search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
feat: Fixes #6634 CORS content-encoding (#6636)
[openemr.git] / oauth2 / smart / patient-select.php
blobbd7b22082e28219efccd96fdf73ddc58f1ab5672
1 <?php
2
3 /**
4 * patient-select.php
5 * @package openemr
6 * @link http://www.open-emr.org
7 * @author Stephen Nielson <stephen@nielson.org>
8 * @copyright Copyright (c) 2021 Stephen Nielson <stephen@nielson.org>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
10 */
11
12 use OpenEMR\Common\Csrf\CsrfUtils;
13 use OpenEMR\Common\Session\SessionUtil;
14 use OpenEMR\Core\Header;
15
16 if ($oauthLogin !== true) {
17 $message = xlt("Error. Not authorized");
18 SessionUtil::oauthSessionCookieDestroy();
19 echo $message;
20 exit();
21 }
22
23 // make sure we have our patients set
24 $errorMessage = $errorMessage ?? "";
25 $patients = $patients ?? [];
26 $redirect = $redirect ?? "";
27 $searchAction = $searchAction ?? "";
28 $fname = $searchParams['fname'] ?? "";
29 $mname = $searchParams['mname'] ?? "";
30 $lname = $searchParams['lname'] ?? "";
31 $hasMore = $hasMore ?? false;
32
33 ?>
34 <html>
35 <head>
36 <title><?php echo xlt("OpenEMR Authorization"); ?></title>
37 <?php Header::setupHeader(); ?>
38 </head>
39 <body class="container-fluid bg-dark">
40 <div class="row h-100 w-100 justify-content-center align-items-center">
41 <div class="col-sm-6 bg-light text-dark">
42 <div class="text-md-center">
43 <h4 class="mb-4 mt-1"><?php echo xlt("Patient Selection"); ?></h4>
44 </div>
45 <div class="row w-100">
46 <div class="col">
47 <?php if (!empty($errorMessage)) : ?>
48 <p class="alert alert-warning"><?php echo xlt($errorMessage); ?></p>
49 <?php endif; ?>
50
51 <?php if (count($patients) < 0) : ?>
52 <p class="alert alert-info"><?php echo xlt("No patients to select"); ?></p>
53 <?php else : ?>
54 <form action="<?php echo $searchAction; ?>" method="GET">
55 <input class="w-25" name="search[fname]" type="text" class="form-control form-input" placeholder="<?php echo xla("First Name"); ?>"
56 value="<?php echo attr($fname); ?>" />
57 <input class="w-25" name="search[mname]" type="text" class="form-control form-input" placeholder="<?php echo xla("Middle Name"); ?>"
58 value="<?php echo attr($mname); ?>" />
59 <input class="w-25" name="search[lname]" type="text" class="form-control form-input" placeholder="<?php echo xla("Last Name"); ?>"
60 value="<?php echo attr($lname); ?>" />
61 <input type="submit" value="<?php echo xla("Search"); ?>" />
62 </form>
63 <?php if ($hasMore) : ?>
64 <p class="alert alert-info"><?php echo xlt("Too many search results found. Displaying a limited set of patients. Narrow your search results through the filters above."); ?></p>
65 <?php endif; ?>
66 </div>
67 </div>
68 <div class="row w-100">
69 <p class="col">
70
71 <table class="table table-striped">
72 <thead>
73 <tr>
74 <th><?php echo xlt("Name"); ?></th>
75 <th><?php echo xlt("DOB"); ?></th>
76 <th><?php echo xlt("Sex"); ?></th>
77 <th><?php echo xlt("Email"); ?></th>
78 <th></th>
79 </tr>
80 </thead>
81 <tbody>
82 <?php foreach ($patients as $patient) : ?>
83 <tr>
84 <td>
85 <?php if ($patient['mname']) : ?>
86 <?php echo text(sprintf("%s %s %s", $patient['fname'], $patient['mname'], $patient['lname'])); ?>
87 <?php else : ?>
88 <?php echo text(sprintf("%s %s", $patient['fname'], $patient['lname'])); ?>
89 <?php endif; ?>
90 </td>
91 <td>
92 <?php echo text($patient['DOB']); ?>
93 </td>
94 <td>
95 <?php echo text($patient['sex']); ?>
96 </td>
97 <td>
98 <?php echo text($patient['email']); ?>
99 </td>
100 <td>
101 <button data-patient-id="<?php echo attr($patient['uuid']); ?>" class="btn btn-primary patient-btn"><?php echo xlt("Select patient"); ?></button>
102 </td>
103 </tr>
104 <?php endforeach; ?>
105 </tbody>
106 </table>
107 <?php endif; ?>
108 </div>
109 </div>
110
111 <form method="post" name="patientForm" id="patientForm" action="<?php echo $redirect ?>">
112 <input type="hidden" name="csrf_token" value="<?php echo attr(CsrfUtils::collectCsrfToken('oauth2')); ?>" />
113 <input id="patient_id" type="hidden" name="patient_id" value="" />
114 </form>
115 </div>
116 </div>
117 <script>
118 (function(window) {
119
120 function choosePatient(evt) {
121 var target = evt.target;
122 var patientId = target.dataset.patientId || undefined;
123 if (!patientId) {
124 console.error(<?php echo xlj("Developer error. Patient id is missing from dataset");?>);
125 return;
126 }
127 var patientInput = document.getElementById('patient_id');
128 if (!patientInput) {
129 console.error(<?php echo xlj("Developer error missing hidden form element 'selectedPatient'");?>);
130 return;
131 }
132 patientInput.value = patientId;
133
134 // now submit our form.
135 let form = document.getElementById('patientForm');
136 if (!form) {
137 console.error(<?php echo xlj("Developer error missing form 'patientForm'");?>);
138 return;
139 }
140 form.submit();
141 }
142
143 function setup() {
144 var i;
145 var btns = document.querySelectorAll(".patient-btn");
146 // eventually browsers will support the foreach.. otherwise let's loop
147 for (i = 0; i < btns.length; i++) {
148 btns[i].addEventListener('click', choosePatient);
149 }
150 }
151 window.addEventListener('load', setup);
152 })(window)
153 </script>
154 </body>
155 </html>
Mirror of official OpenEMR Sourceforge repository