edihistory -- update Readme
[openemr.git] / patients / get_medications.php
blob17c4ffd71eb850929aabe189d3a233a3ccf0cf12
1 <?php
2 // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
9 //SANITIZE ALL ESCAPES
10 $sanitize_all_escapes=true;
12 //STOP FAKE REGISTER GLOBALS
13 $fake_register_globals=false;
15 //continue session
16 session_start();
19 //landing page definition -- where to go if something goes wrong
20 $landingpage = "index.php?site=".$_SESSION['site_id'];
23 // kick out if patient not authenticated
24 if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
25 $pid = $_SESSION['pid'];
27 else {
28 session_destroy();
29 header('Location: '.$landingpage.'&w');
30 exit;
34 $ignoreAuth=true;
35 include_once('../interface/globals.php');
37 $sql = "SELECT * FROM lists WHERE pid = ? AND type = 'medication' ORDER BY begdate";
39 $res = sqlStatement($sql, array($pid) );
41 if(sqlNumRows($res)>0)
44 <table class="class1">
45 <tr class="header">
46 <th><?php echo htmlspecialchars( xl('Drug'),ENT_NOQUOTES); ?></th>
47 <th><?php echo htmlspecialchars( xl('Start Date'),ENT_NOQUOTES); ?></th>
48 <th><?php echo htmlspecialchars( xl('End Date'),ENT_NOQUOTES); ?></th>
49 <th><?php echo htmlspecialchars( xl('Referrer'),ENT_NOQUOTES); ?></th>
50 </tr>
51 <?php
52 $even=false;
53 while ($row = sqlFetchArray($res)) {
54 if ($even) {
55 $class="class1_even";
56 $even=false;
57 } else {
58 $class="class1_odd";
59 $even=true;
61 echo "<tr class='".htmlspecialchars($class,ENT_QUOTES)."'>";
62 echo "<td>".htmlspecialchars($row['title'],ENT_NOQUOTES)."</td>";
63 echo "<td>".htmlspecialchars($row['begdate'],ENT_NOQUOTES)."</td>";
64 echo "<td>".htmlspecialchars($row['enddate'],ENT_NOQUOTES)."</td>";
65 echo "<td>".htmlspecialchars($row['referredby'],ENT_NOQUOTES)."</td>";
66 echo "</tr>";
68 echo "</table>";
70 else
72 echo htmlspecialchars( xl("No Results"),ENT_NOQUOTES);