interface/forms/transfer_summary/save.php

   1 <?php
   2
   3 /**
   4  * transfer summary form.
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Naina Mohamed <naina@capminds.com>
   9  * @author    Brady Miller <brady.g.miller@gmail.com>
  10  * @copyright Copyright (c) 2012-2013 Naina Mohamed <naina@capminds.com> CapMinds Technologies
  11  * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
  12  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  13  */
  14
  15 require_once(__DIR__ . "/../../globals.php");
  16 require_once("$srcdir/api.inc.php");
  17 require_once("$srcdir/forms.inc.php");
  18
  19 use OpenEMR\Common\Csrf\CsrfUtils;
  20
  21 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  22     CsrfUtils::csrfNotVerified();
  23 }
  24
  25 if (!$encounter) { // comes from globals.php
  26     die(xlt("Internal error: we do not seem to be in an encounter!"));
  27 }
  28
  29 $id = (int) (isset($_GET['id']) ? $_GET['id'] : '');
  30
  31 $sets = "pid = ?,
  32   groupname = ?,
  33   user = ?,
  34   authorized = ?,
  35   activity = 1,
  36   date = NOW(),
  37   provider = ?,
  38   client_name = ?,
  39   transfer_to = ?,
  40   transfer_date = ?,
  41   status_of_admission = ?,
  42   diagnosis = ?,
  43   intervention_provided = ?,
  44   overall_status_of_discharge = ?";
  45
  46
  47 if (empty($id)) {
  48     $newid = sqlInsert(
  49         "INSERT INTO form_transfer_summary SET $sets",
  50         [
  51             $_SESSION["pid"],
  52             $_SESSION["authProvider"],
  53             $_SESSION["authUser"],
  54             $userauthorized,
  55             $_POST["provider"],
  56             $_POST["client_name"],
  57             $_POST["transfer_to"],
  58             $_POST["transfer_date"],
  59             $_POST["status_of_admission"],
  60             $_POST["diagnosis"],
  61             $_POST["intervention_provided"],
  62             $_POST["overall_status_of_discharge"]
  63         ]
  64     );
  65     addForm($encounter, "Transfer Summary", $newid, "transfer_summary", $pid, $userauthorized);
  66 } else {
  67     sqlStatement(
  68         "UPDATE form_transfer_summary SET $sets WHERE id = ?",
  69         [
  70             $_SESSION["pid"],
  71             $_SESSION["authProvider"],
  72             $_SESSION["authUser"],
  73             $userauthorized,
  74             $_POST["provider"],
  75             $_POST["client_name"],
  76             $_POST["transfer_to"],
  77             $_POST["transfer_date"],
  78             $_POST["status_of_admission"],
  79             $_POST["diagnosis"],
  80             $_POST["intervention_provided"],
  81             $_POST["overall_status_of_discharge"],
  82             $id
  83         ]
  84     );
  85 }
  86
  87 formHeader("Redirecting....");
  88 formJump();
  89 formFooter();