improve new file process output
[openemr.git] / patients / get_appointments.php
blob06def4ad38f92cc619d200b0007c714d8e14831f
1 <?php
2 // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
9 //SANITIZE ALL ESCAPES
10 $sanitize_all_escapes=true;
12 //STOP FAKE REGISTER GLOBALS
13 $fake_register_globals=false;
15 //continue session
16 session_start();
19 //landing page definition -- where to go if something goes wrong
20 $landingpage = "index.php?site=".$_SESSION['site_id'];
23 // kick out if patient not authenticated
24 if ( isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite']) ) {
25 $pid = $_SESSION['pid'];
27 else {
28 session_destroy();
29 header('Location: '.$landingpage.'&w');
30 exit;
34 $ignoreAuth=true;
35 include_once('../interface/globals.php');
37 $query = "SELECT e.pc_eid, e.pc_aid, e.pc_title, e.pc_eventDate, " .
38 "e.pc_startTime, e.pc_hometext, u.fname, u.lname, u.mname, " .
39 "c.pc_catname " .
40 "FROM openemr_postcalendar_events AS e, users AS u, " .
41 "openemr_postcalendar_categories AS c WHERE " .
42 "e.pc_pid = ? AND e.pc_eventDate >= CURRENT_DATE AND " .
43 "u.id = e.pc_aid AND e.pc_catid = c.pc_catid " .
44 "ORDER BY e.pc_eventDate, e.pc_startTime";
46 //echo $query;
48 $res = sqlStatement($query, array($pid) );
50 //echo "test";
51 if(sqlNumRows($res)>0)
53 $count = 0;
55 while($row = sqlFetchArray($res)) {
56 $count++;
57 $dayname = xl(date("l", strtotime($row['pc_eventDate'])));
58 $dispampm = "am";
59 $disphour = substr($row['pc_startTime'], 0, 2) + 0;
60 $dispmin = substr($row['pc_startTime'], 3, 2);
61 if ($disphour >= 12) {
62 $dispampm = "pm";
63 if ($disphour > 12) $disphour -= 12;
65 if ($row['pc_hometext'] != "") {
66 $etitle = 'Comments'.": ".$row['pc_hometext']."\r\n";
67 } else {
68 $etitle = "";
70 if ($GLOBALS['portal_onsite_appt_modify']) {
71 echo "<a href='add_edit_event_user.php?eid=" . htmlspecialchars($row['pc_eid'],ENT_QUOTES) .
72 "' class='edit_event iframe' title='" . htmlspecialchars($etitle,ENT_QUOTES) . "'>";
74 echo "<b>" . htmlspecialchars($dayname . ", " . $row['pc_eventDate'],ENT_NOQUOTES) . "</b><br>";
75 echo htmlspecialchars("$disphour:$dispmin " . $dispampm . " " . $row['pc_catname'],ENT_NOQUOTES) . "<br>\n";
76 echo htmlspecialchars($row['fname'] . " " . $row['lname'],ENT_NOQUOTES);
77 if ($GLOBALS['portal_onsite_appt_modify']) {
78 echo "</a><br>\n";
80 else {
81 echo "<br>\n";
84 if (isset($res) && $res != null) {
85 if ( $count < 1 ) { echo "&nbsp;&nbsp;" . htmlspecialchars('None',ENT_NOQUOTES); }
87 } else { // if no appts
88 echo htmlspecialchars( xl('No Appointments'),ENT_NOQUOTES);