search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update shared.make_timestamp.php
[openemr.git] / myportal / soap_service / server_side.php
blobadd625a6ca66be0cb6fd6d6223ea0c5ab824c11a
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10 //
11 //
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
16 //
17 //
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
26 //
27 // +------------------------------------------------------------------------------+
28
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
31 //
32
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
35 //
36
37 global $ISSUE_TYPES;
38 $ignoreAuth=true;
39 ob_start();
40
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__)."/../../library/options.inc.php");
44 $err = '';
45 if(!extension_loaded("soap")){
46 dl("php_soap.dll");
47 }
48 require_once("server_med_rec.php");
49 require_once("factory_class.php");
50 class UserService extends Userforms
51 {
52
53 /**
54 * To display the patient uploaded files/pdf patient wise
55 */
56 public function patientuploadedfiles($data){
57 if($this->valid($data[0])){
58 ob_start();
59 $query = "
60 SELECT
61 am.id,
62 am.pid,
63 ad.field_value AS doc_name,
64 pd.fname,
65 pd.lname,
66 pd.mname,
67 ad2.field_value AS file_name,
68 ad3.field_value AS pat_comments
69 FROM
70 audit_details AS ad
71 JOIN audit_master AS am
72 ON am.id = ad.audit_master_id
73 LEFT JOIN patient_data AS pd
74 ON am.pid = pd.pid
75 JOIN audit_details AS ad2
76 ON am.id = ad2.audit_master_id
77 AND ad2.field_name = 'dlm_filename'
78 JOIN audit_details AS ad3
79 ON am.id = ad3.audit_master_id
80 AND ad3.field_name = 'dld_patient_comments'
81 WHERE ad.field_name = 'dlm_document_name'
82 AND approval_status = '1'
83 AND am.type = '4'
84 ORDER BY am.pid ASC
85 ";
86 if(!empty($data[1])){
87 $query .= " AND am.id = ?";
88 $res = sqlStatement($query,array($data[1]));
89 }else{
90 $res = sqlStatement($query);
91 }
92 if ($res) {
93 for($iter=0; $row=sqlFetchArray($res); $iter++) {
94 $all[$iter] = $row;
95 }
96 }
97 $v = ob_get_clean();
98 return $all;
99 }
100 }
101
102 public function createandstoretodirectory($data){
103 global $pid;
104 if($this->valid($data[0])){
105 $file_name=$data[1];
106 $data=$data[2];
107 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
108 if(is_dir($savedpath));
109 else
110 {
111 mkdir($savedpath,0777,true);
112 chmod($savedpath, 0777);
113 }
114 $handler = fopen($savedpath."/".$file_name,"w");
115 fwrite($handler, base64_decode($data));
116 fclose($handler);
117 chmod($savedpath."/".$file_name,0777);
118 }
119 else{
120 throw new SoapFault("Server", "credentials failed");
121 }
122 }
123
124 /**
125 * To move category,rename filename,input note and to move to new patient#
126 */
127 public function documents_update($data){
128 if($this->valid($data[0])){
129 $_POST['process'] = true;
130 $_POST['new_category_id'] = $data[1];
131 $_POST['new_patient_id'] = $data[4];
132 $file_path = '';
133 if($data[9] == 2)
134 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
135 elseif($data[9] == 1)
136 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
137 elseif($data[9] == 4)
138 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
139 $mime_types = array(
140 "pdf"=>"application/pdf"
141 ,"exe"=>"application/octet-stream"
142 ,"zip"=>"application/zip"
143 ,"docx"=>"application/msword"
144 ,"doc"=>"application/msword"
145 ,"xls"=>"application/vnd.ms-excel"
146 ,"ppt"=>"application/vnd.ms-powerpoint"
147 ,"gif"=>"image/gif"
148 ,"png"=>"image/png"
149 ,"jpeg"=>"image/jpg"
150 ,"jpg"=>"image/jpg"
151 ,"mp3"=>"audio/mpeg"
152 ,"wav"=>"audio/x-wav"
153 ,"mpeg"=>"video/mpeg"
154 ,"mpg"=>"video/mpeg"
155 ,"mpe"=>"video/mpeg"
156 ,"mov"=>"video/quicktime"
157 ,"avi"=>"video/x-msvideo"
158 ,"3gp"=>"video/3gpp"
159 ,"css"=>"text/css"
160 ,"jsc"=>"application/javascript"
161 ,"js"=>"application/javascript"
162 ,"php"=>"text/html"
163 ,"htm"=>"text/html"
164 ,"html"=>"text/html"
165 );
166
167 $extension = strtolower(end(explode('.',$file_path)));
168 $mime_types = $mime_types[$extension];
169 $_FILES['file']['name'][0] = $data[6];
170 $_FILES['file']['type'][0] = $mime_types;
171 $_FILES['file']['tmp_name'][0] = $file_path;
172 $_FILES['file']['error'][0] = 0;
173 $_FILES['file']['size'][0] = filesize($file_path);
174 $_POST['category_id'] = $_POST['new_category_id'];
175 $_POST['patient_id'] = $_POST['new_patient_id'];
176 $_GET['patient_id'] = $_POST['patient_id'];
177 $_POST['destination'] = $data[3];
178
179 $cdoc = new C_Document();
180 $cdoc->upload_action_process();
181 if($GLOBALS['document_storage_method']==0){
182 if($data[3])
183 copy($file_path,$cdoc->file_path.$data[3]);
184 else
185 copy($file_path,$cdoc->file_path.$data[6]);
186 }
187 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
188 unset($_POST);
189 $_POST['encrypted'] = '';
190 $_POST['passphrase'] = '';
191 $_POST['process'] = true;
192 $_POST['foreign_id'] = $foreign_id['id'];
193 $_POST['note'] = $data[7];
194 $cdoc->note_action_process($_GET['patient_id']);
195 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
196 sqlQuery($sql_patient_no,array($data[2],$data[8]));
197 unset($_POST);
198 }
199 }
200
201 /**
202 * To display the files/pdfforms patient wise
203 */
204 public function userslistportal($data){
205 if($this->valid($data[0])){
206 ob_start();
207 $query = "SELECT
208 dlm.dlm_upload_type,
209 dld.dld_id,
210 dld.dld_pid,
211 dlm.dlm_document_name,
212 dlm.dlm_document_id,
213 dlm.dlm_filename,
214 dld.dld_filename,
215 dld.dld_signed,
216 dlm.dlm_filename,
217 dld.dld_master_docid,
218 dld.dld_signed,
219 dld.dld_patient_comments,
220 dld.dld_moved,
221 pd.fname,
222 pd.lname,
223 pd.mname
224 FROM
225 documents_legal_master AS dlm
226 LEFT OUTER JOIN documents_legal_detail AS dld
227 ON dlm.dlm_document_id = dld_master_docid
228 JOIN patient_data AS pd
229 ON dld.dld_pid = pd.pid
230 WHERE dlm.dlm_effective_date <= NOW()
231 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
232 AND dld.dld_id IS NOT NULL
233 AND dld.dld_signed IN (1,2,4)
234 AND dld.dld_moved = 0
235 AND dlm_subcategory NOT IN
236 (
237 SELECT
238 dlc_id
239 FROM
240 documents_legal_categories
241 WHERE
242 dlc_category_name = 'Layout Signed'
243 AND dlc_category_type = 2
244 )
245 ORDER BY dld.dld_pid ASC ";
246
247 $res = sqlStatement($query);
248 if ($res) {
249 for($iter=0; $row=sqlFetchArray($res); $iter++) {
250 $all[$iter] = $row;
251 }
252 }
253 $v = ob_get_clean();
254 return $all;
255 }
256 }
257
258 /**
259 * To display the category list in Move To Category option
260 */
261 public function category_list($data){
262 if($this->valid($data[0])){
263 ob_start();
264 $query = "SELECT * FROM categories";
265 $res = sqlStatement($query);
266 if ($res) {
267 for($iter=0; $row=sqlFetchArray($res); $iter++) {
268 $all[$iter] = $row;
269 }
270 }
271 $v = ob_get_clean();
272 return $all;
273 }
274 }
275
276 //Converts a text to xml format.Format is as follows
277 public function text_to_xml($data){
278 if($this->valid($data[0])){
279 $text = $data[1];
280 $doc = new DOMDocument();
281 $doc->formatOutput = true;
282
283 $root = $doc->createElement( "root" );
284 $doc->appendChild( $root );
285
286 $level = $doc->createElement( "level" );
287 $root->appendChild( $level );
288
289 $element = $doc->createElement( "text" );
290 $element->appendChild(
291 $doc->createTextNode( $text )
292 );
293 $level->appendChild( $element );
294 return $doc->saveXML();
295 }
296 else{
297 throw new SoapFault("Server", "credentials failed");
298 }
299 }
300
301 //Accepts an array and returns the result in xml format.Format is as follows
302
303
304 public function function_return_to_xml($var=array()){
305
306 $doc = new DOMDocument();
307 $doc->formatOutput = true;
308
309 $root = $doc->createElement( "root" );
310 $doc->appendChild( $root );
311
312
313 $level = $doc->createElement( "level" );
314 $root->appendChild( $level );
315 foreach($var as $key=>$value){
316 $element = $doc->createElement( "$key" );
317 $element->appendChild(
318 $doc->createTextNode( $value )
319 );
320 $level->appendChild( $element );
321 }
322
323 return $doc->saveXML();
324
325 }
326
327 //When a filled PDf is rejected During audit , the file is deleted
328
329
330 public function delete_file($data){
331 if($this->valid($data[0])){
332 $file_name_with_path=$data[1];
333 @unlink($file_name_with_path);
334 }
335 else{
336 throw new SoapFault("Server", "credentials failed");
337 }
338 }
339
340
341 //Accepts a file path.Fetches the file in xml format.
342 //Transfer the file to portal in XML format
343 public function file_to_xml($data){
344 if($this->valid($data[0])){
345 $file_name_with_path=$data[1];
346 $path_parts = pathinfo($file_name_with_path);
347 $handler = fopen($file_name_with_path,"rb");
348 $returnData = fread($handler,filesize($file_name_with_path));
349 fclose($handler);
350 $doc = new DOMDocument();
351 $doc->formatOutput = true;
352
353 $root = $doc->createElement( "root" );
354 $doc->appendChild( $root );
355
356 $level = $doc->createElement( "level" );
357 $root->appendChild( $level );
358
359 $filename = $doc->createElement( "name" );
360 $filename->appendChild(
361 $doc->createTextNode( $path_parts['basename'] )
362 );
363 $level->appendChild( $filename );
364
365 $type = $doc->createElement( "type" );
366 $type->appendChild(
367 $doc->createTextNode( $path_parts['extension'] )
368 );
369 $level->appendChild( $type );
370 $content = $doc->createElement( "file" );
371 $content->appendChild(
372 $doc->createTextNode( base64_encode($returnData) )
373 );
374 $level->appendChild( $content );
375 return $doc->saveXML();
376 }
377 else{
378 throw new SoapFault("Server", "credentials failed");
379 }
380 }
381
382
383 //File teceived from the portal side is saved to OpenEMR
384
385 public function store_to_file($data){
386 if($this->valid($data[0])){
387 $file_name_with_path=$data[1];
388 $data=$data[2];
389 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
390 if(is_dir($savedpath));
391 else
392 {
393 mkdir($savedpath,0777);
394 chmod($savedpath, 0777);
395 }
396 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
397 if(is_dir($savedpath));
398 else
399 {
400 mkdir($savedpath,0777);
401 chmod($savedpath, 0777);
402 }
403 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
404 if(is_dir($savedpath));
405 else
406 {
407 mkdir($savedpath,0777);
408 chmod($savedpath, 0777);
409 }
410 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
411 if(is_dir($savedpath));
412 else
413 {
414 mkdir($savedpath,0777);
415 chmod($savedpath, 0777);
416 }
417 $handler = fopen($file_name_with_path,"w");
418 fwrite($handler, base64_decode($data));
419 fclose($handler);
420 chmod($file_name_with_path,0777);
421 }
422 else{
423 throw new SoapFault("Server", "credentials failed");
424 }
425 }
426
427
428 //receive a batch of function calls received from Portal, execute it and return the results to the portal
429 //The results will be stored in the key, which is received from portal.
430
431
432 static public function batch_despatch($var,$func,$data_credentials){
433 global $pid;
434 if(UserService::valid($data_credentials)){
435 require_once("../../library/invoice_summary.inc.php");
436 require_once("../../library/options.inc.php");
437 require_once("../../library/acl.inc");
438 require_once("../../library/patient.inc");
439 if($func=='ar_responsible_party')
440 {
441 $patient_id=$pid;
442 $encounter_id=$var['encounter'];
443 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
444 return UserService::function_return_to_xml($x);
445 }
446 elseif($func=='getInsuranceData')
447 {
448 $type=$var['type'];
449 $given=$var['given'];
450 $x=getInsuranceData($pid,$type,$given);
451 return UserService::function_return_to_xml($x);
452 }
453 elseif($func=='generate_select_list')
454 {
455 $tag_name=$var['tag_name'];
456 $list_id=$var['list_id'];
457 $currvalue=$var['currvalue'];
458 $title=$var['title'];
459 $empty_name=$var['empty_name'];
460 $class=$var['class'];
461 $onchange=$var['onchange'];
462 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
463 return UserService::function_return_to_xml($x);
464 }
465 elseif($func=='xl_layout_label')
466 {
467 $constant=$var['constant'];
468 $x['xl_layout_label']=xl_layout_label($constant);
469 return UserService::function_return_to_xml($x);
470 }
471 elseif($func=='generate_form_field')
472 {
473 $frow=$var['frow'];
474 $currvalue=$var['currvalue'];
475 ob_start();
476 generate_form_field($frow,$currvalue);
477 $x['generate_form_field']=ob_get_contents();
478 ob_end_clean();
479 return UserService::function_return_to_xml($x);
480 }
481 elseif($func=='getInsuranceProviders')
482 {
483 $i=$var['i'];
484 $provider=$var['provider'];
485 $insurancei=getInsuranceProviders();
486 $x=$insurancei;
487 return $x;
488 }
489 elseif($func=='get_layout_form_value')
490 {
491 $frow=$var['frow'];
492 $_POST=$var['post_array'];
493 $x['get_layout_form_value']=get_layout_form_value($frow);
494 return UserService::function_return_to_xml($x);
495 }
496 elseif($func=='updatePatientData')
497 {
498 $patient_data=$var['patient_data'];
499 $create=$var['create'];
500 updatePatientData($pid,$patient_data,$create);
501 $x['ok']='ok';
502 return UserService::function_return_to_xml($x);
503 }
504 elseif($func=='updateEmployerData')
505 {
506 $employer_data=$var['employer_data'];
507 $create=$var['create'];
508 updateEmployerData($pid,$employer_data,$create);
509 $x['ok']='ok';
510 return UserService::function_return_to_xml($x);
511 }
512 elseif($func=='newHistoryData')
513 {
514 newHistoryData($pid);
515 $x['ok']='ok';
516 return UserService::function_return_to_xml($x);
517 }
518 elseif($func=='newInsuranceData')
519 {
520 $_POST=$var[0];
521 foreach($var as $key=>$value)
522 {
523 if($key>=3)//first 3 need to be skipped.
524 {
525 $var[$key]=formData($value);
526 }
527 if($key>=1)
528 {
529 $parameters[$key]=$var[$key];
530 }
531 }
532 $parameters[12]=fixDate($parameters[12]);
533 $parameters[27]=fixDate($parameters[27]);
534 call_user_func_array('newInsuranceData',$parameters);
535 $x['ok']='ok';
536 return UserService::function_return_to_xml($x);
537 }
538 elseif($func=='generate_layout_validation')
539 {
540 $form_id=$var['form_id'];
541 ob_start();
542 generate_layout_validation($form_id);
543 $x = ob_get_clean();
544 return $x;
545 }
546 }
547 else{
548 throw new SoapFault("Server", "credentials failed");
549 }
550 }
551
552 //Writing patient credentials to table
553 public function insert_login_details($var)
554 {
555 global $pid;
556 $data_credentials=$var[0];
557 if(UserService::valid($data_credentials))
558 {
559 $username=$var['username'];
560 $authPass=$var['authPass'];
561 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
562 sqlInsert($query,array($pid,$username,$authPass));
563 }
564 else
565 {
566 throw new SoapFault("Server", "credentials failed");
567 }
568 }
569
570
571
572 //Updating the password on a password change
573
574 public function update_password($var){
575 $data_credentials=$var[0];
576 global $pid,$auditmasterid;
577 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
578 $status = $var['new_pwd_status'];
579 $pwd=$var['new_pwd'];
580 $oldpwd = $var['old_pwd'];
581 $set = '';
582 $setarray = '';
583 $where = '';
584 if($status)
585 {
586 $where = "portal_pwd_status=? and pid=?";
587 $set= "portal_pwd=?,portal_pwd_status=?";
588 $setarray[]=$pwd;
589 $setarray[]=$status;
590 $setarray[]=0;
591 $setarray[]=$pid;
592 }
593
594 else
595 {
596 $set= "portal_pwd=? ";
597 $setarray[]=$pwd;
598 $where = " pid=?";
599 $setarray[]=$pid;
600 }
601 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
602 $res=sqlStatement($qry,array($pid,$oldpwd));
603 if(sqlNumRows($res)>0)
604 {
605 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
606 sqlStatement($qry,$setarray);
607 return 'ok';
608 }
609 else
610 {
611 return 'notok';
612 }
613 }elseif(UserService::valid($data_credentials) == 'newpatienttoapprove'){
614 $pwd=$var['new_pwd'];
615 $oldpwd = $var['old_pwd'];
616 $qry = "SELECT * from audit_details WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd' AND field_value = ?";
617 $res=sqlStatement($qry,array($auditmasterid,$oldpwd));
618 if(sqlNumRows($res)>0){
619 $qry = "UPDATE audit_details SET field_value = ? WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd'";
620 sqlStatement($qry,array($pwd,$auditmasterid));
621 return 'ok';
622 }
623 else
624 {
625 return 'notok';
626 }
627 }else{
628 throw new SoapFault("Server", "credentials failed");
629 }
630 }
631
632 //appointment update
633
634
635 public function update_openemr_appointment($var)
636 {
637 $data_credentials=$var[0];
638 if(UserService::valid($data_credentials)=='existingpatient' || UserService::valid($data_credentials)=='newpatient'){
639 foreach($var[1] as $key=>$value)
640 {
641 $eid=explode('_',$var[1][$key]);
642 if($eid[0]=='calendar')
643 {
644 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
645 }
646 elseif($eid[0]=='audit')
647 {
648 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
649 }
650 }
651 }
652 else{
653 throw new SoapFault("Server", "credentials failed");
654 }
655 }
656
657
658 //Marking the Documents as ready to be signed
659
660 public function update_dlm_dld($var)
661 {
662 $data_credentials=$var[0];
663 if(UserService::valid($data_credentials)){
664
665 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
666 sqlStatement($qry,array($var['dld_id']));
667 }
668 else{
669 throw new SoapFault("Server", "credentials failed");
670 }
671 }
672
673
674 //Setting PDF documets approve /denial status
675
676 public function update_dld_approve_deny($data){
677 if($this->valid($data[0])){
678 if(substr($data[1][2],0,3) == 'am-'){
679 $audid = substr($data[1][2],3);
680 $status = sqlQuery("SELECT
681 am2.approval_status,
682 ad.field_value AS uname,
683 CONCAT(ad4.field_value,' ',ad5.field_value,' ',ad6.field_value) AS name
684 FROM
685 audit_master am
686 JOIN audit_details ad
687 ON ad.audit_master_id = am.id
688 AND ad.table_name = 'patient_access_offsite'
689 AND ad.field_name = 'portal_username'
690 JOIN audit_details ad2
691 ON ad2.table_name = 'patient_access_offsite'
692 AND ad2.field_name = 'portal_username'
693 AND ad2.field_value = ad.field_value
694 JOIN audit_details ad3
695 ON ad3.table_name = 'patient_access_offsite'
696 AND ad3.field_name = 'portal_pwd'
697 AND ad3.audit_master_id = ad2.audit_master_id
698 JOIN audit_details ad4
699 ON ad4.table_name = 'patient_data'
700 AND ad4.field_name = 'fname'
701 AND ad4.audit_master_id = ad2.audit_master_id
702 JOIN audit_details ad5
703 ON ad5.table_name = 'patient_data'
704 AND ad5.field_name = 'mname'
705 AND ad5.audit_master_id = ad2.audit_master_id
706 JOIN audit_details ad6
707 ON ad6.table_name = 'patient_data'
708 AND ad6.field_name = 'lname'
709 AND ad6.audit_master_id = ad2.audit_master_id
710 JOIN audit_master am2
711 ON am2.id = ad3.audit_master_id
712 AND am2.type = 1
713 WHERE am.id = ?",array($audid));
714 if($status['approval_status'] == '2'){
715 $result = UserService::update_audited_data(array($data[0],'audit_master_id' => $audid));
716 UserService::update_audit_master(array($data[0],'audit_master_id' => $audid,'approval_status' => '2'));
717 $pid = sqlQuery("SELECT pid FROM patient_access_offsite WHERE portal_username=?",array($status['uname']));
718 $qry = "UPDATE documents_legal_detail SET dld_pid=?,dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
719 sqlStatement($qry,array($pid['pid'],$data[1][0],$data[1][1],$result['dld_id']));
720 }else{
721 return "Please approve the patient ".$status['name'].", for approving the selected document";
722 }
723 }else{
724 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
725 sqlStatement($qry,$data[1]);
726 }
727 }
728 else{
729 throw new SoapFault("Server", "credentials failed");
730 }
731 }
732
733 //Marking PDF documets as signed
734
735 public function update_dld_signed($data){
736 if($this->valid($data[0])){
737 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
738 sqlStatement($qry,$data[1]);
739 }
740 else{
741 throw new SoapFault("Server", "credentials failed");
742 }
743 }
744
745 //Marking PDF documets for audit.
746
747 public function update_dld_pending($data){
748 if($this->valid($data[0])){
749 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
750 sqlStatement($qry,$data[1]);
751 }
752 else{
753 throw new SoapFault("Server", "credentials failed");
754 }
755 }
756
757
758
759 public function insert_dld($data){
760 global $pid,$auditmasterid;
761 if(UserService::valid($data[0])=='existingpatient' || UserService::valid($data[0])=='newpatient'){
762 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
763 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
764 }
765 elseif(UserService::valid($data[0])=='newpatienttoapprove'){
766 $param=array($data[0],'audit_master_id_to_delete'=>"",'pid'=>"$pid",'approval_status'=>'1',
767 'type'=>'3','ip_address'=>'',
768 'table_name_array'=>array('documents_legal_detail','patient_access_offsite'),
769 'field_name_value_array'=>array(array('dld_pid'=>"$pid",'dld_signed'=>$data[2],'dld_filepath'=>$data[3],'dld_master_docid'=>$data[4],'dld_filename'=>$data[5],'dld_encounter'=>$data[6],'dld_file_for_pdf_generation'=>$data[7]),
770 array('pid'=>"$pid",'portal_username'=>$data[0][6])),
771 'entry_identification_array'=>array(1,1),
772 );
773 UserService::insert_to_be_audit_data($param);
774 }
775 else{
776 throw new SoapFault("Server", "credentials failed");
777 }
778 }
779
780
781 //Inserting the entries for Master PDF documents uploaded
782
783 public function insert_dlm($data){
784 if($this->valid($data[0])=='oemruser'){
785 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
786 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
787 }
788 else{
789 throw new SoapFault("Server", "credentials failed");
790 }
791 }
792
793
794 //REceive an array of Select cases from portal execute it and return
795 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
796
797 public function batch_select($data){
798 if($this->valid($data[0])){
799 $batch = $data[1];
800 foreach($batch as $key=>$value)
801 {
802 $batchkey=$value['batchkey'];
803 $case=$value['case'];
804 $param=$value['param'];
805 $arrproc[] = $case;
806 $arrproc[] = $param;
807 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
808 $arrproc=null;
809 }
810 return $return_array;
811 }
812 else{
813 throw new SoapFault("Server", "credentials failed");
814 }
815 }
816
817
818 //Receive a batch of function calls from portal and execute it through batch despatch Function
819 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
820
821 public function batch_function($data){
822 if($this->valid($data[0])){
823 $batch = $data[1];
824 foreach($batch as $key=>$value)
825 {
826 $batchkey=$value['batchkey'];
827 $function=$value['funcname'];
828 $param=$value['param'];
829 $param[]=$data[0];
830 $res=call_user_func_array("UserService::$function",$param);
831 $return_array[$batchkey]=$res;
832 }
833 return $return_array;
834 }
835 else{
836 throw new SoapFault("Server", "credentials failed");
837 }
838 }
839
840 //Execute a batch of functions received from portal. But this function is limited to
841 // the functions written in the myportal module.
842
843 public function multiplecall($data){
844 $batch = $data[1];
845 foreach($batch as $key=>$value)
846 {
847 $batchkey=$value['batchkey'];
848 $function=$value['funcname'];
849 $param=$value['param'];
850 if(is_array($param))
851 array_unshift($param,$data[0]);
852 else
853 $param[]=$data[0];
854 $res= UserService::$function($param);
855 $return_array[$batchkey]=$res;
856 }
857 return $return_array;
858 }
859
860
861
862
863 public function getversion($data){
864 return '1.4';
865 }
866
867
868 public function loginchecking($data){
869 if($this->valid($data[0])=='existingpatient' || $this->valid($data[0])=='newpatient'){
870 $res = sqlStatement("SELECT portal_pwd_status, 'yes' AS patient_status FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
871 return $this->resourcetoxml($res);
872 }elseif($this->valid($data[0])=='newpatienttoapprove'){
873 $res = sqlStatement("
874 SELECT
875 COUNT(*) AS portal_pwd_status,
876 'no' AS patient_status
877 FROM
878 audit_master am
879 JOIN audit_details ad
880 ON ad.audit_master_id = am.id
881 AND ad.table_name = 'patient_access_offsite'
882 AND ad.field_name = 'portal_username'
883 JOIN audit_details ad2
884 ON ad2.audit_master_id = am.id
885 AND ad2.table_name = 'patient_access_offsite'
886 AND ad2.field_name = 'portal_pwd'
887 WHERE am.approval_status = 1
888 AND ad.field_value = ?
889 AND ad2.field_value = ?;
890 ",$data[1]);
891 return $this->resourcetoxml($res);
892 }
893 return false;
894 }
895
896 //Execute a query and return its results.
897
898 public function selectquery($data){
899 //global $pid;
900 $sql_result_set='';
901 $utype = $this->valid($data[0]);
902 if($utype){
903 $newobj = factoryclass::dynamic_class_factory($utype);
904 $sql_result_setarr = $newobj->query_formation($data[1]);
905 if(!empty($sql_result_setarr[1]) && $sql_result_setarr[1] == 'result'){
906 return $this->resourcetoxml2($sql_result_setarr[0]);
907 }
908 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
909 return $this->resourcetoxml($sql_result_set);
910 }
911 }
912
913 //Return an SQL resultset as an XML
914
915
916 public function resourcetoxml($sql_result_set){
917 $doc = new DOMDocument();
918 $doc->formatOutput = true;
919
920 $root = $doc->createElement( "root" );
921 $doc->appendChild( $root );
922 while($row = sqlFetchArray($sql_result_set))
923 {
924 $level = $doc->createElement( "level" );
925 $root->appendChild( $level );
926 foreach($row as $key=>$value){
927 $element = $doc->createElement( "$key" );
928 $element->appendChild(
929 $doc->createTextNode( $value )
930 );
931 $level->appendChild( $element );
932 }
933 }
934 return $doc->saveXML();
935 }
936
937 public function resourcetoxml2($row){
938 $doc = new DOMDocument();
939 $doc->formatOutput = true;
940 $root = $doc->createElement( "root" );
941 $doc->appendChild( $root );
942 $level = $doc->createElement( "level" );
943 $root->appendChild( $level );
944 foreach($row as $key=>$value){
945 $element = $doc->createElement( "$key" );
946 $element->appendChild(
947 $doc->createTextNode( $value )
948 );
949 $level->appendChild( $element );
950 }
951 return $doc->saveXML();
952 }
953
954 //Writing facility payment configuration to table
955 public function save_payment_configuration($var){
956 $data_credentials=$var[0];
957 if(UserService::valid($data_credentials))
958 {
959 if($var['service'] == 'paypal'){
960 if($var['paypal'] != ''){
961 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
962 sqlStatement($update_sql,array($var['login_id']));
963 }else{
964 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
965 sqlStatement($save_sql,array($var['service'],$var['login_id']));
966 }
967 }elseif($var['service'] == 'authorize_net'){
968 if($var['authorize_net'] != ''){
969 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
970 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
971 }else{
972 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
973 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
974 }
975 }
976 }
977 else
978 {
979 throw new SoapFault("Server", "credentials failed");
980 }
981 }
982
983 //Writing patient's authorizenet profile id to table
984 public function insert_authorizenet_details($var){
985 global $pid;
986 $data_credentials=$var[0];
987 if(UserService::valid($data_credentials))
988 {
989 $authorizenetid=$var['authorizenetid'];
990 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
991 sqlInsert($query,array($authorizenetid,$pid));
992 }
993 else
994 {
995 throw new SoapFault("Server", "credentials failed");
996 }
997 }
998
999 public function valid($credentials){
1000 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
1001 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
1002 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
1003 global $pid;
1004 $ok=0;
1005 $okE=0;
1006 $okN=0;
1007 $okO=0;
1008 $okP=0;
1009 $tim = strtotime(gmdate("Y-m-d H:m"));
1010 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
1011 if(sqlNumRows($res)){
1012 if($GLOBALS['validated_offsite_portal'] !=true){
1013 return false;
1014 }
1015 }
1016 else{
1017 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
1018 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
1019 }
1020 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
1021 $ok =1;
1022 }
1023 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
1024 $ok =1;
1025 }
1026 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+3600)).$credentials[3])==$credentials[2]){
1027 $ok =1;
1028 }
1029 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||$GLOBALS['validated_offsite_portal']==true){
1030 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1031 if($credentials[4] == 'existingpatient'){
1032 if(UserService::validcredential($credentials) === 2){
1033 $okE = 2;
1034 }
1035 elseif(UserService::validcredential($credentials) == true){
1036 $okE = 1;
1037 }
1038 else{
1039 return false;
1040 }
1041 }
1042 elseif($credentials[4] == 'oemruser'){
1043 if($credentials[9])
1044 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
1045 $okO = 1;
1046 }
1047 elseif($credentials[4] == 'newpatient'){
1048 if(UserService::validcredential($credentials) === 2){
1049 $okN = 3;
1050 }
1051 elseif(UserService::validcredential($credentials)){
1052 $okN = 2;
1053 }
1054 else{
1055 $okN = 1;
1056 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
1057 }
1058 }
1059 if($okE==1 || $okN == 2 || $okN == 1 || $okO == 1){
1060 $pid = $prow['pid'];
1061 $GLOBALS['pid'] = $prow['pid'];
1062 }elseif($okE == 2 || $okN == 3){
1063 $arow = sqlQuery("
1064 SELECT
1065 ad.audit_master_id
1066 FROM
1067 audit_details ad
1068 JOIN audit_details ad2
1069 ON ad2.audit_master_id = ad.audit_master_id
1070 AND ad2.table_name = 'patient_access_offsite'
1071 AND ad2.field_name = 'portal_pwd'
1072 WHERE ad.table_name = 'patient_access_offsite'
1073 AND ad.field_name = 'portal_username'
1074 AND ad.field_value = ?
1075 ",array($credentials[6]));
1076 $auditmasterid = $arow['audit_master_id'];
1077 $GLOBALS['auditmasterid'] = $arow['audit_master_id'];
1078 $pid = 0;
1079 $GLOBALS['pid'] = 0;
1080 }
1081 $_GET['site'] = $credentials[0];
1082 if($okE){
1083 if($okE == 1){
1084 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
1085 }elseif($okE == 2){
1086 $portal = sqlQuery("
1087 SELECT
1088 IF(COUNT(*),'yes','no') AS allow_patient_portal
1089 FROM
1090 audit_master am
1091 JOIN audit_details ad
1092 ON ad.audit_master_id = am.id
1093 AND ad.table_name = 'patient_access_offsite'
1094 AND ad.field_name = 'portal_username'
1095 WHERE am.approval_status = 1
1096 AND ad.field_value = ?
1097 ",array($credentials[6]));
1098 }
1099 if(strtolower($portal['allow_patient_portal'])!='yes')
1100 return false;
1101 }
1102 $GLOBALS['validated_offsite_portal'] = true;
1103 if($okO){
1104 return 'oemruser';
1105 }
1106 elseif($okE == 1){
1107 return 'existingpatient';
1108 }
1109 elseif($okE == 2){
1110 return 'newpatienttoapprove';
1111 }
1112 elseif($okN == 1 || $okN == 2){
1113 return 'newpatient';
1114 }
1115 elseif($okN == 3){
1116 return 'newpatienttoapprove';
1117 }
1118 return false;
1119 }
1120 else{
1121 return false;
1122 }
1123 }
1124
1125
1126
1127
1128 public function validcredential($credentials){
1129 $tim = strtotime(gmdate("Y-m-d H:m"));
1130 if($credentials[6]){
1131 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1132 $newpatient_to_approve = 0;
1133 if(!$prow['portal_pwd']){
1134 $newpatient_to_approve = 1;
1135 $prow = sqlQuery("
1136 SELECT
1137 ad2.field_value AS portal_pwd
1138 FROM
1139 audit_master am
1140 JOIN audit_details ad
1141 ON ad.audit_master_id = am.id
1142 AND ad.table_name = 'patient_access_offsite'
1143 AND ad.field_name = 'portal_username'
1144 JOIN audit_details ad2
1145 ON ad2.audit_master_id = am.id
1146 AND ad2.table_name = 'patient_access_offsite'
1147 AND ad2.field_name = 'portal_pwd'
1148 WHERE am.approval_status = 1
1149 AND ad.field_value = ?
1150 ",array($credentials[6]));
1151 }
1152 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
1153 if($newpatient_to_approve){
1154 return 2;
1155 }else{
1156 return true;
1157 }
1158 }
1159 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
1160 if($newpatient_to_approve){
1161 return 2;
1162 }else{
1163 return true;
1164 }
1165 }
1166 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+3600)).$credentials[8])==$credentials[7]){
1167 if($newpatient_to_approve){
1168 return 2;
1169 }else{
1170 return true;
1171 }
1172 }
1173 }
1174 return false;
1175 }
1176
1177
1178 //for checking the connection
1179
1180
1181
1182 public function check_connection($data){
1183 if($this->valid($data[0])){
1184 return 'ok';
1185 }
1186 else{
1187 return 'notok';
1188 }
1189 }
1190 }
1191 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
1192 $server->setClass('UserService');
1193 $server->setPersistence(SOAP_PERSISTENCE_SESSION);
1194 $server->handle();
1195 ?>
Mirror of official OpenEMR Sourceforge repository