interface/new/new_patient_save.php

   1 <?php
   2
   3 /**
   4  * new_patient_save.php
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Brady Miller <brady.g.miller@gmail.com>
   9  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
  10  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  11  */
  12
  13 require_once("../globals.php");
  14
  15 use OpenEMR\Common\Csrf\CsrfUtils;
  16
  17 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  18     CsrfUtils::csrfNotVerified();
  19 }
  20
  21 // Validation for non-unique external patient identifier.
  22 if (!empty($_POST["pubpid"])) {
  23     $form_pubpid = trim($_POST["pubpid"]);
  24     $result = sqlQuery("SELECT count(*) AS count FROM patient_data WHERE " .
  25     "pubpid = ?", array($form_pubpid));
  26     if ($result['count']) {
  27         // Error, not unique.
  28         require_once("new.php");
  29         exit();
  30     }
  31 }
  32
  33 require_once("$srcdir/pid.inc.php");
  34 require_once("$srcdir/patient.inc.php");
  35
  36 //here, we lock the patient data table while we find the most recent max PID
  37 //other interfaces can still read the data during this lock, however
  38 sqlStatement("lock tables patient_data read");
  39
  40 $result = sqlQuery("select max(pid)+1 as pid from patient_data");
  41
  42 // TBD: This looks wrong to unlock the table before we have added our
  43 // patient with its newly allocated pid!
  44 //
  45 sqlStatement("unlock tables");
  46 //end table lock
  47 $newpid = 1;
  48
  49 if ($result['pid'] > 1) {
  50     $newpid = $result['pid'];
  51 }
  52
  53 setpid($newpid);
  54
  55 if ($pid == null) {
  56     $pid = 0;
  57 }
  58
  59 // what do we set for the public pid?
  60 if (isset($_POST["pubpid"]) && ($_POST["pubpid"] != "")) {
  61     $mypubpid = $_POST["pubpid"];
  62 } else {
  63     $mypubpid = $pid;
  64 }
  65
  66 if ($_POST['form_create']) {
  67     $form_fname = ucwords(trim($_POST["fname"]));
  68     $form_lname = ucwords(trim($_POST["lname"]));
  69     $form_mname = ucwords(trim($_POST["mname"]));
  70
  71   // ===================
  72   // DBC SYSTEM WAS REMOVED
  73     $form_sex               = trim($_POST["sex"]) ;
  74     $form_dob               = DateToYYYYMMDD(trim($_POST["DOB"])) ;
  75     $form_street            = '' ;
  76     $form_city              = '' ;
  77     $form_postcode          = '' ;
  78     $form_countrycode       = '' ;
  79     $form_regdate           = DateToYYYYMMDD(trim($_POST['regdate']));
  80   // EOS DBC
  81   // ===================
  82
  83     newPatientData(
  84         $_POST["db_id"],
  85         $_POST["title"],
  86         $form_fname,
  87         $form_lname,
  88         $form_mname,
  89         $form_sex, // sex
  90         $form_dob, // dob
  91         $form_street, // street
  92         $form_postcode, // postal_code
  93         $form_city, // city
  94         "", // state
  95         $form_countrycode, // country_code
  96         "", // ss
  97         "", // occupation
  98         "", // phone_home
  99         "", // phone_biz
 100         "", // phone_contact
 101         "", // status
 102         "", // contact_relationship
 103         "", // referrer
 104         "", // referrerID
 105         "", // email
 106         "", // language
 107         "", // ethnoracial
 108         "", // interpreter
 109         "", // migrantseasonal
 110         "", // family_size
 111         "", // monthly_income
 112         "", // homeless
 113         "", // financial_review
 114         "$mypubpid",
 115         $pid,
 116         "", // providerID
 117         "", // genericname1
 118         "", // genericval1
 119         "", // genericname2
 120         "", // genericval2
 121         "", //billing_note
 122         "", // phone_cell
 123         "", // hipaa_mail
 124         "", // hipaa_voice
 125         0,  // squad
 126         0,  // $pharmacy_id = 0,
 127         "", // $drivers_license = "",
 128         "", // $hipaa_notice = "",
 129         "", // $hipaa_message = "",
 130         $form_regdate
 131     );
 132
 133     newEmployerData($pid);
 134     newHistoryData($pid);
 135     newInsuranceData($pid, "primary");
 136     newInsuranceData($pid, "secondary");
 137     newInsuranceData($pid, "tertiary");
 138
 139   // Set referral source separately because we don't want it messed
 140   // with later by newPatientData().
 141     if ($refsource = trim($_POST["refsource"])) {
 142         sqlQuery("UPDATE patient_data SET referral_source = ? " .
 143         "WHERE pid = ?", array($refsource, $pid));
 144     }
 145 }
 146 ?>
 147 <html>
 148 <body>
 149 <script>
 150 <?php
 151 if ($alertmsg) {
 152     echo "alert(" . js_escape($alertmsg) . ");\n";
 153 }
 154
 155   echo "window.location='$rootdir/patient_file/summary/demographics.php?" .
 156     "set_pid=" . attr_url($pid) . "&is_new=1';\n";
 157 ?>
 158 </script>
 159
 160 </body>
 161 </html>