search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
csrf for addlistitem and manage_site_files (#1798)
[openemr.git] / portal / home.php
blobe0b6895c647f0514ac3cb3218c627f11097c7c21
1 <?php
2 /**
3 *
4 * Copyright (C) 2016-2018 Jerry Padgett <sjpadgett@gmail.com>
5 *
6 * LICENSE: This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 *
19 * @package OpenEMR
20 * @author Jerry Padgett <sjpadgett@gmail.com>
21 * @link http://www.open-emr.org
22 */
23 require_once("verify_session.php");
24 require_once("$srcdir/patient.inc");
25 require_once("$srcdir/options.inc.php");
26 require_once("lib/portal_mail.inc");
27
28
29 if ($_SESSION['register'] === true) {
30 session_destroy();
31 header('Location: '.$landingpage.'&w');
32 exit();
33 }
34
35 if (!isset($_SESSION['portal_init'])) {
36 $_SESSION['portal_init'] = true;
37 }
38
39 $whereto = 'profilepanel';
40 if (isset($_SESSION['whereto'])) {
41 $whereto = $_SESSION['whereto'];
42 }
43
44 $user = isset($_SESSION['sessionUser']) ? $_SESSION['sessionUser'] : 'portal user';
45 $result = getPatientData($pid);
46
47 $msgs = getPortalPatientNotes($_SESSION['portal_username']);
48 $msgcnt = count($msgs);
49 $newcnt = 0;
50 foreach ($msgs as $i) {
51 if ($i['message_status']=='New') {
52 $newcnt += 1;
53 }
54 }
55
56 require_once '_header.php';
57 echo "<script>var cpid='" . attr($pid) . "';var cuser='" . attr($user) . "';var webRoot='" . $GLOBALS['web_root'] . "';var ptName='" . attr($_SESSION['ptName']) . "';</script>";
58 ?>
59 <script type="text/javascript">
60 var webroot_url = webRoot;
61
62 $(document).ready(function () {
63
64 $("#profilereport").load("./get_profile.php", {'embeddedScreen': true}, function () {
65 $("table").addClass("table table-responsive");
66 $(".demographics td").removeClass("label");
67 $(".demographics td").addClass("bold");
68 $(".insurance table").addClass("table-sm table-striped");
69 $("#editDems").click(function () {
70 showProfileModal()
71 });
72 });
73 $("#reports").load("./report/portal_patient_report.php?pid='<?php echo attr($pid) ?>'", {'embeddedScreen': true}, function () {
74 <?php if ($GLOBALS['portal_two_payments']) { ?>
75 $("#payment").load("./portal_payment.php", {'embeddedScreen': true}, function () {});
76 <?php } ?>
77 });
78 $("#medicationlist").load("./get_medications.php", {'embeddedScreen': true}, function () {
79 $("#allergylist").load("./get_allergies.php", {'embeddedScreen': true}, function () {
80 $("#problemslist").load("./get_problems.php", {'embeddedScreen': true}, function () {
81 $("#amendmentslist").load("./get_amendments.php", {'embeddedScreen': true}, function () {
82 $("#labresults").load("./get_lab_results.php", {'embeddedScreen': true}, function () {
83
84 });
85 });
86 });
87 });
88 });
89
90 $('.sigPad').signaturePad({drawOnly: true});
91 $(".generateDoc_download").click(function () {
92 $("#doc_form").submit();
93 });
94
95 function showProfileModal() {
96 var title = '<?php echo xla('Demographics Legend Red: Charted Values. Blue: Patient Edits'); ?> ';
97
98 var params = {
99 buttons: [
100 {text: '<?php echo xla('Help'); ?>', close: false, style: 'info', id: 'formHelp'},
101 {text: '<?php echo xla('Cancel'); ?>', close: true, style: 'default'},
102 {text: '<?php echo xla('Revert Edits'); ?>', close: false, style: 'danger', id: 'replaceAllButton'},
103 {text: '<?php echo xla('Send for Review'); ?>',
104 close: false,
105 style: 'success',
106 id: 'donePatientButton'
107 }],
108 onClosed: 'reload',
109 type: 'GET',
110 url: webRoot + '/portal/patient/patientdata?pid=' + cpid + '&user=' + cuser
111 };
112 dlgopen('','','modal-xl', 500, '', title, params);
113 }
114
115 function saveProfile() {
116 page.updateModel();
117 }
118
119 var gowhere = '#<?php echo $whereto?>';
120 $(gowhere).collapse('show');
121
122 var $doHides = $('#panelgroup');
123 $doHides.on('show.bs.collapse', '.collapse', function () {
124 $doHides.find('.collapse.in').collapse('hide');
125 });
126 //Enable sidebar toggle
127 $("[data-toggle='offcanvas']").click(function (e) {
128 e.preventDefault();
129 //If window is small enough, enable sidebar push menu
130 if ($(window).width() <= 992) {
131 $('.row-offcanvas').toggleClass('active');
132 $('.left-side').removeClass("collapse-left");
133 $(".right-side").removeClass("strech");
134 $('.row-offcanvas').toggleClass("relative");
135 } else {
136 //Else, enable content streching
137 $('.left-side').toggleClass("collapse-left");
138 $(".right-side").toggleClass("strech");
139 }
140 });
141 $(function () {
142 $('#popwait').hide();
143 $('#callccda').click(function () {
144 $('#popwait').show();
145 })
146 });
147 });
148
149 function editAppointment(mode,deid){
150 if(mode == 'add'){
151 var title = '<?php echo xla('Request New Appointment'); ?>';
152 var mdata = {pid:deid};
153 }
154 else{
155 var title = '<?php echo xla('Edit Appointment'); ?>';
156 var mdata = {eid:deid};
157 }
158 var params = {
159 dialogId: 'editpop',
160 buttons: [
161 { text: '<?php echo xla('Cancel'); ?>', close: true, style: 'default' }
162 //{ text: 'Print', close: false, style: 'success', click: showCustom }
163 ],
164 type:'GET',
165 dataType: 'text',
166 url: './add_edit_event_user.php',
167 data: mdata
168 };
169
170 dlgopen('', 'apptModal', 610, 300, '', title, params);
171
172 };
173
174 </script>
175 <!-- Right side column. Contains content of the page -->
176 <aside class="right-side">
177 <!-- Main content -->
178 <section class="container-fluid content panel-group" id="panelgroup">
179 <div id="popwait" class="alert alert-warning" style="font-size:18px"><strong><?php echo xlt('Working!'); ?></strong> <?php echo xlt('Please wait...'); ?></div>
180 <div class="row collapse" id="lists">
181 <div class="col-sm-6">
182 <div class="panel panel-primary">
183 <header class="panel-heading"><?php echo xlt('Medications'); ?> </header>
184 <div id="medicationlist" class="panel-body"></div>
185
186 <div class="panel-footer"></div>
187 </div>
188
189 <div class="panel panel-primary">
190 <header class="panel-heading"><?php echo xlt('Medications Allergy List'); ?> </header>
191 <div id="allergylist" class="panel-body"></div>
192
193 <div class="panel-footer"></div>
194 </div>
195 </div><!-- /.col -->
196 <div class="col-sm-6">
197 <div class="panel panel-primary">
198 <header class="panel-heading"><?php echo xlt('Issues List'); ?></header>
199 <div id="problemslist" class="panel-body"></div>
200
201 <div class="panel-footer"></div>
202 </div>
203 <div class="panel panel-primary">
204 <header class="panel-heading"><?php echo xlt('Amendment List'); ?> </header>
205 <div id="amendmentslist" class="panel-body"></div>
206
207 <div class="panel-footer"></div>
208 </div>
209 </div><!-- /.col -->
210 <div class="col-sm-12">
211 <div class="panel panel-primary">
212 <header class="panel-heading"><?php echo xlt('Lab Results'); ?> </header>
213 <div id="labresults" class="panel-body"></div>
214 <div class="panel-footer"></div>
215 </div><!-- /.panel -->
216 </div><!-- /.col -->
217
218 </div><!-- /.lists -->
219
220 <div class="row">
221 <div class="col-sm-6">
222 <div class="panel panel-primary collapse" id="appointmentpanel">
223 <header class="panel-heading"><?php echo xlt('Appointments'); ?> </header>
224 <div id="appointmentslist" class="panel-body">
225 <?php
226 $query = "SELECT e.pc_eid, e.pc_aid, e.pc_title, e.pc_eventDate, " . "e.pc_startTime, e.pc_hometext, e.pc_apptstatus, u.fname, u.lname, u.mname, " .
227 "c.pc_catname " . "FROM openemr_postcalendar_events AS e, users AS u, " .
228 "openemr_postcalendar_categories AS c WHERE " . "e.pc_pid = ? AND e.pc_eventDate >= CURRENT_DATE AND " . "u.id = e.pc_aid AND e.pc_catid = c.pc_catid " . "ORDER BY e.pc_eventDate, e.pc_startTime";
229
230 $res = sqlStatement($query, array(
231 $pid
232 ));
233
234 if (sqlNumRows($res) > 0) {
235 $count = 0;
236 echo '<table id="appttable" style="width:100%;background:#eee;" class="table table-striped fixedtable"><thead>
237 </thead><tbody>';
238 while ($row = sqlFetchArray($res)) {
239 $status_title = getListItemTitle('apptstat', $row['pc_apptstatus']);
240 $count++;
241 $dayname = xl(date("l", strtotime($row ['pc_eventDate'])));
242 $dispampm = "am";
243 $disphour = substr($row ['pc_startTime'], 0, 2) + 0;
244 $dispmin = substr($row ['pc_startTime'], 3, 2);
245 if ($disphour >= 12) {
246 $dispampm = "pm";
247 if ($disphour > 12) {
248 $disphour -= 12;
249 }
250 }
251
252 if ($row ['pc_hometext'] != "") {
253 $etitle = 'Comments' . ": " . $row ['pc_hometext'] . "\r\n";
254 } else {
255 $etitle = "";
256 }
257
258 echo "<tr><td><p>";
259 echo "<a href='#' onclick='editAppointment(0," . htmlspecialchars($row ['pc_eid'], ENT_QUOTES) . ')' . "' title='" . htmlspecialchars($etitle, ENT_QUOTES) . "'>";
260 echo "<b>" . htmlspecialchars($dayname . ", " . $row ['pc_eventDate'], ENT_NOQUOTES) . "&nbsp;";
261 echo htmlspecialchars("$disphour:$dispmin " . $dispampm, ENT_NOQUOTES) . "</b><br>";
262 echo htmlspecialchars($row ['pc_catname'], ENT_NOQUOTES) . "<br><b>";
263 echo xlt("Provider") . ":</b> " . htmlspecialchars($row ['fname'] . " " . $row ['lname'], ENT_NOQUOTES) . "<br><b>";
264 echo xlt("Status") . ":</b> " . htmlspecialchars($status_title, ENT_NOQUOTES);
265 echo "</a></p></td></tr>";
266 }
267
268 if (isset($res) && $res != null) {
269 if ($count < 1) {
270 echo "&nbsp;&nbsp;" . xlt('None');
271 }
272 }
273 } else { // if no appts
274 echo xlt('No Appointments');
275 }
276
277 echo '</tbody></table>';
278 ?>
279 <div style='margin: 5px 0 5px'>
280 <a href='#' onclick="editAppointment('add',<?php echo attr($pid); ?>)">
281 <button class='btn btn-primary pull-right'><?php echo xlt('Schedule New Appointment'); ?></button>
282 </a>
283 </div>
284 </div>
285 <div class="panel-footer"></div>
286 </div><!-- /.panel -->
287 </div><!-- /.col -->
288 </div><!-- /.row -->
289 <?php if ($GLOBALS['portal_two_payments']) { ?>
290 <div class="row">
291 <div class="col-sm-12">
292 <div class="panel panel-primary collapse" id="paymentpanel">
293 <header class="panel-heading"> <?php echo xlt('Payments'); ?> </header>
294 <div id="payment" class="panel-body"></div>
295 <div class="panel-footer">
296 </div>
297 </div>
298 </div> <!--/.col -->
299 </div>
300 <?php } ?>
301 <div class="row">
302 <div class="col-sm-12">
303 <div class="panel panel-primary collapse" style="padding-top:0;padding-bottom:0;" id="messagespanel">
304 <!-- <header class="panel-heading"><?php //echo xlt('Secure Chat'); ?> </header>-->
305 <div id="messages" class="panel-body" style="height:calc(100vh - 120px);overflow:auto;padding:0 0 0 0;" >
306 <iframe src="./messaging/secure_chat.php" width="100%" height="100%"></iframe>
307 </div>
308 </div>
309 </div><!-- /.col -->
310 </div>
311
312 <div class="row">
313 <div class="col-sm-8">
314 <div class="panel panel-primary collapse" id="reportpanel">
315 <header class="panel-heading"><?php echo xlt('Reports'); ?> </header>
316 <div id="reports" class="panel-body"></div>
317 <div class="panel-footer"></div>
318 </div>
319
320 </div>
321 <!-- /.col -->
322 <div class="col-sm-6">
323 <div class="panel panel-primary collapse" id="downloadpanel">
324 <header class="panel-heading"> <?php echo xlt('Download Documents'); ?> </header>
325 <div id="docsdownload" class="panel-body">
326 <?php if ($GLOBALS['portal_onsite_document_download']) { ?>
327 <div>
328 <span class="text"><?php echo xlt('Download all patient documents');?></span>
329 <form name='doc_form' id='doc_form' action='./get_patient_documents.php' method='post'>
330 <input type="button" class="generateDoc_download" value="<?php echo xla('Download'); ?>" />
331 </form>
332 </div>
333 <?php } ?>
334 </div><!-- /.panel-body -->
335 <div class="panel-footer"></div>
336 </div>
337 </div><!-- /.col -->
338 </div>
339
340 <div class="row">
341 <div class="col-sm-12">
342 <div class="panel panel-primary collapse" id="ledgerpanel">
343 <header class="panel-heading"><?php echo xlt('Ledger');?> </header>
344 <div id="patledger" class="panel-body"></div>
345 <div class="panel-footer">
346 <iframe src="./report/pat_ledger.php?form=1&patient_id=<?php echo attr($pid);?>" width="100%" height="475" scrolling="yes"></iframe>
347 </div>
348 </div>
349 </div><!-- /.col -->
350 </div>
351
352 <div class="row">
353 <div class="col-sm-12">
354 <div class="panel panel-primary collapse" id="profilepanel">
355 <header class="panel-heading"><?php echo xlt('Profile'); ?></header>
356 <div id="profilereport" class="panel-body"></div>
357 <div class="panel-footer"></div>
358 </div>
359 </div>
360 </div>
361
362 </section>
363 <!-- /.content -->
364 <!--<div class="footer-main">Onsite Patient Portal Beta v3.0 Copyright &copy By sjpadgett@gmail.com, 2016 All Rights Reserved and Recorded</div>-->
365 </aside><!-- /.right-side -->
366 </div><!-- ./wrapper -->
367 <div id="openSignModal" class="modal fade" role="dialog">
368 <div class="modal-dialog modal-lg">
369 <div class="modal-content">
370 <div class="modal-header">
371 <button type="button" class="close" data-dismiss="modal">&times;</button>
372 <div class="input-group">
373 <span class="input-group-addon"
374 onclick="getSignature(document.getElementById('patientSignaturem'))"><em> <?php echo xlt('Show Current Signature On File'); ?>
375 <br>
376 <?php echo xlt('As appears on documents'); ?>.</em></span> <img
377 class="signature form-control" type="patient-signature"
378 id="patientSignaturem" onclick="getSignature(this)"
379 alt="Signature On File" src="">
380 </div>
381 </div>
382 <div class="modal-body">
383 <form name="signit" id="signit" class="sigPad">
384 <input type="hidden" name="name" id="name" class="name">
385 <ul class="sigNav">
386 <label style='display: none;'><input style='display: none;'
387 type="checkbox" class="" id="isAdmin" name="isAdmin" /><?php echo xlt('Is Authorizing Signature');?></label>
388 <li class="clearButton"><a href="#clear"><button><?php echo xlt('Clear Signature');?></button></a></li>
389 </ul>
390 <div class="sig sigWrapper">
391 <div class="typed"></div>
392 <canvas class="spad" id="drawpad" width="765" height="325"
393 style="border: 1px solid #000000; left: 0px;"></canvas>
394 <img id="loading"
395 style="display: none; position: absolute; TOP: 150px; LEFT: 315px; WIDTH: 100px; HEIGHT: 100px"
396 src="sign/assets/loading.gif" /> <input type="hidden" id="output"
397 name="output" class="output">
398 </div>
399 <input type="hidden" name="type" id="type"
400 value="patient-signature">
401 <button type="button" onclick="signDoc(this)"><?php echo xlt('Acknowledge as my Electronic Signature');?>.</button>
402 </form>
403 </div>
404 </div>
405 <!-- <div class="modal-footer">
406 <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
407 </div> -->
408 </div>
409 </div><!-- Modal -->
410 <img id="waitend"
411 style="display: none; position: absolute; top: 100px; left: 260px; width: 100px; height: 100px"
412 src="sign/assets/loading.gif" />
413
414
415 </body>
416 </html>
Mirror of official OpenEMR Sourceforge repository