4 * Drag and Drop file uploader.
7 * @link https://www.open-emr.org
8 * @author Sherwin Gaddis <sherwingaddis@gmail.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @copyright Copyright (c) 2017 Sherwin Gaddis <sherwingaddis@gmail.com>
12 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
13 * @copyright Copyright (c) 2020-2023 Jerry Padgett <sjpadgett@gmail.com>
14 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
17 // Auth if core or portal.
18 require_once(__DIR__
. "/../../src/Common/Session/SessionUtil.php");
19 OpenEMR\Common\Session\SessionUtil
::portalSessionStart();
21 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
22 $pid = $_SESSION['pid'];
23 $ignoreAuth_onsite_portal = true;
26 OpenEMR\Common\Session\SessionUtil
::portalSessionCookieDestroy();
30 require_once(__DIR__
. "/../../interface/globals.php");
31 require_once(__DIR__
. "/../documents.php");
33 use OpenEMR\Common\Csrf\CsrfUtils
;
34 use OpenEMR\Services\MessageService
;
36 if (!CsrfUtils
::verifyCsrfToken($_REQUEST["csrf_token_form"])) {
37 CsrfUtils
::csrfNotVerified();
40 // check if this is for dicom image maintenance.
41 $action = $_POST['action'] ??
null;
42 $doc_id = (int)$_POST['doc_id'] ??
null;
43 $json_data = $_POST['json_data'] ??
null;
45 if ($action == 'save') {
46 $pass_it = dicom_history_action($action, $doc_id, $json_data);
47 if ($pass_it === 'false') {
48 // query success. send back a translated message for user.
49 echo xlj("Server says thanks. Images state saved.");
51 echo xlj("Error! Images state save failed.");
56 if ($action == 'fetch') {
57 $json_data = dicom_history_action($action, $doc_id);
62 // nope! so continue on with Sherwins uploader.
63 $patient_id = filter_input(INPUT_GET
, 'patient_id');
64 $category_id = filter_input(INPUT_GET
, 'parent_id');
66 if ($isPortal ??
false) {
67 $owner = $GLOBALS['userauthorized'];
68 $files = getMultiple();
69 if (count($files["file"] ??
[]) > 0) {
70 $messageService = new MessageService();
72 $note['groupname'] = 'Default';
73 // will send to all auth'ed portal users
74 $note['to'] = 'portal-user';
75 $note['from'] = 'portal-user';
76 $note['message_status'] = 'New';
77 $note['title'] = 'New Document';
78 $category = sqlQuery("SELECT id FROM categories WHERE name LIKE ?", array($category_id))['id'] ?
: 3;
79 foreach ($files["file"] as $file) {
80 $name = $file['name'];
81 $type = $file['type'];
82 $tmp_name = $file['tmp_name'];
83 $size = $file['size'];
84 $data = addNewDocument(
99 // give user a break and send just one message for multi documents
101 foreach ($rtn as $data) {
102 $names .= '"' . $data['name'] . '", ';
104 if (!empty($names)) {
105 $note['body'] = xl('A Portal Patient has uploaded new documents titled') .
107 xl('to the Documents Onsite Portal Patient category.') . "\n" .
108 xl("Please review and take any necessary actions");
109 $messageService->insert($pid, $note);
111 echo text(json_encode($rtn));
115 if (!empty($_FILES)) {
116 $name = $_FILES['file']['name'];
117 $type = $_FILES['file']['type'];
118 $tmp_name = $_FILES['file']['tmp_name'];
119 $size = $_FILES['file']['size'];
120 $owner = $GLOBALS['userauthorized'];
122 addNewDocument($name, $type, $tmp_name, '', $size, $owner, $patient_id, $category_id);
126 function dicom_history_action($action, $doc_id, $json_data = ''): bool|
string
128 if ($action == 'save') {
129 $json_data = base64_encode($json_data);
130 return json_encode(sqlQuery("UPDATE documents SET document_data = ? WHERE id = ?", array($json_data, $doc_id)));
133 if ($action == 'fetch') {
134 $qrtn = sqlQuery("Select document_data FROM documents WHERE id = ?", array($doc_id));
135 return base64_decode($qrtn['document_data']);
138 return xlj("Unknown");
141 function getMultiple()
144 foreach ($_FILES as $name => $file) {
145 foreach ($file as $property => $keys) {
146 foreach ($keys as $key => $value) {
147 $_FILE[$name][$key][$property] = $value;