patients/get_allergies.php

   1 <?php
   2  // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
   3  //
   4  // This program is free software; you can redistribute it and/or
   5  // modify it under the terms of the GNU General Public License
   6  // as published by the Free Software Foundation; either version 2
   7  // of the License, or (at your option) any later version.
   8
   9         //SANITIZE ALL ESCAPES
  10         $sanitize_all_escapes=true;
  11
  12         //STOP FAKE REGISTER GLOBALS
  13         $fake_register_globals=false;
  14
  15         //continue session
  16         session_start();
  17
  18         //landing page definition -- where to go if something goes wrong
  19         $landingpage = "index.php?site=".$_SESSION['site_id'];
  20         //
  21
  22         // kick out if patient not authenticated
  23         if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
  24                 $pid = $_SESSION['pid'];
  25         }
  26         else {
  27                 session_destroy();
  28                 header('Location: '.$landingpage.'&w');
  29                 exit;
  30         }
  31         //
  32
  33         $ignoreAuth=true;
  34         require_once('../interface/globals.php');
  35
  36         $sql = "SELECT * FROM lists WHERE pid = ? AND type = 'allergy' ORDER BY begdate";
  37
  38         $res = sqlStatement($sql, array($pid) );
  39
  40         if(sqlNumRows($res)>0)
  41         {
  42                 ?>
  43                 <table class="class1">
  44                         <tr class="header">
  45                                 <th><?php echo htmlspecialchars( xl('Title'),ENT_NOQUOTES); ?></th>
  46                                 <th><?php echo htmlspecialchars( xl('Reported Date'),ENT_NOQUOTES); ?></th>
  47                                 <th><?php echo htmlspecialchars( xl('Start Date'),ENT_NOQUOTES); ?></th>
  48                                 <th><?php echo htmlspecialchars( xl('End Date'),ENT_NOQUOTES); ?></th>
  49                                 <th><?php echo htmlspecialchars( xl('Referrer'),ENT_NOQUOTES); ?></th>
  50                         </tr>
  51                 <?php
  52                 $even=false;
  53                 while ($row = sqlFetchArray($res)) {
  54                         if ($even) {
  55                                 $class="class1_even";
  56                                 $even=false;
  57                         } else {
  58                                 $class="class1_odd";
  59                                 $even=true;
  60                         }
  61                         echo "<tr class='".$class."'>";
  62                         echo "<td>".htmlspecialchars( $row['title'],ENT_NOQUOTES)."</td>";
  63                         echo "<td>".htmlspecialchars( $row['date'],ENT_NOQUOTES)."</td>";
  64                         echo "<td>".htmlspecialchars( $row['begdate'],ENT_NOQUOTES)."</td>";
  65                         echo "<td>".htmlspecialchars( $row['enddate'],ENT_NOQUOTES)."</td>";
  66                         echo "<td>".htmlspecialchars( $row['referredby'],ENT_NOQUOTES)."</td>";
  67                         echo "</tr>";
  68                 }
  69                 echo "</table>";
  70         }
  71         else
  72         {
  73                 echo htmlspecialchars( xl("No Results"),ENT_NOQUOTES);
  74         }
  75 ?>