4 * Abstract implementation of SignableIF which represents a signable row
7 * Copyright (C) 2013 OEMR 501c3 www.oemr.org
9 * LICENSE: This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 3
12 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
21 * @author Ken Chapple <ken@mi-squared.com>
22 * @author Medical Information Integration, LLC
23 * @link http://www.open-emr.org
28 require_once $GLOBALS['srcdir'] . '/ESign/SignableIF.php';
29 require_once $GLOBALS['srcdir'] . '/ESign/Signature.php';
30 require_once $GLOBALS['srcdir'] . '/ESign/Utils/Verification.php';
32 abstract class DbRow_Signable
implements SignableIF
34 private $_signatures = array();
35 protected $_tableId = null;
36 protected $_tableName = null;
37 private $_verification = null;
39 public function __construct($tableId, $tableName)
41 $this->_tableId
= $tableId;
42 $this->_tableName
= $tableName;
43 $this->_verification
= new Utils_Verification();
46 public function getSignatures()
48 $this->_signatures
= array();
50 $statement = "SELECT E.id, E.tid, E.table, E.uid, U.fname, U.lname, E.datetime, E.is_lock, E.amendment, E.hash, E.signature_hash FROM esign_signatures E ";
51 $statement .= "JOIN users U ON E.uid = U.id ";
52 $statement .= "WHERE E.tid = ? AND E.table = ? ";
53 $statement .= "ORDER BY E.datetime ASC";
54 $result = sqlStatement($statement, array( $this->_tableId
, $this->_tableName
));
56 while ($row = sqlFetchArray($result)) {
57 $signature = new Signature(
68 $row['signature_hash']
70 $this->_signatures
[] = $signature;
73 return $this->_signatures
;
77 * Get the hash of the last signature of type LOCK.
79 * This is used for comparison with a current hash to
80 * verify data integrity.
82 * @return sha1(or sha3-512)|empty string
84 protected function getLastLockHash()
86 $statement = "SELECT E.tid, E.table, E.hash FROM esign_signatures E ";
87 $statement .= "WHERE E.tid = ? AND E.table = ? AND E.is_lock = ? ";
88 $statement .= "ORDER BY E.datetime DESC LIMIT 1";
89 $row = sqlQuery($statement, array( $this->_tableId
, $this->_tableName
, SignatureIF
::ESIGN_LOCK
));
91 if ($row && isset($row['hash'])) {
98 public function getTableId()
100 return $this->_tableId
;
103 public function renderForm()
105 include 'views/esign_signature_log.php';
108 public function isLocked()
110 $statement = "SELECT E.is_lock FROM esign_signatures E ";
111 $statement .= "WHERE E.tid = ? AND E.table = ? AND is_lock = ? ";
112 $statement .= "ORDER BY E.datetime DESC LIMIT 1 ";
113 $row = sqlQuery($statement, array( $this->_tableId
, $this->_tableName
, SignatureIF
::ESIGN_LOCK
));
114 if ($row && $row['is_lock'] == SignatureIF
::ESIGN_LOCK
) {
121 public function sign($userId, $lock = false, $amendment = null)
123 $statement = "INSERT INTO `esign_signatures` ( `tid`, `table`, `uid`, `datetime`, `is_lock`, `hash`, `amendment`, `signature_hash` ) ";
124 $statement .= "VALUES ( ?, ?, ?, NOW(), ?, ?, ?, ? ) ";
127 $isLock = SignatureIF
::ESIGN_NOLOCK
;
129 $isLock = SignatureIF
::ESIGN_LOCK
;
132 // Create a hash of the signable object so we can verify it's integrity
133 $hash = $this->_verification
->hash($this->getData());
135 // Crate a hash of the signature data itself. This is the same data as Signature::getData() method
143 $signatureHash = $this->_verification
->hash($signature);
145 // Append the hash of the signature data to the insert array before we insert
146 $signature[] = $signatureHash;
147 $id = sqlInsert($statement, $signature);
150 throw new \
Exception("Error occured while attempting to insert a signature into the database.");
156 public function verify()
159 // Verify the signable data integrity
160 // Check to see if this SignableIF is locked
161 if ($this->isLocked()) {
162 $signatures = $this->getSignatures();
164 // SignableIF is locked, so if it has any signatures, make sure it hasn't been edited since lock
165 if (count($signatures)) {
166 // Verify the data of the SignableIF object
167 $lastLockHash = $this->getLastLockHash();
168 $valid = $this->_verification
->verify($this->getData(), $lastLockHash);
170 if ($valid === true) {
171 // If still vlaid, verify each signatures' integrity
172 foreach ($signatures as $signature) {
173 if ($signature instanceof SignatureIF
) {
174 $valid = $signature->verify();
175 if ($valid === false) {