Logout fix. (#420)
[openemr.git] / library / parse_patient_xml.php
blob4e3bc2ecafcd96447be43a33b57c56f1ef653113
1 <?php
2 /**
3 * library/parse_patient_xml.php Functions related to patient CCR/CCD/CCDA parsing.
5 * Functions related to patient CCR/CCD/CCDA parsing and insert/update to corresponding tables.
7 * Copyright (C) 2013 Z&H Consultancy Services Private Limited <sam@zhservices.com>
9 * LICENSE: This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 3
12 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
20 * @package OpenEMR
21 * @author Eldho Chacko <eldho@zhservices.com>
22 * @author Ajil P M <ajilpm@zhservices.com>
23 * @link http://www.open-emr.org
26 //SANITIZE ALL ESCAPES
27 $sanitize_all_escapes=true;
30 //STOP FAKE REGISTER GLOBALS
31 $fake_register_globals=false;
34 function parseXmlStream($content,$field_mapping){
35 $res = array();
36 $xml = new DOMDocument;
37 $xml->loadXML($content);
38 $xpath = new DOMXpath($xml);
39 $rootNamespace = $xml->lookupNamespaceUri($xml->namespaceURI);
40 $xpath->registerNamespace('x',$rootNamespace);
41 foreach($field_mapping as $skey=>$sval){
42 $path = preg_replace("/\/([a-zA-Z])/","/x:$1",$skey);
43 $elements = $xpath->query($path);
44 if(!is_null($elements)){
45 $ele_cnt = 1;
46 foreach($elements as $element){
47 foreach($sval as $field => $innerpath){
48 $ipath = preg_replace(array("/^([a-zA-Z])/","/\/([a-zA-Z])/"),array("x:$1","/x:$1"),$innerpath);
49 $val = $xpath->query($ipath, $element)->item(0)->textContent;
50 if($val){
51 $field_details = explode(':',$field);
52 $res[$field_details[0]][$ele_cnt][$field_details[1]] = $val;
55 $ele_cnt++;
59 return $res;
62 function insert_ccr_into_audit_data($var){
63 $audit_master_id_to_delete = $var['audit_master_id_to_delete'];
64 $approval_status = $var['approval_status'];
65 $type = $var['type'];
66 $ip_address = $var['ip_address'];
67 $field_name_value_array = $var['field_name_value_array'];
68 $entry_identification_array = $var['entry_identification_array'];
69 if($audit_master_id_to_delete){
70 $qry = "DELETE from audit_details WHERE audit_master_id=?";
71 sqlStatement($qry,array($audit_master_id_to_delete));
72 $qry = "DELETE from audit_master WHERE id=?";
73 sqlStatement($qry,array($audit_master_id_to_delete));
75 $master_query = "INSERT INTO audit_master SET pid = ?,approval_status = ?,ip_address = ?,type = ?";
76 $audit_master_id = sqlInsert($master_query,array(0,$approval_status,$ip_address,$type));
77 $detail_query = "INSERT INTO `audit_details` (`table_name`, `field_name`, `field_value`, `audit_master_id`, `entry_identification`) VALUES ";
78 $detail_query_array = '';
79 foreach($field_name_value_array as $key=>$val){
80 foreach($field_name_value_array[$key] as $cnt=>$field_details){
81 foreach($field_details as $field_name=>$field_value){
82 $detail_query .= "(? ,? ,? ,? ,?),";
83 $detail_query_array[] = $key;
84 $detail_query_array[] = trim($field_name);
85 $detail_query_array[] = trim($field_value);
86 $detail_query_array[] = $audit_master_id;
87 $detail_query_array[] = trim($entry_identification_array[$key][$cnt]);
91 $detail_query = substr($detail_query, 0, -1);
92 $detail_query = $detail_query.';';
93 sqlInsert($detail_query,$detail_query_array);
96 function insert_patient($audit_master_id){
97 $prow = sqlQuery("SELECT IFNULL(MAX(pid)+1,1) AS pid FROM patient_data");
98 $pid = $prow['pid'];
99 $res = sqlStatement("SELECT DISTINCT ad.table_name,entry_identification FROM audit_master as am,audit_details as ad WHERE am.id=ad.audit_master_id AND am.approval_status = '1' AND am.id=? AND am.type=11 ORDER BY ad.id",array($audit_master_id));
100 $tablecnt = sqlNumRows($res);
101 while($row = sqlFetchArray($res)){
102 $resfield = sqlStatement("SELECT * FROM audit_details WHERE audit_master_id=? AND table_name=? AND entry_identification=?",array($audit_master_id,$row['table_name'],$row['entry_identification']));
103 $table = $row['table_name'];
104 $newdata = array();
105 while($rowfield = sqlFetchArray($resfield)){
106 if($table == 'patient_data'){
107 if($rowfield['field_name'] == 'DOB'){
108 $newdata['patient_data'][$rowfield['field_name']] = substr($rowfield['field_value'],0,10);
109 }else{
110 $newdata['patient_data'][$rowfield['field_name']] = $rowfield['field_value'];
112 }elseif($table == 'lists1'){
113 $newdata['lists1'][$rowfield['field_name']] = $rowfield['field_value'];
114 }elseif($table == 'lists2'){
115 $newdata['lists2'][$rowfield['field_name']] = $rowfield['field_value'];
116 }elseif($table == 'prescriptions'){
117 $newdata['prescriptions'][$rowfield['field_name']] = $rowfield['field_value'];
118 }elseif($table == 'immunizations'){
119 $newdata['immunizations'][$rowfield['field_name']] = $rowfield['field_value'];
120 }elseif($table == 'procedure_result'){
121 $newdata['procedure_result'][$rowfield['field_name']] = $rowfield['field_value'];
122 }elseif($table == 'procedure_type'){
123 $newdata['procedure_type'][$rowfield['field_name']] = $rowfield['field_value'];
124 }elseif($table == 'misc_address_book'){
125 $newdata['misc_address_book'][$rowfield['field_name']] = $rowfield['field_value'];
126 }elseif($table == 'documents'){
127 $newdata['documents'][$rowfield['field_name']] = $rowfield['field_value'];
130 if($table == 'patient_data'){
131 updatePatientData($pid,$newdata['patient_data'],true);
132 }elseif($table == 'lists1'){
133 sqlInsert("INSERT INTO lists(".
134 "pid,diagnosis,activity".
135 ") VALUES (".
136 "'".add_escape_custom($pid)."',".
137 "'".add_escape_custom($newdata['lists1']['diagnosis'])."',".
138 "'".add_escape_custom($newdata['lists1']['activity'])."')"
140 }elseif($table == 'lists2'){
141 sqlInsert("INSERT INTO lists(".
142 "pid,date,type,title,diagnosis,reaction".
143 ") VALUES (".
144 "'".add_escape_custom($pid)."',".
145 "'".add_escape_custom($newdata['lists2']['date'])."',".
146 "'".add_escape_custom($newdata['lists2']['type'])."',".
147 "'".add_escape_custom($newdata['lists2']['title'])."',".
148 "'".add_escape_custom($newdata['lists2']['diagnosis'])."',".
149 "'".add_escape_custom($newdata['lists2']['reaction'])."')"
151 }elseif($table == 'prescriptions'){
152 sqlInsert("INSERT INTO prescriptions(".
153 "patient_id,date_added,active,drug,size,form,quantity".
154 ") VALUES (".
155 "'".add_escape_custom($pid)."',".
156 "'".add_escape_custom($newdata['prescriptions']['date_added'])."',".
157 "'".add_escape_custom($newdata['prescriptions']['active'])."',".
158 "'".add_escape_custom($newdata['prescriptions']['drug'])."',".
159 "'".add_escape_custom($newdata['prescriptions']['size'])."',".
160 "'".add_escape_custom($newdata['prescriptions']['form'])."',".
161 "'".add_escape_custom($newdata['prescriptions']['quantity'])."')"
163 }elseif($table == 'immunizations'){
164 sqlInsert("INSERT INTO immunizations(".
165 "patient_id,administered_date,note".
166 ") VALUES (".
167 "'".add_escape_custom($pid)."',".
168 "'".add_escape_custom($newdata['immunizations']['administered_date'])."',".
169 "'".add_escape_custom($newdata['immunizations']['note'])."')"
171 }elseif($table == 'procedure_result'){
172 /*sqlInsert("INSERT INTO procedure_result(".
173 "date,result,abnormal".
174 ") VALUES (".
175 "'".add_escape_custom($newdata['procedure_result']['date'])."',".
176 "'".add_escape_custom($newdata['procedure_result']['result'])."',".
177 "'".add_escape_custom($newdata['procedure_result']['abnormal'])."')"
178 );*/
179 }elseif($table == 'procedure_type'){
180 /*sqlInsert("INSERT INTO procedure_type(".
181 "name".
182 ") VALUES (".
183 "'".add_escape_custom($newdata['procedure_type']['name'])."')"
184 );*/
185 }elseif($table == 'misc_address_book'){
186 sqlInsert("INSERT INTO misc_address_book(".
187 "lname,fname,street,city,state,zip,phone".
188 ") VALUES (".
189 "'".add_escape_custom($newdata['misc_address_book']['lname'])."',".
190 "'".add_escape_custom($newdata['misc_address_book']['fname'])."',".
191 "'".add_escape_custom($newdata['misc_address_book']['street'])."',".
192 "'".add_escape_custom($newdata['misc_address_book']['city'])."',".
193 "'".add_escape_custom($newdata['misc_address_book']['state'])."',".
194 "'".add_escape_custom($newdata['misc_address_book']['zip'])."',".
195 "'".add_escape_custom($newdata['misc_address_book']['phone'])."')"
197 }elseif($table == 'documents'){
198 sqlQuery("UPDATE documents SET foreign_id = ? WHERE id =? ",array($pid,$newdata['documents']['id']));
201 sqlQuery("UPDATE audit_master SET approval_status=2 WHERE id=?",array($audit_master_id));
204 function createAuditArray($am_id,$table_name){
205 if(strpos($table_name,',')){
206 $tables = explode(',',$table_name);
207 $arr = array($am_id);
208 $table_qry = "";
209 for($i=0;$i<count($tables);$i++){
210 $table_qry .= "?,";
211 array_unshift($arr,$tables[$i]);
213 $table_qry = substr($table_qry,0,-1);
214 $query = sqlStatement("SELECT * FROM audit_master am LEFT JOIN audit_details ad ON ad.audit_master_id = am.id AND ad.table_name IN ($table_qry)
215 WHERE am.id = ? AND am.type = 11 AND am.approval_status = 1 ORDER BY ad.entry_identification,ad.field_name",$arr);
216 }else{
217 $query = sqlStatement("SELECT * FROM audit_master am LEFT JOIN audit_details ad ON ad.audit_master_id = am.id AND ad.table_name = ?
218 WHERE am.id = ? AND am.type = 11 AND am.approval_status = 1 ORDER BY ad.entry_identification,ad.field_name",array($table_name,$am_id));
220 $result = array();
221 while($res = sqlFetchArray($query)){
222 $result[$table_name][$res['entry_identification']][$res['field_name']] = $res['field_value'];
224 return $result;
227 function insertApprovedData($data){
228 $patient_data_fields = '';
229 $patient_data_values = array();
230 foreach($data as $key=>$val){
231 if(substr($key,-4) == '-sel'){
232 if(is_array($val)){
233 for($i=0;$i<count($val);$i++){
234 if($val[$i] == 'insert'){
235 if(substr($key,0,-4) == 'lists1'){
236 if($_REQUEST['lists1-activity'][$i] == 'Active'){
237 $activity = 1;
238 }elseif($_REQUEST['lists1-activity'][$i] == 'Inactive'){
239 $activity = 0;
241 $query = "INSERT INTO lists (pid,diagnosis,activity) VALUES (?,?,?)";
242 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['lists1-diagnosis'][$i],$activity));
243 }elseif(substr($key,0,-4) == 'lists2'){
244 $query = "INSERT INTO lists (pid,date,type,title,diagnosis,reaction) VALUES (?,?,?,?,?,?)";
245 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['lists2-date'][$i],$_REQUEST['lists2-type'][$i],$_REQUEST['lists2-title'][$i],$_REQUEST['lists2-diagnosis'][$i],$_REQUEST['lists2-reaction'][$i]));
246 }elseif(substr($key,0,-4) == 'prescriptions'){
247 if($_REQUEST['prescriptions-active'][$i] == 'Active'){
248 $active = 1;
249 }elseif($_REQUEST['prescriptions-active'][$i] == 'Inactive'){
250 $active = 0;
252 $query = "INSERT INTO prescriptions (patient_id,date_added,active,drug,size,form,quantity) VALUES (?,?,?,?,?,?,?)";
253 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['prescriptions-date_added'][$i],$active,$_REQUEST['prescriptions-drug'][$i],$_REQUEST['prescriptions-size'][$i],$_REQUEST['prescriptions-form'][$i],$_REQUEST['prescriptions-quantity'][$i]));
254 }elseif(substr($key,0,-4) == 'immunizations'){
255 $query = "INSERT INTO immunizations (patient_id,administered_date,note) VALUES (?,?,?)";
256 sqlQuery($query,array($_REQUEST['pid'],$_REQUEST['immunizations-administered_date'][$i],$_REQUEST['immunizations-note'][$i]));
257 }elseif(substr($key,0,-4) == 'procedure_result'){
258 //$query = "INSERT INTO procedure_type (name) VALUES (?)";
259 //sqlQuery($query,array($_REQUEST['procedure_type-name'][$i]));
260 //$query = "INSERT INTO procedure_result (date,result,abnormal) VALUES (?,?,?)";
261 //sqlQuery($query,array($_REQUEST['procedure_result-date'][$i],$active,$_REQUEST['procedure_result-abnormal'][$i]));
263 }elseif($val[$i] == 'update'){
264 if(substr($key,0,-4) == 'lists1'){
265 if($_REQUEST['lists1-activity'][$i] == 'Active'){
266 $activity = 1;
267 }elseif($_REQUEST['lists1-activity'][$i] == 'Inactive'){
268 $activity = 0;
270 $query = "UPDATE lists SET diagnosis=?,activity=? WHERE pid=? AND diagnosis=?";
271 sqlQuery($query,array($_REQUEST['lists1-diagnosis'][$i],$activity,$_REQUEST['pid'],$_REQUEST['lists1-old-diagnosis'][$i]));
275 }else{
276 if(substr($key,0,12) == 'patient_data'){
277 if($val == 'update'){
278 $var_name = substr($key,0,-4);
279 $field_name = substr($var_name,13);
280 $patient_data_fields .= $field_name.'=?,';
281 array_push($patient_data_values,$_REQUEST[$var_name]);
287 if(count($patient_data_values) > 0){
288 array_push($patient_data_values,$_REQUEST['pid']);
289 $patient_data_fields = substr($patient_data_fields,0,-1);
290 $query = "UPDATE patient_data SET $patient_data_fields WHERE pid=?";
291 sqlQuery($query,$patient_data_values);
293 sqlQuery("UPDATE documents SET foreign_id = ? WHERE id =? ",array($_REQUEST['pid'],$_REQUEST['doc_id']));