3 use OpenEMR\Common\Acl\AclMain
;
4 use OpenEMR\Services\FormService
;
6 $GLOBALS['form_exit_url'] = "javascript:parent.closeTab(window.name, false)";
8 function getFormByEncounter(
11 $cols = "form_id, form_name",
13 $orderby = "FIND_IN_SET(formdir,'vitals') DESC, date DESC"
15 $formService = new FormService();
16 return $formService->getFormByEncounter($attendant_id, $encounter, $cols, $name, $orderby);
29 $therapy_group = 'not_given'
32 global $attendant_type;
34 $user = $_SESSION['authUser'] ??
null;
38 $group = $_SESSION['authProvider'] ??
null;
41 if ($therapy_group == 'not_given') {
42 $therapy_group = $attendant_type == 'pid' ?
null : $_SESSION['therapy_group'];
45 //print_r($_SESSION['therapy_group']);die;
46 $arraySqlBind = array();
47 $sql = "insert into forms (date, encounter, form_name, form_id, pid, " .
48 "user, groupname, authorized, formdir, therapy_group_id) values (";
49 if ($date == "NOW()") {
53 array_push($arraySqlBind, $date);
56 $sql .= ", ?, ?, ?, ?, ?, ?, ?, ?, ?)";
57 array_push($arraySqlBind, $encounter, $form_name, $form_id, $pid, $user, $group, $authorized, $formdir, $therapy_group);
58 return sqlInsert($sql, $arraySqlBind);
61 function authorizeForm($id, $authorized = "1")
63 sqlQuery("UPDATE forms SET authorized = ? WHERE id = ? AND deleted = 0", array($authorized, $id));
66 function getEncounters($pid, $dateStart = '', $dateEnd = '', $encounterRuleType = '')
68 $arraySqlBind = array();
70 if ($encounterRuleType) {
71 // Only collect certain type of encounters (list_options item from the rule_enc_types list that is mapped via enc_category_map table)
72 $from = "form_encounter LEFT JOIN enc_category_map ON (form_encounter.pc_catid = enc_category_map.main_cat_id)";
73 $where = "enc_category_map.rule_enc_id = ? and ";
74 array_push($arraySqlBind, $encounterRuleType);
76 // Collect all encounters
77 $from = "form_encounter";
80 if ($dateStart && $dateEnd) {
81 $where .= "form_encounter.pid = ? and form_encounter.date >= ? and form_encounter.date <= ?";
82 array_push($arraySqlBind, $pid, $dateStart, $dateEnd);
83 } elseif ($dateStart && !$dateEnd) {
84 $where .= "form_encounter.pid = ? and form_encounter.date >= ?";
85 array_push($arraySqlBind, $pid, $dateStart);
86 } elseif (!$dateStart && $dateEnd) {
87 $where .= "form_encounter.pid = ? and form_encounter.date <= ?";
88 array_push($arraySqlBind, $pid, $dateEnd);
90 $where .= "form_encounter.pid = ?";
91 array_push($arraySqlBind, $pid);
94 //Not table escaping $from since this is hard-coded above and can include more than just a table name
95 $res = sqlStatement("SELECT distinct encounter FROM " . $from . " WHERE " . $where . " ORDER by date desc", $arraySqlBind);
98 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
105 function getEncounterDateByEncounter($encounter)
107 global $attendant_type;
108 $table = $attendant_type == 'pid' ?
'form_encounter' : 'form_groups_encounter';
109 // $sql = "select date from forms where encounter='$encounter' order by date";
110 $sql = "SELECT date FROM " . escape_table_name($table) . " WHERE encounter = ? ORDER BY date";
111 return sqlQuery($sql, array($encounter));
114 function getProviderIdOfEncounter($encounter)
116 global $attendant_type;
117 $table = $attendant_type == 'pid' ?
'form_encounter' : 'form_groups_encounter';
118 $sql = "SELECT provider_id FROM " . escape_table_name($table) . " WHERE encounter=? ORDER BY date";
119 $res = sqlQuery($sql, array($encounter));
120 return $res['provider_id'];
123 function getFormNameByFormdirAndFormid($formdir, $form_id)
125 return sqlQuery("SELECT form_name FROM forms WHERE formdir = ? AND form_id = ? AND deleted = 0", array($formdir, $form_id));
128 function getFormIdByFormdirAndFormid($formdir, $form_id)
130 $result = sqlQuery("select id from forms where formdir = ? and form_id = ? and deleted = 0 ", array( $formdir, $form_id ));
131 return $result['id'];
134 function getFormNameByFormdir($formdir)
136 return sqlQuery("SELECT form_name FROM forms WHERE formdir = ? AND deleted = 0", array($formdir));
139 function getDocumentsByEncounter($patientID = null, $encounterID = null)
141 $allDocuments = null;
142 $currentEncounter = ( $encounterID ) ?
$encounterID : $_SESSION['encounter'];
143 $currentPatient = ( $patientID ) ?
$patientID : $_SESSION['pid'];
145 if ($currentPatient != "" && $currentEncounter != "") {
146 $sql = "SELECT d.id, d.type, d.url, d.name as document_name, d.docdate, d.list_id, c.name, d.encounter_id FROM documents AS d, categories_to_documents AS cd,
147 categories AS c WHERE d.foreign_id = ? AND d.encounter_id=? AND cd.document_id = d.id AND c.id = cd.category_id ORDER BY d.docdate DESC, d.id DESC";
148 $res = sqlStatement($sql, array($currentPatient,$currentEncounter));
150 while ($row = sqlFetchArray($res)) {
151 $allDocuments[] = $row;
155 return $allDocuments;
158 function hasFormPermission($formDir)
160 // get the aco spec from registry table
161 $formRow = sqlQuery("SELECT aco_spec FROM registry WHERE directory = ?", array($formDir));
162 $permission = explode('|', $formRow['aco_spec']);
163 return AclMain
::aclCheckCore($permission[0], $permission[1]);