search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Addressing SQL syntax issue in messages.php
[openemr.git] / interface / main / messages / messages.php
blob533c8029b138908501095291445fb5715397fe18
1 <?php
2 // Copyright (C) 2010 OpenEMR Support LLC
3 // This program is free software; you can redistribute it and/or
4 // modify it under the terms of the GNU General Public License
5 // as published by the Free Software Foundation; either version 2
6 // of the License, or (at your option) any later version.
7
8 //SANITIZE ALL ESCAPES
9 $sanitize_all_escapes=true;
10 //
11
12 //STOP FAKE REGISTER GLOBALS
13 $fake_register_globals=false;
14 //
15
16 require_once("../../globals.php");
17 require_once("$srcdir/pnotes.inc");
18 require_once("$srcdir/patient.inc");
19 require_once("$srcdir/acl.inc");
20 require_once("$srcdir/log.inc");
21 require_once("$srcdir/options.inc.php");
22 require_once("$srcdir/formdata.inc.php");
23 require_once("$srcdir/classes/Document.class.php");
24 require_once("$srcdir/gprelations.inc.php");
25 require_once("$srcdir/formatting.inc.php");
26 ?>
27 <html>
28 <head>
29
30 <?php html_header_show();?>
31 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
32 <script type="text/javascript" src="../../../library/dialog.js"></script>
33 <script type="text/javascript" src="../../../library/textformat.js"></script>
34 <script type="text/javascript" src="<?php echo $GLOBALS['webroot']; ?>/library/js/jquery.js"></script>
35 </head>
36
37 <body class="body_top">
38 <?php
39 // Check to see if the user has Admin rights, and if so, allow access to See All.
40 $showall = $_GET['show_all'];
41 if ($showall == "yes") {
42 $show_all = $showall;
43 }
44 if (acl_check('admin', 'super' )) {
45 if ($show_all=='yes') {
46 $showall = "yes";
47 $lnkvar="'messages.php?show_all=no' name='Just Mine' onclick=\"top.restoreSession()\"> (".htmlspecialchars( xl('Just Mine'), ENT_NOQUOTES).")";
48 }
49 else {
50 $showall = "no";
51 $lnkvar="'messages.php?show_all=yes' name='See All' onclick=\"top.restoreSession()\"> (".htmlspecialchars( xl('See All'), ENT_NOQUOTES).")";
52 }
53 }
54 ?>
55 <table><tr><td><span class="title"><?php echo htmlspecialchars( xl('Messages'), ENT_NOQUOTES); ?></span> <a class='more' href=<?php echo $lnkvar; ?></a></td></tr></table><br>
56 <?php
57 //collect the task setting
58 if (isset($_GET['task'])) $task=$_GET['task'];
59 if (isset($_POST['task'])) $task=$_POST['task'];
60
61 switch($task) {
62 case "add" :
63 {
64 // Add a new message for a specific patient; the message is documented in Patient Notes.
65 // Add a new message; it's treated as a new note in Patient Notes.
66 $note = $_POST['note'];
67 $noteid = $_POST['noteid'];
68 $form_note_type = $_POST['form_note_type'];
69 $assigned_to = $_POST['assigned_to'];
70 $form_message_status = $_POST['form_message_status'];
71 $reply_to = $_POST['reply_to'];
72 $assigned_to_list = explode(';',$assigned_to);
73 foreach($assigned_to_list as $assigned_to){
74 if ($noteid && $assigned_to != '-patient-') {
75 updatePnote($noteid, $note, $form_note_type, $assigned_to, $form_message_status);
76 $noteid = '';
77 }
78 else {
79 if($noteid && $assigned_to == '-patient-'){
80 $row = getPnoteById($noteid);
81 if (! $row) die("getPnoteById() did not find id '$noteid'");
82 $pres = sqlQuery("SELECT lname, fname " .
83 "FROM patient_data WHERE pid = ?", array($reply_to) );
84 $patientname = $pres['lname'] . ", " . $pres['fname'];
85 $note .= "\n\n$patientname on ".$row['date']." wrote:\n\n";
86 $note .= $row['body'];
87 }
88 addPnote($reply_to, $note, $userauthorized, '1', $form_note_type, $assigned_to, '', $form_message_status);
89 }
90 }
91 } break;
92 case "save" : {
93 // Update alert.
94 $noteid = $_POST['noteid'];
95 $form_message_status = $_POST['form_message_status'];
96 updatePnoteMessageStatus($noteid,$form_message_status);
97 $task = "edit";
98 $note = $_POST['note'];
99 $title = $_POST['form_note_type'];
100 $assigned_to = $_POST['assigned_to'];
101 $reply_to = $_POST['reply_to'];
102 }
103 case "edit" : {
104 if ($noteid == "") {
105 $noteid = $_GET['noteid'];
106 }
107 // Update the message if it already exists; it's appended to an existing note in Patient Notes.
108 $result = getPnoteById($noteid);
109 if ($result) {
110 if ($title == ""){
111 $title = $result['title'];
112 }
113 if ($assigned_to == ""){
114 $assigned_to = $result['assigned_to'];
115 }
116 $body = $result['body'];
117 if ($reply_to == ""){
118 $reply_to = $result['pid'];
119 }
120 $form_message_status = $result['message_status'];
121 }
122 } break;
123 case "delete" : {
124 // Delete selected message(s) from the Messages box (only).
125 $delete_id = $_POST['delete_id'];
126 for($i = 0; $i < count($delete_id); $i++) {
127 deletePnote($delete_id[$i]);
128 newEvent("delete", $_SESSION['authUser'], $_SESSION['authProvider'], 1, "pnotes: id ".$delete_id[$i]);
129 }
130 } break;
131 }
132
133 if($task == "addnew" or $task == "edit") {
134 // Display the Messages page layout.
135 echo "
136 <form name=new_note id=new_note action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin\" method=post>
137 <input type=hidden name=noteid id=noteid value=".htmlspecialchars( $noteid, ENT_QUOTES).">
138 <input type=hidden name=task id=task value=add>";
139 ?>
140 <div id="pnotes"><center>
141 <table border='0' cellspacing='8'>
142 <tr>
143 <td class='text' align='center'>
144 <b><?php echo htmlspecialchars( xl('Type'), ENT_NOQUOTES); ?>:</b>
145 <?php
146 if ($title == "") {
147 $title = "Unassigned";
148 }
149 // Added 6/2009 by BM to incorporate the patient notes into the list_options listings.
150 generate_form_field(array('data_type'=>1,'field_id'=>'note_type','list_id'=>'note_type','empty_title'=>'SKIP','order_by'=>'title'), $title);
151 ?>
152 &nbsp; &nbsp;
153 <b><?php echo htmlspecialchars( xl('To'), ENT_QUOTES); ?>:</b>
154 <input type='textbox' name='assigned_to_text' id='assigned_to_text' size='50' readonly='readonly' value='<?php echo htmlspecialchars(xl("Select Users From The Dropdown List"), ENT_QUOTES)?>' >
155 <input type='hidden' name='assigned_to' id='assigned_to' >
156 <select name='users' id='users' onchange='addtolist(this);' >
157
158 <?php
159 echo "<option value='" . htmlspecialchars( '--', ENT_QUOTES) . "'";
160 echo ">" . htmlspecialchars( xl('Select User'), ENT_NOQUOTES);
161 echo "</option>\n";
162 $ures = sqlStatement("SELECT username, fname, lname FROM users " .
163 "WHERE username != '' AND active = 1 AND " .
164 "( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
165 "ORDER BY lname, fname");
166 while ($urow = sqlFetchArray($ures)) {
167 echo " <option value='" . htmlspecialchars( $urow['username'], ENT_QUOTES) . "'";
168 if ($urow['username'] == $assigned_to) echo " selected";
169 echo ">" . htmlspecialchars( $urow['lname'], ENT_NOQUOTES);
170 if ($urow['fname']) echo ", " . htmlspecialchars( $urow['fname'], ENT_NOQUOTES);
171 echo "</option>\n";
172 }
173 echo "<option value='" . htmlspecialchars( '-patient-', ENT_QUOTES) . "'";
174 if ($assigned_to == '-patient-') echo " selected";
175 echo ">" . htmlspecialchars( '-Patient-', ENT_NOQUOTES);
176 echo "</option>\n";
177 ?>
178 </select>
179 </td>
180 </tr>
181 <tr>
182 <td class='text' align='center'>
183 <b class='<?php echo ($task=="addnew"?"required":"") ?>'><?php echo htmlspecialchars( xl('Patient'), ENT_NOQUOTES); ?>:</b><?php
184 if ($reply_to) {
185 $prow = sqlQuery("SELECT lname, fname " .
186 "FROM patient_data WHERE pid = ?", array($reply_to) );
187 $patientname = $prow['lname'] . ", " . $prow['fname'];
188 }
189 if ($patientname == "") {
190 $patientname = xl('Click to select');
191 } ?>
192 <input type='text' size='10' name='form_patient' style='width:150px;<?php echo ($task=="addnew"?"cursor:pointer;cursor:hand;":"") ?>' value='<?php echo htmlspecialchars($patientname, ENT_QUOTES); ?>' <?php echo ($task=="addnew"?"onclick='sel_patient()' readonly":"disabled") ?> title='<?php echo ($task=="addnew"?(htmlspecialchars( xl('Click to select patient'), ENT_QUOTES)):"") ?>' />
193 <input type='hidden' name='reply_to' id='reply_to' value='<?php echo htmlspecialchars( $reply_to, ENT_QUOTES) ?>' />
194 &nbsp; &nbsp;
195 <b><?php echo htmlspecialchars( xl('Status'), ENT_NOQUOTES); ?>:</b>
196 <?php
197 if ($form_message_status == "") {
198 $form_message_status = 'New';
199 }
200 generate_form_field(array('data_type'=>1,'field_id'=>'message_status','list_id'=>'message_status','empty_title'=>'SKIP','order_by'=>'title'), $form_message_status); ?>
201 </td>
202 </tr>
203 <tr>
204 <td>
205
206 <?php
207
208 if ($noteid) {
209 $body = preg_replace('/(:\d{2}\s\()'.$result['pid'].'(\sto\s)/','${1}'.$patientname.'${2}',$body);
210 $body = nl2br(htmlspecialchars( $body, ENT_NOQUOTES));
211 echo "<div class='text' style='background-color:white; color: gray; border:1px solid #999; padding: 5px; width: 640px;'>".$body."</div>";
212 }
213
214 ?>
215 <textarea name='note' id='note' rows='8' style="width: 660px; "><?php echo htmlspecialchars( $note, ENT_NOQUOTES) ?></textarea>
216 </td>
217 </tr>
218 </table>
219
220 <?php if ($noteid) { ?>
221 <!-- This is for displaying an existing note. -->
222 <input type="button" id="newnote" value="<?php echo htmlspecialchars( xl('Send message'), ENT_QUOTES); ?>">
223 <input type="button" id="printnote" value="<?php echo htmlspecialchars( xl('Print message'), ENT_QUOTES); ?>">
224 <input type="button" id="cancel" value="<?php echo htmlspecialchars( xl('Cancel'), ENT_QUOTES); ?>">
225 <?php } else { ?>
226 <!-- This is for displaying a new note. -->
227 <input type="button" id="newnote" value="<?php echo htmlspecialchars( xl('Send message'), ENT_QUOTES); ?>">
228 <input type="button" id="cancel" value="<?php echo htmlspecialchars( xl('Cancel'), ENT_QUOTES); ?>">
229 <?php } ?>
230
231 <br>
232 </form></center></div>
233 <script language="javascript">
234
235 // jQuery stuff to make the page a little easier to use
236
237 $(document).ready(function(){
238 $("#newnote").click(function() { NewNote(); });
239 $("#printnote").click(function() { PrintNote(); });
240 obj = document.getElementById("form_message_status");
241 obj.onchange = function(){SaveNote();};
242 $("#cancel").click(function() { CancelNote(); });
243 $("#note").focus();
244
245 var NewNote = function () {
246 top.restoreSession();
247 if (document.forms[0].reply_to.value.length == 0) {
248 alert('<?php echo htmlspecialchars( xl('Please choose a patient'), ENT_QUOTES); ?>');
249 }
250 else if (document.forms[0].assigned_to.value.length == 0) {
251 alert('<?php echo addslashes(xl('Recipient List Is Empty')); ?>');
252 }
253 else
254 {
255 $("#new_note").submit();
256 }
257 }
258
259 var PrintNote = function () {
260 top.restoreSession();
261 window.open('../../patient_file/summary/pnotes_print.php?noteid=<?php echo htmlspecialchars( $noteid, ENT_QUOTES); ?>', '_blank', 'resizable=1,scrollbars=1,width=600,height=500');
262 }
263
264 var SaveNote = function () {
265 <?php if ($noteid) { ?>
266 top.restoreSession();
267 $("#task").val("save");
268 $("#new_note").submit();
269 <?php } ?>
270 }
271
272 var CancelNote = function () {
273 top.restoreSession();
274 $("#task").val("");
275 $("#new_note").submit();
276 }
277 });
278 // This is for callback by the find-patient popup.
279 function setpatient(pid, lname, fname, dob) {
280 var f = document.forms[0];
281 f.form_patient.value = lname + ', ' + fname;
282 f.reply_to.value = pid;
283 }
284
285 // This invokes the find-patient popup.
286 function sel_patient() {
287 dlgopen('../../main/calendar/find_patient_popup.php', '_blank', 500, 400);
288 }
289
290 function addtolist(sel){
291 var itemtext = document.getElementById('assigned_to_text');
292 var item = document.getElementById('assigned_to');
293 if(sel.value != '--'){
294 if(item.value){
295 if(item.value.indexOf(sel.value) == -1){
296 itemtext.value = itemtext.value +' ; '+ sel.options[sel.selectedIndex].text;
297 item.value = item.value +';'+ sel.value;
298 }
299 }else{
300 itemtext.value = sel.options[sel.selectedIndex].text;
301 item.value = sel.value;
302 }
303 }
304 }
305
306 </script><?php
307 }
308 else {
309 $sortby = $_REQUEST['sortby'];
310 $sortorder = $_REQUEST['sortorder'];
311 $begin = $_REQUEST['begin'];
312 // This is for sorting the records.
313 $sort = array("users.lname", "patient_data.lname", "pnotes.title", "pnotes.date", "pnotes.message_status");
314 $sortby = $_REQUEST['sortby'];
315 $sortorder = $_REQUEST['sortorder'];
316 $begin = $_REQUEST['begin'];
317 if($sortby == "") {
318 $sortby = $sort[0];
319 }
320 if($sortorder == "") {
321 $sortorder = "asc";
322 }
323 for($i = 0; $i < count($sort); $i++) {
324 $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sort[$i]&sortorder=asc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortdown.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Up'), ENT_QUOTES)."\"></a>";
325 }
326 for($i = 0; $i < count($sort); $i++) {
327 if($sortby == $sort[$i]) {
328 switch($sortorder) {
329 case "asc" : $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=desc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortup.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Up'), ENT_QUOTES)."\"></a>"; break;
330 case "desc" : $sortlink[$i] = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=asc\" onclick=\"top.restoreSession()\"><img src=\"../../../images/sortdown.gif\" border=0 alt=\"".htmlspecialchars( xl('Sort Down'), ENT_QUOTES)."\"></a>"; break;
331 } break;
332 }
333 }
334 // Manage page numbering and display beneath the Messages table.
335 $listnumber = 25;
336 $show_all=='yes' ? $usrvar='_%' : $usrvar=$_SESSION['authUser'] ;
337 $sql = "SELECT pnotes.id, pnotes.user, pnotes.pid, pnotes.title, pnotes.date, pnotes.message_status,
338 IF(pnotes.user != pnotes.pid,users.fname,patient_data.fname), IF(pnotes.user != pnotes.pid,users.lname,patient_data.lname), patient_data.fname,
339 patient_data.lname FROM ((pnotes LEFT JOIN users ON pnotes.user = users.username)
340 JOIN patient_data ON pnotes.pid = patient_data.pid) WHERE pnotes.message_status != 'Done'
341 AND pnotes.deleted != '1' AND pnotes.assigned_to LIKE ?";
342 $result = sqlStatement($sql, array($usrvar) );
343 if(sqlNumRows($result) != 0) {
344 $total = sqlNumRows($result);
345 }
346 else {
347 $total = 0;
348 }
349 if($begin == "" or $begin == 0) {
350 $begin = 0;
351 }
352 $prev = $begin - $listnumber;
353 $next = $begin + $listnumber;
354 $start = $begin + 1;
355 $end = $listnumber + $start - 1;
356 if($end >= $total) {
357 $end = $total;
358 }
359 if($end < $start) {
360 $start = 0;
361 }
362 if($prev >= 0) {
363 $prevlink = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=$sortorder&begin=$prev\" onclick=\"top.restoreSession()\"><<</a>";
364 }
365 else {
366 $prevlink = "<<";
367 }
368
369 if($next < $total) {
370 $nextlink = "<a href=\"messages.php?show_all=$showall&sortby=$sortby&sortorder=$sortorder&begin=$next\" onclick=\"top.restoreSession()\">>></a>";
371 }
372 else {
373 $nextlink = ">>";
374 }
375 // Display the Messages table header.
376 echo "
377 <table width=100%><tr><td><table border=0 cellpadding=1 cellspacing=0 width=90% style=\"border-left: 1px #000000 solid; border-right: 1px #000000 solid; border-top: 1px #000000 solid;\">
378 <form name=wikiList action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin\" method=post>
379 <input type=hidden name=task value=delete>
380 <tr height=\"24\" style=\"background:lightgrey\">
381 <td align=\"center\" width=\"25\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><input type=checkbox id=\"checkAll\" onclick=\"selectAll()\"></td>
382 <td width=\"20%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold>&nbsp;<b>" .
383 htmlspecialchars( xl('From'), ENT_NOQUOTES) . "</b> $sortlink[0]</td>
384 <td width=\"20%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold>&nbsp;<b>" .
385 htmlspecialchars( xl('Patient'), ENT_NOQUOTES) . "</b> $sortlink[1]</td>
386 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold>&nbsp;<b>" .
387 htmlspecialchars( xl('Type'), ENT_NOQUOTES) . "</b> $sortlink[2]</td>
388 <td width=\"15%\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\" class=bold>&nbsp;<b>" .
389 htmlspecialchars( xl('Date'), ENT_NOQUOTES) . "</b> $sortlink[3]</td>
390 <td width=\"15%\" style=\"border-bottom: 1px #000000 solid; \" class=bold>&nbsp;<b>" .
391 htmlspecialchars( xl('Status'), ENT_NOQUOTES) . "</b> $sortlink[4]</td>
392 </tr>";
393 // Display the Messages table body.
394 $count = 0;
395 $show_all=='yes' ? $usrvar='_%' : $usrvar=$_SESSION['authUser'] ;
396 $sql = "SELECT pnotes.id, pnotes.user, pnotes.pid, pnotes.title, pnotes.date, pnotes.message_status,
397 IF(pnotes.user != pnotes.pid,users.fname,patient_data.fname) as users_fname,
398 IF(pnotes.user != pnotes.pid,users.lname,patient_data.lname) as users_lname,
399 patient_data.fname as patient_data_fname, patient_data.lname as patient_data_lname
400 FROM ((pnotes LEFT JOIN users ON pnotes.user = users.username)
401 JOIN patient_data ON pnotes.pid = patient_data.pid) WHERE pnotes.message_status != 'Done'
402 AND pnotes.deleted != '1' AND pnotes.assigned_to LIKE ?".
403 " order by ".add_escape_custom($sortby)." ".add_escape_custom($sortorder).
404 " limit ".add_escape_custom($begin).", ".add_escape_custom($listnumber);
405 $result = sqlStatement($sql, array($usrvar) );
406 while ($myrow = sqlFetchArray($result)) {
407 $name = $myrow['user'];
408 $name = $myrow['users_lname'];
409 if ($myrow['users_fname']) {
410 $name .= ", " . $myrow['users_fname'];
411 }
412 $patient = $myrow['pid'];
413 $patient = $myrow['patient_data_lname'];
414 if ($myrow['patient_data_fname']) {
415 $patient .= ", " . $myrow['patient_data_fname'];
416 }
417 $count++;
418 echo "
419 <tr id=\"row$count\" style=\"background:white\" height=\"24\">
420 <td align=\"center\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><input type=checkbox id=\"check$count\" name=\"delete_id[]\" value=\"" .
421 htmlspecialchars( $myrow['id'], ENT_QUOTES) . "\" onclick=\"if(this.checked==true){ selectRow('row$count'); }else{ deselectRow('row$count'); }\"></td>
422 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
423 htmlspecialchars( $name, ENT_NOQUOTES) . "</td><td width=5></td></tr></table></td>
424 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\"><a href=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&task=edit&noteid=" .
425 htmlspecialchars( $myrow['id'], ENT_QUOTES) . "\" onclick=\"top.restoreSession()\">" .
426 htmlspecialchars( $patient, ENT_NOQUOTES) . "</a></td><td width=5></td></tr></table></td>
427 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
428 htmlspecialchars( $myrow['title'], ENT_NOQUOTES) . "</td><td width=5></td></tr></table></td>
429 <td style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
430 htmlspecialchars( oeFormatShortDate(substr($myrow['date'], 0, strpos($myrow['date'], " "))), ENT_NOQUOTES) . "</td><td width=5></td></tr></table></td>
431 <td style=\"border-bottom: 1px #000000 solid;\"><table cellspacing=0 cellpadding=0 width=100%><tr><td width=5></td><td class=\"text\">" .
432 htmlspecialchars( $myrow['message_status'], ENT_NOQUOTES) . "</td><td width=5></td></tr></table></td>
433 </tr>";
434 }
435 // Display the Messages table footer.
436 echo "
437 </form></table>
438 <table border=0 cellpadding=5 cellspacing=0 width=90%>
439 <tr>
440 <td class=\"text\"><a href=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&task=addnew\" onclick=\"top.restoreSession()\">" .
441 htmlspecialchars( xl('Add New'), ENT_NOQUOTES) . "</a> &nbsp; <a href=\"javascript:confirmDeleteSelected()\" onclick=\"top.restoreSession()\">" .
442 htmlspecialchars( xl('Delete'), ENT_NOQUOTES) . "</a></td>
443 <td align=right class=\"text\">$prevlink &nbsp; $end of $total &nbsp; $nextlink</td>
444 </tr>
445 </table></td></tr></table><br>"; ?>
446 <script language="javascript">
447 // This is to confirm delete action.
448 function confirmDeleteSelected() {
449 if(confirm("<?php echo htmlspecialchars( xl('Do you really want to delete the selection?'), ENT_QUOTES); ?>")) {
450 document.wikiList.submit();
451 }
452 }
453 // This is to allow selection of all items in Messages table for deletion.
454 function selectAll() {
455 if(document.getElementById("checkAll").checked==true) {
456 document.getElementById("checkAll").checked=true;<?php
457 for($i = 1; $i <= $count; $i++) {
458 echo "document.getElementById(\"check$i\").checked=true; document.getElementById(\"row$i\").style.background='#E7E7E7'; ";
459 } ?>
460 }
461 else {
462 document.getElementById("checkAll").checked=false;<?php
463 for($i = 1; $i <= $count; $i++) {
464 echo "document.getElementById(\"check$i\").checked=false; document.getElementById(\"row$i\").style.background='#F7F7F7'; ";
465 } ?>
466 }
467 }
468 // The two functions below are for managing row styles in Messages table.
469 function selectRow(row) {
470 document.getElementById(row).style.background = "#E7E7E7";
471 }
472 function deselectRow(row) {
473 document.getElementById(row).style.background = "#F7F7F7";
474 }
475 </script><?php
476 }
477 ?>
478
479 </body>
480 </html>
Mirror of official OpenEMR Sourceforge repository