From 405428d6af8fcb8d7b7bef4b4789a06524ec476f Mon Sep 17 00:00:00 2001 From: Brady Miller Date: Sat, 25 Nov 2017 03:30:20 -0800 Subject: [PATCH] cleanup several more reports (#1258) --- interface/reports/appt_encounter_report.php | 297 +++++++++++++--------------- interface/reports/custom_report_range.php | 39 ++-- interface/reports/edi_270.php | 135 ++++++------- 3 files changed, 214 insertions(+), 257 deletions(-) diff --git a/interface/reports/appt_encounter_report.php b/interface/reports/appt_encounter_report.php index b33febea0..8447af451 100644 --- a/interface/reports/appt_encounter_report.php +++ b/interface/reports/appt_encounter_report.php @@ -1,5 +1,5 @@ - * Copyright (C) 2017 Brady Miller - * - * LICENSE: This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 3 - * of the License, or (at your option) any later version. - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * You should have received a copy of the GNU General Public License - * along with this program. If not, see ;. - * - * @package OpenEMR - * @author Rod Roark - * @author Brady Miller - * @link http://www.open-emr.org - * + * @package OpenEMR + * @link http://www.open-emr.org + * @author Rod Roark + * @author Brady Miller + * @copyright Copyright (c) 2005-2016 Rod Roark + * @copyright Copyright (c) 2017 Brady Miller + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 */ -use OpenEMR\Core\Header; require_once("../globals.php"); require_once("$srcdir/patient.inc"); require_once("../../custom/code_types.inc.php"); require_once("$srcdir/billing.inc"); +use OpenEMR\Core\Header; use OpenEMR\Services\FacilityService; $facilityService = new FacilityService(); - $errmsg = ""; - $alertmsg = ''; // not used yet but maybe later - $grand_total_charges = 0; - $grand_total_copays = 0; - $grand_total_encounters = 0; +$errmsg = ""; +$alertmsg = ''; // not used yet but maybe later +$grand_total_charges = 0; +$grand_total_copays = 0; +$grand_total_encounters = 0; function postError($msg) { @@ -64,13 +51,13 @@ function postError($msg) $errmsg .= '
'; } - $errmsg .= $msg; + $errmsg .= text($msg); } function bucks($amount) { if ($amount) { - echo oeFormatMoney($amount); + return oeFormatMoney($amount); } } @@ -83,19 +70,19 @@ function endDoctor(&$docrow) echo " \n"; echo " \n"; - echo "  " . xl('Totals for', '', '', ' ') . $docrow['docname'] . "\n"; + echo "  " . xlt('Totals for') . ' ' . text($docrow['docname']) . "\n"; echo " \n"; echo " \n"; - echo "  " . $docrow['encounters'] . " \n"; + echo "  " . text($docrow['encounters']) . " \n"; echo " \n"; echo " \n"; echo "  "; - bucks($docrow['charges']); + echo text(bucks($docrow['charges'])); echo " \n"; echo " \n"; echo " \n"; echo "  "; - bucks($docrow['copays']); + echo text(bucks($docrow['copays'])); echo " \n"; echo " \n"; echo " \n"; @@ -112,15 +99,13 @@ function endDoctor(&$docrow) $docrow['encounters'] = 0; } - $form_facility = isset($_POST['form_facility']) ? $_POST['form_facility'] : ''; - $form_from_date = fixDate($_POST['form_from_date'], date('Y-m-d')); - $form_to_date = fixDate($_POST['form_to_date'], date('Y-m-d')); +$form_facility = isset($_POST['form_facility']) ? $_POST['form_facility'] : ''; +$form_from_date = (isset($_POST['form_from_date'])) ? DateToYYYYMMDD($_POST['form_from_date']) : date('Y-m-d'); +$form_to_date = (isset($_POST['form_to_date'])) ? DateToYYYYMMDD($_POST['form_to_date']) : date('Y-m-d'); if ($_POST['form_refresh']) { - $form_from_date = fixDate($_POST['form_from_date'], date('Y-m-d')); - $form_to_date = fixDate($_POST['form_to_date'], ""); - - // MySQL doesn't grok full outer joins so we do it the hard way. - // + // MySQL doesn't grok full outer joins so we do it the hard way. + // + $sqlBindArray = array(); $query = "( " . "SELECT " . "e.pc_eventDate, e.pc_startTime, " . @@ -133,20 +118,23 @@ if ($_POST['form_refresh']) { "ON fe.date = e.pc_eventDate AND fe.pid = e.pc_pid " . "LEFT OUTER JOIN forms AS f ON f.pid = fe.pid AND f.encounter = fe.encounter AND f.formdir = 'newpatient' " . "LEFT OUTER JOIN patient_data AS p ON p.pid = e.pc_pid " . - // "LEFT OUTER JOIN users AS u ON BINARY u.username = BINARY f.user WHERE "; + // "LEFT OUTER JOIN users AS u ON BINARY u.username = BINARY f.user WHERE "; "LEFT OUTER JOIN users AS u ON u.id = fe.provider_id WHERE "; if ($form_to_date) { - $query .= "e.pc_eventDate >= '$form_from_date' AND e.pc_eventDate <= '$form_to_date' "; + $query .= "e.pc_eventDate >= ? AND e.pc_eventDate <= ? "; + array_push($sqlBindArray, $form_from_date, $form_to_date); } else { - $query .= "e.pc_eventDate = '$form_from_date' "; + $query .= "e.pc_eventDate = ? "; + array_push($sqlBindArray, $form_from_date); } if ($form_facility !== '') { - $query .= "AND e.pc_facility = '" . add_escape_custom($form_facility) . "' "; + $query .= "AND e.pc_facility = ? "; + array_push($sqlBindArray, $form_facility); } - // $query .= "AND ( e.pc_catid = 5 OR e.pc_catid = 9 OR e.pc_catid = 10 ) " . - $query .= "AND e.pc_pid != '' AND e.pc_apptstatus != '?' " . + // $query .= "AND ( e.pc_catid = 5 OR e.pc_catid = 9 OR e.pc_catid = 10 ) " . + $query .= "AND e.pc_pid != '' AND e.pc_apptstatus != ? " . ") UNION ( " . "SELECT " . "e.pc_eventDate, e.pc_startTime, " . @@ -157,88 +145,87 @@ if ($_POST['form_refresh']) { "FROM form_encounter AS fe " . "LEFT OUTER JOIN openemr_postcalendar_events AS e " . "ON fe.date = e.pc_eventDate AND fe.pid = e.pc_pid AND " . - // "( e.pc_catid = 5 OR e.pc_catid = 9 OR e.pc_catid = 10 ) " . - "e.pc_pid != '' AND e.pc_apptstatus != '?' " . + // "( e.pc_catid = 5 OR e.pc_catid = 9 OR e.pc_catid = 10 ) " . + "e.pc_pid != '' AND e.pc_apptstatus != ? " . "LEFT OUTER JOIN forms AS f ON f.pid = fe.pid AND f.encounter = fe.encounter AND f.formdir = 'newpatient' " . "LEFT OUTER JOIN patient_data AS p ON p.pid = fe.pid " . - // "LEFT OUTER JOIN users AS u ON BINARY u.username = BINARY f.user WHERE "; + // "LEFT OUTER JOIN users AS u ON BINARY u.username = BINARY f.user WHERE "; "LEFT OUTER JOIN users AS u ON u.id = fe.provider_id WHERE "; + array_push($sqlBindArray, '?', '?'); if ($form_to_date) { - // $query .= "LEFT(fe.date, 10) >= '$form_from_date' AND LEFT(fe.date, 10) <= '$form_to_date' "; - $query .= "fe.date >= '$form_from_date 00:00:00' AND fe.date <= '$form_to_date 23:59:59' "; + // $query .= "LEFT(fe.date, 10) >= '$form_from_date' AND LEFT(fe.date, 10) <= '$form_to_date' "; + $query .= "fe.date >= ? AND fe.date <= ? "; + array_push($sqlBindArray, $form_from_date.' 00:00:00', $form_to_date.' 23:59:59'); } else { // $query .= "LEFT(fe.date, 10) = '$form_from_date' "; - $query .= "fe.date >= '$form_from_date 00:00:00' AND fe.date <= '$form_from_date 23:59:59' "; + $query .= "fe.date >= ? AND fe.date <= ? "; + array_push($sqlBindArray, $form_from_date.' 00:00:00', $form_from_date.' 23:59:59'); } if ($form_facility !== '') { - $query .= "AND fe.facility_id = '" . add_escape_custom($form_facility) . "' "; + $query .= "AND fe.facility_id = ? "; + array_push($sqlBindArray, $form_facility); } $query .= ") ORDER BY docname, IFNULL(pc_eventDate, encdate), pc_startTime"; - $res = sqlStatement($query); + $res = sqlStatement($query, $sqlBindArray); } ?> + <?php echo xlt('Appointments and Encounters'); ?> - - - -<?php xl('Appointments and Encounters', 'e'); ?> - - + + + - - + -
- +
@@ -253,45 +240,44 @@ $(document).ready(function() { @@ -299,9 +285,7 @@ $(document).ready(function() { @@ -342,16 +326,16 @@ if ($_POST['form_refresh']) {
- : + : getAll(); - echo " \n"; + echo " - : + : - + - : + : - +
+ value='1'>
- - - - - - - - - - + + + + + + + + + +\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " @@ -365,7 +350,7 @@ foreach ($newpatient as $patient) { $bdate = strtotime($b['date']); echo "\n"; - echo ""; + echo ""; echo ""; echo "
                                   
-   +     -   +   -   +   -   +   -   +   -   +   -   +   - +   @@ -552,19 +537,19 @@ if ($res) { echo "
\n"; - echo "  " . xl('Grand Totals') . "\n"; + echo "  " . xlt('Grand Totals') . "\n"; echo " \n"; - echo "  " . $grand_total_encounters . " \n"; + echo "  " . text($grand_total_encounters) . " \n"; echo " \n"; echo "  "; - bucks($grand_total_charges); + echo text(bucks($grand_total_charges)); echo " \n"; echo " \n"; echo "  "; - bucks($grand_total_copays); + echo text(bucks($grand_total_copays)); echo " \n"; echo " \n"; @@ -578,7 +563,7 @@ if ($res) {
- +
diff --git a/interface/reports/custom_report_range.php b/interface/reports/custom_report_range.php index c5f6748b6..1344290ad 100644 --- a/interface/reports/custom_report_range.php +++ b/interface/reports/custom_report_range.php @@ -1,27 +1,14 @@ ;. - * - * @package OpenEMR - * @author Brady Miller - * @link http://www.open-emr.org + * @package OpenEMR + * @link http://www.open-emr.org + * @author Brady Miller + * @copyright Copyright (c) 2017 Brady Miller + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 */ - - - require_once(dirname(__file__)."/../globals.php"); require_once("$srcdir/forms.inc"); require_once("$srcdir/billing.inc"); @@ -39,8 +26,8 @@ if (empty($_POST['start']) || empty($_POST['end'])) { $enddate = date('Y-m-d', time()); } else { // set dates - $startdate = $_POST['start']; - $enddate = $_POST['end']; + $startdate = DateToYYYYMMDD($_POST['start']); + $enddate = DateToYYYYMMDD($_POST['end']); } //Patient related stuff @@ -170,7 +157,7 @@ if ($form_patient == '') { $('.datepicker').datetimepicker({ - + }); @@ -214,22 +201,20 @@ if ($form_patient == '') { : 		- + : - +   : - ' onclick='sel_patient()' title='' /> + ' onclick='sel_patient()' title='' />
" . oeFormatShortDate(date("Y-m-d", $bdate)) . "
" . date("h:i a", $bdate) . "		" . text(oeFormatShortDate(date("Y-m-d", $bdate))) . "
" . date("h:i a", $bdate) . "		" . text($b['provider_name']) . ""; echo text($b['code_type']) . ":\t" . text($b['code']) . " ". text($b['modifier']) . "   " . text($b['code_text']) . "     "; diff --git a/interface/reports/edi_270.php b/interface/reports/edi_270.php index cca3eee06..7a1122293 100644 --- a/interface/reports/edi_270.php +++ b/interface/reports/edi_270.php @@ -1,66 +1,56 @@ - * Copyright (C) 2010 MMF Systems, Inc - * Copyright (C) 2017 Brady Miller - * - * LICENSE: This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 3 - * of the License, or (at your option) any later version. - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * You should have received a copy of the GNU General Public License - * along with this program. If not, see http://opensource.org/licenses/gpl-license.php. - * - * @package OpenEMR - * @author Terry Hill - * @author Brady Miller - * @link http://www.open-emr.org + * @package OpenEMR + * @link http://www.open-emr.org + * @author Terry Hill + * @author Brady Miller + * @copyright Copyright (c) 2010 MMF Systems, Inc + * @copyright Copyright (c) 2016 Terry Hill + * @copyright Copyright (c) 2017 Brady Miller + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 */ -use OpenEMR\Core\Header; - require_once("../globals.php"); - require_once("$srcdir/forms.inc"); - require_once("$srcdir/billing.inc"); - require_once("$srcdir/patient.inc"); - require_once "$srcdir/options.inc.php"; - include_once("$srcdir/calendar.inc"); - include_once("$srcdir/edi.inc"); +require_once("../globals.php"); +require_once("$srcdir/forms.inc"); +require_once("$srcdir/billing.inc"); +require_once("$srcdir/patient.inc"); +require_once "$srcdir/options.inc.php"; +require_once("$srcdir/calendar.inc"); +require_once("$srcdir/edi.inc"); - // Element data seperator - $eleDataSep = "*"; +use OpenEMR\Core\Header; + +// Element data seperator +$eleDataSep = "*"; - // Segment Terminator - $segTer = "~"; +// Segment Terminator +$segTer = "~"; - // Component Element seperator - $compEleSep = ":"; +// Component Element seperator +$compEleSep = ":"; - // filter conditions for the report and batch creation +// filter conditions for the report and batch creation - $from_date = fixDate($_POST['form_from_date'], date('Y-m-d')); - $to_date = fixDate($_POST['form_to_date'], date('Y-m-d')); - $form_facility = $_POST['form_facility'] ? $_POST['form_facility'] : ''; - $form_provider = $_POST['form_users'] ? $_POST['form_users'] : ''; - $exclude_policy = $_POST['removedrows'] ? $_POST['removedrows'] : ''; - $X12info = $_POST['form_x12'] ? explode("|", $_POST['form_x12']) : ''; +$from_date = (isset($_POST['form_from_date'])) ? DateToYYYYMMDD($_POST['form_from_date']) : date('Y-m-d'); +$to_date = (isset($_POST['form_to_date'])) ? DateToYYYYMMDD($_POST['form_to_date']) : date('Y-m-d'); +$form_facility = $_POST['form_facility'] ? $_POST['form_facility'] : ''; +$form_provider = $_POST['form_users'] ? $_POST['form_users'] : ''; +$exclude_policy = $_POST['removedrows'] ? $_POST['removedrows'] : ''; +$X12info = $_POST['form_x12'] ? explode("|", $_POST['form_x12']) : ''; - //Set up the sql variable binding array (this prevents sql-injection attacks) - $sqlBindArray = array(); +//Set up the sql variable binding array (this prevents sql-injection attacks) +$sqlBindArray = array(); - $where = "e.pc_pid IS NOT NULL AND e.pc_eventDate >= ?"; - array_push($sqlBindArray, $from_date); +$where = "e.pc_pid IS NOT NULL AND e.pc_eventDate >= ?"; +array_push($sqlBindArray, $from_date); - //$where .="and e.pc_eventDate = (select max(pc_eventDate) from openemr_postcalendar_events where pc_aid = d.id)"; +//$where .="and e.pc_eventDate = (select max(pc_eventDate) from openemr_postcalendar_events where pc_aid = d.id)"; if ($to_date) { $where .= " AND e.pc_eventDate <= ?"; @@ -81,7 +71,7 @@ if ($exclude_policy != "") { $arrayExplode = explode(",", $exclude_policy); array_walk($arrayExplode, 'arrFormated'); $exclude_policy = implode(",", $arrayExplode); - $where .= " AND i.policy_number not in (".stripslashes($exclude_policy).")"; + $where .= " AND i.policy_number not in (".add_escape_custom($exclude_policy).")"; } $where .= " AND (i.policy_number is not null and i.policy_number != '')"; @@ -158,7 +148,7 @@ if ($exclude_policy != "") { - <?php echo htmlspecialchars(xl('Eligibility 270 Inquiry Batch'), ENT_NOQUOTES); ?> + <?php echo xlt('Eligibility 270 Inquiry Batch'); ?> @@ -191,9 +181,8 @@ if ($exclude_policy != "") { -- 2.11.4.GIT