search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'master' of https://github.com/openemr/openemr into signer-templates
[openemr.git] / portal / add_edit_event_user.php
blobe37cae93f13005104da15cff7d2f50877fbacbd9
1 <?php
2 /**
3 *
4 * Modified from interface/main/calendar/add_edit_event.php for
5 * the patient portal.
6 *
7 * @package OpenEMR
8 * @link http://www.open-emr.org
9 * @author Rod Roark <rod@sunsetsystems.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @copyright Copyright (C) 2005-2006 Rod Roark <rod@sunsetsystems.com>
13 * @copyright Copyright (C) 2016-2019 Jerry Padgett <sjpadgett@gmail.com>
14 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
15 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
16 */
17
18 // Will start the (patient) portal OpenEMR session/cookie.
19 require_once(dirname(__FILE__) . "/../src/Common/Session/SessionUtil.php");
20 OpenEMR\Common\Session\SessionUtil::portalSessionStart();
21
22 require_once("./../library/pnotes.inc");
23
24 //landing page definition -- where to go if something goes wrong
25 $landingpage = "index.php?site=" . urlencode($_SESSION['site_id']);
26 //
27
28 // kick out if patient not authenticated
29 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
30 $pid = $_SESSION['pid'];
31 } else {
32 OpenEMR\Common\Session\SessionUtil::portalSessionCookieDestroy();
33 header('Location: '.$landingpage.'&w');
34 exit;
35 }
36
37 //
38
39 $ignoreAuth = 1;
40 global $ignoreAuth;
41
42 require_once("../interface/globals.php");
43 require_once("$srcdir/patient.inc");
44 require_once("$srcdir/forms.inc");
45
46 // Exit if the modify calendar for portal flag is not set-pulled for v5
47 /* if (!($GLOBALS['portal_onsite_appt_modify'])) {
48 echo add_escape_custom( xl('You are not authorized to schedule appointments.'),ENT_NOQUOTES);
49 exit;
50 } */
51
52 // Things that might be passed by our opener.
53 //
54 $eid = $_GET['eid']; // only for existing events
55 $date = $_GET['date']; // this and below only for new events
56 $userid = $_GET['userid'];
57 $default_catid = $_GET['catid'] ? $_GET['catid'] : '5';
58 $patientid = $_GET['patid'];
59 //
60
61 if ($date) {
62 $date = substr($date, 0, 4) . '-' . substr($date, 4, 2) . '-' . substr($date, 6);
63 } else {
64 $date = date("Y-m-d");
65 }
66
67 //
68 $starttimem = '00';
69 if (isset($_GET['starttimem'])) {
70 $starttimem = substr('00' . $_GET['starttimem'], -2);
71 }
72
73 //
74 if (isset($_GET['starttimeh'])) {
75 $starttimeh = $_GET['starttimeh'];
76 if (isset($_GET['startampm'])) {
77 if ($_GET['startampm'] == '2' && $starttimeh < 12) {
78 $starttimeh += 12;
79 }
80 }
81 } else {
82 $starttimeh = date("G");
83 }
84
85 $startampm = '';
86
87 $info_msg = "";
88
89 // EVENTS TO FACILITIES (lemonsoftware)
90 //(CHEMED) get facility name
91 // edit event case - if there is no association made, then insert one with the first facility
92 if ($eid) {
93 $selfacil = '';
94 $facility = sqlQuery("SELECT pc_facility, pc_multiple, pc_aid, facility.name
95 FROM openemr_postcalendar_events
96 LEFT JOIN facility ON (openemr_postcalendar_events.pc_facility = facility.id)
97 WHERE pc_eid = ?", array($eid));
98 if (!$facility['pc_facility']) {
99 $qmin = sqlQuery("SELECT facility_id as minId, facility FROM users WHERE id = ?", array($facility['pc_aid']));
100 $min = $qmin['minId'];
101 $min_name = $qmin['facility'];
102
103 // multiple providers case
104 if ($GLOBALS['select_multi_providers']) {
105 $mul = $facility['pc_multiple'];
106 sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_multiple = ?", array($min, $mul));
107 }
108
109 // EOS multiple
110
111 sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_eid = ?", array($min, $eid));
112 $e2f = $min;
113 $e2f_name = $min_name;
114 } else {
115 $e2f = $facility['pc_facility'];
116 $e2f_name = $facility['name'];
117 }
118 }
119
120 // EOS E2F
121 // ===========================
122
123
124 // If we are saving, then save and close the window.
125 //
126 if ($_POST['form_action'] == "save") {
127 //print_r($_POST);
128 //exit();
129 $event_date = fixDate($_POST['form_date']);
130
131 // Compute start and end time strings to be saved.
132 if ($_POST['form_allday']) {
133 $tmph = 0;
134 $tmpm = 0;
135 $duration = 24 * 60;
136 } else {
137 $tmph = $_POST['form_hour'] + 0;
138 $tmpm = $_POST['form_minute'] + 0;
139 if ($_POST['form_ampm'] == '2' && $tmph < 12) {
140 $tmph += 12;
141 }
142
143 $duration = $_POST['form_duration'];
144 }
145
146 $starttime = "$tmph:$tmpm:00";
147 //
148 $tmpm += $duration;
149 while ($tmpm >= 60) {
150 $tmpm -= 60;
151 ++$tmph;
152 }
153
154 $endtime = "$tmph:$tmpm:00";
155
156 // Useless garbage that we must save.
157 $locationspec = 'a:6:{s:14:"event_location";N;s:13:"event_street1";N;' .
158 's:13:"event_street2";N;s:10:"event_city";N;s:11:"event_state";N;s:12:"event_postal";N;}';
159
160 // More garbage, but this time 1 character of it is used to save the
161 // repeat type.
162 if ($_POST['form_repeat']) {
163 $recurrspec = 'a:5:{' .
164 's:17:"event_repeat_freq";s:1:"' . $_POST['form_repeat_freq'] . '";' .
165 's:22:"event_repeat_freq_type";s:1:"' . $_POST['form_repeat_type'] . '";' .
166 's:19:"event_repeat_on_num";s:1:"1";' .
167 's:19:"event_repeat_on_day";s:1:"0";' .
168 's:20:"event_repeat_on_freq";s:1:"0";}';
169 } else {
170 $recurrspec = 'a:5:{' .
171 's:17:"event_repeat_freq";N;' .
172 's:22:"event_repeat_freq_type";s:1:"0";' .
173 's:19:"event_repeat_on_num";s:1:"1";' .
174 's:19:"event_repeat_on_day";s:1:"0";' .
175 's:20:"event_repeat_on_freq";s:1:"1";}';
176 }
177
178 //The modification of the start date for events that take place on one day of the week
179 //for example monday, or thursday. We set the start date on the first day of the week
180 //that the event is scheduled. For example if you set the event to repeat on each monday
181 //the start date of the event will be set on the first monday after the day the event is scheduled
182 if ($_POST['form_repeat_type'] == 5) {
183 $exploded_date= explode("-", $event_date);
184 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
185 if ($edate=="Tue") {
186 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
187 } elseif ($edate=="Wed") {
188 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
189 } elseif ($edate=="Thu") {
190 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
191 } elseif ($edate=="Fri") {
192 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
193 } elseif ($edate=="Sat") {
194 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
195 } elseif ($edate=="Sun") {
196 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
197 }
198 } elseif ($_POST['form_repeat_type'] == 6) {
199 $exploded_date= explode("-", $event_date);
200 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
201 if ($edate=="Wed") {
202 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
203 } elseif ($edate=="Thu") {
204 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
205 } elseif ($edate=="Fri") {
206 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
207 } elseif ($edate=="Sat") {
208 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
209 } elseif ($edate=="Sun") {
210 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
211 } elseif ($edate=="Mon") {
212 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
213 }
214 } elseif ($_POST['form_repeat_type'] == 7) {
215 $exploded_date= explode("-", $event_date);
216 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
217 if ($edate=="Thu") {
218 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
219 } elseif ($edate=="Fri") {
220 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
221 } elseif ($edate=="Sat") {
222 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
223 } elseif ($edate=="Sun") {
224 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
225 } elseif ($edate=="Mon") {
226 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
227 } elseif ($edate=="Tue") {
228 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
229 }
230 } elseif ($_POST['form_repeat_type'] == 8) {
231 $exploded_date= explode("-", $event_date);
232 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
233 if ($edate=="Fri") {
234 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
235 } elseif ($edate=="Sat") {
236 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
237 } elseif ($edate=="Sun") {
238 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
239 } elseif ($edate=="Mon") {
240 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
241 } elseif ($edate=="Tue") {
242 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
243 } elseif ($edate=="Wed") {
244 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
245 }
246 } elseif ($_POST['form_repeat_type'] == 9) {
247 $exploded_date= explode("-", $event_date);
248 $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0]));
249 if ($edate=="Sat") {
250 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+6, $exploded_date[0]));
251 } elseif ($edate=="Sun") {
252 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+5, $exploded_date[0]));
253 } elseif ($edate=="Mon") {
254 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+4, $exploded_date[0]));
255 } elseif ($edate=="Tue") {
256 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+3, $exploded_date[0]));
257 } elseif ($edate=="Wed") {
258 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+2, $exploded_date[0]));
259 } elseif ($edate=="Thu") {
260 $event_date=date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2]+1, $exploded_date[0]));
261 }
262 }//if end
263 /* =======================================================
264 // UPDATE EVENTS
265 ========================================================*/
266 if ($eid) {
267 // what is multiple key around this $eid?
268 $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
269
270 if ($GLOBALS['select_multi_providers'] && $row['pc_multiple']) {
271 /* ==========================================
272 // multi providers BOS
273 ==========================================*/
274
275 // obtain current list of providers regarding the multiple key
276 $up = sqlStatement("SELECT pc_aid FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple']));
277 while ($current = sqlFetchArray($up)) {
278 $providers_current[] = $current['pc_aid'];
279 }
280
281 $providers_new = $_POST['form_provider_ae'];
282
283 // this difference means that some providers from current was UNCHECKED
284 // so we must delete this event for them
285 $r1 = array_diff($providers_current, $providers_new);
286 if (count($r1)) {
287 foreach ($r1 as $to_be_removed) {
288 sqlQuery("DELETE FROM openemr_postcalendar_events WHERE pc_aid = ? AND pc_multiple = ?", array($to_be_removed, $row['pc_multiple']));
289 }
290 }
291
292 // this difference means that some providers was added
293 // so we must insert this event for them
294 $r2 = array_diff($providers_new, $providers_current);
295 if (count($r2)) {
296 foreach ($r2 as $to_be_inserted) {
297 sqlStatement("INSERT INTO openemr_postcalendar_events ( pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility)
298 VALUES ( " .
299 "'" . add_escape_custom($_POST['form_category']) . "', " .
300 "'" . add_escape_custom($row['pc_multiple']) . "', " .
301 "'" . add_escape_custom($to_be_inserted) . "', " .
302 "'" . add_escape_custom($_POST['form_pid']) . "', " .
303 "'" . add_escape_custom($_POST['form_title']) . "', " .
304 "NOW(), " .
305 "'" . add_escape_custom($_POST['form_comments']) . "', " .
306 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
307 "'" . add_escape_custom($event_date) . "', " .
308 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
309 "'" . add_escape_custom(($duration * 60)) . "', " .
310 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
311 "'" . add_escape_custom($recurrspec) . "', " .
312 "'" . add_escape_custom($starttime) . "', " .
313 "'" . add_escape_custom($endtime) . "', " .
314 "'" . add_escape_custom($_POST['form_allday']) . "', " .
315 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
316 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
317 "'" . add_escape_custom($locationspec) . "', " .
318 "1, " .
319 "1, " .(int)$_POST['facility']. " )"); // FF stuff
320 } // foreach
321 } //if count
322
323
324 // after the two diffs above, we must update for remaining providers
325 // those who are intersected in $providers_current and $providers_new
326 foreach ($_POST['form_provider_ae'] as $provider) {
327 sqlStatement("UPDATE openemr_postcalendar_events SET " .
328 "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " .
329 "pc_pid = '" . add_escape_custom($_POST['form_pid']) . "', " .
330 "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " .
331 "pc_time = NOW(), " .
332 "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " .
333 "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " .
334 "pc_eventDate = '" . add_escape_custom($event_date) . "', " .
335 "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
336 "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " .
337 "pc_recurrtype = '" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
338 "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " .
339 "pc_startTime = '" . add_escape_custom($starttime) . "', " .
340 "pc_endTime = '" . add_escape_custom($endtime) . "', " .
341 "pc_alldayevent = '" . add_escape_custom($_POST['form_allday']) . "', " .
342 "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " .
343 "pc_prefcatid = '" . add_escape_custom($_POST['form_prefcat']) . "', " .
344 "pc_facility = '" . (int)$_POST['facility'] . "' " . // FF stuff
345 "WHERE pc_aid = '" . add_escape_custom($provider) . "' AND pc_multiple='" . add_escape_custom($row['pc_multiple']) . "'");
346 } // foreach
347
348 /* ==========================================
349 // multi providers EOS
350 ==========================================*/
351 } elseif (!$row['pc_multiple']) {
352 if ($GLOBALS['select_multi_providers']) {
353 $prov = $_POST['form_provider_ae'][0];
354 } else {
355 $prov = $_POST['form_provider_ae'];
356 }
357 $insert = false;
358 // simple provider case
359 sqlStatement("UPDATE openemr_postcalendar_events SET " .
360 "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " .
361 "pc_aid = '" . add_escape_custom($prov) . "', " .
362 "pc_pid = '" . add_escape_custom($_POST['form_pid']) . "', " .
363 "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " .
364 "pc_time = NOW(), " .
365 "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " .
366 "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " .
367 "pc_eventDate = '" . add_escape_custom($event_date) . "', " .
368 "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
369 "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " .
370 "pc_recurrtype = '" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
371 "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " .
372 "pc_startTime = '" . add_escape_custom($starttime) . "', " .
373 "pc_endTime = '" . add_escape_custom($endtime) . "', " .
374 "pc_alldayevent = '" . add_escape_custom($_POST['form_allday']) . "', " .
375 "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " .
376 "pc_prefcatid = '" . add_escape_custom($_POST['form_prefcat']) . "', " .
377 "pc_facility = '" . (int)$_POST['facility'] ."' " . // FF stuff
378 "WHERE pc_eid = '" . add_escape_custom($eid) . "'");
379 }
380
381 // =======================================
382 // EOS multi providers case
383 // =======================================
384
385 // EVENTS TO FACILITIES
386
387 $e2f = (int)$eid;
388
389 /* =======================================================
390 // INSERT EVENTS
391 ========================================================*/
392 } else {
393 // =======================================
394 // multi providers case
395 // =======================================
396
397 if (is_array($_POST['form_provider_ae'])) {
398 // obtain the next available unique key to group multiple providers around some event
399 $q = sqlStatement("SELECT MAX(pc_multiple) as max FROM openemr_postcalendar_events");
400 $max = sqlFetchArray($q);
401 $new_multiple_value = $max['max'] + 1;
402
403 foreach ($_POST['form_provider_ae'] as $provider) {
404 sqlStatement("INSERT INTO openemr_postcalendar_events ( " .
405 "pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " .
406 "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " .
407 "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " .
408 "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " .
409 ") VALUES ( " .
410 "'" . add_escape_custom($_POST['form_category']) . "', " .
411 "'" . add_escape_custom($new_multiple_value) . "', " .
412 "'" . add_escape_custom($provider) . "', " .
413 "'" . add_escape_custom($_POST['form_pid']) . "', " .
414 "'" . add_escape_custom($_POST['form_title']) . "', " .
415 "NOW(), " .
416 "'" . add_escape_custom($_POST['form_comments']) . "', " .
417 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
418 "'" . add_escape_custom($event_date) . "', " .
419 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
420 "'" . add_escape_custom(($duration * 60)) . "', " .
421 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
422 "'" . add_escape_custom($recurrspec) . "', " .
423 "'" . add_escape_custom($starttime) . "', " .
424 "'" . add_escape_custom($endtime) . "', " .
425 "'" . add_escape_custom($_POST['form_allday']) . "', " .
426 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
427 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
428 "'" . add_escape_custom($locationspec) . "', " .
429 "1, " .
430 "1, " .(int)$_POST['facility']. " )"); // FF stuff
431 } // foreach
432 } else {
433 $_POST['form_apptstatus'] = '^';
434 $insert = true;
435 sqlStatement("INSERT INTO openemr_postcalendar_events ( " .
436 "pc_catid, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " .
437 "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " .
438 "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " .
439 "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " .
440 ") VALUES ( " .
441 "'" . add_escape_custom($_POST['form_category']) . "', " .
442 "'" . add_escape_custom($_POST['form_provider_ae']) . "', " .
443 "'" . add_escape_custom($_POST['form_pid']) . "', " .
444 "'" . add_escape_custom($_POST['form_title']) . "', " .
445 "NOW(), " .
446 "'" . add_escape_custom($_POST['form_comments']) . "', " .
447 "'" . add_escape_custom($_SESSION['providerId']) . "', " .
448 "'" . add_escape_custom($event_date) . "', " .
449 "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " .
450 "'" . add_escape_custom(($duration * 60)) . "', " .
451 "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " .
452 "'" . add_escape_custom($recurrspec) . "', " .
453 "'" . add_escape_custom($starttime) . "', " .
454 "'" . add_escape_custom($endtime) . "', " .
455 "'" . add_escape_custom($_POST['form_allday']) . "', " .
456 "'" . add_escape_custom($_POST['form_apptstatus']) . "', " .
457 "'" . add_escape_custom($_POST['form_prefcat']) . "', " .
458 "'" . add_escape_custom($locationspec) . "', " .
459 "1, " .
460 "1, " . (int)$_POST['facility'] . ")"); // FF stuff
461 } // INSERT single
462 } // else - insert
463 } else if ($_POST['form_action'] == "delete") {
464 // =======================================
465 // multi providers case
466 // =======================================
467 if ($GLOBALS['select_multi_providers']) {
468 // what is multiple key around this $eid?
469 $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
470 if ($row['pc_multiple']) {
471 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple']));
472 } else {
473 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
474 }
475
476 // =======================================
477 // EOS multi providers case
478 // =======================================
479 } else {
480 sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
481 }
482 }
483
484 if ($_POST['form_action'] != "") {
485 // Leave
486 $type = $insert ? xl("A New Appointment") : xl("An Updated Appointment");
487 $note = $type . " " . xl("request was received from portal patient") . " ";
488 $note .= $_SESSION['ptName'] . " " . xl("regarding appointment dated") . " " . $event_date . " " . $starttime . ". ";
489 $note .= !empty($_POST['form_comments']) ? (xl("Reason") . " " . $_POST['form_comments']) : "";
490 $note .= ". " . xl("Use Portal Dashboard to confirm with patient.");
491 $title = xl("Patient Reminders");
492 $user = sqlQueryNoLog("SELECT users.username FROM users WHERE authorized = 1 And id = ?", array($_POST['form_provider_ae']));
493 $rtn = addPnote($_POST['form_pid'], $note, 1, 1, $title, $user['username'], '', 'New');
494
495 $_SESSION['whereto'] = 'appointmentpanel';
496 header('Location:./home.php#appointmentpanel');
497 exit();
498 }
499
500 // If we get this far then we are displaying the form.
501
502 $statuses = array(
503 '-' => '',
504 '*' => xl('* Reminder done'),
505 '+' => xl('+ Chart pulled'),
506 'x' => xl('x Cancelled'), // added Apr 2008 by JRM
507 '?' => xl('? No show'),
508 '@' => xl('@ Arrived'),
509 '~' => xl('~ Arrived late'),
510 '!' => xl('! Left w/o visit'),
511 '#' => xl('# Ins/fin issue'),
512 '<' => xl('< In exam room'),
513 '>' => xl('> Checked out'),
514 '$' => xl('$ Coding done'),
515 '^' => xl('^ Pending'),
516 );
517
518 $repeats = 0; // if the event repeats
519 $repeattype = '0';
520 $repeatfreq = '0';
521 $patienttitle = "";
522 $hometext = "";
523 $row = array();
524
525 // If we are editing an existing event, then get its data.
526 if ($eid) {
527 $row = sqlQuery("SELECT * FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid));
528 $date = $row['pc_eventDate'];
529 $userid = $row['pc_aid'];
530 $patientid = $row['pc_pid'];
531 $starttimeh = substr($row['pc_startTime'], 0, 2) + 0;
532 $starttimem = substr($row['pc_startTime'], 3, 2);
533 $repeats = $row['pc_recurrtype'];
534 $multiple_value = $row['pc_multiple'];
535
536 if (preg_match('/"event_repeat_freq_type";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) {
537 $repeattype = $matches[1];
538 }
539
540 if (preg_match('/"event_repeat_freq";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) {
541 $repeatfreq = $matches[1];
542 }
543
544 $hometext = $row['pc_hometext'];
545 if (substr($hometext, 0, 6) == ':text:') {
546 $hometext = substr($hometext, 6);
547 }
548 } else {
549 $patientid=$_GET['pid'];
550 }
551
552 // If we have a patient ID, get the name and phone numbers to display.
553 if ($patientid) {
554 $prow = sqlQuery("SELECT lname, fname, phone_home, phone_biz, DOB " .
555 "FROM patient_data WHERE pid = ?", array($patientid));
556 $patientname = $prow['lname'] . ", " . $prow['fname'];
557 if ($prow['phone_home']) {
558 $patienttitle .= " H=" . $prow['phone_home'];
559 }
560
561 if ($prow['phone_biz']) {
562 $patienttitle .= " W=" . $prow['phone_biz'];
563 }
564 }
565
566 // Get the providers list.
567 $ures = sqlStatement("SELECT id, username, fname, lname FROM users WHERE " .
568 "authorized != 0 AND active = 1 ORDER BY lname, fname");
569
570 //-------------------------------------
571 //(CHEMED)
572 //Set default facility for a new event based on the given 'userid'
573 if ($userid) {
574 $pref_facility = sqlFetchArray(sqlStatement("SELECT facility_id, facility FROM users WHERE id = ?", array($userid)));
575 $e2f = $pref_facility['facility_id'];
576 $e2f_name = $pref_facility['facility'];
577 }
578
579 //END of CHEMED -----------------------
580
581 // Get event categories.
582 $cres = sqlStatement("SELECT pc_catid, pc_catname, pc_recurrtype, pc_duration, pc_end_all_day " .
583 "FROM openemr_postcalendar_categories ORDER BY pc_catname");
584
585 // Fix up the time format for AM/PM.
586 $startampm = '1';
587 if ($starttimeh >= 12) { // p.m. starts at noon and not 12:01
588 $startampm = '2';
589 if ($starttimeh > 12) {
590 $starttimeh -= 12;
591 }
592 }
593
594 ?>
595 <html>
596 <head>
597
598 <title><?php echo $eid ? xlt("Edit Event") : xlt("Add New Event"); ?></title>
599
600 <link href="assets/css/style.css?v=<?php echo $v_js_includes; ?>" rel="stylesheet" type="text/css" />
601 <script type="text/javascript" src="<?php echo $webroot ?>/interface/main/tabs/js/include_opener.js"></script>
602 </head>
603
604 <body class="skin-blue" >
605 <div class="well">
606 <form class="form-inline" method='post' name='theaddform' id='theaddform' action='add_edit_event_user.php?eid=<?php echo attr_url($eid); ?>'>
607 <input type="hidden" name="form_action" id="form_action" value="">
608 <input type='hidden' name='form_category' id='form_category' value='<?php echo $row['pc_catid'] ? attr($row['pc_catid']) : '5'; ?>' />
609 <input type='hidden' name='form_apptstatus' id='form_apptstatus' value='<?php echo $row['pc_apptstatus'] ? attr($row['pc_apptstatus']) : "^" ?>' />
610 <table border='0' width='100%'>
611 <tr>
612 <td width='1%' nowrap>
613 <b><?php echo xlt('Visit'); ?>: </b>
614 </td>
615 <td nowrap style='padding:0px 5px 5px 0'>
616 <input class="form-control" type="text" id='form_title' name='form_title' value='<?php echo ($row['pc_title'] > "") ? attr($row['pc_title']) : xla('Office Visit'); ?>' readonly='readonly'/>
617 </td>
618 <td></td>
619 <td width='1%' nowrap>
620 <b><?php echo xlt('Date'); ?>:</b>
621 </td>
622 <td colspan='2' nowrap id='tdallday1'>
623 <input class="form-control" type='text' size='10' name='form_date' readonly id='form_date'
624 value='<?php echo (isset($eid) && $eid) ? attr($row['pc_eventDate']) : attr($date); ?>' />
625 </td>
626 </tr>
627 <tr>
628 <td nowrap>
629 <b><?php //xl('Title','e'); ?></b>
630 </td>
631 <td style='padding:0px 5px 5px 0' nowrap>
632 <!-- <input class="form-control input-sm" type='text' size='10' name='form_title' readonly value='<?php //echo htmlspecialchars($row['pc_title'],ENT_QUOTES) ?>' title='<?php //xl('Event title','e'); ?>' /> -->
633 </td>
634 <td nowrap>
635 </td>
636 <td width='1%' nowrap id='tdallday2'>
637 <b><?php echo xlt('Time');?>:</b>
638 </td>
639 <td width='1%' nowrap id='tdallday3'>
640 <input class="form-control inline" type='text' size='2' name='form_hour' value='<?php echo (isset($eid)) ? $starttimeh : ''; ?>'
641 title='<?php echo xla('Event start time'); ?>' readonly/> :
642 <input class="form-control inline" type='text' size='2' name='form_minute' value='<?php echo (isset($eid)) ? $starttimem : ''; ?>'
643 title='<?php echo xla('Event start time'); ?>' readonly/>&nbsp; <!-- -->
644 <select class="form-control" name='form_ampm' title='Note: 12:00 noon is PM, not AM' readonly >
645 <option value='1'><?php echo xlt('AM'); ?></option>
646 <option value='2'<?php echo ($startampm == '2') ? " selected" : ""; ?>><?php echo xlt('PM'); ?></option>
647 </select>
648 </td>
649 </tr>
650 <tr>
651 <td nowrap>
652 <b><?php echo xlt('Patient'); ?>:</b>
653 </td>
654 <td style='padding:0px 5px 5px 0' nowrap>
655 <input class="form-control" type='text' id='form_patient' name='form_patient' value='<?php echo attr($patientname); ?>' title='Patient' readonly />
656 <input type='hidden' name='form_pid' value='<?php echo attr($patientid); ?>' />
657 </td>
658 <td nowrap>
659 &nbsp;
660 </td>
661 <td nowrap id='tdallday4'><?php echo xlt('Duration'); ?></td>
662 <td nowrap id='tdallday5'>
663 <input class="form-control input-sm" type='text' size='1' name='form_duration' value='<?php echo $row['pc_duration'] ? ($row['pc_duration']*1/60) : "15" ?>' readonly /><?php echo "&nbsp" . xlt('minutes'); ?>
664 </td>
665 </tr>
666 <tr>
667 </tr>
668 <tr>
669 <td nowrap>
670 <b><?php echo xlt('Provider'); ?>:</b>
671 </td>
672 <td style='padding:0px 5px 5px 0' nowrap>
673 <select class="form-control" name='form_provider_ae' id='form_provider_ae' onchange='change_provider();'>
674 <?php
675 // present a list of providers to choose from
676 // default to the currently logged-in user
677 while ($urow = sqlFetchArray($ures)) {
678 echo " <option value='" . attr($urow['id']) . "'";
679 if (($urow['id'] == $_GET['userid'])||($urow['id']== $userid)) {
680 echo " selected";
681 }
682
683 echo ">" . text($urow['lname']);
684 if ($urow['fname']) {
685 echo ", " . text($urow['fname']);
686 }
687
688 echo "</option>\n";
689 }
690 ?>
691 </select>
692 </td>
693 <td nowrap style='font-size:8pt'>
694 </td>
695 <td><input type='button' class='btn btn-danger btn-sm' value='<?php echo xla('Openings');?>' onclick='find_available()' /></td>
696 <td></td>
697 </tr>
698 <tr>
699 <td nowrap>
700 <b><?php echo xlt('Reason'); ?>:</b>
701 </td>
702 <td style='padding:0px 5px 5px 0' colspan='4' nowrap>
703 <input class="form-control" type='text' size='40' name='form_comments' style='width:100%' value='<?php echo attr($hometext); ?>' title='<?php echo xla('Optional information about this event'); ?>' />
704 </td>
705 </tr>
706 </table>
707 <p>
708 <input type='button' name='form_save' class='btn btn-success btn-md' onsubmit='return false' value='<?php echo xla('Save'); ?>' onclick="validate()" />
709 &nbsp;
710 </p>
711 </form>
712 <script>
713
714 var durations = new Array();
715 <?php
716 // Read the event categories, generate their options list, and get
717 // the default event duration from them if this is a new event.
718 $catoptions = "";
719 $prefcat_options = " <option value='0'>-- None --</option>\n";
720 $thisduration = 0;
721 if ($eid) {
722 $thisduration = $row['pc_alldayevent'] ? 1440 : round($row['pc_duration'] / 60);
723 }
724
725 while ($crow = sqlFetchArray($cres)) {
726 $duration = round($crow['pc_duration'] / 60);
727 if ($crow['pc_end_all_day']) {
728 $duration = 1440;
729 }
730
731 echo " durations[" . attr($crow['pc_catid']) . "] = " . text($duration) . "\n";
732 // echo " rectypes[" . $crow['pc_catid'] . "] = " . $crow['pc_recurrtype'] . "\n";
733 $catoptions .= " <option value='" . attr($crow['pc_catid']) . "'";
734 if ($eid) {
735 if ($crow['pc_catid'] == $row['pc_catid']) {
736 $catoptions .= " selected";
737 }
738 } else {
739 if ($crow['pc_catid'] == $default_catid) {
740 $catoptions .= " selected";
741 $thisduration = $duration;
742 }
743 }
744
745 $catoptions .= ">" . text($crow['pc_catname']) . "</option>\n";
746
747 // This section is to build the list of preferred categories:
748 if ($duration) {
749 $prefcat_options .= " <option value='" . attr($crow['pc_catid']) . "'";
750 if ($eid) {
751 if ($crow['pc_catid'] == $row['pc_prefcatid']) {
752 $prefcat_options .= " selected";
753 }
754 }
755
756 $prefcat_options .= ">" . text($crow['pc_catname']) . "</option>\n";
757 }
758 }
759 ?>
760
761 // This is for callback by the find-patient popup.
762 function setpatient(pid, lname, fname, dob) {
763 var f = document.forms.namedItem("theaddform");
764 f.form_patient.value = lname + ', ' + fname;
765 f.form_pid.value = pid;
766 dobstyle = (dob == '' || dob.substr(5, 10) == '00-00') ? '' : 'none';
767 document.getElementById('dob_row').style.display = dobstyle;
768 }
769 function change_provider(){
770 var f = document.forms.namedItem("theaddform");
771 f.form_date.value='';
772 f.form_hour.value='';
773 f.form_minute.value='';
774 }
775 // This is for callback by the find-patient popup.
776 function unsetpatient() {
777 var f = document.forms.namedItem("theaddform");
778 f.form_patient.value = '';
779 f.form_pid.value = '';
780 }
781
782 // This invokes the find-patient popup.
783 function sel_patient() {
784 dlgopen('find_patient_popup.php', '_blank', 500, 400);
785 }
786
787 // Do whatever is needed when a new event category is selected.
788 // For now this means changing the event title and duration.
789 function set_display() {
790 var f = document.forms.namedItem("theaddform");
791 var si = document.getElementById('form_category');
792 if (si.selectedIndex >= 0) {
793 var catid = si.options[si.selectedIndex].value;
794 var style_apptstatus = document.getElementById('title_apptstatus').style;
795 var style_prefcat = document.getElementById('title_prefcat').style;
796 if (catid == '2') { // In Office
797 style_apptstatus.display = 'none';
798 style_prefcat.display = '';
799 f.form_apptstatus.style.display = 'none';
800 f.form_prefcat.style.display = '';
801 } else {
802 style_prefcat.display = 'none';
803 style_apptstatus.display = '';
804 f.form_prefcat.style.display = 'none';
805 f.form_apptstatus.style.display = '';
806 }
807 }
808 }
809
810 // Gray out certain fields according to selection of Category DDL
811 function categoryChanged() {
812 var value = '5';
813
814 document.getElementById("form_patient").disabled=false;
815 //document.getElementById("form_apptstatus").disabled=false;
816 //document.getElementById("form_prefcat").disabled=false;
817
818 }
819
820 // Do whatever is needed when a new event category is selected.
821 // For now this means changing the event title and duration.
822 function set_category() {
823 var f = document.forms.namedItem("theaddform");
824 var s = f.form_category;
825 if (s.selectedIndex >= 0) {
826 var catid = s.options[s.selectedIndex].value;
827 f.form_title.value = s.options[s.selectedIndex].text;
828 f.form_duration.value = durations[catid];
829 set_display();
830 }
831 }
832
833 // Modify some visual attributes when the all-day or timed-event
834 // radio buttons are clicked.
835 function set_allday() {
836 var f = document.forms.namedItem("theaddform");
837 var color1 = '#777777';
838 var color2 = '#777777';
839 var disabled2 = true;
840 /*if (document.getElementById('rballday1').checked) {
841 color1 = '#000000';
842 }
843 if (document.getElementById('rballday2').checked) {
844 color2 = '#000000';
845 disabled2 = false;
846 }*/
847 document.getElementById('tdallday1').style.color = color1;
848 document.getElementById('tdallday2').style.color = color2;
849 document.getElementById('tdallday3').style.color = color2;
850 document.getElementById('tdallday4').style.color = color2;
851 document.getElementById('tdallday5').style.color = color2;
852 f.form_hour.disabled = disabled2;
853 f.form_minute.disabled = disabled2;
854 f.form_ampm.disabled = disabled2;
855 f.form_duration.disabled = disabled2;
856 }
857
858 // Modify some visual attributes when the Repeat checkbox is clicked.
859 function set_repeat() {
860 var f = document.forms.namedItem("theaddform");
861 var isdisabled = true;
862 var mycolor = '#777777';
863 var myvisibility = 'hidden';
864 /*if (f.form_repeat.checked) {
865 isdisabled = false;
866 mycolor = '#000000';
867 myvisibility = 'visible';
868 }*/
869 //f.form_repeat_type.disabled = isdisabled;
870 //f.form_repeat_freq.disabled = isdisabled;
871 //f.form_enddate.disabled = isdisabled;
872 document.getElementById('tdrepeat1').style.color = mycolor;
873 document.getElementById('tdrepeat2').style.color = mycolor;
874 document.getElementById('img_enddate').style.visibility = myvisibility;
875 }
876
877 // This is for callback by the find-available popup.
878 function setappt(year,mon,mday,hours,minutes) {
879 var f = document.forms.namedItem("theaddform");
880 f.form_date.value = '' + year + '-' +
881 ('' + (mon + 100)).substring(1) + '-' +
882 ('' + (mday + 100)).substring(1);
883 f.form_ampm.selectedIndex = (hours >= 12) ? 1 : 0;
884 f.form_hour.value = (hours > 12) ? hours - 12 : hours;
885 f.form_minute.value = ('' + (minutes + 100)).substring(1);
886 }
887
888 // Invoke the find-available popup.
889 function find_available() {
890 // when making an appointment for a specific provider
891 var se = document.getElementById('form_provider_ae');
892 <?php if ($userid != 0) { ?>
893 s = se.value;
894 <?php } else {?>
895 s = se.options[se.selectedIndex].value;
896 <?php }?>
897 var formDate = document.getElementById('form_date');
898 var url = 'find_appt_popup_user.php?bypatient&providerid=' + encodeURIComponent(s) + '&catid=5' + '&startdate=' + encodeURIComponent(formDate.value);
899 var params = {
900 buttons: [
901 {text: <?php echo xlj('Cancel'); ?>, close: true, style: 'danger btn-sm'}
902
903 ],
904 allowResize: true,
905 dialogId: 'apptDialog',
906 type: 'iframe'
907 };
908 dlgopen(url, 'apptFind', 'modal-md', 300, '', 'Find Date', params);
909 }
910
911 // Check for errors when the form is submitted.
912 function validate() {
913 var f = document.getElementById('theaddform');
914 if (!f.form_date.value || !f.form_hour.value || !f.form_minute.value) {
915 alert('Please click on "Openings" to select a time.');
916 return false;
917 }
918
919 // in lunch outofoffice reserved vacation
920 // f.form_category.value='2';
921 if (f.form_patient.value=='Click to select' && (!(
922 f.form_category.value=='2' || f.form_category.value=='8' || f.form_category.value=='3' || f.form_category.value=='4' || f.form_category.value=='11'
923 || f.form_category.value=='10'))) {
924 alert('Please select a patient.');
925 return false;
926 } else if (f.form_category.value=='10') {
927 unsetpatient();
928 }
929 var form_action = document.getElementById('form_action');
930 form_action.value="save";
931 f.submit();
932 return false;
933 }
934
935 function deleteEvent() {
936 if (confirm("Deleting this event cannot be undone. It cannot be recovered once it is gone. Are you sure you wish to delete this event?")) {
937 var f = document.getElementById('theaddform');
938 var form_action = document.getElementById('form_action');
939 form_action.value="delete";
940 f.submit();
941 return true;
942 }
943 return false;
944 }
945
946 <?php if ($eid) { ?>
947 set_display();
948 <?php } ?>
949
950 $(function() {
951 $('.datepicker').datetimepicker({
952 <?php $datetimepicker_timepicker = false; ?>
953 <?php $datetimepicker_showseconds = false; ?>
954 <?php $datetimepicker_formatInput = false; ?>
955 <?php require($GLOBALS['srcdir'] . '/js/xl/jquery-datetimepicker-2-5-4.js.php'); ?>
956 <?php // can add any additional javascript settings to datetimepicker here; need to prepend first setting with a comma ?>
957 });
958 });
959 </script>
960 </div>
961 </body>
962 </html>
Mirror of official OpenEMR Sourceforge repository