2 // Copyright (C) 2007-2010 Rod Roark <rod@sunsetsystems.com>
3 // Copyright © 2010 by Andrew Moore <amoore@cpan.org>
4 // Copyright © 2010 by "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
11 // Functions for managing the lists and layouts
13 // Note: there are translation wrappers for the lists and layout labels
14 // at library/translation.inc.php. The functions are titled
15 // xl_list_label() and xl_layout_label() and are controlled by the
16 // $GLOBALS['translate_lists'] and $GLOBALS['translate_layout']
17 // flags in globals.php
19 // Documentation for layout_options.edit_options:
21 // C = Capitalize first letter of each word (text fields)
22 // D = Check for duplicates in New Patient form
23 // H = Read-only field copied from static history
24 // L = Lab Order ("ord_lab") types only (address book)
25 // N = Show in New Patient form
26 // O = Procedure Order ("ord_*") types only (address book)
27 // U = Capitalize all letters (text fields)
28 // V = Vendor types only (address book)
29 // R = Distributor types only (address book)
30 // 1 = Write Once (not editable when not empty) (text fields)
32 require_once("formdata.inc.php");
33 require_once("formatting.inc.php");
34 require_once("user.inc");
38 function get_pharmacies() {
39 return sqlStatement("SELECT d.id, d.name, a.line1, a.city, " .
40 "p.area_code, p.prefix, p.number FROM pharmacies AS d " .
41 "LEFT OUTER JOIN addresses AS a ON a.foreign_id = d.id " .
42 "LEFT OUTER JOIN phone_numbers AS p ON p.foreign_id = d.id " .
44 "ORDER BY name, area_code, prefix, number");
47 // Function to generate a drop-list.
49 function generate_select_list($tag_name, $list_id, $currvalue, $title,
50 $empty_name=' ', $class='', $onchange='')
53 $tag_name_esc = htmlspecialchars( $tag_name, ENT_QUOTES
);
54 $s .= "<select name='$tag_name_esc' id='$tag_name_esc'";
55 if ($class) $s .= " class='$class'";
56 if ($onchange) $s .= " onchange='$onchange'";
57 $selectTitle = htmlspecialchars( $title, ENT_QUOTES
);
58 $s .= " title='$selectTitle'>";
59 $selectEmptyName = htmlspecialchars( xl($empty_name), ENT_NOQUOTES
);
60 if ($empty_name) $s .= "<option value=''>" . $selectEmptyName . "</option>";
61 $lres = sqlStatement("SELECT * FROM list_options " .
62 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
63 $got_selected = FALSE;
64 while ($lrow = sqlFetchArray($lres)) {
65 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
66 $s .= "<option value='$optionValue'";
67 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
68 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
73 $optionLabel = htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
74 $s .= ">$optionLabel</option>\n";
76 if (!$got_selected && strlen($currvalue) > 0) {
77 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
78 $s .= "<option value='$currescaped' selected>* $currescaped *</option>";
80 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_QUOTES
);
81 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
82 $s .= " <font color='red' title='$fontTitle'>$fontText!</font>";
90 // $frow is a row from the layout_options table.
91 // $currvalue is the current value, if any, of the associated item.
93 function generate_form_field($frow, $currvalue) {
94 global $rootdir, $date_init;
96 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
98 $data_type = $frow['data_type'];
99 $field_id = $frow['field_id'];
100 $list_id = $frow['list_id'];
101 // escaped variables to use in html
102 $field_id_esc= htmlspecialchars( $field_id, ENT_QUOTES
);
103 $list_id_esc = htmlspecialchars( $list_id, ENT_QUOTES
);
105 // Added 5-09 by BM - Translate description if applicable
106 $description = htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES
);
108 // added 5-2009 by BM to allow modification of the 'empty' text title field.
109 // Can pass $frow['empty_title'] with this variable, otherwise
110 // will default to 'Unassigned'.
111 // modified 6-2009 by BM to allow complete skipping of the 'empty' text title
112 // if make $frow['empty_title'] equal to 'SKIP'
114 if (isset($frow['empty_title'])) {
115 if ($frow['empty_title'] == "SKIP") {
116 //do not display an 'empty' choice
118 $empty_title = "Unassigned";
121 $empty_title = $frow['empty_title'];
125 $empty_title = "Unassigned";
128 // generic single-selection list
129 if ($data_type == 1) {
130 echo generate_select_list("form_$field_id", $list_id, $currvalue,
131 $description, $showEmpty ?
$empty_title : '');
135 else if ($data_type == 2) {
136 $fldlength = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
137 $maxlength = htmlspecialchars( $frow['max_length'], ENT_QUOTES
);
138 echo "<input type='text'" .
139 " name='form_$field_id_esc'" .
140 " id='form_$field_id_esc'" .
141 " size='$fldlength'" .
142 " maxlength='$maxlength'" .
143 " title='$description'" .
144 " value='$currescaped'";
145 if (strpos($frow['edit_options'], 'C') !== FALSE)
146 echo " onchange='capitalizeMe(this)'";
147 else if (strpos($frow['edit_options'], 'U') !== FALSE)
148 echo " onchange='this.value = this.value.toUpperCase()'";
149 $tmp = htmlspecialchars( $GLOBALS['gbl_mask_patient_id'], ENT_QUOTES
);
150 if ($field_id == 'pubpid' && strlen($tmp) > 0) {
151 echo " onkeyup='maskkeyup(this,\"$tmp\")'";
152 echo " onblur='maskblur(this,\"$tmp\")'";
154 if (strpos($frow['edit_options'], '1') !== FALSE && strlen($currescaped) > 0)
159 // long or multi-line text field
160 else if ($data_type == 3) {
161 $textCols = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
162 $textRows = htmlspecialchars( $frow['max_length'], ENT_QUOTES
);
164 " name='form_$field_id_esc'" .
165 " id='form_$field_id_esc'" .
166 " title='$description'" .
167 " cols='$textCols'" .
168 " rows='$textRows'>" .
169 $currescaped . "</textarea>";
173 else if ($data_type == 4) {
174 echo "<input type='text' size='10' name='form_$field_id_esc' id='form_$field_id_esc'" .
175 " value='$currescaped'" .
176 " title='$description'" .
177 " onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' />" .
178 "<img src='$rootdir/pic/show_calendar.gif' align='absbottom' width='24' height='22'" .
179 " id='img_$field_id_esc' border='0' alt='[?]' style='cursor:pointer'" .
180 " title='" . htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES
) . "' />";
181 $date_init .= " Calendar.setup({inputField:'form_$field_id', ifFormat:'%Y-%m-%d', button:'img_$field_id'});\n";
184 // provider list, local providers only
185 else if ($data_type == 10) {
186 $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " .
187 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
188 "AND authorized = 1 " .
189 "ORDER BY lname, fname");
190 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
191 echo "<option value=''>" . htmlspecialchars( xl('Unassigned'), ENT_NOQUOTES
) . "</option>";
192 while ($urow = sqlFetchArray($ures)) {
193 $uname = htmlspecialchars( $urow['fname'] . ' ' . $urow['lname'], ENT_NOQUOTES
);
194 $optionId = htmlspecialchars( $urow['id'], ENT_QUOTES
);
195 echo "<option value='$optionId'";
196 if ($urow['id'] == $currvalue) echo " selected";
197 echo ">$uname</option>";
202 // provider list, including address book entries with an NPI number
203 else if ($data_type == 11) {
204 $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " .
205 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
206 "AND ( authorized = 1 OR ( username = '' AND npi != '' ) ) " .
207 "ORDER BY lname, fname");
208 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
209 echo "<option value=''>" . htmlspecialchars( xl('Unassigned'), ENT_NOQUOTES
) . "</option>";
210 while ($urow = sqlFetchArray($ures)) {
211 $uname = htmlspecialchars( $urow['fname'] . ' ' . $urow['lname'], ENT_NOQUOTES
);
212 $optionId = htmlspecialchars( $urow['id'], ENT_QUOTES
);
213 echo "<option value='$optionId'";
214 if ($urow['id'] == $currvalue) echo " selected";
215 echo ">$uname</option>";
221 else if ($data_type == 12) {
222 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
223 echo "<option value='0'></option>";
224 $pres = get_pharmacies();
225 while ($prow = sqlFetchArray($pres)) {
227 $optionValue = htmlspecialchars( $key, ENT_QUOTES
);
228 $optionLabel = htmlspecialchars( $prow['name'] . ' ' . $prow['area_code'] . '-' .
229 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
230 $prow['line1'] . ' / ' . $prow['city'], ENT_NOQUOTES
);
231 echo "<option value='$optionValue'";
232 if ($currvalue == $key) echo " selected";
233 echo ">$optionLabel</option>";
239 else if ($data_type == 13) {
240 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
241 echo "<option value=''> </option>";
242 $squads = acl_get_squads();
244 foreach ($squads as $key => $value) {
245 $optionValue = htmlspecialchars( $key, ENT_QUOTES
);
246 $optionLabel = htmlspecialchars( $value[3], ENT_NOQUOTES
);
247 echo "<option value='$optionValue'";
248 if ($currvalue == $key) echo " selected";
249 echo ">$optionLabel</option>\n";
255 // Address book, preferring organization name if it exists and is not in
256 // parentheses, and excluding local users who are not providers.
257 // Supports "referred to" practitioners and facilities.
258 // Alternatively the letter L in edit_options means that abook_type
259 // must be "ord_lab", indicating types used with the procedure
260 // lab ordering system.
261 // Alternatively the letter O in edit_options means that abook_type
262 // must begin with "ord_", indicating types used with the procedure
264 // Alternatively the letter V in edit_options means that abook_type
265 // must be "vendor", indicating the Vendor type.
266 // Alternatively the letter R in edit_options means that abook_type
267 // must be "dist", indicating the Distributor type.
268 else if ($data_type == 14) {
269 if (strpos($frow['edit_options'], 'L') !== FALSE)
270 $tmp = "abook_type = 'ord_lab'";
271 else if (strpos($frow['edit_options'], 'O') !== FALSE)
272 $tmp = "abook_type LIKE 'ord\\_%'";
273 else if (strpos($frow['edit_options'], 'V') !== FALSE)
274 $tmp = "abook_type LIKE 'vendor%'";
275 else if (strpos($frow['edit_options'], 'R') !== FALSE)
276 $tmp = "abook_type LIKE 'dist'";
278 $tmp = "( username = '' OR authorized = 1 )";
279 $ures = sqlStatement("SELECT id, fname, lname, organization, username FROM users " .
280 "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " .
282 "ORDER BY organization, lname, fname");
283 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
284 echo "<option value=''>" . htmlspecialchars( xl('Unassigned'), ENT_NOQUOTES
) . "</option>";
285 while ($urow = sqlFetchArray($ures)) {
286 $uname = $urow['organization'];
287 if (empty($uname) ||
substr($uname, 0, 1) == '(') {
288 $uname = $urow['lname'];
289 if ($urow['fname']) $uname .= ", " . $urow['fname'];
291 $optionValue = htmlspecialchars( $urow['id'], ENT_QUOTES
);
292 $optionLabel = htmlspecialchars( $uname, ENT_NOQUOTES
);
293 echo "<option value='$optionValue'";
294 $title = $urow['username'] ?
xl('Local') : xl('External');
295 $optionTitle = htmlspecialchars( $title, ENT_QUOTES
);
296 echo " title='$optionTitle'";
297 if ($urow['id'] == $currvalue) echo " selected";
298 echo ">$optionLabel</option>";
304 else if ($data_type == 15) {
305 $fldlength = htmlspecialchars( $frow['fld_length'], ENT_QUOTES
);
306 $maxlength = htmlspecialchars( $frow['max_length'], ENT_QUOTES
);
307 echo "<input type='text'" .
308 " name='form_$field_id_esc'" .
309 " id='form_related_code'" .
310 " size='$fldlength'" .
311 " maxlength='$maxlength'" .
312 " title='$description'" .
313 " value='$currescaped'" .
314 " onclick='sel_related(this)' readonly" .
318 // a set of labeled checkboxes
319 else if ($data_type == 21) {
320 // In this special case, fld_length is the number of columns generated.
321 $cols = max(1, $frow['fld_length']);
322 $avalue = explode('|', $currvalue);
323 $lres = sqlStatement("SELECT * FROM list_options " .
324 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
325 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
326 $tdpct = (int) (100 / $cols);
327 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
328 $option_id = $lrow['option_id'];
329 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
330 // if ($count) echo "<br />";
331 if ($count %
$cols == 0) {
332 if ($count) echo "</tr>";
335 echo "<td width='$tdpct%'>";
336 echo "<input type='checkbox' name='form_{$field_id_esc}[$option_id_esc]' id='form_{$field_id_esc}[$option_id_esc]' value='1'";
337 if (in_array($option_id, $avalue)) echo " checked";
339 // Added 5-09 by BM - Translate label if applicable
340 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
346 if ($count > $cols) {
347 // Add some space after multiple rows of checkboxes.
348 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
349 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
355 // a set of labeled text input fields
356 else if ($data_type == 22) {
357 $tmp = explode('|', $currvalue);
359 foreach ($tmp as $value) {
360 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
361 $avalue[$matches[1]] = $matches[2];
364 $lres = sqlStatement("SELECT * FROM list_options " .
365 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
366 echo "<table cellpadding='0' cellspacing='0'>";
367 while ($lrow = sqlFetchArray($lres)) {
368 $option_id = $lrow['option_id'];
369 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
370 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
371 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
373 // Added 5-09 by BM - Translate label if applicable
374 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
375 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
376 $maxlength = htmlspecialchars( $maxlength, ENT_QUOTES
);
377 $optionValue = htmlspecialchars( $avalue[$option_id], ENT_QUOTES
);
378 echo "<td><input type='text'" .
379 " name='form_{$field_id_esc}[$option_id_esc]'" .
380 " id='form_{$field_id_esc}[$option_id_esc]'" .
381 " size='$fldlength'" .
382 " maxlength='$maxlength'" .
383 " value='$optionValue'";
384 echo " /></td></tr>";
389 // a set of exam results; 3 radio buttons and a text field:
390 else if ($data_type == 23) {
391 $tmp = explode('|', $currvalue);
393 foreach ($tmp as $value) {
394 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
395 $avalue[$matches[1]] = $matches[2];
398 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
399 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
400 $lres = sqlStatement("SELECT * FROM list_options " .
401 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
402 echo "<table cellpadding='0' cellspacing='0'>";
403 echo "<tr><td> </td><td class='bold'>" .
404 htmlspecialchars( xl('N/A'), ENT_NOQUOTES
) .
405 " </td><td class='bold'>" .
406 htmlspecialchars( xl('Nor'), ENT_NOQUOTES
) . " </td>" .
407 "<td class='bold'>" .
408 htmlspecialchars( xl('Abn'), ENT_NOQUOTES
) . " </td><td class='bold'>" .
409 htmlspecialchars( xl('Date/Notes'), ENT_NOQUOTES
) . "</td></tr>";
410 while ($lrow = sqlFetchArray($lres)) {
411 $option_id = $lrow['option_id'];
412 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
413 $restype = substr($avalue[$option_id], 0, 1);
414 $resnote = substr($avalue[$option_id], 2);
416 // Added 5-09 by BM - Translate label if applicable
417 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
419 for ($i = 0; $i < 3; ++
$i) {
420 $inputValue = htmlspecialchars( $i, ENT_QUOTES
);
421 echo "<td><input type='radio'" .
422 " name='radio_{$field_id_esc}[$option_id_esc]'" .
423 " id='radio_{$field_id_esc}[$option_id_esc]'" .
424 " value='$inputValue'";
425 if ($restype === "$i") echo " checked";
428 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
429 $maxlength = htmlspecialchars( $maxlength, ENT_QUOTES
);
430 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
431 echo "<td><input type='text'" .
432 " name='form_{$field_id_esc}[$option_id_esc]'" .
433 " id='form_{$field_id_esc}[$option_id_esc]'" .
434 " size='$fldlength'" .
435 " maxlength='$maxlength'" .
436 " value='$resnote' /></td>";
442 // the list of active allergies for the current patient
443 // this is read-only!
444 else if ($data_type == 24) {
445 $query = "SELECT title, comments FROM lists WHERE " .
446 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
448 // echo "<!-- $query -->\n"; // debugging
449 $lres = sqlStatement($query, array($GLOBALS['pid']));
451 while ($lrow = sqlFetchArray($lres)) {
452 if ($count++
) echo "<br />";
453 echo htmlspecialchars( $lrow['title'], ENT_NOQUOTES
);
454 if ($lrow['comments']) echo ' (' . htmlspecialchars( $lrow['comments'], ENT_NOQUOTES
) . ')';
458 // a set of labeled checkboxes, each with a text field:
459 else if ($data_type == 25) {
460 $tmp = explode('|', $currvalue);
462 foreach ($tmp as $value) {
463 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
464 $avalue[$matches[1]] = $matches[2];
467 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
468 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
469 $lres = sqlStatement("SELECT * FROM list_options " .
470 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
471 echo "<table cellpadding='0' cellspacing='0'>";
472 while ($lrow = sqlFetchArray($lres)) {
473 $option_id = $lrow['option_id'];
474 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
475 $restype = substr($avalue[$option_id], 0, 1);
476 $resnote = substr($avalue[$option_id], 2);
478 // Added 5-09 by BM - Translate label if applicable
479 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
481 $option_id = htmlspecialchars( $option_id, ENT_QUOTES
);
482 echo "<td><input type='checkbox' name='check_{$field_id_esc}[$option_id_esc]' id='check_{$field_id_esc}[$option_id_esc]' value='1'";
483 if ($restype) echo " checked";
484 echo " /> </td>";
485 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
486 $maxlength = htmlspecialchars( $maxlength, ENT_QUOTES
);
487 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
488 echo "<td><input type='text'" .
489 " name='form_{$field_id_esc}[$option_id_esc]'" .
490 " id='form_{$field_id_esc}[$option_id_esc]'" .
491 " size='$fldlength'" .
492 " maxlength='$maxlength'" .
493 " value='$resnote' /></td>";
499 // single-selection list with ability to add to it
500 else if ($data_type == 26) {
501 echo "<select class='addtolistclass_$list_id_esc' name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
502 if ($showEmpty) echo "<option value=''>" . htmlspecialchars( xl($empty_title), ENT_QUOTES
) . "</option>";
503 $lres = sqlStatement("SELECT * FROM list_options " .
504 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
505 $got_selected = FALSE;
506 while ($lrow = sqlFetchArray($lres)) {
507 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
508 echo "<option value='$optionValue'";
509 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
510 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
513 $got_selected = TRUE;
515 // Added 5-09 by BM - Translate label if applicable
516 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . "</option>\n";
518 if (!$got_selected && strlen($currvalue) > 0) {
519 echo "<option value='$currescaped' selected>* $currescaped *</option>";
521 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_NOQUOTES
);
522 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
523 echo " <font color='red' title='$fontTitle'>$fontText!</font>";
528 // show the add button if user has access to correct list
529 $inputValue = htmlspecialchars( xl('Add'), ENT_QUOTES
);
530 $outputAddButton = "<input type='button' id='addtolistid_".$list_id_esc."' fieldid='form_".$field_id_esc."' class='addtolist' value='$inputValue'>";
531 if (aco_exist('lists', $list_id)) {
532 // a specific aco exist for this list, so ensure access
533 if (acl_check('lists', $list_id)) echo $outputAddButton;
536 // no specific aco exist for this list, so check for access to 'default' list
537 if (acl_check('lists', 'default')) echo $outputAddButton;
541 // a set of labeled radio buttons
542 else if ($data_type == 27) {
543 // In this special case, fld_length is the number of columns generated.
544 $cols = max(1, $frow['fld_length']);
545 $lres = sqlStatement("SELECT * FROM list_options " .
546 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
547 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
548 $tdpct = (int) (100 / $cols);
549 $got_selected = FALSE;
550 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
551 $option_id = $lrow['option_id'];
552 $option_id_esc = htmlspecialchars( $option_id, ENT_QUOTES
);
553 if ($count %
$cols == 0) {
554 if ($count) echo "</tr>";
557 echo "<td width='$tdpct%'>";
558 echo "<input type='radio' name='form_{$field_id_esc}' id='form_{$field_id_esc}[$option_id_esc]' value='$option_id_esc'";
559 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
560 (strlen($currvalue) > 0 && $option_id == $currvalue))
563 $got_selected = TRUE;
565 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
570 if ($count > $cols) {
571 // Add some space after multiple rows of radio buttons.
572 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
573 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
577 if (!$got_selected && strlen($currvalue) > 0) {
578 $fontTitle = htmlspecialchars( xl('Please choose a valid selection.'), ENT_QUOTES
);
579 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
580 echo "$currescaped <font color='red' title='$fontTitle'>$fontText!</font>";
584 // special case for history of lifestyle status; 3 radio buttons and a date text field:
585 // VicarePlus :: A selection list box for smoking status:
586 else if ($data_type == 28 ||
$data_type == 32) {
587 $tmp = explode('|', $currvalue);
588 switch(count($tmp)) {
607 $resdate = $restype = "";
610 $restype = $resdate = $resnote = "";
613 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
614 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
616 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
617 $maxlength = htmlspecialchars( $maxlength, ENT_QUOTES
);
618 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
619 $resdate = htmlspecialchars( $resdate, ENT_QUOTES
);
620 echo "<table cellpadding='0' cellspacing='0'>";
622 if ($data_type == 28)
625 echo "<td><input type='text'" .
626 " name='form_$field_id_esc'" .
627 " id='form_$field_id_esc'" .
628 " size='$fldlength'" .
629 " maxlength='$maxlength'" .
630 " value='$resnote' /> </td>";
631 echo "<td class='bold'> ".
632 " ".
633 htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
635 else if($data_type == 32)
638 echo "<tr><td><input type='text'" .
639 " name='form_text_$field_id_esc'" .
640 " id='form_text_$field_id_esc'" .
641 " size='$fldlength'" .
642 " maxlength='$maxlength'" .
643 " value='$resnote' /> </td></tr>";
645 //Selection list for smoking status
646 $onchange = 'radioChange(this.options[this.selectedIndex].value)';//VicarePlus :: The javascript function for selection list.
647 echo generate_select_list("form_$field_id", $list_id, $reslist,
648 $description, $showEmpty ?
$empty_title : '', '', $onchange)."</td>";
649 echo "<td class='bold'> ".htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
652 echo "<td><input type='radio'" .
653 " name='radio_{$field_id_esc}'" .
654 " id='radio_{$field_id_esc}[current]'" .
655 " value='current".$field_id_esc."'";
656 if ($restype == "current".$field_id) echo " checked";
657 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Current'), ENT_NOQUOTES
)." </td>";
659 echo "<td><input type='radio'" .
660 " name='radio_{$field_id_esc}'" .
661 " id='radio_{$field_id_esc}[quit]'" .
662 " value='quit".$field_id_esc."'";
663 if ($restype == "quit".$field_id) echo " checked";
664 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Quit'), ENT_NOQUOTES
)." </td>";
666 echo "<td><input type='text' size='6' name='date_$field_id_esc' id='date_$field_id_esc'" .
667 " value='$resdate'" .
668 " title='$description'" .
669 " onkeyup='datekeyup(this,mypcc)' onblur='dateblur(this,mypcc)' />" .
670 "<img src='$rootdir/pic/show_calendar.gif' align='absbottom' width='24' height='22'" .
671 " id='img_$field_id_esc' border='0' alt='[?]' style='cursor:pointer'" .
672 " title='" . htmlspecialchars( xl('Click here to choose a date'), ENT_QUOTES
) . "' /> </td>";
673 $date_init .= " Calendar.setup({inputField:'date_$field_id', ifFormat:'%Y-%m-%d', button:'img_$field_id'});\n";
675 echo "<td><input type='radio'" .
676 " name='radio_{$field_id_esc}'" .
677 " id='radio_{$field_id_esc}[never]'" .
678 " value='never".$field_id_esc."'";
679 if ($restype == "never".$field_id) echo " checked";
680 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('Never'), ENT_NOQUOTES
)." </td>";
682 echo "<td><input type='radio'" .
683 " name='radio_{$field_id}'" .
684 " id='radio_{$field_id}[not_applicable]'" .
685 " value='not_applicable".$field_id."'";
686 if ($restype == "not_applicable".$field_id) echo " checked";
687 echo " if($data_type == 32) { onClick='smoking_statusClicked(this)' } />".htmlspecialchars( xl('N/A'), ENT_QUOTES
)." </td>";
692 // static text. read-only, of course.
693 else if ($data_type == 31) {
694 echo nl2br($frow['description']);
697 //VicarePlus :: A single selection list for Race and Ethnicity, which is specialized to check the 'ethrace' list if the entry does not exist in the list_id of the given list. At some point in the future (when able to input two lists via the layouts engine), this function could be expanded to allow using any list as a backup entry.
698 else if ($data_type == 33) {
699 echo "<select name='form_$field_id_esc' id='form_$field_id_esc' title='$description'>";
700 if ($showEmpty) echo "<option value=''>" . htmlspecialchars( xl($empty_title), ENT_QUOTES
) . "</option>";
701 $lres = sqlStatement("SELECT * FROM list_options " .
702 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
703 $got_selected = FALSE;
704 while ($lrow = sqlFetchArray($lres)) {
705 $optionValue = htmlspecialchars( $lrow['option_id'], ENT_QUOTES
);
706 echo "<option value='$optionValue'";
707 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
708 (strlen($currvalue) > 0 && $lrow['option_id'] == $currvalue))
711 $got_selected = TRUE;
714 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . "</option>\n";
716 if (!$got_selected && strlen($currvalue) > 0)
718 //Check 'ethrace' list if the entry does not exist in the list_id of the given list(Race or Ethnicity).
720 $lrow = sqlQuery("SELECT title FROM list_options " .
721 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
724 $s = htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
725 echo "<option value='$currvalue' selected> $s </option>";
730 echo "<option value='$currescaped' selected>* $currescaped *</option>";
732 $fontTitle = htmlspecialchars( xl('Please choose a valid selection from the list.'), ENT_NOQUOTES
);
733 $fontText = htmlspecialchars( xl('Fix this'), ENT_NOQUOTES
);
734 echo " <font color='red' title='$fontTitle'>$fontText!</font>";
743 function generate_print_field($frow, $currvalue) {
744 global $rootdir, $date_init;
746 $currescaped = htmlspecialchars($currvalue, ENT_QUOTES
);
748 $data_type = $frow['data_type'];
749 $field_id = $frow['field_id'];
750 $list_id = $frow['list_id'];
751 $fld_length = $frow['fld_length'];
753 $description = htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES
);
755 // Can pass $frow['empty_title'] with this variable, otherwise
756 // will default to 'Unassigned'.
757 // If it is 'SKIP' then an empty text title is completely skipped.
759 if (isset($frow['empty_title'])) {
760 if ($frow['empty_title'] == "SKIP") {
761 //do not display an 'empty' choice
763 $empty_title = "Unassigned";
766 $empty_title = $frow['empty_title'];
770 $empty_title = "Unassigned";
773 // generic single-selection list
774 if ($data_type == 1 ||
$data_type == 26 ||
$data_type == 33) {
775 if (empty($fld_length)) {
776 if ($list_id == 'titles') {
784 $lrow = sqlQuery("SELECT title FROM list_options " .
785 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue));
786 $tmp = xl_list_label($lrow['title']);
787 if (empty($tmp)) $tmp = "($currvalue)";
789 /*****************************************************************
790 echo "<input type='text'" .
791 " size='$fld_length'" .
795 *****************************************************************/
796 if ($tmp === '') { $tmp = ' '; }
797 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
802 else if ($data_type == 2 ||
$data_type == 15) {
803 /*****************************************************************
804 echo "<input type='text'" .
805 " size='$fld_length'" .
806 " value='$currescaped'" .
809 *****************************************************************/
810 if ($currescaped === '') $currescaped = ' ';
814 // long or multi-line text field
815 else if ($data_type == 3) {
816 $fldlength = htmlspecialchars( $fld_length, ENT_QUOTES
);
817 $maxlength = htmlspecialchars( $frow['max_length'], ENT_QUOTES
);
819 " cols='$fldlength'" .
820 " rows='$maxlength'>" .
821 $currescaped . "</textarea>";
825 else if ($data_type == 4) {
826 /*****************************************************************
827 echo "<input type='text' size='10'" .
828 " value='$currescaped'" .
829 " title='$description'" .
832 *****************************************************************/
833 if ($currvalue === '') { $tmp = oeFormatShortDate(' '); }
834 else { $tmp = htmlspecialchars( oeFormatShortDate($currvalue), ENT_QUOTES
); }
839 else if ($data_type == 10 ||
$data_type == 11) {
842 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
843 "WHERE id = ?", array($currvalue) );
844 $tmp = ucwords($urow['fname'] . " " . $urow['lname']);
845 if (empty($tmp)) $tmp = "($currvalue)";
847 /*****************************************************************
848 echo "<input type='text'" .
849 " size='$fld_length'" .
853 *****************************************************************/
854 if ($tmp === '') { $tmp = ' '; }
855 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
860 else if ($data_type == 12) {
863 $pres = get_pharmacies();
864 while ($prow = sqlFetchArray($pres)) {
866 if ($currvalue == $key) {
867 $tmp = $prow['name'] . ' ' . $prow['area_code'] . '-' .
868 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
869 $prow['line1'] . ' / ' . $prow['city'];
872 if (empty($tmp)) $tmp = "($currvalue)";
874 /*****************************************************************
875 echo "<input type='text'" .
876 " size='$fld_length'" .
880 *****************************************************************/
881 if ($tmp === '') { $tmp = ' '; }
882 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
887 else if ($data_type == 13) {
890 $squads = acl_get_squads();
892 foreach ($squads as $key => $value) {
893 if ($currvalue == $key) {
898 if (empty($tmp)) $tmp = "($currvalue)";
900 /*****************************************************************
901 echo "<input type='text'" .
902 " size='$fld_length'" .
906 *****************************************************************/
907 if ($tmp === '') { $tmp = ' '; }
908 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
913 else if ($data_type == 14) {
916 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
917 "WHERE id = ?", array($currvalue) );
918 $uname = $urow['lname'];
919 if ($urow['fname']) $uname .= ", " . $urow['fname'];
921 if (empty($tmp)) $tmp = "($currvalue)";
923 /*****************************************************************
924 echo "<input type='text'" .
925 " size='$fld_length'" .
929 *****************************************************************/
930 if ($tmp === '') { $tmp = ' '; }
931 else { $tmp = htmlspecialchars( $tmp, ENT_QUOTES
); }
935 // a set of labeled checkboxes
936 else if ($data_type == 21) {
937 // In this special case, fld_length is the number of columns generated.
938 $cols = max(1, $fld_length);
939 $avalue = explode('|', $currvalue);
940 $lres = sqlStatement("SELECT * FROM list_options " .
941 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
942 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
943 $tdpct = (int) (100 / $cols);
944 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
945 $option_id = $lrow['option_id'];
946 if ($count %
$cols == 0) {
947 if ($count) echo "</tr>";
950 echo "<td width='$tdpct%'>";
951 echo "<input type='checkbox'";
952 if (in_array($option_id, $avalue)) echo " checked";
953 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
958 if ($count > $cols) {
959 // Add some space after multiple rows of checkboxes.
960 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
961 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
967 // a set of labeled text input fields
968 else if ($data_type == 22) {
969 $tmp = explode('|', $currvalue);
971 foreach ($tmp as $value) {
972 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
973 $avalue[$matches[1]] = $matches[2];
976 $lres = sqlStatement("SELECT * FROM list_options " .
977 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
978 echo "<table cellpadding='0' cellspacing='0'>";
979 while ($lrow = sqlFetchArray($lres)) {
980 $option_id = $lrow['option_id'];
981 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
982 $fldlength = empty($fld_length) ?
20 : $fld_length;
983 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
984 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
985 $inputValue = htmlspecialchars( $avalue[$option_id], ENT_QUOTES
);
986 echo "<td><input type='text'" .
987 " size='$fldlength'" .
988 " value='$inputValue'" .
995 // a set of exam results; 3 radio buttons and a text field:
996 else if ($data_type == 23) {
997 $tmp = explode('|', $currvalue);
999 foreach ($tmp as $value) {
1000 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1001 $avalue[$matches[1]] = $matches[2];
1004 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
1005 $fldlength = empty($fld_length) ?
20 : $fld_length;
1006 $lres = sqlStatement("SELECT * FROM list_options " .
1007 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1008 echo "<table cellpadding='0' cellspacing='0'>";
1009 echo "<tr><td> </td><td class='bold'>" .
1010 htmlspecialchars( xl('N/A'), ENT_NOQUOTES
) .
1011 " </td><td class='bold'>" .
1012 htmlspecialchars( xl('Nor'), ENT_NOQUOTES
) . " </td>" .
1013 "<td class='bold'>" .
1014 htmlspecialchars( xl('Abn'), ENT_NOQUOTES
) . " </td><td class='bold'>" .
1015 htmlspecialchars( xl('Date/Notes'), ENT_NOQUOTES
) . "</td></tr>";
1016 while ($lrow = sqlFetchArray($lres)) {
1017 $option_id = $lrow['option_id'];
1018 $restype = substr($avalue[$option_id], 0, 1);
1019 $resnote = substr($avalue[$option_id], 2);
1020 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
1021 for ($i = 0; $i < 3; ++
$i) {
1022 echo "<td><input type='radio'";
1023 if ($restype === "$i") echo " checked";
1026 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1027 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1028 echo "<td><input type='text'" .
1029 " size='$fldlength'" .
1030 " value='$resnote'" .
1031 " class='under' /></td>" .
1037 // the list of active allergies for the current patient
1038 // this is read-only!
1039 else if ($data_type == 24) {
1040 $query = "SELECT title, comments FROM lists WHERE " .
1041 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
1043 $lres = sqlStatement($query, array($GLOBALS['pid']) );
1045 while ($lrow = sqlFetchArray($lres)) {
1046 if ($count++
) echo "<br />";
1047 echo htmlspecialchars( $lrow['title'], ENT_QUOTES
);
1048 if ($lrow['comments']) echo htmlspecialchars( ' (' . $lrow['comments'] . ')', ENT_QUOTES
);
1052 // a set of labeled checkboxes, each with a text field:
1053 else if ($data_type == 25) {
1054 $tmp = explode('|', $currvalue);
1056 foreach ($tmp as $value) {
1057 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1058 $avalue[$matches[1]] = $matches[2];
1061 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
1062 $fldlength = empty($fld_length) ?
20 : $fld_length;
1063 $lres = sqlStatement("SELECT * FROM list_options " .
1064 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1065 echo "<table cellpadding='0' cellspacing='0'>";
1066 while ($lrow = sqlFetchArray($lres)) {
1067 $option_id = $lrow['option_id'];
1068 $restype = substr($avalue[$option_id], 0, 1);
1069 $resnote = substr($avalue[$option_id], 2);
1070 echo "<tr><td>" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
) . " </td>";
1071 echo "<td><input type='checkbox'";
1072 if ($restype) echo " checked";
1073 echo " /> </td>";
1074 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1075 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1076 echo "<td><input type='text'" .
1077 " size='$fldlength'" .
1078 " value='$resnote'" .
1086 // a set of labeled radio buttons
1087 else if ($data_type == 27) {
1088 // In this special case, fld_length is the number of columns generated.
1089 $cols = max(1, $frow['fld_length']);
1090 $lres = sqlStatement("SELECT * FROM list_options " .
1091 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1092 echo "<table cellpadding='0' cellspacing='0' width='100%'>";
1093 $tdpct = (int) (100 / $cols);
1094 for ($count = 0; $lrow = sqlFetchArray($lres); ++
$count) {
1095 $option_id = $lrow['option_id'];
1096 if ($count %
$cols == 0) {
1097 if ($count) echo "</tr>";
1100 echo "<td width='$tdpct%'>";
1101 echo "<input type='radio'";
1102 if ((strlen($currvalue) == 0 && $lrow['is_default']) ||
1103 (strlen($currvalue) > 0 && $option_id == $currvalue))
1107 echo ">" . htmlspecialchars( xl_list_label($lrow['title']), ENT_NOQUOTES
);
1112 if ($count > $cols) {
1113 // Add some space after multiple rows of radio buttons.
1114 $cols = htmlspecialchars( $cols, ENT_QUOTES
);
1115 echo "<tr><td colspan='$cols' style='height:0.7em'></td></tr>";
1121 // special case for history of lifestyle status; 3 radio buttons and a date text field:
1122 else if ($data_type == 28 ||
$data_type == 32) {
1123 $tmp = explode('|', $currvalue);
1124 switch(count($tmp)) {
1143 $resdate = $restype = "";
1146 $restype = $resdate = $resnote = "";
1149 $maxlength = empty($frow['max_length']) ?
255 : $frow['max_length'];
1150 $fldlength = empty($frow['fld_length']) ?
20 : $frow['fld_length'];
1151 echo "<table cellpadding='0' cellspacing='0'>";
1153 $fldlength = htmlspecialchars( $fldlength, ENT_QUOTES
);
1154 $resnote = htmlspecialchars( $resnote, ENT_QUOTES
);
1155 $resdate = htmlspecialchars( $resdate, ENT_QUOTES
);
1156 if($data_type == 28)
1158 echo "<td><input type='text'" .
1159 " size='$fldlength'" .
1161 " value='$resnote' /></td>";
1162 echo "<td class='bold'> ".
1163 " ".
1164 htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
1166 else if($data_type == 32)
1168 echo "<tr><td><input type='text'" .
1169 " size='$fldlength'" .
1171 " value='$resnote' /></td></tr>";
1173 $smoking_status_title = generate_display_field(array('data_type'=>'1','list_id'=>$list_id),$reslist);
1174 echo "<td><input type='text'" .
1175 " size='$fldlength'" .
1177 " value='$smoking_status_title' /></td>";
1178 echo "<td class='bold'> ".htmlspecialchars( xl('Status'), ENT_NOQUOTES
).": </td>";
1180 echo "<td><input type='radio'";
1181 if ($restype == "current".$field_id) echo " checked";
1182 echo "/>".htmlspecialchars( xl('Current'), ENT_NOQUOTES
)." </td>";
1184 echo "<td><input type='radio'";
1185 if ($restype == "current".$field_id) echo " checked";
1186 echo "/>".htmlspecialchars( xl('Quit'), ENT_NOQUOTES
)." </td>";
1188 echo "<td><input type='text' size='6'" .
1189 " value='$resdate'" .
1193 echo "<td><input type='radio'";
1194 if ($restype == "current".$field_id) echo " checked";
1195 echo " />".htmlspecialchars( xl('Never'), ENT_NOQUOTES
)."</td>";
1197 echo "<td><input type='radio'";
1198 if ($restype == "not_applicable".$field_id) echo " checked";
1199 echo " />".htmlspecialchars( xl('N/A'), ENT_NOQUOTES
)." </td>";
1204 // static text. read-only, of course.
1205 else if ($data_type == 31) {
1206 echo nl2br($frow['description']);
1211 function generate_display_field($frow, $currvalue) {
1212 $data_type = $frow['data_type'];
1213 $field_id = $frow['field_id'];
1214 $list_id = $frow['list_id'];
1217 // generic selection list or the generic selection list with add on the fly
1218 // feature, or radio buttons
1219 if ($data_type == 1 ||
$data_type == 26 ||
$data_type == 27 ||
$data_type == 33) {
1220 $lrow = sqlQuery("SELECT title FROM list_options " .
1221 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
1222 $s = htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
1223 //For lists Race and Ethnicity if there is no matching value in the corresponding lists check ethrace list
1224 if ($lrow == 0 && $data_type == 33)
1227 $lrow_ethrace = sqlQuery("SELECT title FROM list_options " .
1228 "WHERE list_id = ? AND option_id = ?", array($list_id,$currvalue) );
1229 $s = htmlspecialchars(xl_list_label($lrow_ethrace['title']),ENT_NOQUOTES
);
1233 // simple text field
1234 else if ($data_type == 2) {
1235 $s = htmlspecialchars($currvalue,ENT_NOQUOTES
);
1238 // long or multi-line text field
1239 else if ($data_type == 3) {
1240 $s = nl2br(htmlspecialchars($currvalue,ENT_NOQUOTES
));
1244 else if ($data_type == 4) {
1245 $s = htmlspecialchars(oeFormatShortDate($currvalue),ENT_NOQUOTES
);
1249 else if ($data_type == 10 ||
$data_type == 11) {
1250 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
1251 "WHERE id = ?", array($currvalue) );
1252 $s = htmlspecialchars(ucwords($urow['fname'] . " " . $urow['lname']),ENT_NOQUOTES
);
1256 else if ($data_type == 12) {
1257 $pres = get_pharmacies();
1258 while ($prow = sqlFetchArray($pres)) {
1260 if ($currvalue == $key) {
1261 $s .= htmlspecialchars($prow['name'] . ' ' . $prow['area_code'] . '-' .
1262 $prow['prefix'] . '-' . $prow['number'] . ' / ' .
1263 $prow['line1'] . ' / ' . $prow['city'],ENT_NOQUOTES
);
1269 else if ($data_type == 13) {
1270 $squads = acl_get_squads();
1272 foreach ($squads as $key => $value) {
1273 if ($currvalue == $key) {
1274 $s .= htmlspecialchars($value[3],ENT_NOQUOTES
);
1281 else if ($data_type == 14) {
1282 $urow = sqlQuery("SELECT fname, lname, specialty FROM users " .
1283 "WHERE id = ?", array($currvalue));
1284 $uname = $urow['lname'];
1285 if ($urow['fname']) $uname .= ", " . $urow['fname'];
1286 $s = htmlspecialchars($uname,ENT_NOQUOTES
);
1290 else if ($data_type == 15) {
1291 $s = htmlspecialchars($currvalue,ENT_NOQUOTES
);
1294 // a set of labeled checkboxes
1295 else if ($data_type == 21) {
1296 $avalue = explode('|', $currvalue);
1297 $lres = sqlStatement("SELECT * FROM list_options " .
1298 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1300 while ($lrow = sqlFetchArray($lres)) {
1301 $option_id = $lrow['option_id'];
1302 if (in_array($option_id, $avalue)) {
1303 if ($count++
) $s .= "<br />";
1305 // Added 5-09 by BM - Translate label if applicable
1306 $s .= htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
);
1312 // a set of labeled text input fields
1313 else if ($data_type == 22) {
1314 $tmp = explode('|', $currvalue);
1316 foreach ($tmp as $value) {
1317 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1318 $avalue[$matches[1]] = $matches[2];
1321 $lres = sqlStatement("SELECT * FROM list_options " .
1322 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1323 $s .= "<table cellpadding='0' cellspacing='0'>";
1324 while ($lrow = sqlFetchArray($lres)) {
1325 $option_id = $lrow['option_id'];
1326 if (empty($avalue[$option_id])) continue;
1328 // Added 5-09 by BM - Translate label if applicable
1329 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . ": </td>";
1331 $s .= "<td class='text' valign='top'>" . htmlspecialchars($avalue[$option_id],ENT_NOQUOTES
) . "</td></tr>";
1336 // a set of exam results; 3 radio buttons and a text field:
1337 else if ($data_type == 23) {
1338 $tmp = explode('|', $currvalue);
1340 foreach ($tmp as $value) {
1341 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1342 $avalue[$matches[1]] = $matches[2];
1345 $lres = sqlStatement("SELECT * FROM list_options " .
1346 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1347 $s .= "<table cellpadding='0' cellspacing='0'>";
1348 while ($lrow = sqlFetchArray($lres)) {
1349 $option_id = $lrow['option_id'];
1350 $restype = substr($avalue[$option_id], 0, 1);
1351 $resnote = substr($avalue[$option_id], 2);
1352 if (empty($restype) && empty($resnote)) continue;
1354 // Added 5-09 by BM - Translate label if applicable
1355 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . " </td>";
1357 $restype = ($restype == '1') ?
xl('Normal') : (($restype == '2') ?
xl('Abnormal') : xl('N/A'));
1358 // $s .= "<td class='text' valign='top'>$restype</td></tr>";
1359 // $s .= "<td class='text' valign='top'>$resnote</td></tr>";
1360 $s .= "<td class='text' valign='top'>" . htmlspecialchars($restype,ENT_NOQUOTES
) . " </td>";
1361 $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . "</td>";
1367 // the list of active allergies for the current patient
1368 else if ($data_type == 24) {
1369 $query = "SELECT title, comments FROM lists WHERE " .
1370 "pid = ? AND type = 'allergy' AND enddate IS NULL " .
1372 // echo "<!-- $query -->\n"; // debugging
1373 $lres = sqlStatement($query, array($GLOBALS['pid']) );
1375 while ($lrow = sqlFetchArray($lres)) {
1376 if ($count++
) $s .= "<br />";
1377 $s .= htmlspecialchars($lrow['title'],ENT_NOQUOTES
);
1378 if ($lrow['comments']) $s .= ' (' . htmlspecialchars($lrow['comments'],ENT_NOQUOTES
) . ')';
1382 // a set of labeled checkboxes, each with a text field:
1383 else if ($data_type == 25) {
1384 $tmp = explode('|', $currvalue);
1386 foreach ($tmp as $value) {
1387 if (preg_match('/^([^:]+):(.*)$/', $value, $matches)) {
1388 $avalue[$matches[1]] = $matches[2];
1391 $lres = sqlStatement("SELECT * FROM list_options " .
1392 "WHERE list_id = ? ORDER BY seq, title", array($list_id) );
1393 $s .= "<table cellpadding='0' cellspacing='0'>";
1394 while ($lrow = sqlFetchArray($lres)) {
1395 $option_id = $lrow['option_id'];
1396 $restype = substr($avalue[$option_id], 0, 1);
1397 $resnote = substr($avalue[$option_id], 2);
1398 if (empty($restype) && empty($resnote)) continue;
1400 // Added 5-09 by BM - Translate label if applicable
1401 $s .= "<tr><td class='bold' valign='top'>" . htmlspecialchars(xl_list_label($lrow['title']),ENT_NOQUOTES
) . " </td>";
1403 $restype = $restype ?
xl('Yes') : xl('No');
1404 $s .= "<td class='text' valign='top'>" . htmlspecialchars($restype,ENT_NOQUOTES
) . "</td></tr>";
1405 $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . "</td></tr>";
1411 // special case for history of lifestyle status; 3 radio buttons and a date text field:
1412 // VicarePlus :: A selection list for smoking status.
1413 else if ($data_type == 28 ||
$data_type == 32) {
1414 $tmp = explode('|', $currvalue);
1415 switch(count($tmp)) {
1434 $resdate = $restype = "";
1437 $restype = $resdate = $resnote = "";
1440 $s .= "<table cellpadding='0' cellspacing='0'>";
1444 if ($restype == "current".$field_id) $res = xl('Current');
1445 if ($restype == "quit".$field_id) $res = xl('Quit');
1446 if ($restype == "never".$field_id) $res = xl('Never');
1447 if ($restype == "not_applicable".$field_id) $res = xl('N/A');
1448 // $s .= "<td class='text' valign='top'>$restype</td></tr>";
1449 // $s .= "<td class='text' valign='top'>$resnote</td></tr>";
1450 if ($data_type == 28)
1452 if (!empty($resnote)) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . " </td>";
1454 //VicarePlus :: Tobacco field has a listbox, text box, date field and 3 radio buttons.
1455 else if ($data_type == 32)
1457 if (!empty($reslist)) $s .= "<td class='text' valign='top'>" . generate_display_field(array('data_type'=>'1','list_id'=>$list_id),$reslist) . " </td>";
1458 if (!empty($resnote)) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resnote,ENT_NOQUOTES
) . " </td>";
1461 if (!empty($res)) $s .= "<td class='text' valign='top'><b>" . htmlspecialchars(xl('Status'),ENT_NOQUOTES
) . "</b>: " . htmlspecialchars($res,ENT_NOQUOTES
) . " </td>";
1462 if ($restype == "quit".$field_id) $s .= "<td class='text' valign='top'>" . htmlspecialchars($resdate,ENT_NOQUOTES
) . " </td>";
1467 // static text. read-only, of course.
1468 else if ($data_type == 31) {
1469 $s .= nl2br($frow['description']);
1475 $CPR = 4; // cells per row of generic data
1480 function disp_end_cell() {
1481 global $item_count, $cell_count;
1482 if ($item_count > 0) {
1488 function disp_end_row() {
1489 global $cell_count, $CPR;
1491 if ($cell_count > 0) {
1492 for (; $cell_count < $CPR; ++
$cell_count) echo "<td></td>";
1498 function disp_end_group() {
1500 if (strlen($last_group) > 0) {
1505 function display_layout_rows($formtype, $result1, $result2='') {
1506 global $item_count, $cell_count, $last_group, $CPR;
1508 $fres = sqlStatement("SELECT * FROM layout_options " .
1509 "WHERE form_id = ? AND uor > 0 " .
1510 "ORDER BY group_name, seq", array($formtype) );
1512 while ($frow = sqlFetchArray($fres)) {
1513 $this_group = $frow['group_name'];
1514 $titlecols = $frow['titlecols'];
1515 $datacols = $frow['datacols'];
1516 $data_type = $frow['data_type'];
1517 $field_id = $frow['field_id'];
1518 $list_id = $frow['list_id'];
1521 if ($formtype == 'DEM') {
1522 if ($GLOBALS['athletic_team']) {
1523 // Skip fitness level and return-to-play date because those appear
1524 // in a special display/update form on this page.
1525 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1527 if (strpos($field_id, 'em_') === 0) {
1528 // Skip employer related fields, if it's disabled.
1529 if ($GLOBALS['omit_employers']) continue;
1530 $tmp = substr($field_id, 3);
1531 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1534 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1538 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1541 // Handle a data category (group) change.
1542 if (strcmp($this_group, $last_group) != 0) {
1543 $group_name = substr($this_group, 1);
1544 // totally skip generating the employer category, if it's disabled.
1545 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1547 $last_group = $this_group;
1550 // Handle starting of a new row.
1551 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1555 echo "<td class='groupname'>";
1556 //echo "<td class='groupname' style='padding-right:5pt' valign='top'>";
1557 //echo "<font color='#008800'>$group_name</font>";
1559 // Added 5-09 by BM - Translate label if applicable
1560 echo htmlspecialchars(xl_layout_label($group_name),ENT_NOQUOTES
);
1564 //echo "<td class='' style='padding-right:5pt' valign='top'>";
1565 echo "<td valign='top'> ";
1570 if ($item_count == 0 && $titlecols == 0) $titlecols = 1;
1572 // Handle starting of a new label cell.
1573 if ($titlecols > 0) {
1575 //echo "<td class='label' colspan='$titlecols' valign='top'";
1576 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1577 echo "<td class='label' colspan='$titlecols_esc' ";
1578 //if ($cell_count == 2) echo " style='padding-left:10pt'";
1580 $cell_count +
= $titlecols;
1584 // Added 5-09 by BM - Translate label if applicable
1585 if ($frow['title']) echo htmlspecialchars(xl_layout_label($frow['title']).":",ENT_NOQUOTES
); else echo " ";
1587 // Handle starting of a new data cell.
1588 if ($datacols > 0) {
1590 //echo "<td class='text data' colspan='$datacols' valign='top'";
1591 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1592 echo "<td class='text data' colspan='$datacols_esc'";
1593 //if ($cell_count > 0) echo " style='padding-left:5pt'";
1595 $cell_count +
= $datacols;
1599 echo generate_display_field($frow, $currvalue);
1605 function display_layout_tabs($formtype, $result1, $result2='') {
1606 global $item_count, $cell_count, $last_group, $CPR;
1608 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1609 "WHERE form_id = ? AND uor > 0 " .
1610 "ORDER BY group_name, seq", array($formtype) );
1613 while ($frow = sqlFetchArray($fres)) {
1614 $this_group = $frow['group_name'];
1615 $group_name = substr($this_group, 1);
1617 <li
<?php
echo $first ?
'class="current"' : '' ?
>>
1618 <a href
="/play/javascript-tabbed-navigation/" id
="header_tab_<?php echo ".htmlspecialchars($group_name,ENT_QUOTES
)."?>">
1619 <?php
echo htmlspecialchars(xl_layout_label($group_name),ENT_NOQUOTES
); ?
></a
>
1626 function display_layout_tabs_data($formtype, $result1, $result2='') {
1627 global $item_count, $cell_count, $last_group, $CPR;
1629 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1630 "WHERE form_id = ? AND uor > 0 " .
1631 "ORDER BY group_name, seq", array($formtype));
1634 while ($frow = sqlFetchArray($fres)) {
1635 $this_group = $frow['group_name'];
1636 $titlecols = $frow['titlecols'];
1637 $datacols = $frow['datacols'];
1638 $data_type = $frow['data_type'];
1639 $field_id = $frow['field_id'];
1640 $list_id = $frow['list_id'];
1643 $group_fields_query = sqlStatement("SELECT * FROM layout_options " .
1644 "WHERE form_id = ? AND uor > 0 AND group_name = ? " .
1645 "ORDER BY seq", array($formtype, $this_group) );
1648 <div
class="tab <?php echo $first ? 'current' : '' ?>">
1649 <table border
='0' cellpadding
='0'>
1652 while ($group_fields = sqlFetchArray($group_fields_query)) {
1654 $titlecols = $group_fields['titlecols'];
1655 $datacols = $group_fields['datacols'];
1656 $data_type = $group_fields['data_type'];
1657 $field_id = $group_fields['field_id'];
1658 $list_id = $group_fields['list_id'];
1661 if ($formtype == 'DEM') {
1662 if ($GLOBALS['athletic_team']) {
1663 // Skip fitness level and return-to-play date because those appear
1664 // in a special display/update form on this page.
1665 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1667 if (strpos($field_id, 'em_') === 0) {
1668 // Skip employer related fields, if it's disabled.
1669 if ($GLOBALS['omit_employers']) continue;
1670 $tmp = substr($field_id, 3);
1671 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1674 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1678 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1681 // Handle a data category (group) change.
1682 if (strcmp($this_group, $last_group) != 0) {
1683 $group_name = substr($this_group, 1);
1684 // totally skip generating the employer category, if it's disabled.
1685 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1686 $last_group = $this_group;
1689 // Handle starting of a new row.
1690 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1695 if ($item_count == 0 && $titlecols == 0) {
1699 // Handle starting of a new label cell.
1700 if ($titlecols > 0) {
1702 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1703 echo "<td class='label' colspan='$titlecols_esc' ";
1705 $cell_count +
= $titlecols;
1709 // Added 5-09 by BM - Translate label if applicable
1710 if ($group_fields['title']) echo htmlspecialchars(xl_layout_label($group_fields['title']).":",ENT_NOQUOTES
); else echo " ";
1712 // Handle starting of a new data cell.
1713 if ($datacols > 0) {
1715 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1716 echo "<td class='text data' colspan='$datacols_esc'";
1718 $cell_count +
= $datacols;
1722 echo generate_display_field($group_fields, $currvalue);
1737 function display_layout_tabs_data_editable($formtype, $result1, $result2='') {
1738 global $item_count, $cell_count, $last_group, $CPR;
1740 $fres = sqlStatement("SELECT distinct group_name FROM layout_options " .
1741 "WHERE form_id = ? AND uor > 0 " .
1742 "ORDER BY group_name, seq", array($formtype) );
1745 while ($frow = sqlFetchArray($fres)) {
1746 $this_group = $frow['group_name'];
1747 $group_name = substr($this_group, 1);
1748 $group_name_esc = htmlspecialchars( $group_name, ENT_QUOTES
);
1749 $titlecols = $frow['titlecols'];
1750 $datacols = $frow['datacols'];
1751 $data_type = $frow['data_type'];
1752 $field_id = $frow['field_id'];
1753 $list_id = $frow['list_id'];
1756 $group_fields_query = sqlStatement("SELECT * FROM layout_options " .
1757 "WHERE form_id = ? AND uor > 0 AND group_name = ? " .
1758 "ORDER BY seq", array($formtype,$this_group) );
1761 <div
class="tab <?php echo $first ? 'current' : '' ?>" id
="tab_<?php echo $group_name_esc?>" >
1762 <table border
='0' cellpadding
='0'>
1765 while ($group_fields = sqlFetchArray($group_fields_query)) {
1767 $titlecols = $group_fields['titlecols'];
1768 $datacols = $group_fields['datacols'];
1769 $data_type = $group_fields['data_type'];
1770 $field_id = $group_fields['field_id'];
1771 $list_id = $group_fields['list_id'];
1774 if ($formtype == 'DEM') {
1775 if ($GLOBALS['athletic_team']) {
1776 // Skip fitness level and return-to-play date because those appear
1777 // in a special display/update form on this page.
1778 if ($field_id === 'fitness' ||
$field_id === 'userdate1') continue;
1780 if (strpos($field_id, 'em_') === 0) {
1781 // Skip employer related fields, if it's disabled.
1782 if ($GLOBALS['omit_employers']) continue;
1783 $tmp = substr($field_id, 3);
1784 if (isset($result2[$tmp])) $currvalue = $result2[$tmp];
1787 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1791 if (isset($result1[$field_id])) $currvalue = $result1[$field_id];
1794 // Handle a data category (group) change.
1795 if (strcmp($this_group, $last_group) != 0) {
1796 $group_name = substr($this_group, 1);
1797 // totally skip generating the employer category, if it's disabled.
1798 if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue;
1799 $last_group = $this_group;
1802 // Handle starting of a new row.
1803 if (($titlecols > 0 && $cell_count >= $CPR) ||
$cell_count == 0) {
1808 if ($item_count == 0 && $titlecols == 0) {
1812 // Handle starting of a new label cell.
1813 if ($titlecols > 0) {
1815 $titlecols_esc = htmlspecialchars( $titlecols, ENT_QUOTES
);
1816 echo "<td class='label' colspan='$titlecols_esc' ";
1818 $cell_count +
= $titlecols;
1822 // Added 5-09 by BM - Translate label if applicable
1823 if ($group_fields['title']) echo (htmlspecialchars( xl_layout_label($group_fields['title']), ENT_NOQUOTES
).":"); else echo " ";
1825 // Handle starting of a new data cell.
1826 if ($datacols > 0) {
1828 $datacols_esc = htmlspecialchars( $datacols, ENT_QUOTES
);
1829 echo "<td class='text data' colspan='$datacols_esc'";
1831 $cell_count +
= $datacols;
1835 echo generate_form_field($group_fields, $currvalue);
1849 // From the currently posted HTML form, this gets the value of the
1850 // field corresponding to the provided layout_options table row.
1852 function get_layout_form_value($frow, $maxlength=255) {
1853 // Bring in $sanitize_all_escapes variable, which will decide
1854 // the variable escaping method.
1855 global $sanitize_all_escapes;
1857 $data_type = $frow['data_type'];
1858 $field_id = $frow['field_id'];
1860 if (isset($_POST["form_$field_id"])) {
1861 if ($data_type == 21) {
1862 // $_POST["form_$field_id"] is an array of checkboxes and its keys
1863 // must be concatenated into a |-separated string.
1864 foreach ($_POST["form_$field_id"] as $key => $val) {
1865 if (strlen($value)) $value .= '|';
1869 else if ($data_type == 22) {
1870 // $_POST["form_$field_id"] is an array of text fields to be imploded
1871 // into "key:value|key:value|...".
1872 foreach ($_POST["form_$field_id"] as $key => $val) {
1873 $val = str_replace('|', ' ', $val);
1874 if (strlen($value)) $value .= '|';
1875 $value .= "$key:$val";
1878 else if ($data_type == 23) {
1879 // $_POST["form_$field_id"] is an array of text fields with companion
1880 // radio buttons to be imploded into "key:n:notes|key:n:notes|...".
1881 foreach ($_POST["form_$field_id"] as $key => $val) {
1882 $restype = $_POST["radio_{$field_id}"][$key];
1883 if (empty($restype)) $restype = '0';
1884 $val = str_replace('|', ' ', $val);
1885 if (strlen($value)) $value .= '|';
1886 $value .= "$key:$restype:$val";
1889 else if ($data_type == 25) {
1890 // $_POST["form_$field_id"] is an array of text fields with companion
1891 // checkboxes to be imploded into "key:n:notes|key:n:notes|...".
1892 foreach ($_POST["form_$field_id"] as $key => $val) {
1893 $restype = empty($_POST["check_{$field_id}"][$key]) ?
'0' : '1';
1894 $val = str_replace('|', ' ', $val);
1895 if (strlen($value)) $value .= '|';
1896 $value .= "$key:$restype:$val";
1899 else if ($data_type == 28 ||
$data_type == 32) {
1900 // $_POST["form_$field_id"] is an date text fields with companion
1901 // radio buttons to be imploded into "notes|type|date".
1902 $restype = $_POST["radio_{$field_id}"];
1903 if (empty($restype)) $restype = '0';
1904 $resdate = str_replace('|', ' ', $_POST["date_$field_id"]);
1905 $resnote = str_replace('|', ' ', $_POST["form_$field_id"]);
1906 if ($data_type == 32)
1908 //VicarePlus :: Smoking status data is imploded into "note|type|date|list".
1909 $reslist = str_replace('|', ' ', $_POST["form_$field_id"]);
1910 $res_text_note = str_replace('|', ' ', $_POST["form_text_$field_id"]);
1911 $value = "$res_text_note|$restype|$resdate|$reslist";
1914 $value = "$resnote|$restype|$resdate";
1917 $value = $_POST["form_$field_id"];
1921 // Better to die than to silently truncate data!
1922 if ($maxlength && $data_type != 3 && strlen($value) > $maxlength)
1923 die(htmlspecialchars( xl('ERROR: Field') . " '$field_id' " . xl('is too long'), ENT_NOQUOTES
) .
1924 ":<br /> <br />".htmlspecialchars( $value, ENT_NOQUOTES
));
1926 // Make sure the return value is quote-safe.
1927 if ($sanitize_all_escapes) {
1928 //escapes already removed and using binding/placemarks in sql calls
1929 // so only need to trim value
1930 return trim($value);
1933 //need to explicitly prepare value
1934 return formTrim($value);
1938 // Generate JavaScript validation logic for the required fields.
1940 function generate_layout_validation($form_id) {
1941 $fres = sqlStatement("SELECT * FROM layout_options " .
1942 "WHERE form_id = ? AND uor > 0 AND field_id != '' " .
1943 "ORDER BY group_name, seq", array($form_id) );
1945 while ($frow = sqlFetchArray($fres)) {
1946 if ($frow['uor'] < 2) continue;
1947 $data_type = $frow['data_type'];
1948 $field_id = $frow['field_id'];
1949 $fldtitle = $frow['title'];
1950 if (!$fldtitle) $fldtitle = $frow['description'];
1951 $fldname = htmlspecialchars( "form_$field_id", ENT_QUOTES
);
1952 switch($data_type) {
1961 " if (f.$fldname.selectedIndex <= 0) {\n" .
1962 " if (f.$fldname.focus) f.$fldname.focus();\n" .
1963 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
1966 case 27: // radio buttons
1969 " for (; i < f.$fldname.length; ++i) if (f.$fldname[i].checked) break;\n" .
1970 " if (i >= f.$fldname.length) {\n" .
1971 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
1979 " if (trimlen(f.$fldname.value) == 0) {\n" .
1980 " if (f.$fldname.focus) f.$fldname.focus();\n" .
1981 " $('#" . $fldname . "').parents('div.tab').each( function(){ var tabHeader = $('#header_' + $(this).attr('id') ); tabHeader.css('color','red'); } ); " .
1982 " $('#" . $fldname . "').attr('style','background:red'); \n" .
1983 " errMsgs[errMsgs.length] = '" . htmlspecialchars( (xl_layout_label($fldtitle)), ENT_QUOTES
) . "'; \n" .
1985 " $('#" . $fldname . "').attr('style',''); " .
1986 " $('#" . $fldname . "').parents('div.tab').each( function(){ var tabHeader = $('#header_' + $(this).attr('id') ); tabHeader.css('color',''); } ); " .
1994 * DROPDOWN FOR FACILITIES
1996 * build a dropdown with all facilities
1998 * @param string $selected - name of the currently selected facility
1999 * use '0' for "unspecified facility"
2000 * use '' for "All facilities" (the default)
2001 * @param string $name - the name/id for select form (defaults to "form_facility")
2002 * @param boolean $allow_unspecified - include an option for "unspecified" facility
2004 * @return void - just echo the html encoded string
2006 * Note: This should become a data-type at some point, according to Brady
2008 function dropdown_facility($selected = '', $name = 'form_facility', $allow_unspecified = true) {
2009 $have_selected = false;
2010 $query = "SELECT id, name FROM facility ORDER BY name";
2011 $fres = sqlStatement($query);
2013 $name = htmlspecialchars($name, ENT_QUOTES
);
2014 echo " <select name=\"$name\">\n";
2017 $option_selected_attr = '';
2018 if ($selected == '') {
2019 $option_selected_attr = ' selected="selected"';
2020 $have_selected = true;
2022 $option_content = htmlspecialchars('-- ' . xl('All Facilities') . ' --', ENT_NOQUOTES
);
2023 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2025 while ($frow = sqlFetchArray($fres)) {
2026 $facility_id = $frow['id'];
2027 $option_value = htmlspecialchars($facility_id, ENT_QUOTES
);
2028 $option_selected_attr = '';
2029 if ($selected == $facility_id) {
2030 $option_selected_attr = ' selected="selected"';
2031 $have_selected = true;
2033 $option_content = htmlspecialchars($frow['name'], ENT_NOQUOTES
);
2034 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2037 if ($allow_unspecified) {
2038 $option_value = '0';
2039 $option_selected_attr = '';
2040 if ( $selected == '0' ) {
2041 $option_selected_attr = ' selected="selected"';
2042 $have_selected = true;
2044 $option_content = htmlspecialchars('-- ' . xl('Unspecified') . ' --', ENT_NOQUOTES
);
2045 echo " <option value=\"$option_value\" $option_selected_attr>$option_content</option>\n";
2048 if (!$have_selected) {
2049 $option_value = htmlspecialchars($selected, ENT_QUOTES
);
2050 $option_label = htmlspecialchars('(' . xl('Do not change') . ')', ENT_QUOTES
);
2051 $option_content = htmlspecialchars(xl('Missing or Invalid'), ENT_NOQUOTES
);
2052 echo " <option value='$option_value' label='$option_label' selected='selected'>$option_content</option>\n";
2054 echo " </select>\n";
2057 // Expand Collapse Widget
2058 // This forms the header and functionality component of the widget. The information that is displayed
2059 // then follows this function followed by a closing div tag
2061 // $title is the title of the section (already translated)
2062 // $label is identifier used in the tag id's and sql columns
2063 // $buttonLabel is the button label text (already translated)
2064 // $buttonLink is the button link information
2065 // $buttonClass is any additional needed class elements for the button tag
2066 // $linkMethod is the button link method ('javascript' vs 'html')
2067 // $bodyClass is to set class(es) of the body
2068 // $auth is a flag to decide whether to show the button
2069 // $fixedWidth is to flag whether width is fixed
2070 // $forceExpandAlways is a flag to force the widget to always be expanded
2072 function expand_collapse_widget($title, $label, $buttonLabel, $buttonLink, $buttonClass, $linkMethod, $bodyClass, $auth, $fixedWidth, $forceExpandAlways=false) {
2074 echo "<div class='section-header'>";
2077 echo "<div class='section-header-dynamic'>";
2081 // show button, since authorized
2082 // first prepare class string
2084 $class_string = "css_button_small ".htmlspecialchars( $buttonClass, ENT_NOQUOTES
);
2087 $class_string = "css_button_small";
2089 // next, create the link
2090 if ($linkMethod == "javascript") {
2091 echo "<td><a class='" . $class_string . "' href='javascript:;' onclick='" . $buttonLink . "'";
2094 echo "<td><a class='" . $class_string . "' href='" . $buttonLink . "'" .
2095 " onclick='top.restoreSession()'";
2097 if (!$GLOBALS['concurrent_layout']) {
2098 echo " target='Main'";
2101 htmlspecialchars( $buttonLabel, ENT_NOQUOTES
) . "</span></a></td>";
2103 if ($forceExpandAlways){
2104 // Special case to force the widget to always be expanded
2105 echo "<td><span class='text'><b>" . htmlspecialchars( $title, ENT_NOQUOTES
) . "</b></span>";
2106 $indicatorTag ="style='display:none'";
2108 echo "<td><a " . $indicatorTag . " href='javascript:;' class='small' onclick='toggleIndicator(this,\"" .
2109 htmlspecialchars( $label, ENT_QUOTES
) . "_ps_expand\")'><span class='text'><b>";
2110 echo htmlspecialchars( $title, ENT_NOQUOTES
) . "</b></span>";
2111 if (getUserSetting($label."_ps_expand")) {
2112 $text = xl('collapse');
2115 $text = xl('expand');
2117 echo " (<span class='indicator'>" . htmlspecialchars($text, ENT_QUOTES
) .
2118 "</span>)</a></td>";
2119 echo "</tr></table>";
2121 if ($forceExpandAlways) {
2122 // Special case to force the widget to always be expanded
2125 else if (getUserSetting($label."_ps_expand")) {
2129 $styling = "style='display:none'";
2132 $styling .= " class='" . $bodyClass . "'";
2134 //next, create the first div tag to hold the information
2135 // note the code that calls this function will then place the ending div tag after the data
2136 echo "<div id='" . htmlspecialchars( $label, ENT_QUOTES
) . "_ps_expand' " . $styling . ">";