interface/forms/treatment_plan/save.php

   1 <?php
   2
   3 /**
   4  * treatment plan form.
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Naina Mohamed <naina@capminds.com>
   9  * @author    Brady Miller <brady.g.miller@gmail.com>
  10  * @copyright Copyright (c) 2012-2013 Naina Mohamed <naina@capminds.com> CapMinds Technologies
  11  * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
  12  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  13  */
  14
  15 require_once(__DIR__ . "/../../globals.php");
  16 require_once("$srcdir/api.inc.php");
  17 require_once("$srcdir/forms.inc.php");
  18
  19 use OpenEMR\Common\Csrf\CsrfUtils;
  20
  21 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  22     CsrfUtils::csrfNotVerified();
  23 }
  24
  25 if (!$encounter) { // comes from globals.php
  26     die(xlt("Internal error: we do not seem to be in an encounter!"));
  27 }
  28
  29 $id = (int) (isset($_GET['id']) ? $_GET['id'] : '');
  30
  31 $sets = "pid = ?,
  32   groupname = ?,
  33   user = ?,
  34   authorized = ?,
  35   activity = 1,
  36   date = NOW(),
  37   provider = ?,
  38   client_name = ?,
  39   client_number = ?,
  40   admit_date = ?,
  41   presenting_issues = ?,
  42   patient_history = ?,
  43   medications = ?,
  44   anyother_relevant_information = ?,
  45   diagnosis = ?,
  46   treatment_received = ?,
  47   recommendation_for_follow_up = ?";
  48
  49 if (empty($id)) {
  50     $newid = sqlInsert(
  51         "INSERT INTO form_treatment_plan SET $sets",
  52         [
  53             $_SESSION["pid"],
  54             $_SESSION["authProvider"],
  55             $_SESSION["authUser"],
  56             $userauthorized,
  57             $_POST["provider"],
  58             $_POST["client_name"],
  59             $_POST["client_number"],
  60             $_POST["admit_date"],
  61             $_POST["presenting_issues"],
  62             $_POST["patient_history"],
  63             $_POST["medications"],
  64             $_POST["anyother_relevant_information"],
  65             $_POST["diagnosis"],
  66             $_POST["treatment_received"],
  67             $_POST["recommendation_for_follow_up"]
  68         ]
  69     );
  70
  71     addForm($encounter, "Treatment Plan", $newid, "treatment_plan", $pid, $userauthorized);
  72 } else {
  73     sqlStatement(
  74         "UPDATE form_treatment_plan SET $sets WHERE id = ?",
  75         [
  76             $_SESSION["pid"],
  77             $_SESSION["authProvider"],
  78             $_SESSION["authUser"],
  79             $userauthorized,
  80             $_POST["provider"],
  81             $_POST["client_name"],
  82             $_POST["client_number"],
  83             $_POST["admit_date"],
  84             $_POST["presenting_issues"],
  85             $_POST["patient_history"],
  86             $_POST["medications"],
  87             $_POST["anyother_relevant_information"],
  88             $_POST["diagnosis"],
  89             $_POST["treatment_received"],
  90             $_POST["recommendation_for_follow_up"],
  91             $id
  92         ]
  93     );
  94 }
  95
  96 formHeader("Redirecting....");
  97 formJump();
  98 formFooter();