7 * @link http://www.open-emr.org
8 * @author Rod Roark <rod@sunsetsystems.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) 2010-2013 Rod Roark <rod@sunsetsystems.com>
11 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 require_once("../globals.php");
16 require_once("$srcdir/patient.inc.php");
17 require_once "$srcdir/options.inc.php";
19 use OpenEMR\Common\Acl\AclMain
;
20 use OpenEMR\Common\Csrf\CsrfUtils
;
21 use OpenEMR\Common\Twig\TwigContainer
;
22 use OpenEMR\Core\Header
;
24 if (!AclMain
::aclCheckCore('patients', 'lab')) {
25 echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Pending Orders")]);
29 function thisLineItem($row)
31 $provname = $row['provider_lname'];
32 if (!empty($row['provider_fname'])) {
33 $provname .= ', ' . $row['provider_fname'];
34 if (!empty($row['provider_mname'])) {
35 $provname .= ' ' . $row['provider_mname'];
39 if ($_POST['form_csvexport']) {
40 echo csvEscape($row['patient_name' ]) . ',';
41 echo csvEscape($row['pubpid' ]) . ',';
42 echo csvEscape(oeFormatShortDate($row['date_ordered' ])) . ',';
43 echo csvEscape($row['organization' ]) . ',';
44 echo csvEscape($provname) . ',';
45 echo csvEscape($row['priority_name' ]) . ',';
46 echo csvEscape($row['status_name' ]) . "\n";
50 <td
class="detail"><?php
echo text($row['patient_name' ]); ?
></td
>
51 <td
class="detail"><?php
echo text($row['pubpid' ]); ?
></td
>
52 <td
class="detail"><?php
echo text(oeFormatShortDate($row['date_ordered' ])); ?
></td
>
53 <td
class="detail"><?php
echo text($row['organization' ]); ?
></td
>
54 <td
class="detail"><?php
echo text($provname); ?
></td
>
55 <td
class="detail"><?php
echo text($row['priority_name' ]); ?
></td
>
56 <td
class="detail"><?php
echo text($row['status_name' ]); ?
></td
>
59 } // End not csv export
62 $form_from_date = isset($_POST['form_from_date']) ?
DateToYYYYMMDD($_POST['form_from_date']) : date('Y-m-d');
63 $form_to_date = isset($_POST['form_to_date']) ?
DateToYYYYMMDD($_POST['form_to_date']) : date('Y-m-d');
64 $form_facility = $_POST['form_facility'] ??
null;
66 if (!empty($_POST['form_csvexport'])) {
67 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
68 CsrfUtils
::csrfNotVerified();
71 header("Pragma: public");
73 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
74 header("Content-Type: application/force-download");
75 header("Content-Disposition: attachment; filename=pending_orders.csv");
76 header("Content-Description: File Transfer");
78 echo csvEscape(xl('Patient')) . ',';
79 echo csvEscape(xl('ID')) . ',';
80 echo csvEscape(xl('Ordered')) . ',';
81 echo csvEscape(xl('From')) . ',';
82 echo csvEscape(xl('Procedure')) . ',';
83 echo csvEscape(xl('Provider')) . ',';
84 echo csvEscape(xl('Priority')) . ',';
85 echo csvEscape(xl('Status')) . "\n";
86 } else { // not export
90 <title
><?php
echo xlt('Pending Orders') ?
></title
>
92 <?php Header
::setupHeader('datetime-picker'); ?
>
97 var win
= top
.printLogSetup ? top
: opener
.top
;
98 win
.printLogSetup(document
.getElementById('printbutton'));
100 $
('.datepicker').datetimepicker({
101 <?php
$datetimepicker_timepicker = false; ?
>
102 <?php
$datetimepicker_showseconds = false; ?
>
103 <?php
$datetimepicker_formatInput = true; ?
>
104 <?php
require($GLOBALS['srcdir'] . '/js/xl/jquery-datetimepicker-2-5-4.js.php'); ?
>
105 <?php
// can add any additional javascript settings to datetimepicker here; need to prepend first setting with a comma ?>
114 <h2
><?php
echo xlt('Pending Orders')?
></h2
>
116 <form method
='post' action
='pending_orders.php' onsubmit
='return top.restoreSession()'>
117 <input type
="hidden" name
="csrf_token_form" value
="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
119 <table
class='border-0' cellpadding
='3'>
123 <?php
dropdown_facility($form_facility, 'form_facility', false); ?
>
125 <td
class='col-form-label'>
126  
;<?php
echo xlt('From')?
>:
129 <input type
='text' class='datepicker form-control' name
='form_from_date' id
="form_from_date" size
='10' value
='<?php echo attr(oeFormatShortDate($form_from_date)); ?>'>
131 <td
class='col-form-label'>
132  
;<?php
echo xlt('To{{Range}}')?
>:
135 <input type
='text' class='datepicker form-control' name
='form_to_date' id
="form_to_date" size
='10' value
='<?php echo attr(oeFormatShortDate($form_to_date)); ?>'>
140 <div
class="btn-group" role
="group">
141 <button type
='submit' class='btn btn-secondary btn-refresh' name
='form_refresh'><?php
echo xlt('Refresh'); ?
></button
>
142 <button type
='submit' class='btn btn-secondary btn-transmit' name
='form_csvexport'><?php
echo xlt('Export to CSV'); ?
></button
>
143 <button type
='button' class='btn btn-secondary btn-print' id
='printbutton'><?php
echo xlt('Print'); ?
></button
>
155 <table
class='table border-0' cellpadding
='1' cellspacing
='2' width
='98%'>
156 <thead
class='thead-light'>
158 <th
class="dehead"><?php
echo xlt('Patient'); ?
></th
>
159 <th
class="dehead"><?php
echo xlt('ID'); ?
></th
>
160 <th
class="dehead"><?php
echo xlt('Ordered'); ?
></th
>
161 <th
class="dehead"><?php
echo xlt('From'); ?
></th
>
162 <th
class="dehead"><?php
echo xlt('Provider'); ?
></th
>
163 <th
class="dehead"><?php
echo xlt('Priority'); ?
></th
>
164 <th
class="dehead"><?php
echo xlt('Status'); ?
></th
>
170 // If generating a report.
172 if (!empty($_POST['form_refresh']) ||
!empty($_POST['form_csvexport'])) {
173 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
174 CsrfUtils
::csrfNotVerified();
177 $sqlBindArray = array();
178 $query = "SELECT po.patient_id, po.date_ordered, " .
180 "CONCAT(pd.lname, ', ', pd.fname, ' ', pd.mname) AS patient_name, " .
181 "u1.lname AS provider_lname, u1.fname AS provider_fname, u1.mname AS provider_mname, " .
182 "pp.name AS organization, " .
183 "lop.title AS priority_name, " .
184 "los.title AS status_name, " .
185 "pr.procedure_report_id, pr.date_report, pr.report_status " .
186 "FROM procedure_order AS po " .
187 "JOIN form_encounter AS fe ON fe.pid = po.patient_id AND fe.encounter = po.encounter_id " .
188 "JOIN patient_data AS pd ON pd.pid = po.patient_id " .
189 "LEFT JOIN users AS u1 ON u1.id = po.provider_id " .
190 "LEFT JOIN procedure_providers AS pp ON pp.ppid = po.lab_id " .
191 "LEFT JOIN list_options AS lop ON lop.list_id = 'ord_priority' AND lop.option_id = po.order_priority AND lop.activity = 1 " .
192 "LEFT JOIN list_options AS los ON los.list_id = 'ord_status' AND los.option_id = po.order_status AND los.activity = 1 " .
193 "LEFT JOIN procedure_report AS pr ON pr.procedure_order_id = po.procedure_order_id " .
195 "po.date_ordered >= ? AND po.date_ordered <= ? AND " .
196 "( pr.report_status IS NULL OR pr.report_status = 'prelim' )";
197 array_push($sqlBindArray, $form_from_date, $form_to_date);
199 // TBD: What if preliminary and final reports for the same order?
201 if ($form_facility) {
202 $query .= " AND fe.facility_id = ?";
203 array_push($sqlBindArray, $form_facility);
206 $query .= " ORDER BY pd.lname, pd.fname, pd.mname, po.patient_id, " .
207 "po.date_ordered, po.procedure_order_id";
209 $res = sqlStatement($query, $sqlBindArray);
210 while ($row = sqlFetchArray($res)) {
213 } // end report generation
215 if (empty($_POST['form_csvexport'])) {
225 } // End not csv export
