search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Security improvement in setup script.
[openemr.git] / interface / reports / svc_code_financial_report.php
bloba19cabbb082e29bd0e5673200b200c0a5f433f4c
1 <?php
2 /**
3 * This is a report of Financial Summary by Service Code.
4 *
5 * This is a summary of service code charge/pay/adjust and balance,
6 * with the ability to pick "important" codes to either highlight or
7 * limit to list to. Important codes can be configured in
8 * Administration->Service section by assigning code with
9 * 'Service Reporting'.
10 *
11 * Copyright (C) 2006-2016 Rod Roark <rod@sunsetsystems.com>
12 *
13 * LICENSE: This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
23 *
24 * @package OpenEMR
25 * @author Visolve
26 * @link http://www.open-emr.org
27 */
28
29 $sanitize_all_escapes=true;
30 $fake_register_globals=false;
31
32 require_once("../globals.php");
33 require_once("$srcdir/patient.inc");
34 require_once("$srcdir/acl.inc");
35 require_once("$srcdir/formatting.inc.php");
36 require_once "$srcdir/options.inc.php";
37 require_once "$srcdir/formdata.inc.php";
38 require_once "$srcdir/appointments.inc.php";
39
40 $grand_total_units = 0;
41 $grand_total_amt_billed = 0;
42 $grand_total_amt_paid = 0;
43 $grand_total_amt_adjustment = 0;
44 $grand_total_amt_balance = 0;
45
46
47 if (! acl_check('acct', 'rep')) die(xlt("Unauthorized access."));
48
49 $form_from_date = fixDate($_POST['form_from_date'], date('Y-m-d'));
50 $form_to_date = fixDate($_POST['form_to_date'] , date('Y-m-d'));
51 $form_facility = $_POST['form_facility'];
52 $form_provider = $_POST['form_provider'];
53
54 if ($_POST['form_csvexport']) {
55 header("Pragma: public");
56 header("Expires: 0");
57 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
58 header("Content-Type: application/force-download");
59 header("Content-Disposition: attachment; filename=svc_financial_report_".attr($form_from_date)."--".attr($form_to_date).".csv");
60 header("Content-Description: File Transfer");
61 // CSV headers:
62 } // end export
63 else {
64 ?>
65 <html>
66 <head>
67 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
68 <?php html_header_show();?>
69
70 <style type="text/css">
71 /* specifically include & exclude from printing */
72 @media print {
73 #report_parameters {
74 visibility: hidden;
75 display: none;
76 }
77 #report_parameters_daterange {
78 visibility: visible;
79 display: inline;
80 }
81 #report_results {
82 margin-top: 30px;
83 }
84 }
85
86 /* specifically exclude some from the screen */
87 @media screen {
88 #report_parameters_daterange {
89 visibility: hidden;
90 display: none;
91 }
92 }
93 </style>
94
95 <script type="text/javascript" src="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script>
96 <script type="text/javascript" src="../../library/js/jquery-1.9.1.min.js"></script>
97 <script type="text/javascript" src="../../library/js/common.js?v=<?php echo $v_js_includes; ?>"></script>
98 <script type="text/javascript" src="../../library/js/jquery-ui.js"></script>
99 <script type="text/javascript" src="../../library/js/report_helper.js?v=<?php echo $v_js_includes; ?>"></script>
100
101 <title><?php echo xlt('Financial Summary by Service Code') ?></title>
102
103 <script language="JavaScript">
104
105 $(document).ready(function() {
106 oeFixedHeaderSetup(document.getElementById('mymaintable'));
107 var win = top.printLogSetup ? top : opener.top;
108 win.printLogSetup(document.getElementById('printbutton'));
109 });
110
111 </script>
112
113 </head>
114
115 <body leftmargin='0' topmargin='0' marginwidth='0' marginheight='0' class="body_top">
116 <span class='title'><?php echo xlt('Report'); ?> - <?php echo xlt('Financial Summary by Service Code'); ?></span>
117 <form method='post' action='svc_code_financial_report.php' id='theform'>
118 <div id="report_parameters">
119 <input type='hidden' name='form_refresh' id='form_refresh' value=''/>
120 <input type='hidden' name='form_csvexport' id='form_csvexport' value=''/>
121 <table>
122 <tr>
123 <td width='70%'>
124 <div style='float:left'>
125 <table class='text'>
126 <tr>
127 <td class='label'>
128 <?php echo xlt('Facility'); ?>:
129 </td>
130 <td>
131 <?php dropdown_facility($form_facility, 'form_facility', true); ?>
132 </td>
133 <td><?php echo xlt('Provider'); ?>:</td>
134 <td><?php
135 // Build a drop-down list of providers.
136 //
137 $query = "SELECT id, lname, fname FROM users WHERE ".
138 "authorized = 1 ORDER BY lname, fname"; //(CHEMED) facility filter
139 $ures = sqlStatement($query);
140 echo " <select name='form_provider'>\n";
141 echo " <option value=''>-- " . xlt('All') . " --\n";
142 while ($urow = sqlFetchArray($ures)) {
143 $provid = $urow['id'];
144 echo " <option value='" . attr($provid) ."'";
145 if ($provid == $_POST['form_provider']) echo " selected";
146 echo ">" . text($urow['lname']) . ", " . text($urow['fname']) . "\n";
147 }
148 echo " </select>\n";
149 ?>
150 </td>
151 </tr><tr>
152 <td colspan="2">
153 <?php echo xlt('From'); ?>:&nbsp;&nbsp;&nbsp;&nbsp;
154 <input type='text' name='form_from_date' id="form_from_date" size='10' value='<?php echo attr($form_from_date) ?>'
155 onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' title='yyyy-mm-dd'>
156 <img src='../pic/show_calendar.gif' align='absbottom' width='24' height='22'
157 id='img_from_date' border='0' alt='[?]' style='cursor:pointer'
158 title='<?php echo xla("Click here to choose a date"); ?>'>
159 </td>
160 <td class='label'>
161 <?php echo xlt('To'); ?>:
162 </td>
163 <td>
164 <input type='text' name='form_to_date' id="form_to_date" size='10' value='<?php echo attr($form_to_date) ?>'
165 onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' title='yyyy-mm-dd'>
166 <img src='../pic/show_calendar.gif' align='absbottom' width='24' height='22'
167 id='img_to_date' border='0' alt='[?]' style='cursor:pointer'
168 title='<?php echo xla("Click here to choose a date"); ?>'>
169 </td>
170 <td>
171 <input type='checkbox' name='form_details'<?php if ($_POST['form_details']) echo ' checked'; ?>>
172 <?php echo xlt('Important Codes'); ?>
173 </td>
174 </tr>
175 </table>
176 </div>
177 </td>
178 <td align='left' valign='middle' height="100%">
179 <table style='border-left:1px solid; width:100%; height:100%' >
180 <tr>
181 <td>
182 <div style='margin-left:15px'>
183 <a href='#' class='css_button' onclick='$("#form_refresh").attr("value","true"); $("#form_csvexport").attr("value",""); $("#theform").submit();'>
184 <span>
185 <?php echo xlt('Submit'); ?>
186 </span>
187 </a>
188
189 <?php if ($_POST['form_refresh'] || $_POST['form_csvexport']) { ?>
190 <div id="controls">
191 <a href='#' class='css_button' id='printbutton'>
192 <span>
193 <?php echo xlt('Print'); ?>
194 </span>
195 </a>
196 <a href='#' class='css_button' onclick='$("#form_refresh").attr("value",""); $("#form_csvexport").attr("value","true"); $("#theform").submit();'>
197 <span>
198 <?php echo xlt('CSV Export'); ?>
199 </span>
200 </a>
201 </div>
202 <?php } ?>
203 </div>
204 </td>
205 </tr>
206 </table>
207 </td>
208 </tr>
209 </table>
210 </div> <!-- end of parameters -->
211
212 <?php
213 }
214 // end not export
215
216 if ($_POST['form_refresh'] || $_POST['form_csvexport']) {
217 $rows = array();
218 $from_date = $form_from_date;
219 $to_date = $form_to_date;
220 $sqlBindArray = array();
221 $query = "select b.code,sum(b.units) as units,sum(b.fee) as billed,sum(ar_act.paid) as PaidAmount, " .
222 "sum(ar_act.adjust) as AdjustAmount,(sum(b.fee)-(sum(ar_act.paid)+sum(ar_act.adjust))) as Balance, " .
223 "c.financial_reporting " .
224 "FROM form_encounter as fe " .
225 "JOIN billing as b on b.pid=fe.pid and b.encounter=fe.encounter " .
226 "JOIN (select pid,encounter,code,sum(pay_amount) as paid,sum(adj_amount) as adjust from ar_activity group by pid,encounter,code) as ar_act " .
227 "ON ar_act.pid=b.pid and ar_act.encounter=b.encounter and ar_act.code=b.code " .
228 "LEFT OUTER JOIN codes AS c ON c.code = b.code " .
229 "INNER JOIN code_types AS ct ON ct.ct_key = b.code_type AND ct.ct_fee = '1' " .
230 "WHERE b.code_type != 'COPAY' AND b.activity = 1 /* AND b.fee != 0 */ AND " .
231 "fe.date >= ? AND fe.date <= ?";
232 array_push($sqlBindArray,"$from_date 00:00:00","$to_date 23:59:59");
233 // If a facility was specified.
234 if ($form_facility) {
235 $query .= " AND fe.facility_id = ?";
236 array_push($sqlBindArray,$form_facility);
237 }
238 // If a provider was specified.
239 if ($form_provider) {
240 $query .= " AND b.provider_id = ?";
241 array_push($sqlBindArray,$form_provider);
242 }
243 // If selected important codes
244 if($_POST['form_details']) {
245 $query .= " AND c.financial_reporting = '1'";
246 }
247 $query .= " GROUP BY b.code ORDER BY b.code, fe.date, fe.id ";
248 $res = sqlStatement($query,$sqlBindArray);
249 $grand_total_units = 0;
250 $grand_total_amt_billed = 0;
251 $grand_total_amt_paid = 0;
252 $grand_total_amt_adjustment = 0;
253 $grand_total_amt_balance = 0;
254
255 while ($erow = sqlFetchArray($res)) {
256 $row = array();
257 $row['pid'] = $erow['pid'];
258 $row['provider_id'] = $erow['provider_id'];
259 $row['Procedure codes'] = $erow['code'];
260 $row['Units'] = $erow['units'];
261 $row['Amt Billed'] = $erow['billed'];
262 $row['Paid Amt'] = $erow['PaidAmount'];
263 $row['Adjustment Amt'] = $erow['AdjustAmount'];
264 $row['Balance Amt'] = $erow['Balance'];
265 $row['financial_reporting'] = $erow['financial_reporting'];
266 $rows[$erow['pid'] . '|' . $erow['code'] . '|' . $erow['units']] = $row;
267 }
268 if ($_POST['form_csvexport']) {
269 // CSV headers:
270 if (true) {
271 echo '"Procedure codes",';
272 echo '"Units",';
273 echo '"Amt Billed",';
274 echo '"Paid Amt",';
275 echo '"Adjustment Amt",';
276 echo '"Balance Amt",' . "\n";
277 }
278 } else {
279 ?> <div id="report_results">
280 <table id='mymaintable'>
281 <thead>
282 <th>
283 <?php echo xlt('Procedure Codes'); ?>
284 </th>
285 <th >
286 <?php echo xlt('Units'); ?>
287 </th>
288 <th>
289 <?php echo xlt('Amt Billed'); ?>
290 </th>
291 <th>
292 <?php echo xlt('Paid Amt'); ?>
293 </th>
294 <th >
295 <?php echo xlt('Adjustment Amt'); ?>
296 </th>
297 <th >
298 <?php echo xlt('Balance Amt'); ?>
299 </th>
300 </thead>
301 <?php
302 }
303 $orow = -1;
304
305 foreach ($rows as $key => $row) {
306 $print = '';
307 $csv = '';
308
309 if($row['financial_reporting']){ $bgcolor = "#FFFFDD"; }else { $bgcolor = "#FFDDDD"; }
310 $print = "<tr bgcolor='$bgcolor'><td class='detail'>".text($row['Procedure codes'])."</td><td class='detail'>".text($row['Units'])."</td><td class='detail'>".text(oeFormatMoney($row['Amt Billed']))."</td><td class='detail'>".text(oeFormatMoney($row['Paid Amt']))."</td><td class='detail'>".text(oeFormatMoney($row['Adjustment Amt']))."</td><td class='detail'>".text(oeFormatMoney($row['Balance Amt']))."</td>";
311
312 $csv = '"' . text($row['Procedure codes']) . '","' . text($row['Units']) . '","' . text(oeFormatMoney($row['Amt Billed'])) . '","' . text(oeFormatMoney($row['Paid Amt'])) . '","' . text(oeFormatMoney($row['Adjustment Amt'])) . '","' . text(oeFormatMoney($row['Balance Amt'])) . '"' . "\n";
313
314 $bgcolor = ((++$orow & 1) ? "#ffdddd" : "#ddddff");
315 $grand_total_units += $row['Units'];
316 $grand_total_amt_billed += $row['Amt Billed'];
317 $grand_total_amt_paid += $row['Paid Amt'];
318 $grand_total_amt_adjustment += $row['Adjustment Amt'];
319 $grand_total_amt_balance += $row['Balance Amt'];
320
321 if ($_POST['form_csvexport']) { echo $csv; }
322 else { echo $print;
323 }
324 }
325 if (!$_POST['form_csvexport']) {
326 echo "<tr bgcolor='#ffffff'>\n";
327 echo " <td class='detail'>" . xlt("Grand Total") . "</td>\n";
328 echo " <td class='detail'>" . text($grand_total_units) . "</td>\n";
329 echo " <td class='detail'>" .
330 text(oeFormatMoney($grand_total_amt_billed)) . "</td>\n";
331 echo " <td class='detail'>" .
332 text(oeFormatMoney($grand_total_amt_paid)) . "</td>\n";
333 echo " <td class='detail'>" .
334 text(oeFormatMoney($grand_total_amt_adjustment)) . "</td>\n";
335 echo " <td class='detail'>" .
336 text(oeFormatMoney($grand_total_amt_balance)) . "</td>\n";
337 echo " </tr>\n";
338 ?>
339 </table> </div>
340 <?php
341 }
342 }
343
344 if (! $_POST['form_csvexport']) {
345 if ( $_POST['form_refresh'] && count($print) != 1)
346 {
347 echo "<span style='font-size:10pt;'>";
348 echo xlt('No matches found. Try search again.');
349 echo "</span>";
350 echo '<script>document.getElementById("report_results").style.display="none";</script>';
351 echo '<script>document.getElementById("controls").style.display="none";</script>';
352 }
353
354 if (!$_POST['form_refresh'] && !$_POST['form_csvexport']) { ?>
355 <div class='text'>
356 <?php echo xlt('Please input search criteria above, and click Submit to view results.' ); ?>
357 </div>
358 <?php } ?>
359 </form>
360 </body>
361
362 <!-- stuff for the popup calendar -->
363
364 <link rel='stylesheet' href='<?php echo $css_header ?>' type='text/css'>
365 <style type="text/css">@import url(../../library/dynarch_calendar.css);</style>
366 <script type="text/javascript" src="../../library/dynarch_calendar.js"></script>
367 <?php include_once("{$GLOBALS['srcdir']}/dynarch_calendar_en.inc.php"); ?>
368 <script type="text/javascript" src="../../library/dynarch_calendar_setup.js"></script>
369 <script language="Javascript">
370 Calendar.setup({inputField:"form_from_date", ifFormat:"%Y-%m-%d", button:"img_from_date"});
371 Calendar.setup({inputField:"form_to_date", ifFormat:"%Y-%m-%d", button:"img_to_date"});
372 top.restoreSession();
373 </script>
374 </html>
375 <?php
376 } // End not csv export
377 ?>
Mirror of official OpenEMR Sourceforge repository