Merge pull request #2015 from bradymiller/rebase-danehrlich1-more-sql-changes_1
[openemr.git] / portal / add_edit_event_user.php
blobe04f7950ec606e716e476dae700e2c9a12631973
1 <?php
2 /**
4 * Modified from interface/main/calendar/add_edit_event.php for
5 * the patient portal.
7 * @package OpenEMR
8 * @link http://www.open-emr.org
9 * @author Rod Roark <rod@sunsetsystems.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @copyright Copyright (C) 2005-2006 Rod Roark <rod@sunsetsystems.com>
13 * @copyright Copyright (C) 2016-2019 Jerry Padgett <sjpadgett@gmail.com>
14 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
15 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
18 // continue session
19 session_start();
21 require_once("./../library/pnotes.inc");
23 //landing page definition -- where to go if something goes wrong
24 $landingpage = "index.php?site=".$_SESSION['site_id'];
27 // kick out if patient not authenticated
28 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
29 $pid = $_SESSION['pid'];
30 } else {
31 session_destroy();
32 header('Location: '.$landingpage.'&w');
33 exit;
38 $ignoreAuth = 1;
39 global $ignoreAuth;
41 require_once("../interface/globals.php");
42 require_once("$srcdir/patient.inc");
43 require_once("$srcdir/forms.inc");
45 // Exit if the modify calendar for portal flag is not set-pulled for v5
46 /* if (!($GLOBALS['portal_onsite_appt_modify'])) {
47 echo add_escape_custom( xl('You are not authorized to schedule appointments.'),ENT_NOQUOTES);
48 exit;
49 } */
51 // Things that might be passed by our opener.
53 $eid = $_GET['eid']; // only for existing events
54 $date = $_GET['date']; // this and below only for new events
55 $userid = $_GET['userid'];
56 $default_catid = $_GET['catid'] ? $_GET['catid'] : '5';
57 $patientid = $_GET['patid'];
60 if ($date) {
61 $date = substr($date, 0, 4) . '-' . substr($date, 4, 2) . '-' . substr($date, 6);
62 } else {
63 $date = date("Y-m-d");
67 $starttimem = '00';
68 if (isset($_GET['starttimem'])) {
69 $starttimem = substr('00' . $_GET['starttimem'], -2);
73 if (isset($_GET['starttimeh'])) {
74 $starttimeh = $_GET['starttimeh'];
75 if (isset($_GET['startampm'])) {
76 if ($_GET['startampm'] == '2' && $starttimeh < 12) {
77 $starttimeh += 12;
80 } else {
81 $starttimeh = date("G");
84 $startampm = '';
86 $info_msg = "";
88 // EVENTS TO FACILITIES (lemonsoftware)
89 //(CHEMED) get facility name
90 // edit event case - if there is no association made, then insert one with the first facility
91 if ($eid) {
92 $selfacil = '';
93 $facility = sqlQuery("SELECT pc_facility, pc_multiple, pc_aid, facility.name
94 FROM openemr_postcalendar_events
95 LEFT JOIN facility ON (openemr_postcalendar_events.pc_facility = facility.id)
96 WHERE pc_eid = ?", array($eid));
97 if (!$facility['pc_facility']) {
98 $qmin = sqlQuery("SELECT facility_id as minId, facility FROM users WHERE id = ?", array($facility['pc_aid']));
99 $min = $qmin['minId'];
100 $min_name = $qmin['facility'];
102 // multiple providers case
103 if ($GLOBALS['select_multi_providers']) {
104 $mul = $facility['pc_multiple'];
105 sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_multiple = ?", array($min, $mul));
108 // EOS multiple
110 sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_eid = ?", array($min, $eid));
111 $e2f = $min;
112 $e2f_name = $min_name;
113 } else {
114 $e2f = $facility['pc_facility'];
115 $e2f_name = $facility['name'];
119 // EOS E2F
120 // ===========================
123 // If we are saving, then save and close the window.
125 if ($_POST['form_action'] == "save") {
126 //print_r($_POST);
127 //exit();
128 $event_date = fixDate($_POST['form_date']);
130 // Compute start and end time strings to be saved.
131 if ($_POST['form_allday']) {
132 $tmph = 0;
133 $tmpm = 0;
134 $duration = 24 * 60;
135 } else {
136 $tmph = $_POST['form_hour'] + 0;
137 $tmpm = $_POST['form_minute'] + 0;
138 if ($_POST['form_ampm'] == '2' && $tmph < 12) {
139 $tmph += 12;
142 $duration = $_POST['form_duration'];
145 $starttime = "$tmph:$tmpm:00";
147 $tmpm += $duration;
148 while ($tmpm >= 60) {
149 $tmpm -= 60;
150 ++$tmph;
153 $endtime = "$tmph:$tmpm:00";
155 // Useless garbage that we must save.
156 $locationspec = 'a:6:{s:14:"event_location";N;s:13:"event_street1";N;' .
157 's:13:"event_street2";N;s:10:"event_city";N;s:11:"event_state";N;s:12:"event_postal";N;}';
159 // More garbage, but this time 1 character of it is used to save the
160 // repeat type.
161 if ($_POST['form_repeat']) {
162 $recurrspec = 'a:5:{' .
163 's:17:"event_repeat_freq";s:1:"' . $_POST['form_repeat_freq'] . '";' .
164 's:22:"event_repeat_freq_type";s:1:"' . $_POST['form_repeat_type'] . '";' .
165 's:19:"event_repeat_on_num";s:1:"1";' .
166 's:19:"event_repeat_on_day";s:1:"0";' .
167 's:20:"event_repeat_on_freq";s:1:"0";}';
168 } else {
169 $recurrspec = 'a:5:{' .
170 's:17:"event_repeat_freq";N;' .
171 's:22:"event_repeat_freq_type";s:1:"0";' .
172 's:19:"event_repeat_on_num";s:1:"1";' .
173 's:19:"event_repeat_on_day";s:1:"0";' .
174 's:20:"event_repeat_on_freq";s:1:"1";}';
177 //The modification of the start date for events that take place on one day of the week
178 //for example monday, or thursday. We set the start date on the first day of the week
179 //that the event is scheduled. For example if you set the event to repeat on each monday
180 //the start date of the event will be set on the first monday after the day the event is scheduled
181 if ($_POST['form_repeat_type'] == 5) {
182 $exploded_date= explode("-", $event_date);
183 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
184 if ($edate=="Tue") {
185 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
186 } elseif ($edate=="Wed") {
187 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
188 } elseif ($edate=="Thu") {
189 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
190 } elseif ($edate=="Fri") {
191 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
192 } elseif ($edate=="Sat") {
193 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
194 } elseif ($edate=="Sun") {
195 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
197 } elseif ($_POST['form_repeat_type'] == 6) {
198 $exploded_date= explode("-", $event_date);
199 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
200 if ($edate=="Wed") {
201 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
202 } elseif ($edate=="Thu") {
203 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
204 } elseif ($edate=="Fri") {
205 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
206 } elseif ($edate=="Sat") {
207 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
208 } elseif ($edate=="Sun") {
209 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
210 } elseif ($edate=="Mon") {
211 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
213 } elseif ($_POST['form_repeat_type'] == 7) {
214 $exploded_date= explode("-", $event_date);
215 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
216 if ($edate=="Thu") {
217 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
218 } elseif ($edate=="Fri") {
219 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
220 } elseif ($edate=="Sat") {
221 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
222 } elseif ($edate=="Sun") {
223 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
224 } elseif ($edate=="Mon") {
225 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
226 } elseif ($edate=="Tue") {
227 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
229 } elseif ($_POST['form_repeat_type'] == 8) {
230 $exploded_date= explode("-", $event_date);
231 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
232 if ($edate=="Fri") {
233 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
234 } elseif ($edate=="Sat") {
235 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
236 } elseif ($edate=="Sun") {
237 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
238 } elseif ($edate=="Mon") {
239 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
240 } elseif ($edate=="Tue") {
241 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
242 } elseif ($edate=="Wed") {
243 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
245 } elseif ($_POST['form_repeat_type'] == 9) {
246 $exploded_date= explode("-", $event_date);
247 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
248 if ($edate=="Sat") {
249 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
250 } elseif ($edate=="Sun") {
251 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
252 } elseif ($edate=="Mon") {
253 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
254 } elseif ($edate=="Tue") {
255 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
256 } elseif ($edate=="Wed") {
257 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
258 } elseif ($edate=="Thu") {
259 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
261 }//if end
262 /* =======================================================
263 // UPDATE EVENTS
264 ========================================================*/
265 if ($eid) {
266 // what is multiple key around this $eid?
267 $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
269 if ($GLOBALS['select_multi_providers'] && $row['pc_multiple']) {
270 /* ==========================================
271 // multi providers BOS
272 ==========================================*/
274 // obtain current list of providers regarding the multiple key
275 $up = sqlStatement("SELECT pc_aid FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple']));
276 while ($current = sqlFetchArray($up)) {
277 $providers_current[] = $current['pc_aid'];
280 $providers_new = $_POST['form_provider_ae'];
282 // this difference means that some providers from current was UNCHECKED
283 // so we must delete this event for them
284 $r1 = array_diff($providers_current, $providers_new);
285 if (count($r1)) {
286 foreach ($r1 as $to_be_removed) {
287 sqlQuery("DELETE FROM openemr_postcalendar_events WHERE pc_aid = ? AND pc_multiple = ?", array($to_be_removed, $row['pc_multiple']));
291 // this difference means that some providers was added
292 // so we must insert this event for them
293 $r2 = array_diff($providers_new, $providers_current);
294 if (count($r2)) {
295 foreach ($r2 as $to_be_inserted) {
296 sqlInsert("INSERT INTO openemr_postcalendar_events ( pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility)
297 VALUES ( " .
298 "'" . add_escape_custom($_POST['form_category']) . "', " .
299 "'" . add_escape_custom($row['pc_multiple']) . "', " .
300 "'" . add_escape_custom($to_be_inserted) . "', " .
301 "'" . add_escape_custom($_POST['form_pid']) . "', " .
302 "'" . add_escape_custom($_POST['form_title']) . "', " .
303 "NOW(), " .
304 "'" . add_escape_custom($_POST['form_comments']) . "', " .
305 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
306 "'" . add_escape_custom($event_date) . "', " .
307 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
308 "'" . add_escape_custom(($duration * 60)) . "', " .
309 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
310 "'" . add_escape_custom($recurrspec) . "', " .
311 "'" . add_escape_custom($starttime) . "', " .
312 "'" . add_escape_custom($endtime) . "', " .
313 "'" . add_escape_custom($_POST['form_allday']) . "', " .
314 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
315 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
316 "'" . add_escape_custom($locationspec) . "', " .
317 "1, " .
318 "1, " .(int)$_POST['facility']. " )"); // FF stuff
319 } // foreach
320 } //if count
323 // after the two diffs above, we must update for remaining providers
324 // those who are intersected in $providers_current and $providers_new
325 foreach ($_POST['form_provider_ae'] as $provider) {
326 sqlStatement("UPDATE openemr_postcalendar_events SET " .
327 "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " .
328 "pc_pid = '" . add_escape_custom($_POST['form_pid']) . "', " .
329 "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " .
330 "pc_time = NOW(), " .
331 "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " .
332 "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " .
333 "pc_eventDate = '" . add_escape_custom($event_date) . "', " .
334 "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
335 "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " .
336 "pc_recurrtype = '" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
337 "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " .
338 "pc_startTime = '" . add_escape_custom($starttime) . "', " .
339 "pc_endTime = '" . add_escape_custom($endtime) . "', " .
340 "pc_alldayevent = '" . add_escape_custom($_POST['form_allday']) . "', " .
341 "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " .
342 "pc_prefcatid = '" . add_escape_custom($_POST['form_prefcat']) . "', " .
343 "pc_facility = '" . (int)$_POST['facility'] . "' " . // FF stuff
344 "WHERE pc_aid = '" . add_escape_custom($provider) . "' AND pc_multiple='" . add_escape_custom($row['pc_multiple']) . "'");
345 } // foreach
347 /* ==========================================
348 // multi providers EOS
349 ==========================================*/
350 } elseif (!$row['pc_multiple']) {
351 if ($GLOBALS['select_multi_providers']) {
352 $prov = $_POST['form_provider_ae'][0];
353 } else {
354 $prov = $_POST['form_provider_ae'];
356 $insert = false;
357 // simple provider case
358 sqlStatement("UPDATE openemr_postcalendar_events SET " .
359 "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " .
360 "pc_aid = '" . add_escape_custom($prov) . "', " .
361 "pc_pid = '" . add_escape_custom($_POST['form_pid']) . "', " .
362 "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " .
363 "pc_time = NOW(), " .
364 "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " .
365 "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " .
366 "pc_eventDate = '" . add_escape_custom($event_date) . "', " .
367 "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
368 "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " .
369 "pc_recurrtype = '" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
370 "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " .
371 "pc_startTime = '" . add_escape_custom($starttime) . "', " .
372 "pc_endTime = '" . add_escape_custom($endtime) . "', " .
373 "pc_alldayevent = '" . add_escape_custom($_POST['form_allday']) . "', " .
374 "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " .
375 "pc_prefcatid = '" . add_escape_custom($_POST['form_prefcat']) . "', " .
376 "pc_facility = '" . (int)$_POST['facility'] ."' " . // FF stuff
377 "WHERE pc_eid = '" . add_escape_custom($eid) . "'");
380 // =======================================
381 // EOS multi providers case
382 // =======================================
384 // EVENTS TO FACILITIES
386 $e2f = (int)$eid;
388 /* =======================================================
389 // INSERT EVENTS
390 ========================================================*/
391 } else {
392 // =======================================
393 // multi providers case
394 // =======================================
396 if (is_array($_POST['form_provider_ae'])) {
397 // obtain the next available unique key to group multiple providers around some event
398 $q = sqlStatement("SELECT MAX(pc_multiple) as max FROM openemr_postcalendar_events");
399 $max = sqlFetchArray($q);
400 $new_multiple_value = $max['max'] + 1;
402 foreach ($_POST['form_provider_ae'] as $provider) {
403 sqlInsert("INSERT INTO openemr_postcalendar_events ( " .
404 "pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " .
405 "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " .
406 "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " .
407 "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " .
408 ") VALUES ( " .
409 "'" . add_escape_custom($_POST['form_category']) . "', " .
410 "'" . add_escape_custom($new_multiple_value) . "', " .
411 "'" . add_escape_custom($provider) . "', " .
412 "'" . add_escape_custom($_POST['form_pid']) . "', " .
413 "'" . add_escape_custom($_POST['form_title']) . "', " .
414 "NOW(), " .
415 "'" . add_escape_custom($_POST['form_comments']) . "', " .
416 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
417 "'" . add_escape_custom($event_date) . "', " .
418 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
419 "'" . add_escape_custom(($duration * 60)) . "', " .
420 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
421 "'" . add_escape_custom($recurrspec) . "', " .
422 "'" . add_escape_custom($starttime) . "', " .
423 "'" . add_escape_custom($endtime) . "', " .
424 "'" . add_escape_custom($_POST['form_allday']) . "', " .
425 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
426 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
427 "'" . add_escape_custom($locationspec) . "', " .
428 "1, " .
429 "1, " .(int)$_POST['facility']. " )"); // FF stuff
430 } // foreach
431 } else {
432 $_POST['form_apptstatus'] = '^';
433 $insert = true;
434 sqlInsert("INSERT INTO openemr_postcalendar_events ( " .
435 "pc_catid, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " .
436 "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " .
437 "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " .
438 "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " .
439 ") VALUES ( " .
440 "'" . add_escape_custom($_POST['form_category']) . "', " .
441 "'" . add_escape_custom($_POST['form_provider_ae']) . "', " .
442 "'" . add_escape_custom($_POST['form_pid']) . "', " .
443 "'" . add_escape_custom($_POST['form_title']) . "', " .
444 "NOW(), " .
445 "'" . add_escape_custom($_POST['form_comments']) . "', " .
446 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
447 "'" . add_escape_custom($event_date) . "', " .
448 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
449 "'" . add_escape_custom(($duration * 60)) . "', " .
450 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
451 "'" . add_escape_custom($recurrspec) . "', " .
452 "'" . add_escape_custom($starttime) . "', " .
453 "'" . add_escape_custom($endtime) . "', " .
454 "'" . add_escape_custom($_POST['form_allday']) . "', " .
455 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
456 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
457 "'" . add_escape_custom($locationspec) . "', " .
458 "1, " .
459 "1, " . (int)$_POST['facility'] . ")"); // FF stuff
460 } // INSERT single
461 } // else - insert
462 } else if ($_POST['form_action'] == "delete") {
463 // =======================================
464 // multi providers case
465 // =======================================
466 if ($GLOBALS['select_multi_providers']) {
467 // what is multiple key around this $eid?
468 $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
469 if ($row['pc_multiple']) {
470 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple']));
471 } else {
472 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
475 // =======================================
476 // EOS multi providers case
477 // =======================================
478 } else {
479 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
483 if ($_POST['form_action'] != "") {
484 // Leave
485 $type = $insert ? xl("A New Appointment") : xl("An Updated Appointment");
486 $note = $type . " " . xl("request was received from portal patient") . " ";
487 $note .= $_SESSION['ptName'] . " " . xl("regarding appointment dated") . " " . $event_date . " " . $starttime . ". ";
488 $note .= !empty($_POST['form_comments']) ? (xl("Reason") . " " . $_POST['form_comments']) : "";
489 $note .= ". " . xl("Use Portal Dashboard to confirm with patient.");
490 $title = xl("Patient Reminders");
491 $user = sqlQueryNoLog("SELECT users.username FROM users WHERE authorized = 1 And id = ?", array($_POST['form_provider_ae']));
492 $rtn = addPnote($_POST['form_pid'], $note, 1, 1, $title, $user['username'], '', 'New');
494 $_SESSION['whereto'] = 'appointmentpanel';
495 header('Location:./home.php#appointmentpanel');
496 exit();
499 // If we get this far then we are displaying the form.
501 $statuses = array(
502 '-' => '',
503 '*' => xl('* Reminder done'),
504 '+' => xl('+ Chart pulled'),
505 'x' => xl('x Cancelled'), // added Apr 2008 by JRM
506 '?' => xl('? No show'),
507 '@' => xl('@ Arrived'),
508 '~' => xl('~ Arrived late'),
509 '!' => xl('! Left w/o visit'),
510 '#' => xl('# Ins/fin issue'),
511 '<' => xl('< In exam room'),
512 '>' => xl('> Checked out'),
513 '$' => xl('$ Coding done'),
514 '^' => xl('^ Pending'),
517 $repeats = 0; // if the event repeats
518 $repeattype = '0';
519 $repeatfreq = '0';
520 $patienttitle = "";
521 $hometext = "";
522 $row = array();
524 // If we are editing an existing event, then get its data.
525 if ($eid) {
526 $row = sqlQuery("SELECT * FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
527 $date = $row['pc_eventDate'];
528 $userid = $row['pc_aid'];
529 $patientid = $row['pc_pid'];
530 $starttimeh = substr($row['pc_startTime'], 0, 2) + 0;
531 $starttimem = substr($row['pc_startTime'], 3, 2);
532 $repeats = $row['pc_recurrtype'];
533 $multiple_value = $row['pc_multiple'];
535 if (preg_match('/"event_repeat_freq_type";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) {
536 $repeattype = $matches[1];
539 if (preg_match('/"event_repeat_freq";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) {
540 $repeatfreq = $matches[1];
543 $hometext = $row['pc_hometext'];
544 if (substr($hometext, 0, 6) == ':text:') {
545 $hometext = substr($hometext, 6);
547 } else {
548 $patientid=$_GET['pid'];
551 // If we have a patient ID, get the name and phone numbers to display.
552 if ($patientid) {
553 $prow = sqlQuery("SELECT lname, fname, phone_home, phone_biz, DOB " .
554 "FROM patient_data WHERE pid = ?", array($patientid));
555 $patientname = $prow['lname'] . ", " . $prow['fname'];
556 if ($prow['phone_home']) {
557 $patienttitle .= " H=" . $prow['phone_home'];
560 if ($prow['phone_biz']) {
561 $patienttitle .= " W=" . $prow['phone_biz'];
565 // Get the providers list.
566 $ures = sqlStatement("SELECT id, username, fname, lname FROM users WHERE " .
567 "authorized != 0 AND active = 1 ORDER BY lname, fname");
569 //-------------------------------------
570 //(CHEMED)
571 //Set default facility for a new event based on the given 'userid'
572 if ($userid) {
573 $pref_facility = sqlFetchArray(sqlStatement("SELECT facility_id, facility FROM users WHERE id = ?", array($userid)));
574 $e2f = $pref_facility['facility_id'];
575 $e2f_name = $pref_facility['facility'];
578 //END of CHEMED -----------------------
580 // Get event categories.
581 $cres = sqlStatement("SELECT pc_catid, pc_catname, pc_recurrtype, pc_duration, pc_end_all_day " .
582 "FROM openemr_postcalendar_categories ORDER BY pc_catname");
584 // Fix up the time format for AM/PM.
585 $startampm = '1';
586 if ($starttimeh >= 12) { // p.m. starts at noon and not 12:01
587 $startampm = '2';
588 if ($starttimeh > 12) {
589 $starttimeh -= 12;
594 <html>
595 <head>
597 <title><?php echo $eid ? xlt("Edit Event") : xlt("Add New Event"); ?></title>
599 <link href="assets/css/style.css?v=<?php echo $v_js_includes; ?>" rel="stylesheet" type="text/css" />
600 <script type="text/javascript" src="<?php echo $webroot ?>/interface/main/tabs/js/include_opener.js"></script>
601 </head>
603 <body class="skin-blue" >
604 <div class="well">
605 <form class="form-inline" method='post' name='theaddform' id='theaddform' action='add_edit_event_user.php?eid=<?php echo attr($eid); ?>'>
606 <input type="hidden" name="form_action" id="form_action" value="">
607 <input type='hidden' name='form_category' id='form_category' value='<?php echo $row['pc_catid'] ? attr($row['pc_catid']) : '5'; ?>' />
608 <input type='hidden' name='form_apptstatus' id='form_apptstatus' value='<?php echo $row['pc_apptstatus'] ? attr($row['pc_apptstatus']) : "^" ?>' />
609 <table border='0' width='100%'>
610 <tr>
611 <td width='1%' nowrap>
612 <b><?php echo xlt('Visit'); ?>: </b>
613 </td>
614 <td nowrap style='padding:0px 5px 5px 0'>
615 <input class="form-control" type="text" id='form_title' name='form_title' value='<?php echo ($row['pc_title'] > "") ? attr($row['pc_title']) : xla('Office Visit'); ?>' readonly='readonly'/>
616 </td>
617 <td></td>
618 <td width='1%' nowrap>
619 <b><?php echo xlt('Date'); ?>:</b>
620 </td>
621 <td colspan='2' nowrap id='tdallday1'>
622 <input class="form-control" type='text' size='10' name='form_date' readonly id='form_date'
623 value='<?php echo (isset($eid) && $eid) ? attr($row['pc_eventDate']) : attr($date); ?>' />
624 </td>
625 </tr>
626 <tr>
627 <td nowrap>
628 <b><?php //xl('Title','e'); ?></b>
629 </td>
630 <td style='padding:0px 5px 5px 0' nowrap>
631 <!-- <input class="form-control input-sm" type='text' size='10' name='form_title' readonly value='<?php //echo htmlspecialchars($row['pc_title'],ENT_QUOTES) ?>' title='<?php //xl('Event title','e'); ?>' /> -->
632 </td>
633 <td nowrap>
634 </td>
635 <td width='1%' nowrap id='tdallday2'>
636 <b><?php echo xlt('Time');?>:</b>
637 </td>
638 <td width='1%' nowrap id='tdallday3'>
639 <input class="form-control inline" type='text' size='2' name='form_hour' value='<?php echo (isset($eid)) ? $starttimeh : ''; ?>'
640 title='<?php echo xla('Event start time'); ?>' readonly/> :
641 <input class="form-control inline" type='text' size='2' name='form_minute' value='<?php echo (isset($eid)) ? $starttimem : ''; ?>'
642 title='<?php echo xla('Event start time'); ?>' readonly/>&nbsp; <!-- -->
643 <select class="form-control" name='form_ampm' title='Note: 12:00 noon is PM, not AM' readonly >
644 <option value='1'><?php echo xlt('AM'); ?></option>
645 <option value='2'<?php echo ($startampm == '2') ? " selected" : ""; ?>><?php echo xlt('PM'); ?></option>
646 </select>
647 </td>
648 </tr>
649 <tr>
650 <td nowrap>
651 <b><?php echo xlt('Patient'); ?>:</b>
652 </td>
653 <td style='padding:0px 5px 5px 0' nowrap>
654 <input class="form-control" type='text' id='form_patient' name='form_patient' value='<?php echo attr($patientname); ?>' title='Patient' readonly />
655 <input type='hidden' name='form_pid' value='<?php echo attr($patientid); ?>' />
656 </td>
657 <td nowrap>
658 &nbsp;
659 </td>
660 <td nowrap id='tdallday4'><?php echo xlt('Duration'); ?></td>
661 <td nowrap id='tdallday5'>
662 <input class="form-control input-sm" type='text' size='1' name='form_duration' value='<?php echo $row['pc_duration'] ? ($row['pc_duration']*1/60) : "15" ?>' readonly /><?php echo "&nbsp" . xlt('minutes'); ?>
663 </td>
664 </tr>
665 <tr>
666 </tr>
667 <tr>
668 <td nowrap>
669 <b><?php echo xlt('Provider'); ?>:</b>
670 </td>
671 <td style='padding:0px 5px 5px 0' nowrap>
672 <select class="form-control" name='form_provider_ae' id='form_provider_ae' onchange='change_provider();'>
673 <?php
674 // present a list of providers to choose from
675 // default to the currently logged-in user
676 while ($urow = sqlFetchArray($ures)) {
677 echo " <option value='" . attr($urow['id']) . "'";
678 if (($urow['id'] == $_GET['userid'])||($urow['id']== $userid)) {
679 echo " selected";
682 echo ">" . text($urow['lname']);
683 if ($urow['fname']) {
684 echo ", " . text($urow['fname']);
687 echo "</option>\n";
690 </select>
691 </td>
692 <td nowrap style='font-size:8pt'>
693 </td>
694 <td><input type='button' class='btn btn-danger btn-sm' value='<?php echo xla('Openings');?>' onclick='find_available()' /></td>
695 <td></td>
696 </tr>
697 <tr>
698 <td nowrap>
699 <b><?php echo xlt('Reason'); ?>:</b>
700 </td>
701 <td style='padding:0px 5px 5px 0' colspan='4' nowrap>
702 <input class="form-control" type='text' size='40' name='form_comments' style='width:100%' value='<?php echo attr($hometext); ?>' title='<?php echo xla('Optional information about this event'); ?>' />
703 </td>
704 </tr>
705 </table>
707 <input type='button' name='form_save' class='btn btn-success btn-md' onsubmit='return false' value='<?php echo xla('Save'); ?>' onclick="validate()" />
708 &nbsp;
709 </p>
710 </form>
711 <script>
713 var durations = new Array();
714 <?php
715 // Read the event categories, generate their options list, and get
716 // the default event duration from them if this is a new event.
717 $catoptions = "";
718 $prefcat_options = " <option value='0'>-- None --</option>\n";
719 $thisduration = 0;
720 if ($eid) {
721 $thisduration = $row['pc_alldayevent'] ? 1440 : round($row['pc_duration'] / 60);
724 while ($crow = sqlFetchArray($cres)) {
725 $duration = round($crow['pc_duration'] / 60);
726 if ($crow['pc_end_all_day']) {
727 $duration = 1440;
730 echo " durations[" . attr($crow['pc_catid']) . "] = " . text($duration) . "\n";
731 // echo " rectypes[" . $crow['pc_catid'] . "] = " . $crow['pc_recurrtype'] . "\n";
732 $catoptions .= " <option value='" . attr($crow['pc_catid']) . "'";
733 if ($eid) {
734 if ($crow['pc_catid'] == $row['pc_catid']) {
735 $catoptions .= " selected";
737 } else {
738 if ($crow['pc_catid'] == $default_catid) {
739 $catoptions .= " selected";
740 $thisduration = $duration;
744 $catoptions .= ">" . text($crow['pc_catname']) . "</option>\n";
746 // This section is to build the list of preferred categories:
747 if ($duration) {
748 $prefcat_options .= " <option value='" . attr($crow['pc_catid']) . "'";
749 if ($eid) {
750 if ($crow['pc_catid'] == $row['pc_prefcatid']) {
751 $prefcat_options .= " selected";
755 $prefcat_options .= ">" . text($crow['pc_catname']) . "</option>\n";
760 <?php require($GLOBALS['srcdir'] . "/restoreSession.php"); ?>
762 // This is for callback by the find-patient popup.
763 function setpatient(pid, lname, fname, dob) {
764 var f = document.forms.namedItem("theaddform");
765 f.form_patient.value = lname + ', ' + fname;
766 f.form_pid.value = pid;
767 dobstyle = (dob == '' || dob.substr(5, 10) == '00-00') ? '' : 'none';
768 document.getElementById('dob_row').style.display = dobstyle;
770 function change_provider(){
771 var f = document.forms.namedItem("theaddform");
772 f.form_date.value='';
773 f.form_hour.value='';
774 f.form_minute.value='';
776 // This is for callback by the find-patient popup.
777 function unsetpatient() {
778 var f = document.forms.namedItem("theaddform");
779 f.form_patient.value = '';
780 f.form_pid.value = '';
783 // This invokes the find-patient popup.
784 function sel_patient() {
785 dlgopen('find_patient_popup.php', '_blank', 500, 400);
788 // Do whatever is needed when a new event category is selected.
789 // For now this means changing the event title and duration.
790 function set_display() {
791 var f = document.forms.namedItem("theaddform");
792 var si = document.getElementById('form_category');
793 if (si.selectedIndex >= 0) {
794 var catid = si.options[si.selectedIndex].value;
795 var style_apptstatus = document.getElementById('title_apptstatus').style;
796 var style_prefcat = document.getElementById('title_prefcat').style;
797 if (catid == '2') { // In Office
798 style_apptstatus.display = 'none';
799 style_prefcat.display = '';
800 f.form_apptstatus.style.display = 'none';
801 f.form_prefcat.style.display = '';
802 } else {
803 style_prefcat.display = 'none';
804 style_apptstatus.display = '';
805 f.form_prefcat.style.display = 'none';
806 f.form_apptstatus.style.display = '';
811 // Gray out certain fields according to selection of Category DDL
812 function categoryChanged() {
813 var value = '5';
815 document.getElementById("form_patient").disabled=false;
816 //document.getElementById("form_apptstatus").disabled=false;
817 //document.getElementById("form_prefcat").disabled=false;
821 // Do whatever is needed when a new event category is selected.
822 // For now this means changing the event title and duration.
823 function set_category() {
824 var f = document.forms.namedItem("theaddform");
825 var s = f.form_category;
826 if (s.selectedIndex >= 0) {
827 var catid = s.options[s.selectedIndex].value;
828 f.form_title.value = s.options[s.selectedIndex].text;
829 f.form_duration.value = durations[catid];
830 set_display();
834 // Modify some visual attributes when the all-day or timed-event
835 // radio buttons are clicked.
836 function set_allday() {
837 var f = document.forms.namedItem("theaddform");
838 var color1 = '#777777';
839 var color2 = '#777777';
840 var disabled2 = true;
841 /*if (document.getElementById('rballday1').checked) {
842 color1 = '#000000';
844 if (document.getElementById('rballday2').checked) {
845 color2 = '#000000';
846 disabled2 = false;
848 document.getElementById('tdallday1').style.color = color1;
849 document.getElementById('tdallday2').style.color = color2;
850 document.getElementById('tdallday3').style.color = color2;
851 document.getElementById('tdallday4').style.color = color2;
852 document.getElementById('tdallday5').style.color = color2;
853 f.form_hour.disabled = disabled2;
854 f.form_minute.disabled = disabled2;
855 f.form_ampm.disabled = disabled2;
856 f.form_duration.disabled = disabled2;
859 // Modify some visual attributes when the Repeat checkbox is clicked.
860 function set_repeat() {
861 var f = document.forms.namedItem("theaddform");
862 var isdisabled = true;
863 var mycolor = '#777777';
864 var myvisibility = 'hidden';
865 /*if (f.form_repeat.checked) {
866 isdisabled = false;
867 mycolor = '#000000';
868 myvisibility = 'visible';
870 //f.form_repeat_type.disabled = isdisabled;
871 //f.form_repeat_freq.disabled = isdisabled;
872 //f.form_enddate.disabled = isdisabled;
873 document.getElementById('tdrepeat1').style.color = mycolor;
874 document.getElementById('tdrepeat2').style.color = mycolor;
875 document.getElementById('img_enddate').style.visibility = myvisibility;
878 // This is for callback by the find-available popup.
879 function setappt(year,mon,mday,hours,minutes) {
880 var f = document.forms.namedItem("theaddform");
881 f.form_date.value = '' + year + '-' +
882 ('' + (mon + 100)).substring(1) + '-' +
883 ('' + (mday + 100)).substring(1);
884 f.form_ampm.selectedIndex = (hours >= 12) ? 1 : 0;
885 f.form_hour.value = (hours > 12) ? hours - 12 : hours;
886 f.form_minute.value = ('' + (minutes + 100)).substring(1);
889 // Invoke the find-available popup.
890 function find_available() {
891 // when making an appointment for a specific provider
892 var se = document.getElementById('form_provider_ae');
893 <?php if ($userid != 0) { ?>
894 s = se.value;
895 <?php } else {?>
896 s = se.options[se.selectedIndex].value;
897 <?php }?>
898 var formDate = document.getElementById('form_date');
899 var url = 'find_appt_popup_user.php?bypatient&providerid=' + s + '&catid=5' + '&startdate=' + formDate.value;
900 var params = {
901 buttons: [
902 {text: '<?php echo xla('Cancel'); ?>', close: true, style: 'danger btn-sm'}
905 allowResize: true,
906 dialogId: 'apptDialog',
907 type: 'iframe'
909 dlgopen(url, 'apptFind', 'modal-md', 300, '', 'Find Date', params);
912 // Check for errors when the form is submitted.
913 function validate() {
914 var f = document.getElementById('theaddform');
915 if (!f.form_date.value || !f.form_hour.value || !f.form_minute.value) {
916 alert('Please click on "Openings" to select a time.');
917 return false;
920 // in lunch outofoffice reserved vacation
921 // f.form_category.value='2';
922 if (f.form_patient.value=='Click to select' && (!(
923 f.form_category.value=='2' || f.form_category.value=='8' || f.form_category.value=='3' || f.form_category.value=='4' || f.form_category.value=='11'
924 || f.form_category.value=='10'))) {
925 alert('Please select a patient.');
926 return false;
927 } else if (f.form_category.value=='10') {
928 unsetpatient();
930 var form_action = document.getElementById('form_action');
931 form_action.value="save";
932 f.submit();
933 return false;
936 function deleteEvent() {
937 if (confirm("Deleting this event cannot be undone. It cannot be recovered once it is gone. Are you sure you wish to delete this event?")) {
938 var f = document.getElementById('theaddform');
939 var form_action = document.getElementById('form_action');
940 form_action.value="delete";
941 f.submit();
942 return true;
944 return false;
947 <?php if ($eid) { ?>
948 set_display();
949 <?php } ?>
951 $(document).ready(function() {
952 $('.datepicker').datetimepicker({
953 <?php $datetimepicker_timepicker = false; ?>
954 <?php $datetimepicker_showseconds = false; ?>
955 <?php $datetimepicker_formatInput = false; ?>
956 <?php require($GLOBALS['srcdir'] . '/js/xl/jquery-datetimepicker-2-5-4.js.php'); ?>
957 <?php // can add any additional javascript settings to datetimepicker here; need to prepend first setting with a comma ?>
960 </script>
961 </div>
962 </body>
963 </html>