2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Vinish K <vinish@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
41 require_once("../../interface/globals.php");
42 require_once(dirname(__FILE__
)."/../../controllers/C_Document.class.php");
43 require_once(dirname(__FILE__
)."/../../library/options.inc.php");
44 require_once(dirname(__FILE__
) . "/../../library/log.inc");
45 require_once(dirname(__FILE__
) . "/../../library/sql.inc");
46 require_once(dirname(__FILE__
) . "/../../library/patient.inc");
47 require_once(dirname(__FILE__
) . "/../../library/direct_message_check.inc");
50 if(!extension_loaded("soap")){
53 require_once("server_med_rec.php");
54 require_once("factory_class.php");
55 class UserService
extends Userforms
59 * To display the result/report names from lists
61 public function get_display_field($data){
62 if($this->valid($data[0])){
63 $ret = generate_display_field(array('data_type'=>$data['data_type'],'list_id'=>$data['list_id']),$data['value']);
69 * To display the procedure order results
71 public function procedure_order($data){
72 if($this->valid($data[0])){
77 po.procedure_order_id, po.date_ordered, pc.procedure_order_seq,
78 pt1.procedure_type_id AS order_type_id, pc.procedure_name,
79 pr.procedure_report_id, pr.date_report, pr.date_collected,
80 pr.specimen_num, pr.report_status, pr.review_status
83 JOIN procedure_order_code AS pc
84 ON pc.procedure_order_id = po.procedure_order_id
85 LEFT JOIN procedure_type AS pt1
86 ON pt1.lab_id = po.lab_id
87 AND pt1.procedure_code = pc.procedure_code
88 LEFT JOIN procedure_report AS pr
89 ON pr.procedure_order_id = po.procedure_order_id
90 AND pr.procedure_order_seq = pc.procedure_order_seq
91 WHERE po.patient_id = ?
92 AND pr.review_status = 'reviewed'
93 ORDER BY po.date_ordered, po.procedure_order_id, pc.procedure_order_seq, pr.procedure_report_id";
94 $proc_result = sqlStatement($proc_query,array($pid));
95 while ($row = sqlFetchArray($proc_result)) {
97 $procedure_report_id = empty($row['procedure_report_id']) ?
'' : $row['procedure_report_id'];
98 $order_type_id = empty($row['order_type_id']) ?
'' : $row['order_type_id'];
100 $proc_order_query = "(SELECT
101 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
102 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
103 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
104 ps.procedure_result_id, ps.result_code AS result_code,
105 ps.result_text, ps.abnormal, ps.result,
106 ps.range, ps.result_status, ps.facility,
107 ps.comments, ps.units, ps.comments
109 procedure_type AS pt2
110 LEFT JOIN procedure_result AS ps
111 ON ps.procedure_report_id = ?
112 AND ps.result_code = pt2.procedure_code
114 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' ))
117 pt2.procedure_type, pt2.procedure_code, pt2.units AS pt2_units,
118 pt2.range AS pt2_range, pt2.procedure_type_id AS procedure_type_id,
119 pt2.name AS NAME, pt2.description, pt2.seq AS seq,
120 ps.procedure_result_id, ps.result_code AS result_code,
121 ps.result_text, ps.abnormal, ps.result,
122 ps.range, ps.result_status, ps.facility,
123 ps.comments, ps.units, ps.comments
125 procedure_result AS ps
126 LEFT JOIN procedure_type AS pt2
128 AND ( pt2.procedure_type LIKE 'res%' OR pt2.procedure_type LIKE 'rec%' )
129 AND ps.result_code = pt2.procedure_code
130 WHERE ps.procedure_report_id = ?)
131 ORDER BY seq, NAME, procedure_type_id,result_code";
132 $proc_order_result = sqlStatement($proc_order_query,array($procedure_report_id,$order_type_id,$order_type_id,$procedure_report_id));
134 while ($rrow = sqlFetchArray($proc_order_result)) {
135 $arr[$i]['procedure_report_id'] = empty($row['procedure_report_id']) ?
'' : $row['procedure_report_id'] ;
136 $arr[$i]['date_ordered'] = empty($row['date_ordered']) ?
'' : $row['date_ordered'];
137 $arr[$i]['procedure_name'] = empty($row['procedure_name']) ?
'' : $row['procedure_name'];
138 $arr[$i]['result_text'] = empty($rrow['result_text']) ?
'' : $rrow['result_text'];
139 $arr[$i]['abnormal'] = empty($rrow['abnormal']) ?
'' : $rrow['abnormal'];
140 $arr[$i]['result'] = empty($rrow['result']) ?
'' : $rrow['result'];
141 $arr[$i]['range'] = empty($rrow['range']) ?
'' : $rrow['range'];
142 $arr[$i]['units'] = empty($rrow['units']) ?
'' : $rrow['units'];
143 $arr[$i]['result_status'] = empty($rrow['result_status']) ?
'' : $rrow['result_status'];
144 $arr[$i]['report_status'] = empty($row['report_status']) ?
'' : $row['report_status'];
153 * To display the patient uploaded files/pdf patient wise
155 public function patientuploadedfiles($data){
156 if($this->valid($data[0])){
162 ad.field_value AS doc_name,
166 ad2.field_value AS file_name,
167 ad3.field_value AS pat_comments
170 JOIN audit_master AS am
171 ON am.id = ad.audit_master_id
172 LEFT JOIN patient_data AS pd
174 JOIN audit_details AS ad2
175 ON am.id = ad2.audit_master_id
176 AND ad2.field_name = 'dlm_filename'
177 JOIN audit_details AS ad3
178 ON am.id = ad3.audit_master_id
179 AND ad3.field_name = 'dld_patient_comments'
180 WHERE ad.field_name = 'dlm_document_name'
181 AND approval_status = '1'
185 if(!empty($data[1])){
186 $query .= " AND am.id = ?";
187 $res = sqlStatement($query,array($data[1]));
189 $res = sqlStatement($query);
192 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
201 public function createandstoretodirectory($data){
203 if($this->valid($data[0])){
206 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$pid;
207 if(is_dir($savedpath));
210 mkdir($savedpath,0777,true);
211 chmod($savedpath, 0777);
213 $handler = fopen($savedpath."/".$file_name,"w");
214 fwrite($handler, base64_decode($data));
216 chmod($savedpath."/".$file_name,0777);
219 throw new SoapFault("Server", "credentials failed");
224 * To move category,rename filename,input note and to move to new patient#
226 public function documents_update($data){
227 if($this->valid($data[0])){
228 $_POST['process'] = true;
229 $_POST['new_category_id'] = $data[1];
230 $_POST['new_patient_id'] = $data[4];
233 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/".$data[6];
234 elseif($data[9] == 1)
235 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/".$data[6];
236 elseif($data[9] == 4)
237 $file_path = $GLOBALS['OE_SITE_DIR']."/documents/myportal/patientuploads/".$data[5]."/".$data[6];
239 "pdf"=>"application/pdf"
240 ,"exe"=>"application/octet-stream"
241 ,"zip"=>"application/zip"
242 ,"docx"=>"application/msword"
243 ,"doc"=>"application/msword"
244 ,"xls"=>"application/vnd.ms-excel"
245 ,"ppt"=>"application/vnd.ms-powerpoint"
251 ,"wav"=>"audio/x-wav"
252 ,"mpeg"=>"video/mpeg"
255 ,"mov"=>"video/quicktime"
256 ,"avi"=>"video/x-msvideo"
259 ,"jsc"=>"application/javascript"
260 ,"js"=>"application/javascript"
266 $extension = strtolower(end(explode('.',$file_path)));
267 $mime_types = $mime_types[$extension];
268 $_FILES['file']['name'][0] = $data[6];
269 $_FILES['file']['type'][0] = $mime_types;
270 $_FILES['file']['tmp_name'][0] = $file_path;
271 $_FILES['file']['error'][0] = 0;
272 $_FILES['file']['size'][0] = filesize($file_path);
273 $_POST['category_id'] = $_POST['new_category_id'];
274 $_POST['patient_id'] = $_POST['new_patient_id'];
275 $_GET['patient_id'] = $_POST['patient_id'];
276 $_POST['destination'] = $data[3];
278 $cdoc = new C_Document();
279 $cdoc->upload_action_process();
280 if($GLOBALS['document_storage_method']==0){
282 copy($file_path,$cdoc->file_path
.$data[3]);
284 copy($file_path,$cdoc->file_path
.$data[6]);
286 $foreign_id = sqlQuery("select id from documents where foreign_id = ? order by id desc limit 1",array($_POST['new_patient_id']));
288 $_POST['encrypted'] = '';
289 $_POST['passphrase'] = '';
290 $_POST['process'] = true;
291 $_POST['foreign_id'] = $foreign_id['id'];
292 $_POST['note'] = $data[7];
293 $cdoc->note_action_process($_GET['patient_id']);
294 $sql_patient_no = "UPDATE documents_legal_detail SET dld_moved = '1' WHERE dld_master_docid = ? AND dld_id = ?";
295 sqlQuery($sql_patient_no,array($data[2],$data[8]));
301 * To display the files/pdfforms patient wise
303 public function userslistportal($data){
304 if($this->valid($data[0])){
310 dlm.dlm_document_name,
316 dld.dld_master_docid,
318 dld.dld_patient_comments,
324 documents_legal_master AS dlm
325 LEFT OUTER JOIN documents_legal_detail AS dld
326 ON dlm.dlm_document_id = dld_master_docid
327 JOIN patient_data AS pd
328 ON dld.dld_pid = pd.pid
329 WHERE dlm.dlm_effective_date <= NOW()
330 AND dlm.dlm_effective_date <> '0000-00-00 00:00:00'
331 AND dld.dld_id IS NOT NULL
332 AND dld.dld_signed IN (1,2,4)
333 AND dld.dld_moved = 0
334 AND dlm_subcategory NOT IN
339 documents_legal_categories
341 dlc_category_name = 'Layout Signed'
342 AND dlc_category_type = 2
344 ORDER BY dld.dld_pid ASC ";
346 $res = sqlStatement($query);
348 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
358 * To display the category list in Move To Category option
360 public function category_list($data){
361 if($this->valid($data[0])){
363 $query = "SELECT * FROM categories";
364 $res = sqlStatement($query);
366 for($iter=0; $row=sqlFetchArray($res); $iter++
) {
375 //Converts a text to xml format.Format is as follows
376 public function text_to_xml($data){
377 if($this->valid($data[0])){
379 $doc = new DOMDocument();
380 $doc->formatOutput
= true;
382 $root = $doc->createElement( "root" );
383 $doc->appendChild( $root );
385 $level = $doc->createElement( "level" );
386 $root->appendChild( $level );
388 $element = $doc->createElement( "text" );
389 $element->appendChild(
390 $doc->createTextNode( $text )
392 $level->appendChild( $element );
393 return $doc->saveXML();
396 throw new SoapFault("Server", "credentials failed");
400 //Accepts an array and returns the result in xml format.Format is as follows
403 public function function_return_to_xml($var=array()){
405 $doc = new DOMDocument();
406 $doc->formatOutput
= true;
408 $root = $doc->createElement( "root" );
409 $doc->appendChild( $root );
412 $level = $doc->createElement( "level" );
413 $root->appendChild( $level );
414 foreach($var as $key=>$value){
415 $element = $doc->createElement( "$key" );
416 $element->appendChild(
417 $doc->createTextNode( $value )
419 $level->appendChild( $element );
422 return $doc->saveXML();
426 //When a filled PDf is rejected During audit , the file is deleted
429 public function delete_file($data){
430 if($this->valid($data[0])){
431 $file_name_with_path=$data[1];
432 @unlink
($file_name_with_path);
435 throw new SoapFault("Server", "credentials failed");
440 //Accepts a file path.Fetches the file in xml format.
441 //Transfer the file to portal in XML format
442 public function file_to_xml($data){
443 if($this->valid($data[0])){
444 $file_name_with_path=$data[1];
445 $path_parts = pathinfo($file_name_with_path);
446 $handler = fopen($file_name_with_path,"rb");
447 $returnData = fread($handler,filesize($file_name_with_path));
449 $doc = new DOMDocument();
450 $doc->formatOutput
= true;
452 $root = $doc->createElement( "root" );
453 $doc->appendChild( $root );
455 $level = $doc->createElement( "level" );
456 $root->appendChild( $level );
458 $filename = $doc->createElement( "name" );
459 $filename->appendChild(
460 $doc->createTextNode( $path_parts['basename'] )
462 $level->appendChild( $filename );
464 $type = $doc->createElement( "type" );
466 $doc->createTextNode( $path_parts['extension'] )
468 $level->appendChild( $type );
469 $content = $doc->createElement( "file" );
470 $content->appendChild(
471 $doc->createTextNode( base64_encode($returnData) )
473 $level->appendChild( $content );
474 return $doc->saveXML();
477 throw new SoapFault("Server", "credentials failed");
482 //File teceived from the portal side is saved to OpenEMR
484 public function store_to_file($data){
485 if($this->valid($data[0])){
486 $file_name_with_path=$data[1];
488 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/";
489 if(is_dir($savedpath));
492 mkdir($savedpath,0777);
493 chmod($savedpath, 0777);
495 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/unsigned/";
496 if(is_dir($savedpath));
499 mkdir($savedpath,0777);
500 chmod($savedpath, 0777);
502 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/signed/";
503 if(is_dir($savedpath));
506 mkdir($savedpath,0777);
507 chmod($savedpath, 0777);
509 $savedpath=$GLOBALS['OE_SITE_DIR']."/documents/myportal/upload/";
510 if(is_dir($savedpath));
513 mkdir($savedpath,0777);
514 chmod($savedpath, 0777);
516 $handler = fopen($file_name_with_path,"w");
517 fwrite($handler, base64_decode($data));
519 chmod($file_name_with_path,0777);
522 throw new SoapFault("Server", "credentials failed");
527 //receive a batch of function calls received from Portal, execute it and return the results to the portal
528 //The results will be stored in the key, which is received from portal.
531 static public function batch_despatch($var,$func,$data_credentials){
533 if(UserService
::valid($data_credentials)){
534 require_once("../../library/invoice_summary.inc.php");
535 require_once("../../library/options.inc.php");
536 require_once("../../library/acl.inc");
537 require_once("../../library/patient.inc");
538 if($func=='ar_responsible_party')
541 $encounter_id=$var['encounter'];
542 $x['ar_responsible_party']=ar_responsible_party($patient_id,$encounter_id);
543 return UserService
::function_return_to_xml($x);
545 elseif($func=='getInsuranceData')
548 $given=$var['given'];
549 $x=getInsuranceData($pid,$type,$given);
550 return UserService
::function_return_to_xml($x);
552 elseif($func=='generate_select_list')
554 $tag_name=$var['tag_name'];
555 $list_id=$var['list_id'];
556 $currvalue=$var['currvalue'];
557 $title=$var['title'];
558 $empty_name=$var['empty_name'];
559 $class=$var['class'];
560 $onchange=$var['onchange'];
561 $x['generate_select_list']=generate_select_list($tag_name,$list_id,$currvalue,$title,$empty_name,$class,$onchange);
562 return UserService
::function_return_to_xml($x);
564 elseif($func=='xl_layout_label')
566 $constant=$var['constant'];
567 $x['xl_layout_label']=xl_layout_label($constant);
568 return UserService
::function_return_to_xml($x);
570 elseif($func=='generate_form_field')
573 $currvalue=$var['currvalue'];
575 generate_form_field($frow,$currvalue);
576 $x['generate_form_field']=ob_get_contents();
578 return UserService
::function_return_to_xml($x);
580 elseif($func=='getInsuranceProviders')
583 $provider=$var['provider'];
584 $insurancei=getInsuranceProviders();
588 elseif($func=='get_layout_form_value')
591 $_POST=$var['post_array'];
592 $x['get_layout_form_value']=get_layout_form_value($frow);
593 return UserService
::function_return_to_xml($x);
595 elseif($func=='updatePatientData')
597 $patient_data=$var['patient_data'];
598 $create=$var['create'];
599 updatePatientData($pid,$patient_data,$create);
601 return UserService
::function_return_to_xml($x);
603 elseif($func=='updateEmployerData')
605 $employer_data=$var['employer_data'];
606 $create=$var['create'];
607 updateEmployerData($pid,$employer_data,$create);
609 return UserService
::function_return_to_xml($x);
611 elseif($func=='newHistoryData')
613 newHistoryData($pid);
615 return UserService
::function_return_to_xml($x);
617 elseif($func=='newInsuranceData')
620 foreach($var as $key=>$value)
622 if($key>=3)//first 3 need to be skipped.
624 $var[$key]=formData($value);
628 $parameters[$key]=$var[$key];
631 $parameters[12]=fixDate($parameters[12]);
632 $parameters[27]=fixDate($parameters[27]);
633 call_user_func_array('newInsuranceData',$parameters);
635 return UserService
::function_return_to_xml($x);
637 elseif($func=='generate_layout_validation')
639 $form_id=$var['form_id'];
641 generate_layout_validation($form_id);
647 throw new SoapFault("Server", "credentials failed");
651 //Writing patient credentials to table
652 public function insert_login_details($var)
655 $data_credentials=$var[0];
656 if(UserService
::valid($data_credentials))
658 $username=$var['username'];
659 $authPass=$var['authPass'];
660 $query="insert into patient_access_offsite(pid,portal_username,portal_pwd) values (?,?,?)";
661 sqlInsert($query,array($pid,$username,$authPass));
665 throw new SoapFault("Server", "credentials failed");
671 //Updating the password on a password change
673 public function update_password($var){
674 $data_credentials=$var[0];
675 global $pid,$auditmasterid;
676 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
677 $status = $var['new_pwd_status'];
678 $pwd=$var['new_pwd'];
679 $oldpwd = $var['old_pwd'];
685 $where = "portal_pwd_status=? and pid=?";
686 $set= "portal_pwd=?,portal_pwd_status=?";
695 $set= "portal_pwd=? ";
700 $qry = "select * from patient_access_offsite WHERE pid=? AND portal_pwd=?";
701 $res=sqlStatement($qry,array($pid,$oldpwd));
702 if(sqlNumRows($res)>0)
704 $qry = "UPDATE patient_access_offsite SET $set WHERE $where";
705 sqlStatement($qry,$setarray);
712 }elseif(UserService
::valid($data_credentials) == 'newpatienttoapprove'){
713 $pwd=$var['new_pwd'];
714 $oldpwd = $var['old_pwd'];
715 $qry = "SELECT * from audit_details WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd' AND field_value = ?";
716 $res=sqlStatement($qry,array($auditmasterid,$oldpwd));
717 if(sqlNumRows($res)>0){
718 $qry = "UPDATE audit_details SET field_value = ? WHERE audit_master_id = ? AND table_name = 'patient_access_offsite' AND field_name = 'portal_pwd'";
719 sqlStatement($qry,array($pwd,$auditmasterid));
727 throw new SoapFault("Server", "credentials failed");
734 public function update_openemr_appointment($var)
736 $data_credentials=$var[0];
737 if(UserService
::valid($data_credentials)=='existingpatient' || UserService
::valid($data_credentials)=='newpatient'){
738 foreach($var[1] as $key=>$value)
740 $eid=explode('_',$var[1][$key]);
741 if($eid[0]=='calendar')
743 sqlQuery("update openemr_postcalendar_events set pc_apptstatus='x' where pc_eid=?",array($eid[1]));
745 elseif($eid[0]=='audit')
747 sqlQuery("update audit_master set approval_status='5' where id=?",array($eid[1]));
752 throw new SoapFault("Server", "credentials failed");
757 //Marking the Documents as ready to be signed
759 public function update_dlm_dld($var)
761 $data_credentials=$var[0];
762 if(UserService
::valid($data_credentials)){
764 $qry=" UPDATE documents_legal_detail set dld_signed=2 where dld_id=?";
765 sqlStatement($qry,array($var['dld_id']));
768 throw new SoapFault("Server", "credentials failed");
773 //Setting PDF documets approve /denial status
775 public function update_dld_approve_deny($data){
776 if($this->valid($data[0])){
777 if(substr($data[1][2],0,3) == 'am-'){
778 $audid = substr($data[1][2],3);
779 $status = sqlQuery("SELECT
781 ad.field_value AS uname,
782 CONCAT(ad4.field_value,' ',ad5.field_value,' ',ad6.field_value) AS name
785 JOIN audit_details ad
786 ON ad.audit_master_id = am.id
787 AND ad.table_name = 'patient_access_offsite'
788 AND ad.field_name = 'portal_username'
789 JOIN audit_details ad2
790 ON ad2.table_name = 'patient_access_offsite'
791 AND ad2.field_name = 'portal_username'
792 AND ad2.field_value = ad.field_value
793 JOIN audit_details ad3
794 ON ad3.table_name = 'patient_access_offsite'
795 AND ad3.field_name = 'portal_pwd'
796 AND ad3.audit_master_id = ad2.audit_master_id
797 JOIN audit_details ad4
798 ON ad4.table_name = 'patient_data'
799 AND ad4.field_name = 'fname'
800 AND ad4.audit_master_id = ad2.audit_master_id
801 JOIN audit_details ad5
802 ON ad5.table_name = 'patient_data'
803 AND ad5.field_name = 'mname'
804 AND ad5.audit_master_id = ad2.audit_master_id
805 JOIN audit_details ad6
806 ON ad6.table_name = 'patient_data'
807 AND ad6.field_name = 'lname'
808 AND ad6.audit_master_id = ad2.audit_master_id
809 JOIN audit_master am2
810 ON am2.id = ad3.audit_master_id
812 WHERE am.id = ?",array($audid));
813 if($status['approval_status'] == '2'){
814 $result = UserService
::update_audited_data(array($data[0],'audit_master_id' => $audid));
815 UserService
::update_audit_master(array($data[0],'audit_master_id' => $audid,'approval_status' => '2'));
816 $pid = sqlQuery("SELECT pid FROM patient_access_offsite WHERE portal_username=?",array($status['uname']));
817 $qry = "UPDATE documents_legal_detail SET dld_pid=?,dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
818 sqlStatement($qry,array($pid['pid'],$data[1][0],$data[1][1],$result['dld_id']));
820 return "Please approve the patient ".$status['name'].", for approving the selected document";
823 $qry = "UPDATE documents_legal_detail SET dld_signed=?,dld_denial_reason=? WHERE dld_id=?";
824 sqlStatement($qry,$data[1]);
828 throw new SoapFault("Server", "credentials failed");
832 //Marking PDF documets as signed
834 public function update_dld_signed($data){
835 if($this->valid($data[0])){
836 $qry = "UPDATE documents_legal_detail SET dld_signed=1,dld_filepath=?,dld_filename=? WHERE dld_id=?";
837 sqlStatement($qry,$data[1]);
840 throw new SoapFault("Server", "credentials failed");
844 //Marking PDF documets for audit.
846 public function update_dld_pending($data){
847 if($this->valid($data[0])){
848 $qry = "UPDATE documents_legal_detail SET dld_signed=0,dld_filepath=?,dld_filename=?, dld_file_for_pdf_generation=? WHERE dld_id=?";
849 sqlStatement($qry,$data[1]);
852 throw new SoapFault("Server", "credentials failed");
858 public function insert_dld($data){
859 global $pid,$auditmasterid;
860 if(UserService
::valid($data[0])=='existingpatient' || UserService
::valid($data[0])=='newpatient'){
861 sqlInsert("INSERT INTO documents_legal_detail (dld_pid,dld_signed,dld_filepath,dld_master_docid,dld_filename,dld_encounter,dld_file_for_pdf_generation) ".
862 " VALUES (?,?,?,?,?,?,?)",array($pid,$data[2],$data[3],$data[4],$data[5],$data[6],$data[7]));
864 elseif(UserService
::valid($data[0])=='newpatienttoapprove'){
865 $param=array($data[0],'audit_master_id_to_delete'=>"",'pid'=>"$pid",'approval_status'=>'1',
866 'type'=>'3','ip_address'=>'',
867 'table_name_array'=>array('documents_legal_detail','patient_access_offsite'),
868 'field_name_value_array'=>array(array('dld_pid'=>"$pid",'dld_signed'=>$data[2],'dld_filepath'=>$data[3],'dld_master_docid'=>$data[4],'dld_filename'=>$data[5],'dld_encounter'=>$data[6],'dld_file_for_pdf_generation'=>$data[7]),
869 array('pid'=>"$pid",'portal_username'=>$data[0][6])),
870 'entry_identification_array'=>array(1,1),
872 UserService
::insert_to_be_audit_data($param);
875 throw new SoapFault("Server", "credentials failed");
880 //Inserting the entries for Master PDF documents uploaded
882 public function insert_dlm($data){
883 if($this->valid($data[0])=='oemruser'){
884 sqlStatement("INSERT INTO documents_legal_master(dlm_category, dlm_subcategory,dlm_document_name,dlm_facility,dlm_provider,
885 dlm_filename,dlm_filepath,dlm_effective_date,content) values (?,?,?,?,?,?,?,?,?)",array($data[1],$data[2],$data[3],$data[4],$data[5],$data[6],$data[7],$data[8],$data[9]));
888 throw new SoapFault("Server", "credentials failed");
893 //REceive an array of Select cases from portal execute it and return
894 // it in the keys received from portal. A batch of queries execute and returns it in one batch.
896 public function batch_select($data){
897 if($this->valid($data[0])){
899 foreach($batch as $key=>$value)
901 $batchkey=$value['batchkey'];
902 $case=$value['case'];
903 $param=$value['param'];
906 $return_array[$batchkey]=$this->selectquery(array($data[0],$arrproc));
909 return $return_array;
912 throw new SoapFault("Server", "credentials failed");
917 //Receive a batch of function calls from portal and execute it through batch despatch Function
918 //Any OpenEmr function can be executed this way, if necessary if clause is written in batch_despatch.
920 public function batch_function($data){
921 if($this->valid($data[0])){
923 foreach($batch as $key=>$value)
925 $batchkey=$value['batchkey'];
926 $function=$value['funcname'];
927 $param=$value['param'];
929 $res=call_user_func_array("UserService::$function",$param);
930 $return_array[$batchkey]=$res;
932 return $return_array;
935 throw new SoapFault("Server", "credentials failed");
939 //Execute a batch of functions received from portal. But this function is limited to
940 // the functions written in the myportal module.
942 public function multiplecall($data){
944 foreach($batch as $key=>$value)
946 $batchkey=$value['batchkey'];
947 $function=$value['funcname'];
948 $param=$value['param'];
950 array_unshift($param,$data[0]);
953 $res= UserService
::$function($param);
954 $return_array[$batchkey]=$res;
956 return $return_array;
962 public function getversion($data){
963 global $v_offsite_portal;
964 return $v_offsite_portal;
968 public function loginchecking($data){
969 if($this->valid($data[0])=='existingpatient' ||
$this->valid($data[0])=='newpatient'){
970 $res = sqlStatement("SELECT portal_pwd_status, 'yes' AS patient_status, portal_relation FROM patient_access_offsite WHERE BINARY portal_username=? AND BINARY portal_pwd=?",$data[1]);
971 return $this->resourcetoxml($res);
972 }elseif($this->valid($data[0])=='newpatienttoapprove'){
973 $res = sqlStatement("
975 COUNT(*) AS portal_pwd_status,
976 'no' AS patient_status
979 JOIN audit_details ad
980 ON ad.audit_master_id = am.id
981 AND ad.table_name = 'patient_access_offsite'
982 AND ad.field_name = 'portal_username'
983 JOIN audit_details ad2
984 ON ad2.audit_master_id = am.id
985 AND ad2.table_name = 'patient_access_offsite'
986 AND ad2.field_name = 'portal_pwd'
987 WHERE am.approval_status = 1
988 AND ad.field_value = ?
989 AND ad2.field_value = ?;
991 return $this->resourcetoxml($res);
996 //Execute a query and return its results.
998 public function selectquery($data){
1001 $utype = $this->valid($data[0]);
1003 $newobj = factoryclass
::dynamic_class_factory($utype);
1004 $sql_result_setarr = $newobj->query_formation($data[1]);
1005 if(!empty($sql_result_setarr[1]) && $sql_result_setarr[1] == 'result'){
1006 return $this->resourcetoxml2($sql_result_setarr[0]);
1008 $sql_result_set = sqlStatement($sql_result_setarr[0],$sql_result_setarr[1]);
1009 return $this->resourcetoxml($sql_result_set);
1013 //Return an SQL resultset as an XML
1016 public function resourcetoxml($sql_result_set){
1017 $doc = new DOMDocument();
1018 $doc->formatOutput
= true;
1020 $root = $doc->createElement( "root" );
1021 $doc->appendChild( $root );
1022 while($row = sqlFetchArray($sql_result_set))
1024 $level = $doc->createElement( "level" );
1025 $root->appendChild( $level );
1026 foreach($row as $key=>$value){
1027 $element = $doc->createElement( "$key" );
1028 $element->appendChild(
1029 $doc->createTextNode( $value )
1031 $level->appendChild( $element );
1034 return $doc->saveXML();
1037 public function resourcetoxml2($row){
1038 $doc = new DOMDocument();
1039 $doc->formatOutput
= true;
1040 $root = $doc->createElement( "root" );
1041 $doc->appendChild( $root );
1042 $level = $doc->createElement( "level" );
1043 $root->appendChild( $level );
1044 foreach($row as $key=>$value){
1045 $element = $doc->createElement( "$key" );
1046 $element->appendChild(
1047 $doc->createTextNode( $value )
1049 $level->appendChild( $element );
1051 return $doc->saveXML();
1054 //Writing facility payment configuration to table
1055 public function save_payment_configuration($var){
1056 $data_credentials=$var[0];
1057 if(UserService
::valid($data_credentials))
1059 if($var['service'] == 'paypal'){
1060 if($var['paypal'] != ''){
1061 $update_sql = "UPDATE payment_gateway_details SET login_id = ? WHERE service_name = 'paypal'";
1062 sqlStatement($update_sql,array($var['login_id']));
1064 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id) VALUES (?,?)";
1065 sqlStatement($save_sql,array($var['service'],$var['login_id']));
1067 }elseif($var['service'] == 'authorize_net'){
1068 if($var['authorize_net'] != ''){
1069 $update_sql = "UPDATE payment_gateway_details SET login_id = ?, transaction_key = ?, md5= ? WHERE service_name = 'authorize_net'";
1070 sqlStatement($update_sql,array($var['login_id'],$var['transaction_key'],$var['md5']));
1072 $save_sql = "INSERT INTO payment_gateway_details (service_name,login_id,transaction_key,md5) VALUES (?,?,?,?)";
1073 sqlStatement($save_sql,array($var['service'],$var['login_id'],$var['transaction_key'],$var['md5']));
1079 throw new SoapFault("Server", "credentials failed");
1083 //Writing patient's authorizenet profile id to table
1084 public function insert_authorizenet_details($var){
1086 $data_credentials=$var[0];
1087 if(UserService
::valid($data_credentials))
1089 $authorizenetid=$var['authorizenetid'];
1090 $query="UPDATE patient_access_offsite SET authorize_net_id = ? WHERE pid = ?";
1091 sqlInsert($query,array($authorizenetid,$pid));
1095 throw new SoapFault("Server", "credentials failed");
1099 public function valid($credentials){
1100 $timminus = date("Y-m-d H:m",(strtotime(date("Y-m-d H:m"))-7200)).":00";
1101 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<=?)",array($timminus));
1102 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<=?",array($timminus));
1109 $tim = strtotime(gmdate("Y-m-d H:m"));
1110 $res = sqlStatement("SELECT * FROM audit_details WHERE field_value=?",array($credentials[3]));
1111 if(sqlNumRows($res)){
1112 if($GLOBALS['validated_offsite_portal'] !=true){
1117 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
1118 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=? ",array($credentials[3],$grpID));
1120 if(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",$tim).$credentials[3])==$credentials[2]){
1123 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim-3600)).$credentials[3])==$credentials[2]){
1126 elseif(sha1($GLOBALS['portal_offsite_password'].date("Y-m-d H",($tim+
3600)).$credentials[3])==$credentials[2]){
1129 if(($credentials[1]==$GLOBALS['portal_offsite_username'] && $ok==1 && $GLOBALS['portal_offsite_enable']==1)||
$GLOBALS['validated_offsite_portal']==true){
1130 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1131 if($credentials[4] == 'existingpatient'){
1132 if(UserService
::validcredential($credentials) === 2){
1135 elseif(UserService
::validcredential($credentials) == true){
1142 elseif($credentials[4] == 'oemruser'){
1144 $prow = sqlQuery("SELECT pid FROM audit_master WHERE id=?",array($credentials[9]));
1147 elseif($credentials[4] == 'newpatient'){
1148 if(UserService
::validcredential($credentials) === 2){
1151 elseif(UserService
::validcredential($credentials)){
1156 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
1159 if($okE==1 ||
$okN == 2 ||
$okN == 1 ||
$okO == 1){
1160 $pid = $prow['pid'];
1161 $GLOBALS['pid'] = $prow['pid'];
1162 }elseif($okE == 2 ||
$okN == 3){
1168 JOIN audit_details ad2
1169 ON ad2.audit_master_id = ad.audit_master_id
1170 AND ad2.table_name = 'patient_access_offsite'
1171 AND ad2.field_name = 'portal_pwd'
1172 WHERE ad.table_name = 'patient_access_offsite'
1173 AND ad.field_name = 'portal_username'
1174 AND ad.field_value = ?
1175 ",array($credentials[6]));
1176 $auditmasterid = $arow['audit_master_id'];
1177 $GLOBALS['auditmasterid'] = $arow['audit_master_id'];
1179 $GLOBALS['pid'] = 0;
1181 $_GET['site'] = $credentials[0];
1184 $portal = sqlQuery("SELECT allow_patient_portal FROM patient_data WHERE pid=?",array($pid));
1186 $portal = sqlQuery("
1188 IF(COUNT(*),'yes','no') AS allow_patient_portal
1191 JOIN audit_details ad
1192 ON ad.audit_master_id = am.id
1193 AND ad.table_name = 'patient_access_offsite'
1194 AND ad.field_name = 'portal_username'
1195 WHERE am.approval_status = 1
1196 AND ad.field_value = ?
1197 ",array($credentials[6]));
1199 if(strtolower($portal['allow_patient_portal'])!='yes')
1202 $GLOBALS['validated_offsite_portal'] = true;
1207 return 'existingpatient';
1210 return 'newpatienttoapprove';
1212 elseif($okN == 1 ||
$okN == 2){
1213 return 'newpatient';
1216 return 'newpatienttoapprove';
1228 public function validcredential($credentials){
1229 $tim = strtotime(gmdate("Y-m-d H:m"));
1230 if($credentials[6]){
1231 $prow = sqlQuery("SELECT * FROM patient_access_offsite WHERE portal_username=?",array($credentials[6]));
1232 $newpatient_to_approve = 0;
1233 if(!$prow['portal_pwd']){
1234 $newpatient_to_approve = 1;
1237 ad2.field_value AS portal_pwd
1240 JOIN audit_details ad
1241 ON ad.audit_master_id = am.id
1242 AND ad.table_name = 'patient_access_offsite'
1243 AND ad.field_name = 'portal_username'
1244 JOIN audit_details ad2
1245 ON ad2.audit_master_id = am.id
1246 AND ad2.table_name = 'patient_access_offsite'
1247 AND ad2.field_name = 'portal_pwd'
1248 WHERE am.approval_status = 1
1249 AND ad.field_value = ?
1250 ",array($credentials[6]));
1252 if(sha1($prow['portal_pwd'].date("Y-m-d H",$tim).$credentials[8])==$credentials[7]){
1253 if($newpatient_to_approve){
1259 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim-3600)).$credentials[8])==$credentials[7]){
1260 if($newpatient_to_approve){
1266 elseif(sha1($prow['portal_pwd'].date("Y-m-d H",($tim+
3600)).$credentials[8])==$credentials[7]){
1267 if($newpatient_to_approve){
1278 //for checking the connection
1282 public function check_connection($data){
1283 if($this->valid($data[0])){
1292 * Checks whether a module is installed or not
1293 * @param type $parameter_array
1296 public function checkModuleInstalled($parameter_array = array())
1298 if($this->valid($parameter_array[0])){
1299 $module_name = isset($parameter_array[1]) ?
$parameter_array[1] : '';
1300 $sql = "SELECT mod_id FROM modules WHERE mod_name = ? AND mod_active = '1'";
1301 $res = sqlStatement($sql, array($module_name));
1302 $row = sqlFetchArray($res);
1303 return !empty($row);
1312 * Soap function to add direct address
1316 public function addDirectAddress($data){
1317 if($this->valid($data[0])=='existingpatient'){
1318 $qry = "SELECT email FROM users WHERE LOWER(email) = ?";
1319 $res=sqlStatement($qry,array(strtolower($data['direct_address_string'])));
1320 if(!(sqlNumRows($res) > 0)){
1321 sqlStatement("INSERT INTO users SET fname=? , mname=?, lname = ?, email = ?, active = ?, abook_type = ? ",array($data['first_name'],$data['middle_name'], $data['middle_name'], $data['direct_address_string'], 1, 'emr_direct'));
1322 $status = 'insert-success';
1324 $status = 'duplicate-address';
1328 $status = 'auth-failed';
1330 return '<!--?xml version="1.0"?-->
1333 <status>' . $status . '</status>
1339 * Soap function to edit direct address
1341 public function updateDirectAddress($data){
1342 if($this->valid($data[0])=='existingpatient'){
1344 $qry = "SELECT email FROM users WHERE LOWER(email) = ? AND id <> ?";
1345 $res=sqlStatement($qry,array($data['direct_address_string'], $data['id']));
1347 if(!(sqlNumRows($res) > 0)){
1348 sqlStatement("UPDATE users SET fname=? , mname=?, lname = ?, email = ? WHERE id = ?", array($data['first_name'],$data['middle_name'], $data['middle_name'], $data['direct_address_string'], $data['id']));
1349 $status = 'insert-success';
1351 $status = 'duplicate-address';
1355 $status = 'auth-failed';
1357 return '<!--?xml version="1.0"?-->
1360 <status>' . $status . '</status>
1367 * Soap function to get direct address details
1369 public function getDirectAddressDetails($data){
1370 if($this->valid($data[0])=='existingpatient'){
1371 $qry = "SELECT fname, mname, lname,email,id FROM users WHERE id = ?";
1373 $res=sqlStatement($qry,array($data['id']));
1374 if(sqlNumRows($res)>0){
1375 return $this->resourcetoxml($res);
1377 $status = 'invalid-id';
1381 $status = 'auth-failed';
1383 return '<!--?xml version="1.0"?-->
1386 <status>' . $status . '</status>
1392 * Soap function to get list of direct address
1394 public function getDirectAddressList($data){
1395 $fh12 = fopen(sys_get_temp_dir() . '/scriptLog2.txt', 'a');
1396 fwrite($fh12, 'getDirectAddressList' . print_r($data, 1) . PHP_EOL
);
1400 if($this->valid($data[0])=='existingpatient'){
1401 $qry = "SELECT fname, mname, lname,email,id FROM users WHERE abook_type = ?";
1402 $res=sqlStatement($qry, array('emr_direct'));
1403 if(sqlNumRows($res)>0){
1404 return $this->resourcetoxml($res);
1406 $status = 'empty-records';
1410 $status = 'auth-failed';
1412 return '<!--?xml version="1.0"?-->
1415 <status>' . $status . '</status>
1420 $server = new SoapServer(null,array('uri' => "urn://portal/res"));
1421 $server->setClass('UserService');
1422 $server->setPersistence(SOAP_PERSISTENCE_SESSION
);