level->appendChild( $type );
145 $content = $doc->createElement( "file" );
146 $content->appendChild(
147 $doc->createTextNode( base64_encode($returnData) )
149 $level->appendChild( $content );
150 return $doc->saveXML();
152 else{
153 throw new SoapFault("Server", "credentials failed");
158 //File teceived from the portal side is saved to OpenEMR
160 public function store_to_file($data){
161 if($this->valid($data[0])){
162 $file_name_with_path=$data[1];
163 $data=$data[2];
164 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
165 if(is_dir($savedpath));
166 else
168 mkdir($savedpath,0777);
169 chmod($savedpath, 0777);
171 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
172 if(is_dir($savedpath));
173 else
175 mkdir($savedpath,0777);
176 chmod($savedpath, 0777);
178 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
179 if(is_dir($savedpath));
180 else
182 mkdir($savedpath,0777);
183 chmod($savedpath, 0777);
185 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
186 if(is_dir($savedpath));
187 else
189 mkdir($savedpath,0777);
190 chmod($savedpath, 0777);
192 $handler = fopen($file_name_with_path,"w");
193 fwrite($handler, base64_decode($data));
194 fclose($handler);
195 chmod($file_name_with_path,0777);
197 else{
198 throw new SoapFault("Server", "credentials failed");
203 //receive a batch of function calls received from Portal, execute it and return the results to the portal
204 //The results will be stored in the key, which is received from portal.
207 static public function batch_despatch($var,$func,$data_credentials){
208 global $pid;
209 if(UserService::valid($data_credentials)){
210 require_once("../../library/invoice_summary.inc.php");
211 require_once("../../library/options.inc.php");
212 require_once("../../library/acl.inc");
213 require_once("../../library/patient.inc");
214 if($func=='ar_responsible_party')
216 $patient_id=$pid;
217 $encounter_id=$var['encounter'];
218 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
219 return UserService::function_return_to_xml($x);
221 elseif($func=='getInsuranceData')
223 $type=$var['type'];
224 $given=$var['given'];
225 $x=getInsuranceData($pid,$type,$given);
226 return UserService::function_return_to_xml($x);
228 elseif($func=='generate_select_list')
230 $tag_name=$var['tag_name'];
231 $list_id=$var['list_id'];
232 $currvalue=$var['currvalue'];
233 $title=$var['title'];
234 $empty_name=$var['empty_name'];
235 $class=$var['class'];
236 $onchange=$var['onchange'];
237 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
238 return UserService::function_return_to_xml($x);
240 elseif($func=='xl_layout_label')
242 $constant=$var['constant'];
243 $x['xl_layout_label']=xl_layout_label($constant);
244 return UserService::function_return_to_xml($x);
246 elseif($func=='generate_form_field')
248 $frow=$var['frow'];
249 $currvalue=$var['currvalue'];
250 ob_start();
251 generate_form_field($frow,$currvalue);
252 $x['generate_form_field']=ob_get_contents();
253 ob_end_clean();
254 return UserService::function_return_to_xml($x);
256 elseif($func=='getInsuranceProviders')
258 $i=$var['i'];
259 $provider=$var['provider'];
260 $insurancei=getInsuranceProviders();
261 $x=$insurancei;
262 return $x;
264 elseif($func=='get_layout_form_value')
266 $frow=$var['frow'];
267 $_POST=$var['post_array'];
268 $x['get_layout_form_value']=get_layout_form_value($frow);
269 return UserService::function_return_to_xml($x);
271 elseif($func=='updatePatientData')
273 $patient_data=$var['patient_data'];
274 $create=$var['create'];
275 updatePatientData($pid,$patient_data,$create);
276 $x['ok']='ok';
277 return UserService::function_return_to_xml($x);
279 elseif($func=='updateEmployerData')
281 $employer_data=$var['employer_data'];
282 $create=$var['create'];
283 updateEmployerData($pid,$employer_data,$create);
284 $x['ok']='ok';
285 return UserService::function_return_to_xml($x);
287 elseif($func=='newHistoryData')
289 newHistoryData($pid);
290 $x['ok']='ok';
291 return UserService::function_return_to_xml($x);
293 elseif($func=='newInsuranceData')
295 $_POST=$var[0];
296 foreach($var as $key=>$value)
298 if($key>=3)//first 3 need to be skipped.
300 $var[$key]=formData($value);
302 if($key>=1)
304 $parameters[$key]=$var[$key];
307 $parameters[12]=fixDate($parameters[12]);
308 $parameters[27]=fixDate($parameters[27]);
309 call_user_func_array('newInsuranceData',$parameters);
310 $x['ok']='ok';
311 return UserService::function_return_to_xml($x);
315 else{
316 throw new SoapFault("Server", "credentials failed");
320 //Writing patient credentials to table
321 public function insert_login_details($var)
323 global $pid;
324 $data_credentials=$var[0];
325 if(UserService::valid($data_credentials))
327 $username=$var['username'];
328 $authPass=$var['authPass'];
329 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
330 sqlInsert($query,array($pid,$username,$authPass));
332 else
334 throw new SoapFault("Server", "credentials failed");
340 //Updating the password on a password change
342 public function update_password($var){
343 $data_credentials=$var[0];
344 global $pid;
345 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
346 $status = $var['new_pwd_status'];
347 $pwd=$var['new_pwd'];
348 $oldpwd = $var['old_pwd'];
349 $set = '';
350 $setarray = '';
351 $where = '';
352 if($status)
354 $where = "portal_pwd_status=? and pid=?";
355 $set= "portal_pwd=?,portal_pwd_status=?";
356 $setarray[]=$pwd;
357 $setarray[]=$status;
358 $setarray[]=0;
359 $setarray[]=$pid;
362 else
364 $set= "portal_pwd=? ";
365 $setarray[]=$pwd;
366 $where = " pid=?";
367 $setarray[]=$pid;
369 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
370 $res=sqlStatement($qry,array($pid,$oldpwd));
371 if(sqlNumRows($res)>0)
373 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
374 sqlStatement($qry,$setarray);
375 return 'ok';
377 else
379 return 'notok';
382 else{
383 throw new SoapFault("Server", "credentials failed");
387 //appointment update
390 public function update_openemr_appointment($var)
392 $data_credentials=$var[0];
393 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
394 foreach($var[1] as $key=>$value)
396 $eid=explode('_',$var[1][$key]);
397 if($eid[0]=='calendar')
399 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
401 elseif($eid[0]=='audit')
403 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
407 else{
408 throw new SoapFault("Server", "credentials failed");
413 //Marking the Documents as ready to be signed
415 public function update_dlm_dld($var)
417 $data_credentials=$var[0];
418 if(UserService::valid($data_credentials)){
420 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
421 sqlStatement($qry,array($var['dld_id']));
423 else{
424 throw new SoapFault("Server", "credentials failed");
429 //Setting PDF documets approve /denial status
431 public function update_dld_approve_deny($data){
432 if($this->valid($data[0])){
433 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
434 sqlStatement($qry,$data[1]);
436 else{
437 throw new SoapFault("Server", "credentials failed");
441 //Marking PDF documets as signed
443 public function update_dld_signed($data){
444 if($this->valid($data[0])){
445 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
446 sqlStatement($qry,$data[1]);
448 else{
449 throw new SoapFault("Server", "credentials failed");
453 //Marking PDF documets for audit.
455 public function update_dld_pending($data){
456 if($this->valid($data[0])){
457 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
458 sqlStatement($qry,$data[1]);
460 else{
461 throw new SoapFault("Server", "credentials failed");
467 public function insert_dld($data){
468 global $pid;
469 if(UserService::valid($data[0])=='existingpatient' || UserService::valid($data[0])=='newpatient'){
470 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
471 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
473 else{
474 throw new SoapFault("Server", "credentials failed");
479 //Inserting the entries for Master PDF documents uploaded
481 public function insert_dlm($data){
482 if($this->valid($data[0])=='oemruser'){
483 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
484 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
486 else{
487 throw new SoapFault("Server", "credentials failed");
492 //REceive an array of Select cases from portal execute it and return
493 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
495 public function batch_select($data){
496 if($this->valid($data[0])){
497 $batch = $data[1];
498 foreach($batch as $key=>$value)
500 $batchkey=$value['batchkey'];
501 $case=$value['case'];
502 $param=$value['param'];
503 $arrproc[] = $case;
504 $arrproc[] = $param;
505 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
506 $arrproc=null;
508 return $return_array;
510 else{
511 throw new SoapFault("Server", "credentials failed");
516 //Receive a batch of function calls from portal and execute it through batch despatch Function
517 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
519 public function batch_function($data){
520 if($this->valid($data[0])){
521 $batch = $data[1];
522 foreach($batch as $key=>$value)
524 $batchkey=$value['batchkey'];
525 $function=$value['funcname'];
526 $param=$value['param'];
527 $param[]=$data[0];
528 $res=call_user_func_array("UserService::$function",$param);
529 $return_array[$batchkey]=$res;
531 return $return_array;
533 else{
534 throw new SoapFault("Server", "credentials failed");
538 //Execute a batch of functions received from portal. But this function is limited to
539 // the functions written in the myportal module.
541 public function multiplecall($data){
542 $batch = $data[1];
543 foreach($batch as $key=>$value)
545 $batchkey=$value['batchkey'];
546 $function=$value['funcname'];
547 $param=$value['param'];
548 if(is_array($param))
549 array_unshift($param,$data[0]);
550 else
551 $param[]=$data[0];
552 $res= UserService::$function($param);
553 $return_array[$batchkey]=$res;
555 return $return_array;
561 public function getversion($data){
562 return 1;
566 public function loginchecking($data){
567 if($this->valid($data[0])=='existingpatient' || $this->valid($data[0])=='newpatient'){
568 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
569 return $this->resourcetoxml($res);
572 return false;
575 //Execute a query and return its results.
577 public function selectquery($data){
578 //global $pid;
579 $sql_result_set='';
580 $utype = $this->valid($data[0]);
581 if($utype){
582 $newobj = factoryclass::dynamic_class_factory($utype);
583 $sql_result_setarr = $newobj->query_formation($data[1]);
584 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
585 return $this->resourcetoxml($sql_result_set);
589 //Return an SQL resultset as an XML
592 public function resourcetoxml($sql_result_set){
593 $doc = new DOMDocument();
594 $doc->formatOutput = true;
596 $root = $doc->createElement( "root" );
597 $doc->appendChild( $root );
598 while($row = sqlFetchArray($sql_result_set))
600 $level = $doc->createElement( "level" );
601 $root->appendChild( $level );
602 foreach($row as $key=>$value){
603 $element = $doc->createElement( "$key" );
604 $element->appendChild(
605 $doc->createTextNode( $value )
607 $level->appendChild( $element );
610 return $doc->saveXML();
615 public function valid($credentials){
616 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
617 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
618 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
619 global $pid;
620 $ok=0;
621 $okE=0;
622 $okN=0;
623 $okO=0;
624 $okP=0;
625 $tim = strtotime(gmdate("Y-m-d H:m"));
626 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
627 if(sqlNumRows($res)){
628 if($GLOBALS['validated_offsite_portal'] !=true){
629 return false;
632 else{
633 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
634 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
636 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
637 $ok =1;
639 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
640 $ok =1;
642 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+3600)).$credentials[3])==$credentials[2]){
643 $ok =1;
645 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||$GLOBALS['validated_offsite_portal']==true){
646 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
647 if($credentials[4] == 'existingpatient'){
648 if(UserService::validcredential($credentials)){
649 $okE = 1;
651 else{
652 return false;
655 elseif($credentials[4] == 'oemruser'){
656 if($credentials[9])
657 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
658 $okO = 1;
660 elseif($credentials[4] == 'newpatient'){
661 if(UserService::validcredential($credentials)){
662 $okN = 2;
664 else{
665 $okN = 1;
666 $prow = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data");
669 if($okE==1 || $okN == 2 || $okN == 1 || $okO == 1){
670 $pid = $prow['pid'];
671 $GLOBALS['pid'] = $prow['pid'];
673 $_GET['site'] = $credentials[0];
674 if($okE==1){
675 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
676 if(strtolower($portal['allow_patient_portal'])!='yes')
677 return false;
679 $GLOBALS['validated_offsite_portal'] = true;
680 if($okO){
681 return 'oemruser';
683 elseif($okE){
684 return 'existingpatient';
686 elseif($okN){
687 return 'newpatient';
689 return false;
691 else{
692 return false;
699 public function validcredential($credentials){
700 $tim = strtotime(gmdate("Y-m-d H:m"));
701 if($credentials[6]){
702 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
703 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
704 return true;
706 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
707 return true;
709 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+3600)).$credentials[8])==$credentials[7]){
710 return true;
713 return false;
717 //for checking the connection
721 public function check_connection($data){
722 if($this->valid($data[0])){
723 return 'ok';
725 else{
726 return 'notok';
730 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
731 $server->setClass('UserService');
732 $server->setPersistence(SOAP_PERSISTENCE_SESSION);
733 $server->handle();