interface/new/new_patient_save.php

   1 <?php
   2 /**
   3  * new_patient_save.php
   4  *
   5  * @package   OpenEMR
   6  * @link      http://www.open-emr.org
   7  * @author    Brady Miller <brady.g.miller@gmail.com>
   8  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
   9  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  10  */
  11
  12
  13 require_once("../globals.php");
  14
  15 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
  16     csrfNotVerified();
  17 }
  18
  19 // Validation for non-unique external patient identifier.
  20 if (!empty($_POST["pubpid"])) {
  21     $form_pubpid = trim($_POST["pubpid"]);
  22     $result = sqlQuery("SELECT count(*) AS count FROM patient_data WHERE " .
  23     "pubpid = ?", array($form_pubpid));
  24     if ($result['count']) {
  25         // Error, not unique.
  26         require_once("new.php");
  27         exit();
  28     }
  29 }
  30
  31 require_once("$srcdir/pid.inc");
  32 require_once("$srcdir/patient.inc");
  33
  34 //here, we lock the patient data table while we find the most recent max PID
  35 //other interfaces can still read the data during this lock, however
  36 sqlStatement("lock tables patient_data read");
  37
  38 $result = sqlQuery("select max(pid)+1 as pid from patient_data");
  39
  40 // TBD: This looks wrong to unlock the table before we have added our
  41 // patient with its newly allocated pid!
  42 //
  43 sqlStatement("unlock tables");
  44 //end table lock
  45 $newpid = 1;
  46
  47 if ($result['pid'] > 1) {
  48     $newpid = $result['pid'];
  49 }
  50
  51 setpid($newpid);
  52
  53 if ($pid == null) {
  54     $pid = 0;
  55 }
  56
  57 // what do we set for the public pid?
  58 if (isset($_POST["pubpid"]) && ($_POST["pubpid"] != "")) {
  59     $mypubpid = $_POST["pubpid"];
  60 } else {
  61     $mypubpid = $pid;
  62 }
  63
  64 if ($_POST['form_create']) {
  65     $form_fname = ucwords(trim($_POST["fname"]));
  66     $form_lname = ucwords(trim($_POST["lname"]));
  67     $form_mname = ucwords(trim($_POST["mname"]));
  68
  69   // ===================
  70   // DBC SYSTEM WAS REMOVED
  71     $form_sex               = trim($_POST["sex"]) ;
  72     $form_dob               = DateToYYYYMMDD(trim($_POST["DOB"])) ;
  73     $form_street            = '' ;
  74     $form_city              = '' ;
  75     $form_postcode          = '' ;
  76     $form_countrycode       = '' ;
  77     $form_regdate           = DateToYYYYMMDD(trim($_POST['regdate']));
  78   // EOS DBC
  79   // ===================
  80
  81     newPatientData(
  82         $_POST["db_id"],
  83         $_POST["title"],
  84         $form_fname,
  85         $form_lname,
  86         $form_mname,
  87         $form_sex, // sex
  88         $form_dob, // dob
  89         $form_street, // street
  90         $form_postcode, // postal_code
  91         $form_city, // city
  92         "", // state
  93         $form_countrycode, // country_code
  94         "", // ss
  95         "", // occupation
  96         "", // phone_home
  97         "", // phone_biz
  98         "", // phone_contact
  99         "", // status
 100         "", // contact_relationship
 101         "", // referrer
 102         "", // referrerID
 103         "", // email
 104         "", // language
 105         "", // ethnoracial
 106         "", // interpreter
 107         "", // migrantseasonal
 108         "", // family_size
 109         "", // monthly_income
 110         "", // homeless
 111         "", // financial_review
 112         "$mypubpid",
 113         $pid,
 114         "", // providerID
 115         "", // genericname1
 116         "", // genericval1
 117         "", // genericname2
 118         "", // genericval2
 119         "", //billing_note
 120         "", // phone_cell
 121         "", // hipaa_mail
 122         "", // hipaa_voice
 123         0,  // squad
 124         0,  // $pharmacy_id = 0,
 125         "", // $drivers_license = "",
 126         "", // $hipaa_notice = "",
 127         "", // $hipaa_message = "",
 128         $form_regdate
 129     );
 130
 131     newEmployerData($pid);
 132     newHistoryData($pid);
 133     newInsuranceData($pid, "primary");
 134     newInsuranceData($pid, "secondary");
 135     newInsuranceData($pid, "tertiary");
 136
 137   // Set referral source separately because we don't want it messed
 138   // with later by newPatientData().
 139     if ($refsource = trim($_POST["refsource"])) {
 140         sqlQuery("UPDATE patient_data SET referral_source = ? " .
 141         "WHERE pid = ?", array($refsource, $pid));
 142     }
 143 }
 144 ?>
 145 <html>
 146 <body>
 147 <script language="Javascript">
 148 <?php
 149 if ($alertmsg) {
 150     echo "alert(" . js_escape($alertmsg) . ");\n";
 151 }
 152
 153   echo "window.location='$rootdir/patient_file/summary/demographics.php?" .
 154     "set_pid=" . attr_url($pid) . "&is_new=1';\n";
 155 ?>
 156 </script>
 157
 158 </body>
 159 </html>