library/ajax/prescription_drugname_lookup.php

   1 <?php
   2
   3 /**
   4  * This file is used specifically to look up drug names when
   5  * writing a prescription. See the file:
   6  * templates/prescription/general_edit.html
   7  * for additional information
   8  *
   9  * @package   OpenEMR
  10  * @link      https://www.open-emr.org
  11  * @author    Jason Morrill <jason@italktech.net>
  12  * @author    Sherwin Gaddis <sherwingaddis@gmail.com>
  13  * @author    Brady Miller <brady.g.miller@gmail.com>
  14  * @copyright Copyright (c) 2008 Jason Morrill <jason@italktech.net>
  15  * @copyright Copyright (c) 2017 Sherwin Gaddis <sherwingaddis@gmail.com>
  16  * @copyright Copyright (c) 2017-2018 Brady Miller <brady.g.miller@gmail.com>
  17  * @copyright Copyright (c) 2021 Jerry Padgett <sjpadgett@gmail.com>
  18  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  19  */
  20
  21 require_once("../../interface/globals.php");
  22
  23 use OpenEMR\Common\Csrf\CsrfUtils;
  24
  25 if (!CsrfUtils::verifyCsrfToken($_GET["csrf_token_form"])) {
  26     CsrfUtils::csrfNotVerified();
  27 }
  28 // will never be both
  29 $is_rxnorm = $_GET['use_rxnorm'] == "true";
  30 $is_rxcui = $_GET['use_rxcui'] == "true";
  31
  32 if (isset($_GET['term'])) {
  33     $return_arr = array();
  34     $term = filter_input(INPUT_GET, "term");
  35     if ($is_rxnorm) {
  36         $sql = "SELECT `str` as name, `RXCUI` as `rxnorm` FROM `rxnconso` WHERE `SAB` = 'RXNORM' AND `str` LIKE ? GROUP BY `RXCUI` ORDER BY `str` LIMIT 100";
  37     } elseif ($is_rxcui) {
  38         $sql = "SELECT `code_text` as name, `code` as rxnorm FROM `codes` WHERE `code_text` LIKE ? AND `code_type` = ? GROUP BY `code` ORDER BY `code_text` LIMIT 100";
  39     } else {
  40         $sql = "SELECT `name`, `drug_code` as rxnorm FROM `drugs` WHERE `name` LIKE ? GROUP BY `drug_code` ORDER BY `name` LIMIT 100";
  41     }
  42     $val = array($term . '%');
  43     if ($is_rxcui) {
  44         $code_type = sqlQuery("SELECT ct_id FROM `code_types` WHERE `ct_key` = ? AND `ct_active` = 1", array('RXCUI'));
  45         $val = array($term . '%', $code_type['ct_id']);
  46         if (empty($code_type['ct_id'])) {
  47             throw new \Exception(xlt('Install RxCUI monthly via Native Load or enable in Lists!'));
  48         }
  49     }
  50     $res = sqlStatement($sql, $val);
  51     while ($row = sqlFetchArray($res)) {
  52         $return_arr[] = array(
  53             'display_name' => text($row['name'] . " (RxCUI:" . trim($row['rxnorm']) . ")"),
  54             'id_name' => text($row['name']),
  55             'rxnorm' => text($row['rxnorm'])
  56         );
  57     }
  58
  59     /* Toss back results as json encoded array. */
  60     echo json_encode($return_arr);
  61 }