3 * Patient disclosures main screen.
6 * @link http://www.open-emr.org
7 * @author Visolve <vicareplus_engg@visolve.com>
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @copyright Copyright (c) Visolve <vicareplus_engg@visolve.com>
10 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
11 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 require_once("../../globals.php");
16 require_once("$srcdir/options.inc.php");
18 use OpenEMR\Common\Csrf\CsrfUtils
;
19 use OpenEMR\Common\Logging\EventAuditLogger
;
20 use OpenEMR\Core\Header
;
22 //retrieve the user name
23 $res = sqlQuery("select username from users where username=?", array($_SESSION["authUser"]));
24 $uname=$res["username"];
25 //if the mode variable is set to disclosure, retrieve the values from 'disclosure_form ' in record_disclosure.php to store it in database.
26 if (isset($_POST["mode"]) and $_POST["mode"] == "disclosure") {
27 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
28 CsrfUtils
::csrfNotVerified();
31 $dates=trim($_POST['dates']);
32 $event=trim($_POST['form_disclosure_type']);
33 $recipient_name=trim($_POST['recipient_name']);
34 $disclosure_desc=trim($_POST['desc_disc']);
35 $disclosure_id=trim($_POST['disclosure_id']);
36 if (isset($_POST["updatemode"]) and $_POST["updatemode"] == "disclosure_update") {
37 //update the recorded disclosure in the extended_log table.
38 EventAuditLogger
::instance()->updateRecordedDisclosure($dates, $event, $recipient_name, $disclosure_desc, $disclosure_id);
40 //insert the disclosure records in the extended_log table.
41 EventAuditLogger
::instance()->recordDisclosure($dates, $event, $pid, $recipient_name, $disclosure_desc, $uname);
43 // added ajax submit to record_disclosure thus an exit() 12/19/17
47 if (isset($_GET['deletelid'])) {
48 if (!CsrfUtils
::verifyCsrfToken($_GET["csrf_token_form"])) {
49 CsrfUtils
::csrfNotVerified();
52 $deletelid=$_GET['deletelid'];
53 //function to delete the recorded disclosures
54 EventAuditLogger
::instance()->deleteDisclosure($deletelid);
60 <?php Header
::setupHeader(['common']); ?
>
64 <body
class="body_top">
66 <span
class="title"><?php
echo xlt('Disclosures'); ?
></span
>
68 <div
class="disclosure_wrap">
69 <div style
='float: left; margin-right: 10px'><?php
echo xlt('for'); ?
> 
;
70 <span
class="title"><a href
="../summary/demographics.php" onclick
="top.restoreSession()"><?php
$pname = getPatientName($pid);
71 echo text($pname); ?
></a
></span
>
74 <a href
="record_disclosure.php" class="css_button iframe" onclick
="top.restoreSession()"><span
><?php
echo xlt('Record'); ?
></span
></a
>
77 <a href
="demographics.php"
78 class="css_button" onclick
="top.restoreSession()"> <span
><?php
echo xlt('View Patient') ?
></span
></a
>
85 $offset = $_REQUEST['offset'];
86 if (!isset($offset)) {
90 $disclQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
91 " LEFT JOIN users u ON u.username = el.user " .
92 " WHERE el.patient_id = ? AND el.event IN (SELECT option_id FROM list_options WHERE list_id='disclosure_type' AND activity = 1)" .
93 " ORDER BY el.date DESC ";
94 $r2= sqlStatement($disclQry, array($pid));
95 $totalRecords=sqlNumRows($r2);
97 $disclInnerQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
98 " LEFT JOIN users u ON u.username = el.user" .
99 " WHERE patient_id = ? AND event IN (SELECT option_id FROM list_options WHERE list_id = 'disclosure_type' AND activity = 1)" .
100 " ORDER BY date DESC LIMIT " . escape_limit($offset) . " , " . escape_limit($N);
102 $r1= sqlStatement($disclInnerQry, array($pid));
104 $noOfRecordsLeft=($totalRecords - $offset);
106 <table border
='0' class="text">
108 <td colspan
='5' style
="padding: 5px;"><a href
="disclosure_full.php" class="" id
='Submit' onclick
="top.restoreSession()"><span
><?php
echo xlt('Refresh'); ?
></span
></a
></td
>
112 <table border
='0' cellpadding
="1" width
='80%'>
113 <tr
class="showborder_head" align
='left' height
="22">
114 <th style
='width: 120px';> 
;</th
>
115 <th style
="border-style: 1px solid #000" width
="140px"><?php
echo xlt('Recipient Name'); ?
></th
>
116 <th style
="border-style: 1px solid #000" width
="140px"><?php
echo xlt('Disclosure Type'); ?
></th
>
117 <th style
="border-style: 1px solid #000"><?php
echo xlt('Description'); ?
></th
>
118 <th style
="border-style: 1px solid #000"><?php
echo xlt('Provider'); ?
></th
>
122 for ($iter = 0; $frow = sqlFetchArray($r1); $iter++
) {
123 $result2[$iter] = $frow;
126 foreach ($result2 as $iter) { ?
>
127 <!-- List the recipient name
, description
, date
and edit
and delete options
-->
128 <tr
class="noterow" height
='25'>
129 <!--buttons
for edit
and delete
.-->
130 <td valign
='top'><a href
='record_disclosure.php?editlid=<?php echo attr_url($iter['id
']); ?>'
131 class='css_button_small iframe' onclick
='top.restoreSession()'><span
><?php
echo xlt('Edit');?
></span
></a
>
132 <a href
='#' class='deletenote css_button_small'
133 id
='<?php echo attr($iter['id
']); ?>' onclick
='top.restoreSession()'><span
><?php
echo xlt('Delete');?
></span
></a
></td
>
134 <td
class="text" valign
='top'><?php
echo text($iter['recipient']);?
> 
;</td
>
135 <td
class='text' valign
='top'><?php
echo text(getListItemTitle('disclosure_type', $iter['event'])); ?
> 
;</td
>
136 <td
class='text'><?php
echo text($iter['date']) . " " . nl2br(text($iter['description']));?
> 
;</td
>
137 <td
class='text'><?php
echo text($iter['user_fullname']);?
></td
>
143 <!-- Display None
, if there is no disclosure
-->
144 <span
class='text' colspan
='3'><?php
echo xlt('None{{Disclosure}}');?
></span
>
149 <table width
='400' border
='0' cellpadding
='0' cellspacing
='0'>
153 if ($offset > ($N-1) && $n!=0) {
154 echo " <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
155 "&offset=" . attr_url($offset-$N) . "' onclick='top.restoreSession()'>[" .
156 xlt('Previous') . "]</a>\n";
162 if ($n >= $N && $noOfRecordsLeft!=$N) {
163 echo " <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
164 "&offset=" . attr_url($offset+
$N) ."&leftrecords=" . attr_url($noOfRecordsLeft) . "' onclick='top.restoreSession()'>[" .
165 xlt('Next') . "]</a>\n";
174 <script type
="text/javascript">
175 $
(document
).ready(function () {
176 // todo, move this to a common library
178 $
(".noterow").mouseover(function () {
179 $
(this
).toggleClass("highlight");
181 $
(".noterow").mouseout(function () {
182 $
(this
).toggleClass("highlight");
185 //for deleting the disclosures
186 $
(".deletenote").click(function () {
190 var DeleteNote
= function (logevent
) {
191 if (confirm(<?php
echo xlj('Are you sure you want to delete this disclosure?'); ?
> +
"\n " +
<?php
echo xlj('This action CANNOT be undone.'); ?
>)) {
192 top
.restoreSession();
193 window
.location
.replace("disclosure_full.php?deletelid=" +
encodeURIComponent(logevent
.id
) +
"&csrf_token_form=" +
<?php
echo js_url(CsrfUtils
::collectCsrfToken()); ?
>);
197 $
(".iframe").on('click', function(e
) {
198 e
.preventDefault();e
.stopPropagation();
199 dlgopen('', '', 500, 310, '', '', {
204 url
: $
(this
).attr('href')
209 // for record disclosure dlgclose callback
210 function refreshme() {
211 top
.restoreSession();
212 document
.location
.reload();