interface/billing/sl_eob_patient_note.php

   1 <?php
   2
   3 /**
   4  * This allows entry and editing of a "billing note" for the patient.
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Rod Roark <rod@sunsetsystems.com>
   9  * @author    Roberto Vasquez <robertogagliotta@gmail.com>
  10  * @author    Brady Miller <brady.g.miller@gmail.com>
  11  * @copyright Copyright (c) 2005 Rod Roark <rod@sunsetsystems.com>
  12  * @copyright Copyright (c) 2019-2020 Brady Miller <brady.g.miller@gmail.com>
  13  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  14  */
  15
  16 require_once("../globals.php");
  17 require_once("../../library/patient.inc.php");
  18 require_once("../../library/forms.inc.php");
  19
  20 use OpenEMR\Common\Csrf\CsrfUtils;
  21 use OpenEMR\Core\Header;
  22
  23 $info_msg = "";
  24 ?>
  25 <html>
  26 <head>
  27     <?php Header::setupHeader(['opener']); ?>
  28     <title><?php echo xlt('EOB Posting - Patient Note'); ?></title>
  29 </head>
  30 <body>
  31     <?php
  32
  33     $patient_id = $_GET['patient_id'];
  34     if (!$patient_id) {
  35         die(xlt("You cannot access this page directly."));
  36     }
  37
  38     $row = sqlQuery("Select billing_note From patient_data Where pid=?", [$patient_id]);
  39     if (isset($_POST['form_save'])) {
  40         if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  41             CsrfUtils::csrfNotVerified();
  42         }
  43
  44         $thevalue = trim($_POST['form_note']);
  45
  46         sqlStatement("UPDATE patient_data SET " .
  47             "billing_note = ? " .
  48             "WHERE pid = ? ", array($thevalue, $patient_id));
  49
  50         echo "<script>\n";
  51         if ($info_msg) {
  52             echo " alert(" . js_escape($info_msg) . ");\n";
  53         }
  54         echo " dlgclose();\n";
  55         echo "</script></body></html>\n";
  56         exit();
  57     }
  58
  59     $row = sqlQuery("select fname, lname, billing_note " .
  60         "from patient_data where pid = ? limit 1", array($patient_id));
  61     ?>
  62     <div class="container">
  63         <div class="row">
  64             <h2><?php echo xlt('Billing Note for ') . text($row['fname']) . " " . text($row['lname']); ?></h2>
  65         </div>
  66         <div class="row mx-auto">
  67             <form method='post' action='sl_eob_patient_note.php?patient_id=<?php echo attr_url($patient_id); ?>'>
  68                 <input type="hidden" name="csrf_token_form" value="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
  69                 <div class="row">
  70                     <div class="col-12 pb-1">
  71                         <div class="form-group">
  72                             <textarea type='text' name='form_note' class='textarea form-control' rows="3" maxlength="255" placeholder='<?php echo xla('Max 255 characters') ?>'><?php echo attr($row['billing_note']) ?></textarea>
  73                             <label><?php echo xlt('Max 255 characters') ?></label>
  74                         </div>
  75                     </div>
  76                     <div class="form-group">
  77                         <div class="col-sm-12 text-left position-override" id="search-btn">
  78                             <div class="btn-group" role="group">
  79                                 <button type='submit' class="btn btn-primary btn-save" name='form_save' id="btn-save"><?php echo xlt("Save"); ?></button>
  80                                 <button type='submit' class="btn btn-secondary btn-cancel" name='form_cancel' id="btn-cancel" onclick='dlgclose();'><?php echo xlt("Cancel"); ?></button>
  81                             </div>
  82                         </div>
  83                     </div>
  84                 </div>
  85             </form>
  86         </div>
  87     </div><!--end of container div-->
  88 </body>
  89 </html>