2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
26 // +------------------------------------------------------------------------------+
27 require_once("server_audit.php");
29 use OpenEMR\Common\Crypto\CryptoGen
;
30 use OpenEMR\Common\Logging\EventAuditLogger
;
32 class Userforms
extends UserAudit
37 public function issue_type($data)
39 if (UserService
::valid($data[0])=='existingpatient') {
41 require_once("../../library/lists.inc");
44 throw new SoapFault("Server", "credentials failed");
50 public function print_report($data)
53 if (UserService
::valid($data[0])=='existingpatient') {
57 require_once("../../library/forms.inc");
58 require_once("../../library/pnotes.inc");
59 require_once("../../library/patient.inc");
60 require_once("../../library/options.inc.php");
61 require_once("../../library/acl.inc");
62 require_once("../../library/lists.inc");
63 require_once("../../library/report.inc");
64 require_once("../../custom/code_types.inc.php");
65 foreach ($repArr as $value) {
67 if ($type=="profile") {
68 $this->getIncudes($value);
69 $out .= ob_get_clean();
72 $this->getIid($value);
76 $this->getforms($value);
79 $out .= ob_get_clean();
85 throw new SoapFault("Server", "credentials failed");
92 public function print_ccr_report($data)
94 if (UserService
::valid($data[0])=='existingpatient') {
95 $ccraction = $data[1];
97 require_once("../../ccr/createCCR.php");
99 createCCR($ccraction, $raw);
100 $html = ob_get_clean();
101 if ($ccraction=='viewccd') {
102 $html = preg_replace('/<!DOCTYPE html PUBLIC "-\/\/W3C\/\/DTD HTML 4.01\/\/EN" "http:\/\/www.w3.org\/TR\/html4\/strict.dtd">/', '', $html);
103 $pos1 = strpos($html, 'body {');
104 $pos2 = strpos($html, '.h1center');
105 $tes = substr("$html", $pos1, ($pos2-$pos1));
106 $html = str_replace($tes, '', $html);
107 $html = str_replace('h3>', 'h2>', $html);
108 $html = base64_encode($html);
110 $pos1 = strpos($html, '*{');
111 $pos2 = strpos($html, 'h1');
112 $tes = substr("$html", $pos1, ($pos2-$pos1));
113 $html = str_replace($tes, '', $html);
118 throw new SoapFault("Server", "credentials failed");
122 //Return the forms requested from Portal.
124 private function getforms($fId)
127 $GLOBALS['pid'] = $pid;
128 $inclookupres = sqlStatement("SELECT DISTINCT formdir FROM forms WHERE pid = ? AND deleted=0", array($pid));
129 while ($result = sqlFetchArray($inclookupres)) {
130 $formdir = $result['formdir'];
131 if (substr($formdir, 0, 3) == 'LBF') {
132 include_once($GLOBALS['incdir'] . "/forms/LBF/report.php");
134 include_once($GLOBALS['incdir'] . "/forms/$formdir/report.php");
139 $inclookupres = sqlStatement("SELECT encounter,form_id,formdir,id FROM forms WHERE pid = ? AND deleted=0
140 AND id =? ", array($pid,$fId));
141 while ($result = sqlFetchArray($inclookupres)) {
142 $form_encounter=$result['encounter'];
143 $form_id=$result['form_id'];
144 $formdir = $result['formdir'];
147 if (substr($formdir, 0, 3) == 'LBF') {
148 call_user_func("lbf_report", $pid, $form_encounter, $N, $form_id, $formdir);
150 call_user_func($formdir . "_report", $pid, $form_encounter, $N, $form_id);
156 <th
><?php
echo htmlspecialchars($formdir, ENT_QUOTES
);?
></th
>
166 private function getIid($val)
170 $inclookupres = sqlStatement("SELECT DISTINCT formdir FROM forms WHERE pid = ? AND deleted=?", array($pid,0));
171 while ($result = sqlFetchArray($inclookupres)) {
172 $formdir = $result['formdir'];
173 if (substr($formdir, 0, 3) == 'LBF') {
174 include_once($GLOBALS['incdir'] . "/forms/LBF/report.php");
176 include_once($GLOBALS['incdir'] . "/forms/$formdir/report.php");
184 $irow = sqlQuery("SELECT type, title, comments, diagnosis FROM lists WHERE id =? ", array($val));
185 $diagnosis = $irow['diagnosis'];
187 if ($prevIssueType != $irow['type']) {
188 $disptype = $ISSUE_TYPES[$irow['type']][0];
190 <div
class='issue_type' style
='font-weight: bold;'><?php
echo htmlspecialchars($disptype, ENT_QUOTES
);?
>:</div
>
192 $prevIssueType = $irow['type'];
195 <div
class='text issue'>
196 <span
class='issue_title'><?php
echo htmlspecialchars($irow['title'], ENT_QUOTES
);?
>:</span
>
197 <span
class='issue_comments'><?php
echo htmlspecialchars($irow['comments'], ENT_QUOTES
);?
></span
>
201 <div
class='text issue_diag'>
202 <span
class='bold'>[<?php
echo htmlspecialchars(xl('Diagnosis'), ENT_QUOTES
);?
>]</span
><br
>
204 $dcodes = explode(";", $diagnosis);
205 foreach ($dcodes as $dcode) {
207 <span
class='italic'><?php
echo htmlspecialchars($dcode, ENT_QUOTES
);?
></span
>:
209 echo htmlspecialchars(lookup_code_descriptions($dcode), ENT_QUOTES
);
219 if ($irow['type'] == 'ippf_gcac') {
223 display_layout_rows('GCA', sqlQuery("SELECT * FROM lists_ippf_gcac WHERE id = ?", array($rowid)));
228 } else if ($irow['type'] == 'contraceptive') {
232 display_layout_rows('CON', sqlQuery("SELECT * FROM lists_ippf_con WHERE id = ?", array($rowid)));
247 private function getIncudes($val)
250 if ($val == "demographics") {
253 <div
class='text demographics' id
='DEM'>
255 // printRecDataOne($patient_data_array, getRecPatientData ($pid), $N);
256 $result1 = getPatientData($pid);
257 $result2 = getEmployerData($pid);
260 <tr
><td
><h6
><?php
echo htmlspecialchars(xl('Patient Data').":", ENT_QUOTES
);?
></h6
></td
></tr
>
262 display_layout_rows('DEM', $result1, $result2);
267 } elseif ($val == "history") {
270 <div
class='text history' id
='HIS'>
272 $result1 = getHistoryData($pid);
275 <tr
><td
><h6
><?php
echo htmlspecialchars(xl('History Data').":", ENT_QUOTES
);?
></h6
></td
></tr
>
277 display_layout_rows('HIS', $result1);
282 } elseif ($val == "insurance") {
285 <div
class='text insurance'>";
286 <h6><?php echo htmlspecialchars(xl('Insurance Data').":", ENT_QUOTES);?></h6>
287 <br><span class=bold><?php echo htmlspecialchars(xl('Primary Insurance Data').":", ENT_QUOTES);?></span><br>
289 printRecDataOne($insurance_data_array, getRecInsuranceData($pid, "primary
"), $N);
291 <span class=bold><?php echo htmlspecialchars(xl('Secondary Insurance Data').":", ENT_QUOTES);?></span><br>
293 printRecDataOne($insurance_data_array, getRecInsuranceData($pid, "secondary
"), $N);
295 <span class=bold><?php echo htmlspecialchars(xl('Tertiary Insurance Data').":", ENT_QUOTES);?></span><br>
297 printRecDataOne($insurance_data_array, getRecInsuranceData($pid, "tertiary
"), $N);
301 } elseif ($val == "billing
") {
304 <div class='text billing'>
305 <h6><?php echo htmlspecialchars(xl('Billing Information').":", ENT_QUOTES);?></h6>
307 if (count($ar['newpatient']) > 0) {
311 <tr><td width='400' class='bold'><?php echo htmlspecialchars(xl('Code'), ENT_QUOTES);?></td><td class='bold'><?php echo htmlspecialchars(xl('Fee'), ENT_QUOTES);?></td></tr>
315 foreach ($ar['newpatient'] as $be) {
316 $ta = split(":", $be);
317 $billing = getPatientBillingEncounter($pid, $ta[1]);
318 $billings[] = $billing;
319 foreach ($billing as $b) {
324 echo htmlspecialchars($b['code_type'], ENT_QUOTES) . ":\t" .htmlspecialchars($b['code'], ENT_QUOTES) . " 
;". htmlspecialchars($b['modifier'], ENT_QUOTES) . " 
; 
; 
;" . htmlspecialchars($b['code_text'], ENT_QUOTES) . " 
; 
; 
; 
; 
;";
329 echo htmlspecialchars(oeFormatMoney($b['fee']), ENT_QUOTES);
335 if ($b['code_type'] == "COPAY
") {
336 $copays += $b['fee'];
341 echo "<tr
><td
> 
;</td
></tr
>";
342 echo "<tr
><td
class=bold
>".htmlspecialchars(xl('Sub-Total'), ENT_QUOTES)."</td
><td
class=text
>" . htmlspecialchars(oeFormatMoney($total + abs($copays)), ENT_QUOTES) . "</td
></tr
>";
343 echo "<tr
><td
class=bold
>".htmlspecialchars(xl('Paid'), ENT_QUOTES)."</td
><td
class=text
>" . htmlspecialchars(oeFormatMoney(abs($copays)), ENT_QUOTES) . "</td
></tr
>";
344 echo "<tr
><td
class=bold
>".htmlspecialchars(xl('Total'), ENT_QUOTES)."</td
><td
class=text
>" .htmlspecialchars(oeFormatMoney($total), ENT_QUOTES) . "</td
></tr
>";
347 //print_r($billings);
350 printPatientBilling($pid);
353 echo "</div
>\n"; // end of billing DIV
354 } elseif ($val == "immunizations
") {
357 <div class='text immunizations'>
358 <h6><?php echo htmlspecialchars(xl('Patient Immunization').":", ENT_QUOTES);?></h6>
360 $sql = "select i1
.immunization_id
as immunization_id
, if(i1
.administered_date
,concat(i1
.administered_date
,' - ') ,substring(i1
.note
,1,20) ) as immunization_data from immunizations i1 where i1
.patient_id
= ? order by administered_date desc
";
361 $result = sqlStatement($sql, array($pid));
362 while ($row=sqlFetchArray($result)) {
363 echo htmlspecialchars($row{'immunization_data'}, ENT_QUOTES);
364 echo generate_display_field(array('data_type'=>'1','list_id'=>'immunizations'), $row['immunization_id']);
372 } elseif ($val == "batchcom
") {
375 <div class='text transactions'>
376 <h6><?php htmlspecialchars(xl('Patient Communication sent').":", ENT_QUOTES);?></h6>
378 $sql="SELECT
concat( 'Messsage Type: ', batchcom
.msg_type
, ', Message Subject: ', batchcom
.msg_subject
, ', Sent on:', batchcom
.msg_date_sent
) AS batchcom_data
, batchcom
.msg_text
, concat( users
.fname
, users
.lname
) AS user_name FROM `batchcom` JOIN `users` ON users
.id
= batchcom
.sent_by WHERE batchcom
.patient_id
=?
";
379 $result = sqlStatement($sql, array($pid));
380 while ($row=sqlFetchArray($result)) {
381 echo htmlspecialchars($row{'batchcom_data'}.", ".xl('By').": ".$row{'user_name'}, ENT_QUOTES);
383 <br><?php echo htmlspecialchars(xl('Text'), ENT_QUOTES);?>:<br><?php echo htmlspecialchars($row{'msg_txt'}, ENT_QUOTES);?><br>
389 } elseif ($val == "notes
") {
392 <div class='text notes'>
393 <h6><?php echo htmlspecialchars(xl('Patient Notes').":", ENT_QUOTES);?></h6>
395 printPatientNotes($pid);
399 } elseif ($val == "transactions
") {
402 <div class='text transactions'>
403 <h6><?php echo htmlspecialchars(xl('Patient Transactions').":", ENT_QUOTES);?></h6>
405 printPatientTransactions($pid);
413 * Method to fetch CCDA
417 public function ccdaFetching($data)
422 if (UserService::valid($data[0])=='existingpatient') {
423 if ($this->checkModuleInstalled($moduleName = 'Carecoordination')) {
424 $site_id = $data[0][0];
427 $url = $server_url . "/interface/modules
/zend_modules
/public/encounterccdadispatch
/index?cron
=1&pid
=$pid&site
=$site_id";
429 curl_setopt($ch, CURLOPT_URL, $url);
430 curl_setopt($ch, CURLOPT_COOKIEFILE, "cookiefile
");
431 curl_setopt($ch, CURLOPT_COOKIEJAR, "cookiefile
");
432 curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla
/4.0 (compatible
; MSIE
6.0; Windows NT
5.1)");
433 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
434 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
435 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
436 $result = curl_exec($ch) or die(curl_error($ch));
438 } catch (Exception $e) {
442 $event = isset($data['event']) ? $data['event'] : 'patient-record';
443 $menu_item = isset($data['menu_item']) ? $data['menu_item'] : 'Dashboard';
444 EventAuditLogger::instance()->newEvent($event, 1, '', 1, '', $pid, $log_from = 'patient-portal', $menu_item);
445 } catch (Exception $e) {
450 return '<?xml version="1.0" encoding="UTF
-8"?>
452 <heading>WARNING!</heading>
453 <body>Unable to fetch CCDA Carecoordination module not installed!</body>
457 return '<?xml version="1.0" encoding="UTF
-8"?>
459 <heading>WARNING!</heading>
460 <body>Existing patient checking failed!</body>
464 return '<?xml version="1.0" encoding="UTF
-8"?>
466 <heading>WARNING!</heading>
467 <body>Un known error occured</body>
471 public function checkModuleInstalled($moduleName = 'Carecoordination')
473 $sql = "SELECT mod_id FROM modules WHERE mod_name
= ?
AND mod_active
= '1'";
474 $res = sqlStatement($sql, array($moduleName));
475 $row = sqlFetchArray($res);
480 * @param mysql_resource - $inputArray - mysql query result
481 * @param string - $rootElementName - root element name
482 * @param string - $childElementName - child element name
484 public function arrayToXml($inputArray, $rootElementName = 'root', $childElementName = 'RowItem')
486 $xmlData = "<?xml version
=\"1.0\" encoding
=\"ISO
-8859-1\" ?
>\n";
487 $xmlData .= "<" . $rootElementName . ">";
488 foreach ($inputArray as $rowItem) {
489 $xmlData .= "<" . $childElementName . ">";
490 foreach ($rowItem as $fieldName => $fieldValue) {
491 $xmlData .= "<" . $fieldName . ">";
492 $xmlData .= !empty($fieldValue) ? $fieldValue : "null";
493 $xmlData .= "</" . $fieldName . ">";
496 $xmlData .= "</" . $childElementName . ">";
499 $xmlData .= "</" . $rootElementName . ">";
509 public function getEventLog($data)
512 if (UserService::valid($data[0])=='existingpatient') {
513 $date1 = $data['start_date'];
514 $date2 = $data['end_date'];
515 $keyword = $data['keyword'];
517 $cols = "DISTINCT log
.date
, event
, user
, groupname
, patient_id
, success
, comments
,checksum
,crt_user
";
518 $sql = "SELECT
$cols, CONCAT(fname
, ' ', lname
) as patient_ful_name
, patient_portal_menu
.`menu_name`
,
519 patient_portal_menu_group
.`menu_group_name`
, ccda_doc_id FROM log
520 JOIN patient_data ON log
.patient_id
= patient_data
.pid
521 JOIN patient_access_offsite ON log
.patient_id
= patient_access_offsite
.pid
522 JOIN patient_portal_menu ON patient_portal_menu
.`patient_portal_menu_id`
= log
.menu_item_id
523 JOIN patient_portal_menu_group ON patient_portal_menu_group
.`patient_portal_menu_group_id`
= patient_portal_menu
.`patient_portal_menu_group_id`
524 WHERE log
.date
>= ?
AND log
.date
<= ?
";
526 $sql .= " AND log_from
= 'patient-portal'";
527 $sql .= " AND patient_id
= ?
";
528 $arrBinds = array($date1 . ' 00:00:00', $date2 . ' 23:59:59', $pid);
529 if (!empty($keyword)) {
530 $sql .= " AND (log
.date LIKE ?
531 OR LOWER(event
) LIKE ?
532 OR LOWER(user
) LIKE ?
533 OR LOWER(CONCAT(fname
, ' ', lname
)) LIKE ?
534 OR LOWER(groupname
) LIKE ?
535 OR LOWER(comments
) LIKE ?
536 OR LOWER(user
) LIKE ?
538 $arrBinds[] = '%' . $keyword . '%' ;
539 $arrBinds[] = '%' . strtolower($keyword) . '%';
540 $arrBinds[] = '%' . strtolower($keyword) . '%';
541 $arrBinds[] = '%' . strtolower($keyword) . '%';
542 $arrBinds[] = '%' . strtolower($keyword) . '%';
543 $arrBinds[] = '%' . strtolower($keyword) . '%';
544 $arrBinds[] = '%' . strtolower($keyword) . '%';
547 $sql .= " ORDER BY date DESC LIMIT
5000";
549 $res = sqlStatement($sql, $arrBinds);
551 for ($iter=0; $row=sqlFetchArray($res); $iter++) {
555 $responseString = $this->arrayToXml($all);
557 return $responseString;
562 * Connect to a phiMail Direct Messaging server and transmit
563 * a CCD document to the specified recipient. If the message is accepted by the
564 * server, the script will return "SUCCESS
", otherwise it will return an error msg.
565 * @param DOMDocument ccd the xml data to transmit, a CCDA document is assumed
566 * @param string recipient the Direct Address of the recipient
567 * @param string requested_by user | patient
568 * @return string result of operation
570 function transmitCCD($data = array())
573 $recipient = $data['recipient'];
574 $requested_by = $data['requested_by'];
575 $xml_type = $data['xml_type'];
577 if (UserService::valid($data[0])=='existingpatient') {
579 $_SESSION['authProvider'] = 1;
581 //get patient name in Last_First format (used for CCDA filename) and
582 //First Last for the message text.
583 $patientData = getPatientPID(array("pid
"=>$pid));
584 if (empty($patientData[0]['lname'])) {
588 //spaces are the argument delimiter for the phiMail API calls and must be removed
589 $extension = $xml_type == 'CCDA' ? 'xml' : strtolower($xml_type);
590 $att_filename = " " .
591 str_replace(" ", "_
", $xml_type . "_
" . $patientData[0]['lname']
592 . "_
" . $patientData[0]['fname']) . "." . $extension;
593 $patientName2 = $patientData[0]['fname'] . " " . $patientData[0]['lname'];
596 $config_err = xl("Direct messaging is currently unavailable
.")." EC
:";
597 if ($GLOBALS['phimail_enable']==false) {
598 return("$config_err 1");
601 $fp = phimail_connect($err);
603 return("$config_err $err");
606 $phimail_username = $GLOBALS['phimail_username'];
607 $cryptoGen = new CryptoGen();
608 $phimail_password = $cryptoGen->decryptStandard($GLOBALS['phimail_password']);
609 $ret = phimail_write_expect_OK($fp, "AUTH
$phimail_username $phimail_password\n");
611 return("$config_err 4");
614 $ret = phimail_write_expect_OK($fp, "TO
$recipient\n");
616 return( xl("Delivery is not allowed to the specified Direct Address
.") );
619 $ret=fgets($fp, 1024); //ignore extra server data
621 if ($requested_by=="patient
") {
622 $text_out = xl("Delivery of the attached clinical document was requested by the patient
") .
623 ($patientName2=="" ? "." : ", " . $patientName2 . ".");
625 $text_out = xl("A clinical document is attached
") .
626 ($patientName2=="" ? "." : " " . xl("for patient
") . " " . $patientName2 . ".");
629 $text_len=strlen($text_out);
630 phimail_write($fp, "TEXT
$text_len\n");
631 $ret=@fgets($fp, 256);
633 if ($ret!="BEGIN\n
") {
635 return("$config_err 5");
638 $ret=phimail_write_expect_OK($fp, $text_out);
640 return("$config_err 6");
643 if (in_array($xml_type, array('CCR', 'CCDA', 'CDA'))) {
644 $ccd = simplexml_load_string($ccd);
645 $ccd_out = $ccd->saveXml();
646 $ccd_len = strlen($ccd_out);
647 phimail_write($fp, "ADD
" . ($xml_type=="CCR
" ? $xml_type . ' ' : "CDA
") . $ccd_len . $att_filename . "\n
");
648 //phimail_write($fp,"ADD
" . (isset($xml_type) ? $xml_type . ' ' : "CDA
") . $ccd_len . $att_filename . "\n
");
649 } else if (strtolower($xml_type) == 'html' || strtolower($xml_type) == 'pdf') {
650 $ccd_out = base64_decode($ccd);
651 $message_length = strlen($ccd_out);
652 $add_type = (strtolower($xml_type) == 'html') ? 'TEXT' : 'RAW';
653 phimail_write($fp, "ADD
" . $add_type . " " . $message_length . "" . $att_filename . "\n
");
657 $ret=fgets($fp, 256);
659 if ($ret!="BEGIN\n
") {
661 return("$config_err 7");
664 $ret=phimail_write_expect_OK($fp, $ccd_out);
667 return("$config_err 8");
671 phimail_write($fp, "SEND\n
");
672 $ret=fgets($fp, 256);
675 if ($requested_by=="patient
") {
676 $reqBy="portal
-user
";
677 $sql = "SELECT id FROM users WHERE username
='portal-user'";
679 if (($r = sqlStatement($sql)) === false ||
680 ($u = sqlFetchArray($r)) === false) {
681 $reqID = 1; //default if we don't have a service user
686 $reqBy=$_SESSION['authUser'];
687 $reqID=$_SESSION['authUserID'];
690 if (substr($ret, 5)=="ERROR
") {
692 EventAuditLogger::instance()->newEvent("transmit
-ccd
", $reqBy, $_SESSION['authProvider'], 0, $ret, $pid);
693 return( xl("The message could not be sent at this time
."));
697 * If we get here, the message was successfully sent and the return
698 * value $ret is of the form "QUEUED recipient message
-id
" which
699 * is suitable for logging.
701 $msg_id=explode(" ", trim($ret), 4);
702 if ($msg_id[0]!="QUEUED
" || !isset($msg_id[2])) { //unexpected response
703 $ret = "UNEXPECTED RESPONSE
: " . $ret;
704 EventAuditLogger::instance()->newEvent("transmit
-ccd
", $reqBy, $_SESSION['authProvider'], 0, $ret, $pid);
705 return( xl("There was a problem sending the message
."));
708 EventAuditLogger::instance()->newEvent("transmit
-".$xml_type, $reqBy, $_SESSION['authProvider'], 1, $ret, $pid);
709 $adodb=$GLOBALS['adodb']['db'];
711 // $sql="INSERT INTO
direct_message_log (msg_type
,msg_id
,sender
,recipient
,status
,status_ts
,patient_id
,user_id
) " .
712 // "VALUES ('S', ?
, ?
, ?
, 'S', NOW(), ?
, ?
)";
713 // $res=@sqlStatement($sql,array($msg_id[2],$phimail_username,$recipient,$pid,$reqID));
716 } catch (Exception $e) {
717 return 'Error: ' . $e->getMessage();