interface/patient_file/summary/disclosure_full.php

   1 <?php
   2 /**
   3  * Patient disclosures main screen.
   4  *
   5  * @package   OpenEMR
   6  * @link      http://www.open-emr.org
   7  * @author    Visolve <vicareplus_engg@visolve.com>
   8  * @author    Brady Miller <brady.g.miller@gmail.com>
   9  * @copyright Copyright (c) Visolve <vicareplus_engg@visolve.com>
  10  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
  11  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  12  */
  13
  14
  15 require_once("../../globals.php");
  16 require_once("$srcdir/options.inc.php");
  17
  18 use OpenEMR\Common\Csrf\CsrfUtils;
  19 use OpenEMR\Common\Logging\EventAuditLogger;
  20 use OpenEMR\Core\Header;
  21
  22 //retrieve the user name
  23 $res = sqlQuery("select username from users where username=?", array($_SESSION["authUser"]));
  24 $uname=$res["username"];
  25 //if the mode variable is set to disclosure, retrieve the values from 'disclosure_form ' in record_disclosure.php to store it in database.
  26 if (isset($_POST["mode"]) and  $_POST["mode"] == "disclosure") {
  27     if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  28         CsrfUtils::csrfNotVerified();
  29     }
  30
  31     $dates=trim($_POST['dates']);
  32     $event=trim($_POST['form_disclosure_type']);
  33     $recipient_name=trim($_POST['recipient_name']);
  34     $disclosure_desc=trim($_POST['desc_disc']);
  35     $disclosure_id=trim($_POST['disclosure_id']);
  36     if (isset($_POST["updatemode"]) and $_POST["updatemode"] == "disclosure_update") {
  37         //update the recorded disclosure in the extended_log table.
  38         EventAuditLogger::instance()->updateRecordedDisclosure($dates, $event, $recipient_name, $disclosure_desc, $disclosure_id);
  39     } else {
  40         //insert the disclosure records in the extended_log table.
  41         EventAuditLogger::instance()->recordDisclosure($dates, $event, $pid, $recipient_name, $disclosure_desc, $uname);
  42     }
  43     // added ajax submit to record_disclosure thus an exit() 12/19/17
  44     exit();
  45 }
  46
  47 if (isset($_GET['deletelid'])) {
  48     if (!CsrfUtils::verifyCsrfToken($_GET["csrf_token_form"])) {
  49         CsrfUtils::csrfNotVerified();
  50     }
  51
  52     $deletelid=$_GET['deletelid'];
  53     //function to delete the recorded disclosures
  54     EventAuditLogger::instance()->deleteDisclosure($deletelid);
  55 }
  56 ?>
  57 <html>
  58 <head>
  59
  60     <?php Header::setupHeader(['common']); ?>
  61
  62 </head>
  63
  64 <body class="body_top">
  65 <div>
  66     <span class="title"><?php echo xlt('Disclosures'); ?></span>
  67 </div>
  68 <div class="disclosure_wrap">
  69 <div style='float: left; margin-right: 10px'><?php echo xlt('for'); ?>&nbsp;
  70     <span class="title"><a href="../summary/demographics.php" onclick="top.restoreSession()"><?php $pname = getPatientName($pid);
  71     echo text($pname); ?></a></span>
  72 </div>
  73 <div>
  74     <a href="record_disclosure.php" class="css_button iframe" onclick="top.restoreSession()"><span><?php echo xlt('Record'); ?></span></a>
  75 </div>
  76 <div>
  77     <a href="demographics.php"
  78     class="css_button" onclick="top.restoreSession()"> <span><?php echo xlt('View Patient') ?></span></a>
  79 </div>
  80 </div>
  81 <br>
  82 <br>
  83 <?php
  84 $N=15;
  85 $offset = $_REQUEST['offset'];
  86 if (!isset($offset)) {
  87     $offset = 0;
  88 }
  89
  90 $disclQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
  91   " LEFT JOIN users u ON u.username = el.user " .
  92   " WHERE el.patient_id = ? AND el.event IN (SELECT option_id FROM list_options WHERE list_id='disclosure_type' AND activity = 1)" .
  93   " ORDER BY el.date DESC ";
  94 $r2= sqlStatement($disclQry, array($pid));
  95 $totalRecords=sqlNumRows($r2);
  96
  97 $disclInnerQry = " SELECT el.id, el.event, el.recipient, el.description, el.date, CONCAT(u.fname, ' ', u.lname) as user_fullname FROM extended_log el" .
  98   " LEFT JOIN users u ON u.username = el.user" .
  99   " WHERE patient_id = ? AND event IN (SELECT option_id FROM list_options WHERE list_id = 'disclosure_type' AND activity = 1)" .
 100   " ORDER BY date DESC LIMIT " . escape_limit($offset) . " , " . escape_limit($N);
 101
 102 $r1= sqlStatement($disclInnerQry, array($pid));
 103 $n=sqlNumRows($r1);
 104 $noOfRecordsLeft=($totalRecords - $offset);
 105 if ($n>0) {?>
 106     <table border='0' class="text">
 107         <tr>
 108         <td colspan='5' style="padding: 5px;"><a href="disclosure_full.php" class="" id='Submit' onclick="top.restoreSession()"><span><?php echo xlt('Refresh'); ?></span></a></td>
 109         </tr>
 110     </table>
 111 <div id='pnotes'>
 112     <table border='0' cellpadding="1" width='80%'>
 113         <tr class="showborder_head" align='left' height="22">
 114             <th style='width: 120px';>&nbsp;</th>
 115             <th style="border-style: 1px solid #000" width="140px"><?php echo xlt('Recipient Name'); ?></th>
 116             <th style="border-style: 1px solid #000" width="140px"><?php echo xlt('Disclosure Type'); ?></th>
 117             <th style="border-style: 1px solid #000"><?php echo xlt('Description'); ?></th>
 118             <th style="border-style: 1px solid #000"><?php echo xlt('Provider'); ?></th>
 119         </tr>
 120     <?php
 121     $result2 = array();
 122     for ($iter = 0; $frow = sqlFetchArray($r1); $iter++) {
 123         $result2[$iter] = $frow;
 124     }
 125
 126     foreach ($result2 as $iter) { ?>
 127         <!-- List the recipient name, description, date and edit and delete options-->
 128         <tr  class="noterow" height='25'>
 129             <!--buttons for edit and delete.-->
 130             <td valign='top'><a href='record_disclosure.php?editlid=<?php echo attr_url($iter['id']); ?>'
 131             class='css_button_small iframe' onclick='top.restoreSession()'><span><?php echo xlt('Edit');?></span></a>
 132             <a href='#' class='deletenote css_button_small'
 133             id='<?php echo attr($iter['id']); ?>' onclick='top.restoreSession()'><span><?php echo xlt('Delete');?></span></a></td>
 134             <td class="text" valign='top'><?php echo text($iter['recipient']);?>&nbsp;</td>
 135             <td class='text' valign='top'><?php echo text(getListItemTitle('disclosure_type', $iter['event'])); ?>&nbsp;</td>
 136             <td class='text'><?php echo text($iter['date']) . " " . nl2br(text($iter['description']));?>&nbsp;</td>
 137             <td class='text'><?php echo text($iter['user_fullname']);?></td>
 138         </tr>
 139         <?php
 140     }
 141 } else {?>
 142     <br>
 143     <!-- Display None, if there is no disclosure -->
 144     <span class='text' colspan='3'><?php echo xlt('None{{Disclosure}}');?></span>
 145     <?php
 146 }
 147 ?>
 148 </table>
 149 <table width='400' border='0' cellpadding='0' cellspacing='0'>
 150  <tr>
 151   <td>
 152 <?php
 153 if ($offset > ($N-1) && $n!=0) {
 154     echo "   <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
 155         "&offset=" . attr_url($offset-$N) . "' onclick='top.restoreSession()'>[" .
 156         xlt('Previous') . "]</a>\n";
 157 }
 158 ?>
 159
 160 <?php
 161
 162 if ($n >= $N && $noOfRecordsLeft!=$N) {
 163     echo "&nbsp;&nbsp;   <a class='link' href='disclosure_full.php?active=" . attr_url($active) .
 164         "&offset=" . attr_url($offset+$N)  ."&leftrecords=" . attr_url($noOfRecordsLeft) . "' onclick='top.restoreSession()'>[" .
 165         xlt('Next') . "]</a>\n";
 166 }
 167 ?>
 168   </td>
 169  </tr>
 170 </table>
 171 </div>
 172 </body>
 173
 174 <script type="text/javascript">
 175 $(document).ready(function () {
 176     // todo, move this to a common library
 177     //for row highlight.
 178     $(".noterow").mouseover(function () {
 179         $(this).toggleClass("highlight");
 180     });
 181     $(".noterow").mouseout(function () {
 182         $(this).toggleClass("highlight");
 183     });
 184
 185     //for deleting the disclosures
 186     $(".deletenote").click(function () {
 187         DeleteNote(this);
 188     });
 189
 190     var DeleteNote = function (logevent) {
 191         if (confirm(<?php echo xlj('Are you sure you want to delete this disclosure?'); ?> + "\n " + <?php echo xlj('This action CANNOT be undone.'); ?>)) {
 192             top.restoreSession();
 193             window.location.replace("disclosure_full.php?deletelid=" + encodeURIComponent(logevent.id) + "&csrf_token_form=" + <?php echo js_url(CsrfUtils::collectCsrfToken()); ?>);
 194         }
 195     }
 196
 197     $(".iframe").on('click', function(e) {
 198         e.preventDefault();e.stopPropagation();
 199         dlgopen('', '', 500, 310, '', '', {
 200             allowResize: true,
 201             allowDrag: true,
 202             dialogId: '',
 203             type: 'iframe',
 204             url: $(this).attr('href')
 205         });
 206     });
 207
 208 });
 209 // for record disclosure dlgclose callback
 210 function refreshme() {
 211     top.restoreSession();
 212     document.location.reload();
 213 }
 214 </script>
 215 </html>
 216
 217