3 * Handles file uploads from the WordPress Patient Portal.
5 * Copyright (C) 2014 Rod Roark <rod@sunsetsystems.com>
7 * LICENSE: This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
19 * @author Rod Roark <rod@sunsetsystems.com>
22 $sanitize_all_escapes = true;
23 $fake_register_globals = false;
25 require_once("../globals.php");
26 require_once("$srcdir/formdata.inc.php");
27 require_once("$srcdir/classes/Document.class.php");
28 require_once("portal.inc.php");
30 // This function builds an array of document categories recursively.
31 // Borrowed from interface/fax/fax_dispatch.php.
33 function getKittens($catid, $catstring, &$categories) {
34 $cres = sqlStatement("SELECT id, name FROM categories " .
35 "WHERE parent = ? ORDER BY name", array($catid));
37 while ($crow = sqlFetchArray($cres)) {
39 getKittens($crow['id'], ($catstring ?
"$catstring / " : "") .
40 ($catid ?
$crow['name'] : ''), $categories);
42 // If no kitties, then this is a leaf node and should be listed.
43 if (!$childcount) $categories[$catid] = $catstring;
46 $postid = empty($_REQUEST['postid' ]) ?
0 : intval($_REQUEST['postid' ]);
47 $messageid = empty($_REQUEST['messageid']) ?
0 : intval($_REQUEST['messageid']);
49 if ($_POST['bn_save']) {
50 $ptid = intval($_POST['ptid']);
51 echo "<html><body>\n";
52 if (is_array($_POST['form_filename'])) {
53 foreach ($_POST['form_filename'] as $uploadid => $filename) {
54 $catid = $_POST['form_category'][$uploadid];
55 if (!$catid) continue;
56 echo xlt('Fetching following file from portal') . ": " . $filename . " ...<br />\n";
59 $result = cms_portal_call(array('action' => 'getmsgup', 'uploadid' => $uploadid));
62 $result = cms_portal_call(array('action' => 'getupload', 'uploadid' => $uploadid));
64 if ($result['errmsg']) die(text($result['errmsg']));
66 // With JSON-over-HTTP we would need to base64_decode the contents.
67 $rc = $d->createDocument($ptid, $catid, $filename, $result['mimetype'],
69 if ($rc) die(text(xl('Error saving document') . ": $rc"));
72 // Finally, delete the request or message from the portal.
74 $result = cms_portal_call(array('action' => 'delmessage', 'messageid' => $messageid));
77 $result = cms_portal_call(array('action' => 'delpost', 'postid' => $postid));
79 if ($result['errmsg']) {
80 die(text($result['errmsg']));
82 echo "<script language='JavaScript'>\n";
83 echo "if (top.restoreSession) top.restoreSession(); else opener.top.restoreSession();\n";
84 echo "document.location.href = 'list_requests.php';\n";
85 echo "</script></body></html>\n";
89 // Get the document categories list.
90 $categories = array();
91 getKittens(0, '', $categories);
93 // Get the portal request data.
94 if (!$postid && !$messageid) die(xlt('Request ID is missing!'));
96 $result = cms_portal_call(array('action' => 'getmessage', 'messageid' => $messageid));
99 $result = cms_portal_call(array('action' => 'getpost', 'postid' => $postid));
101 if ($result['errmsg']) {
102 die(text($result['errmsg']));
105 // Look up the patient in OpenEMR.
106 $userlogin = $messageid ?
$result['message']['user'] : $result['post']['user'];
107 $ptid = lookup_openemr_patient($userlogin);
111 <?php
html_header_show(); ?
>
112 <link rel
=stylesheet href
="<?php echo $css_header; ?>" type
="text/css">
114 <style type
="text/css">@import
url(../../library
/dynarch_calendar
.css
);</style
>
117 tr
.head
{ font
-size
:10pt
; background
-color
:#cccccc; text-align:center; }
118 tr
.detail
{ font
-size
:10pt
; background
-color
:#ddddff; }
119 td input
{ background
-color
:transparent
; }
123 <script type
="text/javascript" src
="../../library/textformat.js"></script
>
124 <script type
="text/javascript" src
="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery-1.2.2.min.js"></script
>
126 <script language
="JavaScript">
128 var mypcc
= '<?php echo $GLOBALS['phone_country_code
'] ?>';
130 function myRestoreSession() {
131 if (top
.restoreSession
) top
.restoreSession(); else opener
.top
.restoreSession();
138 <body
class="body_top">
141 <form method
='post' action
='upload_form.php'>
145 echo "<p class='text'><b>" . xlt('Message Title') . ":</b> ";
146 echo htmlspecialchars($result['message']['title']);
148 echo "<textarea style='width:90%;height:144pt;' readonly>";
149 echo htmlspecialchars($result['message']['contents']);
150 echo "</textarea>\n";
151 echo "<p class='text'><i>";
152 echo xlt('This message text is not saved automatically. Copy and save it as appropriate for the content.');
157 <input type
='hidden' name
='ptid' value
='<?php echo attr($ptid); ?>' />
158 <input type
='hidden' name
='postid' value
='<?php echo attr($postid); ?>' />
159 <input type
='hidden' name
='messageid' value
='<?php echo attr($messageid); ?>' />
161 <table width
='100%' cellpadding
='1' cellspacing
='2'>
163 <th align
='left'><?php
echo xlt('MIME Type'); ?
></th
>
164 <th align
='left'><?php
echo xlt('Desired Filename'); ?
></th
>
165 <th align
='left'><?php
echo xlt('Document Category or Discard'); ?
></th
>
168 if (is_array($result['uploads'])) {
169 foreach ($result['uploads'] as $upload) {
170 $id = intval($upload['id']);
171 echo " <tr class='detail'>\n";
172 // MIME type and view link
173 echo " <td><a href='upload_form_show.php?id=$id&messageid=$messageid'>" .
174 text($upload['mimetype']) . "</a></td>\n";
176 echo " <td><input type='text' name='form_filename[$id]' value='" .
177 attr($upload['filename']) . "' size='20' /></td>";
178 // Desired document category with option to discard the file
179 echo " <td><select name='form_category[$id]'>\n";
180 echo "<option value='0'>-- " . xlt('Discard') . " --</option>\n";
182 foreach ($categories as $catkey => $catname) {
183 echo "<option value='" . attr($catkey) . "'";
184 if (++
$i == 1) echo " selected";
185 echo ">" . text($catname) . "</option>\n";
187 echo "</select></td>\n";
196 <input type
='submit' name
='bn_save' value
='<?php echo xla('Submit
and Delete Request
'); ?>' />
198 <input type
='button' value
='<?php echo xla('Back
'); ?>'
199 onclick
="myRestoreSession();location='list_requests.php'" />