2 //our api for 3rd party developers
3 require_once(dirname(__FILE__) . "/../interface/globals.php");
5 use OpenEMR\Billing\BillingUtilities;
7 $GLOBALS['form_exit_url'] = "javascript:parent.closeTab(window.name, false)";
9 function formHeader($title = "My Form")
14 <link rel=stylesheet href="<?php echo $GLOBALS['css_header']?>" type="text/css">
15 <title><?php echo text($title); ?></title>
17 <body background="<?php echo $GLOBALS['backpic']?>" topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0>
29 function formSubmit($tableName, $values, $id, $authorized = "0")
31 global $attendant_type;
33 $sqlBindingArray = [$_SESSION['pid'], $_SESSION['authProvider'], $_SESSION['authUser'], $authorized];
34 $sql = "insert into " . escape_table_name($tableName) . " set " . escape_sql_column_name($attendant_type, array($tableName)) . "=?, groupname=?, user=?, authorized=?, activity=1, date = NOW(),";
35 foreach ($values as $key => $value) {
36 if ($key == "csrf_token_form") {
39 if (strpos($key, "openemr_net_cpt") === 0) {
40 //code to auto add cpt code
42 $code_array = explode(" ", $value, 2);
44 BillingUtilities::addBilling(date("Ymd"), 'CPT4', $code_array[0], $code_array[1], $_SESSION['pid'], $authorized, $_SESSION['authUserID']);
46 } elseif (strpos($key, "diagnosis") == (strlen($key) -10) && !(strpos($key, "diagnosis")=== false )) {
47 //case where key looks like "[a-zA-Z]*diagnosis[0-9]" which is special, it is used to auto add ICD codes
48 //icd auto add ICD9-CM
50 $code_array = explode(" ", $value, 2);
51 BillingUtilities::addBilling(date("Ymd"), 'ICD9-M', $code_array[0], $code_array[1], $_SESSION['pid'], $authorized, $_SESSION['authUserID']);
54 $sql .= " " . escape_sql_column_name($key, array($tableName)) . " = ?,";
55 $sqlBindingArray[] = $value;
59 $sql = substr($sql, 0, -1);
60 return sqlInsert($sql, $sqlBindingArray);
64 function formUpdate($tableName, $values, $id, $authorized = "0")
66 $sqlBindingArray = [$_SESSION['pid'], $_SESSION['authProvider'], $_SESSION['authUser'], $authorized];
67 $sql = "update " . escape_table_name($tableName) . " set pid =?, groupname=?, user=? ,authorized=?, activity=1, date = NOW(),";
68 foreach ($values as $key => $value) {
69 if ($key == "csrf_token_form") {
72 $sql .= " " . escape_sql_column_name($key, array($tableName)) . " = ?,";
73 $sqlBindingArray[] = $value;
76 $sql = substr($sql, 0, -1);
77 $sql .= " where id=?";
78 $sqlBindingArray[] = $id;
80 return sqlInsert($sql, $sqlBindingArray);
83 function formJump($address = '')
87 echo "top.restoreSession();\n";
88 echo "location.href = " . js_escape($address) . ";\n";
90 echo "parent.closeTab(window.name, true);\n";
93 // TBD: Exit seems wrong here, but that's how it has been forever.
97 function formFetch($tableName, $id, $cols = "*", $activity = "1")
99 // Run through escape_table_name() function to support dynamic form names in addition to mitigate sql table casing issues.
100 return sqlQuery("select " . escape_sql_column_name(process_cols_escape($cols), array($tableName)) . " from `" . escape_table_name($tableName) . "` where id=? and pid = ? and activity like ? order by date DESC LIMIT 0,1", array($id,$GLOBALS['pid'],$activity)) ;
104 function formDisappear($tableName, $id)
106 // Run through escape_table_name() function to support dynamic form names in addition to mitigate sql table casing issues.
107 if (sqlStatement("update `" . escape_table_name($tableName) . "` set activity = '0' where id=? and pid=?", [$id, $pid])) {
114 function formReappear($tableName, $id)
116 // Run through escape_table_name() function to support dynamic form names in addition to mitigate sql table casing issues.
117 if (sqlStatement("update `" . escape_table_name($tableName) . "` set activity = '1' where id=? and pid=?", [$id, $pid])) {