search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #7535 from stephenwaite/bug_fix_w1
[openemr.git] / interface / patient_file / summary / disclosure_full.php
blobad5e9b5b3583dd20703751774d91bd2b99791500
1 <?php
2
3 /**
4 * Patient disclosures main screen.
5 *
6 * @package OpenEMR
7 * @link http://www.open-emr.org
8 * @author Visolve <vicareplus_engg@visolve.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) Visolve <vicareplus_engg@visolve.com>
11 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
13 */
14
15 require_once("../../globals.php");
16 require_once("$srcdir/options.inc.php");
17
18 use OpenEMR\Common\Acl\AclMain;
19 use OpenEMR\Common\Csrf\CsrfUtils;
20 use OpenEMR\Common\Logging\EventAuditLogger;
21 use OpenEMR\Common\Twig\TwigContainer;
22 use OpenEMR\Core\Header;
23
24 // Control access
25 if (!AclMain::aclCheckCore('patients', 'disclosure')) {
26 echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Disclosures")]);
27 exit;
28 }
29 $authWrite = AclMain::aclCheckCore('patients', 'disclosure', '', 'write');
30 $authAddonly = AclMain::aclCheckCore('patients', 'disclosure', '', 'addonly');
31
32 //retrieve the user name
33 $res = sqlQuery("select username from users where username=?", array($_SESSION["authUser"]));
34 $uname = $res["username"];
35 //if the mode variable is set to disclosure, retrieve the values from 'disclosure_form ' in record_disclosure.php to store it in database.
36 if (isset($_POST["mode"]) and $_POST["mode"] == "disclosure") {
37 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
38 CsrfUtils::csrfNotVerified();
39 }
40
41 $dates = trim($_POST['dates']);
42 $event = trim($_POST['form_disclosure_type']);
43 $recipient_name = trim($_POST['recipient_name']);
44 $disclosure_desc = trim($_POST['desc_disc']);
45 $disclosure_id = trim($_POST['disclosure_id'] ?? '');
46 if (isset($_POST["updatemode"]) and $_POST["updatemode"] == "disclosure_update") {
47 if (!$authWrite) {
48 echo xlt('Not Authorized');
49 exit;
50 }
51 //update the recorded disclosure in the extended_log table.
52 EventAuditLogger::instance()->updateRecordedDisclosure($dates, $event, $recipient_name, $disclosure_desc, $disclosure_id);
53 } else {
54 if (!$authWrite && !$authAddonly) {
55 echo xlt('Not Authorized');
56 exit;
57 }
58 //insert the disclosure records in the extended_log table.
59 EventAuditLogger::instance()->recordDisclosure($dates, $event, $pid, $recipient_name, $disclosure_desc, $uname);
60 }
61 // added ajax submit to record_disclosure thus an exit() 12/19/17
62 exit();
63 }
64
65 if (isset($_GET['deletelid'])) {
66 if (!CsrfUtils::verifyCsrfToken($_GET["csrf_token_form"])) {
67 CsrfUtils::csrfNotVerified();
68 }
69
70 if (!$authWrite) {
71 echo xlt('Not Authorized');
72 exit;
73 }
74
75 $deletelid = $_GET['deletelid'];
76 //function to delete the recorded disclosures
77 EventAuditLogger::instance()->deleteDisclosure($deletelid);
78 }
79 ?>
80 <html>
81 <head>
82
83 <?php Header::setupHeader(['common']); ?>
84
85 </head>
86
87 <body>
88 <div class="container mt-3">
89 <div class="row">
90 <div class="col-12">
91 <h2 class="title">
92 <?php echo xlt('Disclosures'); ?>
93 <?php echo xlt('for'); ?>&nbsp;
94 <a href="../summary/demographics.php" onclick="top.restoreSession()">
95 <?php $pname = getPatientName($pid);
96 echo text($pname); ?>
97 </a>
98 </h2>
99 </div>
100 <div class="col-12">
101 <?php if ($authWrite || $authAddonly) { ?>
102 <a href="record_disclosure.php" class="btn btn-primary iframe" onclick="top.restoreSession()"><?php echo xlt('Record'); ?></a>
103 <?php } ?>
104 <a href="demographics.php" class="btn btn-primary" onclick="top.restoreSession()"> <?php echo xlt('View Patient') ?></a>
105 </div>
106 <div class="col-12 jumbotron mt-3 p-4">
107 <?php
108 $N = 15;
109 $offset = $_REQUEST['offset'] ?? 0;
110
111 $disclQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
112 " LEFT JOIN users u ON u.username = el.user " .
113 " WHERE el.patient_id = ? AND el.event IN (SELECT option_id FROM list_options WHERE list_id='disclosure_type' AND activity = 1)" .
114 " ORDER BY el.date DESC ";
115 $r2 = sqlStatement($disclQry, array($pid));
116 $totalRecords = sqlNumRows($r2);
117
118 $disclInnerQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
119 " LEFT JOIN users u ON u.username = el.user" .
120 " WHERE patient_id = ? AND event IN (SELECT option_id FROM list_options WHERE list_id = 'disclosure_type' AND activity = 1)" .
121 " ORDER BY date DESC LIMIT " . escape_limit($offset) . " , " . escape_limit($N);
122
123 $r1 = sqlStatement($disclInnerQry, array($pid));
124 $n = sqlNumRows($r1);
125 $noOfRecordsLeft = ($totalRecords - $offset);
126 if ($n > 0) {?>
127 <div class="table-responsive">
128 <table class="table table-borderless">
129 <tr>
130 <td colspan='5'><a href="disclosure_full.php" id='Submit' onclick="top.restoreSession()"><span><?php echo xlt('Refresh'); ?></span></a></td>
131 </tr>
132 </table>
133 <div id='pnotes'>
134 <table class="table table-borderless">
135 <tr class="showborder_head">
136 <th style='width: 120px';>&nbsp;</th>
137 <th width="140px"><?php echo xlt('Recipient Name'); ?></th>
138 <th width="140px"><?php echo xlt('Disclosure Type'); ?></th>
139 <th><?php echo xlt('Description'); ?></th>
140 <th><?php echo xlt('Provider'); ?></th>
141 </tr>
142 <?php
143 $result2 = array();
144 for ($iter = 0; $frow = sqlFetchArray($r1); $iter++) {
145 $result2[$iter] = $frow;
146 }
147
148 foreach ($result2 as $iter) { ?>
149 <!-- List the recipient name, description, date and edit and delete options-->
150 <tr class="noterow" height='25'>
151 <!--buttons for edit and delete.-->
152 <td class="align-top text-nowrap">
153 <?php if ($authWrite) { ?>
154 <a href='record_disclosure.php?editlid=<?php echo attr_url($iter['id']); ?>' class='btn btn-primary btn-sm btn-edit iframe' onclick='top.restoreSession()'><?php echo xlt('Edit');?></a>
155 <a href='#' class='deletenote btn btn-danger btn-delete btn-sm' id='<?php echo attr($iter['id']); ?>' onclick='top.restoreSession()'><?php echo xlt('Delete');?></a>
156 <?php } ?>
157 </td>
158 <td class="align-top" valign='top'><?php echo text($iter['recipient']);?>&nbsp;</td>
159 <td class='align-top' valign='top'><?php echo text(getListItemTitle('disclosure_type', $iter['event'])); ?>&nbsp;</td>
160 <td><?php echo text($iter['date']) . " " . nl2br(text($iter['description']));?>&nbsp;</td>
161 <td><?php echo text($iter['user_fullname']);?></td>
162 </tr>
163 <?php
164 }
165 } else {?>
166 <br />
167 <!-- Display None, if there is no disclosure -->
168 <span colspan='3'><?php echo xlt('None{{Disclosure}}');?></span>
169 <?php
170 }
171 ?>
172 </table>
173 <table class="table table-borderless">
174 <tr>
175 <td>
176 <?php
177 if ($offset > ($N - 1) && $n != 0) {
178 echo " <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
179 "&offset=" . attr_url($offset - $N) . "' onclick='top.restoreSession()'>[" .
180 xlt('Previous') . "]</a>\n";
181 }
182 ?>
183
184 <?php
185
186 if ($n >= $N && $noOfRecordsLeft != $N) {
187 echo "&nbsp;&nbsp; <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
188 "&offset=" . attr_url($offset + $N) . "&leftrecords=" . attr_url($noOfRecordsLeft) . "' onclick='top.restoreSession()'>[" .
189 xlt('Next') . "]</a>\n";
190 }
191 ?>
192 </td>
193 </tr>
194 </table>
195 </div>
196 </div>
197 </div>
198 </div>
199 </div>
200
201 <script>
202 $(function () {
203 // todo, move this to a common library
204 //for row highlight.
205 $(".noterow").mouseover(function () {
206 $(this).toggleClass("highlight");
207 });
208 $(".noterow").mouseout(function () {
209 $(this).toggleClass("highlight");
210 });
211
212 //for deleting the disclosures
213 $(".deletenote").click(function () {
214 DeleteNote(this);
215 });
216
217 var DeleteNote = function (logevent) {
218 if (confirm(<?php echo xlj('Are you sure you want to delete this disclosure?'); ?> + "\n " + <?php echo xlj('This action CANNOT be undone.'); ?>)) {
219 top.restoreSession();
220 window.location.replace("disclosure_full.php?deletelid=" + encodeURIComponent(logevent.id) + "&csrf_token_form=" + <?php echo js_url(CsrfUtils::collectCsrfToken()); ?>);
221 }
222 }
223
224 $(".iframe").on('click', function(e) {
225 e.preventDefault();e.stopPropagation();
226 dlgopen('', '', 500, 310, '', '', {
227 allowResize: true,
228 allowDrag: true,
229 dialogId: '',
230 type: 'iframe',
231 url: $(this).attr('href')
232 });
233 });
234
235 });
236 // for record disclosure dlgclose callback
237 function refreshme() {
238 top.restoreSession();
239 document.location.reload();
240 }
241 </script>
242 </body>
243 </html>
244
245
Mirror of official OpenEMR Sourceforge repository