2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
41 require_once("../../interface/globals.php");
43 if(!extension_loaded("soap")){
46 require_once("server_med_rec.php");
47 require_once("factory_class.php");
48 class UserService
extends Userforms
51 //Converts a text to xml format.Format is as follows
52 public function text_to_xml($data){
53 if($this->valid($data[0])){
55 $doc = new DOMDocument();
56 $doc->formatOutput
= true;
58 $root = $doc->createElement( "root" );
59 $doc->appendChild( $root );
61 $level = $doc->createElement( "level" );
62 $root->appendChild( $level );
64 $element = $doc->createElement( "text" );
65 $element->appendChild(
66 $doc->createTextNode( $text )
68 $level->appendChild( $element );
69 return $doc->saveXML();
72 throw new SoapFault("Server", "credentials failed");
76 //Accepts an array and returns the result in xml format.Format is as follows
79 public function function_return_to_xml($var=array()){
81 $doc = new DOMDocument();
82 $doc->formatOutput
= true;
84 $root = $doc->createElement( "root" );
85 $doc->appendChild( $root );
88 $level = $doc->createElement( "level" );
89 $root->appendChild( $level );
90 foreach($var as $key=>$value){
91 $element = $doc->createElement( "$key" );
92 $element->appendChild(
93 $doc->createTextNode( $value )
95 $level->appendChild( $element );
98 return $doc->saveXML();
102 //When a filled PDf is rejected During audit , the file is deleted
105 public function delete_file($data){
106 if($this->valid($data[0])){
107 $file_name_with_path=$data[1];
108 @unlink
($file_name_with_path);
111 throw new SoapFault("Server", "credentials failed");
116 //Accepts a file path.Fetches the file in xml format.
117 //Transfer the file to portal in XML format
118 public function file_to_xml($data){
119 if($this->valid($data[0])){
120 $file_name_with_path=$data[1];
121 $path_parts = pathinfo($file_name_with_path);
122 $handler = fopen($file_name_with_path,"rb");
123 $returnData = fread($handler,filesize($file_name_with_path));
125 $doc = new DOMDocument();
126 $doc->formatOutput
= true;
128 $root = $doc->createElement( "root" );
129 $doc->appendChild( $root );
131 $level = $doc->createElement( "level" );
132 $root->appendChild( $level );
134 $filename = $doc->createElement( "name" );
135 $filename->appendChild(
136 $doc->createTextNode( $path_parts['basename'] )
138 $level->appendChild( $filename );
140 $type = $doc->createElement( "type" );
142 $doc->createTextNode( $path_parts['extension'] )
144 $level->appendChild( $type );
145 $content = $doc->createElement( "file" );
146 $content->appendChild(
147 $doc->createTextNode( base64_encode($returnData) )
149 $level->appendChild( $content );
150 return $doc->saveXML();
153 throw new SoapFault("Server", "credentials failed");
158 //File teceived from the portal side is saved to OpenEMR
160 public function store_to_file($data){
161 if($this->valid($data[0])){
162 $file_name_with_path=$data[1];
164 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
165 if(is_dir($savedpath));
168 mkdir($savedpath,0777);
169 chmod($savedpath, 0777);
171 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
172 if(is_dir($savedpath));
175 mkdir($savedpath,0777);
176 chmod($savedpath, 0777);
178 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
179 if(is_dir($savedpath));
182 mkdir($savedpath,0777);
183 chmod($savedpath, 0777);
185 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
186 if(is_dir($savedpath));
189 mkdir($savedpath,0777);
190 chmod($savedpath, 0777);
192 $handler = fopen($file_name_with_path,"w");
193 fwrite($handler, base64_decode($data));
195 chmod($file_name_with_path,0777);
198 throw new SoapFault("Server", "credentials failed");
203 //receive a batch of function calls received from Portal, execute it and return the results to the portal
204 //The results will be stored in the key, which is received from portal.
207 static public function batch_despatch($var,$func,$data_credentials){
209 if(UserService
::valid($data_credentials)){
210 require_once("../../library/invoice_summary.inc.php");
211 require_once("../../library/options.inc.php");
212 require_once("../../library/acl.inc");
213 require_once("../../library/patient.inc");
214 if($func=='ar_responsible_party')
217 $encounter_id=$var['encounter'];
218 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
219 return UserService
::function_return_to_xml($x);
221 elseif($func=='getInsuranceData')
224 $given=$var['given'];
225 $x=getInsuranceData($pid,$type,$given);
226 return UserService
::function_return_to_xml($x);
228 elseif($func=='generate_select_list')
230 $tag_name=$var['tag_name'];
231 $list_id=$var['list_id'];
232 $currvalue=$var['currvalue'];
233 $title=$var['title'];
234 $empty_name=$var['empty_name'];
235 $class=$var['class'];
236 $onchange=$var['onchange'];
237 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
238 return UserService
::function_return_to_xml($x);
240 elseif($func=='xl_layout_label')
242 $constant=$var['constant'];
243 $x['xl_layout_label']=xl_layout_label($constant);
244 return UserService
::function_return_to_xml($x);
246 elseif($func=='generate_form_field')
249 $currvalue=$var['currvalue'];
251 generate_form_field($frow,$currvalue);
252 $x['generate_form_field']=ob_get_contents();
254 return UserService
::function_return_to_xml($x);
256 elseif($func=='getInsuranceProviders')
259 $provider=$var['provider'];
260 $insurancei=getInsuranceProviders();
264 elseif($func=='get_layout_form_value')
267 $_POST=$var['post_array'];
268 $x['get_layout_form_value']=get_layout_form_value($frow);
269 return UserService
::function_return_to_xml($x);
271 elseif($func=='updatePatientData')
273 $patient_data=$var['patient_data'];
274 $create=$var['create'];
275 updatePatientData($pid,$patient_data,$create);
277 return UserService
::function_return_to_xml($x);
279 elseif($func=='updateEmployerData')
281 $employer_data=$var['employer_data'];
282 $create=$var['create'];
283 updateEmployerData($pid,$employer_data,$create);
285 return UserService
::function_return_to_xml($x);
287 elseif($func=='newHistoryData')
289 newHistoryData($pid);
291 return UserService
::function_return_to_xml($x);
293 elseif($func=='newInsuranceData')
296 foreach($var as $key=>$value)
298 if($key>=3)//first 3 need to be skipped.
300 $var[$key]=formData($value);
304 $parameters[$key]=$var[$key];
307 $parameters[12]=fixDate($parameters[12]);
308 $parameters[27]=fixDate($parameters[27]);
309 call_user_func_array('newInsuranceData',$parameters);
311 return UserService
::function_return_to_xml($x);
316 throw new SoapFault("Server", "credentials failed");
320 //Writing patient credentials to table
321 public function insert_login_details($var)
324 $data_credentials=$var[0];
325 if(UserService
::valid($data_credentials))
327 $username=$var['username'];
328 $authPass=$var['authPass'];
329 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
330 sqlInsert($query,array($pid,$username,$authPass));
334 throw new SoapFault("Server", "credentials failed");
340 //Updating the password on a password change
342 public function update_password($var){
343 $data_credentials=$var[0];
345 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
346 $status = $var['new_pwd_status'];
347 $pwd=$var['new_pwd'];
348 $oldpwd = $var['old_pwd'];
354 $where = "portal_pwd_status=? and pid=?";
355 $set= "portal_pwd=?,portal_pwd_status=?";
364 $set= "portal_pwd=? ";
369 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
370 $res=sqlStatement($qry,array($pid,$oldpwd));
371 if(sqlNumRows($res)>0)
373 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
374 sqlStatement($qry,$setarray);
383 throw new SoapFault("Server", "credentials failed");
390 public function update_openemr_appointment($var)
392 $data_credentials=$var[0];
393 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
394 foreach($var[1] as $key=>$value)
396 $eid=explode('_',$var[1][$key]);
397 if($eid[0]=='calendar')
399 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
401 elseif($eid[0]=='audit')
403 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
408 throw new SoapFault("Server", "credentials failed");
413 //Marking the Documents as ready to be signed
415 public function update_dlm_dld($var)
417 $data_credentials=$var[0];
418 if(UserService
::valid($data_credentials)){
420 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
421 sqlStatement($qry,array($var['dld_id']));
424 throw new SoapFault("Server", "credentials failed");
429 //Setting PDF documets approve /denial status
431 public function update_dld_approve_deny($data){
432 if($this->valid($data[0])){
433 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
434 sqlStatement($qry,$data[1]);
437 throw new SoapFault("Server", "credentials failed");
441 //Marking PDF documets as signed
443 public function update_dld_signed($data){
444 if($this->valid($data[0])){
445 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
446 sqlStatement($qry,$data[1]);
449 throw new SoapFault("Server", "credentials failed");
453 //Marking PDF documets for audit.
455 public function update_dld_pending($data){
456 if($this->valid($data[0])){
457 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
458 sqlStatement($qry,$data[1]);
461 throw new SoapFault("Server", "credentials failed");
467 public function insert_dld($data){
469 if(UserService
::valid($data[0])=='existingpatient' || UserService
::valid($data[0])=='newpatient'){
470 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
471 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
474 throw new SoapFault("Server", "credentials failed");
479 //Inserting the entries for Master PDF documents uploaded
481 public function insert_dlm($data){
482 if($this->valid($data[0])=='oemruser'){
483 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
484 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
487 throw new SoapFault("Server", "credentials failed");
492 //REceive an array of Select cases from portal execute it and return
493 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
495 public function batch_select($data){
496 if($this->valid($data[0])){
498 foreach($batch as $key=>$value)
500 $batchkey=$value['batchkey'];
501 $case=$value['case'];
502 $param=$value['param'];
505 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
508 return $return_array;
511 throw new SoapFault("Server", "credentials failed");
516 //Receive a batch of function calls from portal and execute it through batch despatch Function
517 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
519 public function batch_function($data){
520 if($this->valid($data[0])){
522 foreach($batch as $key=>$value)
524 $batchkey=$value['batchkey'];
525 $function=$value['funcname'];
526 $param=$value['param'];
528 $res=call_user_func_array("UserService::$function",$param);
529 $return_array[$batchkey]=$res;
531 return $return_array;
534 throw new SoapFault("Server", "credentials failed");
538 //Execute a batch of functions received from portal. But this function is limited to
539 // the functions written in the myportal module.
541 public function multiplecall($data){
543 foreach($batch as $key=>$value)
545 $batchkey=$value['batchkey'];
546 $function=$value['funcname'];
547 $param=$value['param'];
549 array_unshift($param,$data[0]);
552 $res= UserService
::$function($param);
553 $return_array[$batchkey]=$res;
555 return $return_array;
561 public function getversion($data){
566 public function loginchecking($data){
567 if($this->valid($data[0])=='existingpatient' ||
$this->valid($data[0])=='newpatient'){
568 $res = sqlStatement("SELECT portal_pwd_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
569 return $this->resourcetoxml($res);
575 //Execute a query and return its results.
577 public function selectquery($data){
580 $utype = $this->valid($data[0]);
582 $newobj = factoryclass
::dynamic_class_factory($utype);
583 $sql_result_setarr = $newobj->query_formation($data[1]);
584 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
585 return $this->resourcetoxml($sql_result_set);
589 //Return an SQL resultset as an XML
592 public function resourcetoxml($sql_result_set){
593 $doc = new DOMDocument();
594 $doc->formatOutput
= true;
596 $root = $doc->createElement( "root" );
597 $doc->appendChild( $root );
598 while($row = sqlFetchArray($sql_result_set))
600 $level = $doc->createElement( "level" );
601 $root->appendChild( $level );
602 foreach($row as $key=>$value){
603 $element = $doc->createElement( "$key" );
604 $element->appendChild(
605 $doc->createTextNode( $value )
607 $level->appendChild( $element );
610 return $doc->saveXML();
615 public function valid($credentials){
616 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
617 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
618 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
625 $tim = strtotime(gmdate("Y-m-d H:m"));
626 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
627 if(sqlNumRows($res)){
628 if($GLOBALS['validated_offsite_portal'] !=true){
633 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
634 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
636 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
639 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
642 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+
3600)).$credentials[3])==$credentials[2]){
645 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||
$GLOBALS['validated_offsite_portal']==true){
646 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
647 if($credentials[4] == 'existingpatient'){
648 if(UserService
::validcredential($credentials)){
655 elseif($credentials[4] == 'oemruser'){
657 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
660 elseif($credentials[4] == 'newpatient'){
661 if(UserService
::validcredential($credentials)){
666 $prow = sqlQuery("SELECT MAX(pid)+1 AS pid FROM patient_data");
669 if($okE==1 ||
$okN == 2 ||
$okN == 1 ||
$okO == 1){
671 $GLOBALS['pid'] = $prow['pid'];
673 $_GET['site'] = $credentials[0];
675 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
676 if(strtolower($portal['allow_patient_portal'])!='yes')
679 $GLOBALS['validated_offsite_portal'] = true;
684 return 'existingpatient';
699 public function validcredential($credentials){
700 $tim = strtotime(gmdate("Y-m-d H:m"));
702 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
703 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
706 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
709 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+
3600)).$credentials[8])==$credentials[7]){
717 //for checking the connection
721 public function check_connection($data){
722 if($this->valid($data[0])){
730 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
731 $server->setClass('UserService');
732 $server->setPersistence(SOAP_PERSISTENCE_SESSION
);