* @author Jerry Padgett * @author Brady Miller * @copyright Copyright (C) 2005-2006 Rod Roark * @copyright Copyright (C) 2016-2021 Jerry Padgett * @copyright Copyright (c) 2019 Brady Miller * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 */ // Will start the (patient) portal OpenEMR session/cookie. require_once(__DIR__ . "/../src/Common/Session/SessionUtil.php"); OpenEMR\Common\Session\SessionUtil::portalSessionStart(); require_once("./../library/pnotes.inc.php"); //landing page definition -- where to go if something goes wrong $landingpage = "index.php?site=" . urlencode($_SESSION['site_id']); // // kick out if patient not authenticated if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) { $pid = $_SESSION['pid']; } else { OpenEMR\Common\Session\SessionUtil::portalSessionCookieDestroy(); header('Location: ' . $landingpage . '&w'); exit; } $ignoreAuth_onsite_portal = true; global $ignoreAuth_onsite_portal; require_once("../interface/globals.php"); require_once("$srcdir/patient.inc.php"); require_once("$srcdir/forms.inc.php"); require_once("$srcdir/appointments.inc.php"); use OpenEMR\Services\AppointmentService; // Things that might be passed by our opener. // $eid = $_GET['eid'] ?? null; // only for existing events $date = $_GET['date'] ?? null; // this and below only for new events $userid = $_GET['userid'] ?? null; $default_catid = ($_GET['catid'] ?? null) ? $_GET['catid'] : '5'; $patientid = $_GET['patid'] ?? null; // // did someone tamper with eid? $checkEidInAppt = false; $patient_appointments = fetchAppointments('1970-01-01', '2382-12-31', $_SESSION['pid']); $checkEidInAppt = array_search($eid, array_column($patient_appointments, 'pc_eid')); if (!empty($eid) && !$checkEidInAppt) { echo js_escape("error"); exit(); } if (!empty($_POST['form_pid'])) { if ($_POST['form_pid'] != $_SESSION['pid']) { echo js_escape("error"); exit(); } if (! getAvailableSlots($_POST['form_date'], date('Y-m-d', strtotime("+1 year " . $_POST['form_date'])), $_POST['form_provider_ae'])) { echo js_escape("error"); exit(); } $appointment_service = (new AppointmentService())->getOneCalendarCategory($_POST['form_category']); if (($_POST['form_duration'] * 60) != ($appointment_service[0]['pc_duration'])) { echo js_escape("error"); exit(); } } if ($date) { $date = substr($date, 0, 4) . '-' . substr($date, 4, 2) . '-' . substr($date, 6); } else { $date = date("Y-m-d"); } // $starttimem = '00'; if (isset($_GET['starttimem'])) { $starttimem = substr('00' . $_GET['starttimem'], -2); } // if (isset($_GET['starttimeh'])) { $starttimeh = $_GET['starttimeh']; if (isset($_GET['startampm'])) { if ($_GET['startampm'] == '2' && $starttimeh < 12) { $starttimeh += 12; } } } else { $starttimeh = date("G"); } $startampm = ''; $info_msg = ""; // EVENTS TO FACILITIES (lemonsoftware) //(CHEMED) get facility name // edit event case - if there is no association made, then insert one with the first facility if ($eid) { $selfacil = ''; $facility = sqlQuery("SELECT pc_facility, pc_multiple, pc_aid, facility.name FROM openemr_postcalendar_events LEFT JOIN facility ON (openemr_postcalendar_events.pc_facility = facility.id) WHERE pc_eid = ?", array($eid)); if (!$facility['pc_facility']) { $qmin = sqlQuery("SELECT facility_id as minId, facility FROM users WHERE id = ?", array($facility['pc_aid'])); $min = $qmin['minId']; $min_name = $qmin['facility']; // multiple providers case if ($GLOBALS['select_multi_providers']) { $mul = $facility['pc_multiple']; sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_multiple = ?", array($min, $mul)); } // EOS multiple sqlStatement("UPDATE openemr_postcalendar_events SET pc_facility = ? WHERE pc_eid = ?", array($min, $eid)); $e2f = $min; $e2f_name = $min_name; } else { $e2f = $facility['pc_facility']; $e2f_name = $facility['name']; } } // EOS E2F // =========================== // If we are saving, then save and close the window. // if (($_POST['form_action'] ?? null) == "save") { //print_r($_POST); //exit(); $event_date = fixDate($_POST['form_date']); // Compute start and end time strings to be saved. if ($_POST['form_allday'] ?? null) { $tmph = 0; $tmpm = 0; $duration = 24 * 60; } else { $tmph = $_POST['form_hour'] + 0; $tmpm = $_POST['form_minute'] + 0; if ($_POST['form_ampm'] == '2' && $tmph < 12) { $tmph += 12; } $duration = $_POST['form_duration']; } $starttime = "$tmph:$tmpm:00"; // $tmpm += $duration; while ($tmpm >= 60) { $tmpm -= 60; ++$tmph; } $endtime = "$tmph:$tmpm:00"; // Useless garbage that we must save. $locationspec = 'a:6:{s:14:"event_location";N;s:13:"event_street1";N;' . 's:13:"event_street2";N;s:10:"event_city";N;s:11:"event_state";N;s:12:"event_postal";N;}'; // More garbage, but this time 1 character of it is used to save the // repeat type. if ($_POST['form_repeat'] ?? null) { $recurrspec = 'a:5:{' . 's:17:"event_repeat_freq";s:1:"' . $_POST['form_repeat_freq'] . '";' . 's:22:"event_repeat_freq_type";s:1:"' . $_POST['form_repeat_type'] . '";' . 's:19:"event_repeat_on_num";s:1:"1";' . 's:19:"event_repeat_on_day";s:1:"0";' . 's:20:"event_repeat_on_freq";s:1:"0";}'; } else { $recurrspec = 'a:5:{' . 's:17:"event_repeat_freq";N;' . 's:22:"event_repeat_freq_type";s:1:"0";' . 's:19:"event_repeat_on_num";s:1:"1";' . 's:19:"event_repeat_on_day";s:1:"0";' . 's:20:"event_repeat_on_freq";s:1:"1";}'; } //The modification of the start date for events that take place on one day of the week //for example monday, or thursday. We set the start date on the first day of the week //that the event is scheduled. For example if you set the event to repeat on each monday //the start date of the event will be set on the first monday after the day the event is scheduled if (($_POST['form_repeat_type'] ?? null) == 5) { $exploded_date = explode("-", $event_date); $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0])); if ($edate == "Tue") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 6, $exploded_date[0])); } elseif ($edate == "Wed") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 5, $exploded_date[0])); } elseif ($edate == "Thu") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 4, $exploded_date[0])); } elseif ($edate == "Fri") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 3, $exploded_date[0])); } elseif ($edate == "Sat") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 2, $exploded_date[0])); } elseif ($edate == "Sun") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 1, $exploded_date[0])); } } elseif (($_POST['form_repeat_type'] ?? null) == 6) { $exploded_date = explode("-", $event_date); $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0])); if ($edate == "Wed") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 6, $exploded_date[0])); } elseif ($edate == "Thu") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 5, $exploded_date[0])); } elseif ($edate == "Fri") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 4, $exploded_date[0])); } elseif ($edate == "Sat") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 3, $exploded_date[0])); } elseif ($edate == "Sun") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 2, $exploded_date[0])); } elseif ($edate == "Mon") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 1, $exploded_date[0])); } } elseif (($_POST['form_repeat_type'] ?? null) == 7) { $exploded_date = explode("-", $event_date); $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0])); if ($edate == "Thu") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 6, $exploded_date[0])); } elseif ($edate == "Fri") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 5, $exploded_date[0])); } elseif ($edate == "Sat") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 4, $exploded_date[0])); } elseif ($edate == "Sun") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 3, $exploded_date[0])); } elseif ($edate == "Mon") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 2, $exploded_date[0])); } elseif ($edate == "Tue") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 1, $exploded_date[0])); } } elseif (($_POST['form_repeat_type'] ?? null) == 8) { $exploded_date = explode("-", $event_date); $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0])); if ($edate == "Fri") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 6, $exploded_date[0])); } elseif ($edate == "Sat") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 5, $exploded_date[0])); } elseif ($edate == "Sun") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 4, $exploded_date[0])); } elseif ($edate == "Mon") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 3, $exploded_date[0])); } elseif ($edate == "Tue") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 2, $exploded_date[0])); } elseif ($edate == "Wed") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 1, $exploded_date[0])); } } elseif (($_POST['form_repeat_type'] ?? null) == 9) { $exploded_date = explode("-", $event_date); $edate = date("D", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2], $exploded_date[0])); if ($edate == "Sat") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 6, $exploded_date[0])); } elseif ($edate == "Sun") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 5, $exploded_date[0])); } elseif ($edate == "Mon") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 4, $exploded_date[0])); } elseif ($edate == "Tue") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 3, $exploded_date[0])); } elseif ($edate == "Wed") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 2, $exploded_date[0])); } elseif ($edate == "Thu") { $event_date = date("Y-m-d", mktime(0, 0, 0, $exploded_date[1], $exploded_date[2] + 1, $exploded_date[0])); } }//if end /* ======================================================= // UPDATE EVENTS ========================================================*/ if ($eid) { // what is multiple key around this $eid? $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid)); if ($GLOBALS['select_multi_providers'] && $row['pc_multiple']) { /* ========================================== // multi providers BOS ==========================================*/ // obtain current list of providers regarding the multiple key $up = sqlStatement("SELECT pc_aid FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple'])); while ($current = sqlFetchArray($up)) { $providers_current[] = $current['pc_aid']; } $providers_new = $_POST['form_provider_ae']; // this difference means that some providers from current was UNCHECKED // so we must delete this event for them $r1 = array_diff($providers_current, $providers_new); if (count($r1)) { foreach ($r1 as $to_be_removed) { sqlQuery("DELETE FROM openemr_postcalendar_events WHERE pc_aid = ? AND pc_multiple = ?", array($to_be_removed, $row['pc_multiple'])); } } // this difference means that some providers was added // so we must insert this event for them $r2 = array_diff($providers_new, $providers_current); if (count($r2)) { foreach ($r2 as $to_be_inserted) { sqlStatement("INSERT INTO openemr_postcalendar_events ( pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility) VALUES ( " . "'" . add_escape_custom($_POST['form_category']) . "', " . "'" . add_escape_custom($row['pc_multiple']) . "', " . "'" . add_escape_custom($to_be_inserted) . "', " . "'" . add_escape_custom($_SESSION['pid']) . "', " . "'" . add_escape_custom($_POST['form_title']) . "', " . "NOW(), " . "'" . add_escape_custom($_POST['form_comments']) . "', " . "'" . add_escape_custom($_SESSION['providerId']) . "', " . "'" . add_escape_custom($event_date) . "', " . "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " . "'" . add_escape_custom(($duration * 60)) . "', " . "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " . "'" . add_escape_custom($recurrspec) . "', " . "'" . add_escape_custom($starttime) . "', " . "'" . add_escape_custom($endtime) . "', " . "'" . add_escape_custom($_POST['form_allday']) . "', " . "'" . add_escape_custom($_POST['form_apptstatus']) . "', " . "'" . add_escape_custom($_POST['form_prefcat']) . "', " . "'" . add_escape_custom($locationspec) . "', " . "1, " . "1, " . (int)$_POST['facility'] . " )"); // FF stuff } // foreach } //if count // after the two diffs above, we must update for remaining providers // those who are intersected in $providers_current and $providers_new foreach ($_POST['form_provider_ae'] as $provider) { sqlStatement("UPDATE openemr_postcalendar_events SET " . "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " . "pc_pid = '" . add_escape_custom($_SESSION['pid']) . "', " . "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " . "pc_time = NOW(), " . "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " . "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " . "pc_eventDate = '" . add_escape_custom($event_date) . "', " . "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " . "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " . "pc_recurrtype = '" . ($_POST['form_repeat'] ? '1' : '0') . "', " . "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " . "pc_startTime = '" . add_escape_custom($starttime) . "', " . "pc_endTime = '" . add_escape_custom($endtime) . "', " . "pc_alldayevent = '" . add_escape_custom($_POST['form_allday']) . "', " . "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " . "pc_prefcatid = '" . add_escape_custom($_POST['form_prefcat']) . "', " . "pc_facility = '" . (int)$_POST['facility'] . "' " . // FF stuff "WHERE pc_aid = '" . add_escape_custom($provider) . "' AND pc_multiple='" . add_escape_custom($row['pc_multiple']) . "'"); } // foreach /* ========================================== // multi providers EOS ==========================================*/ } elseif (!$row['pc_multiple']) { if ($GLOBALS['select_multi_providers']) { $prov = $_POST['form_provider_ae'][0]; } else { $prov = $_POST['form_provider_ae']; } $insert = false; // simple provider case sqlStatement("UPDATE openemr_postcalendar_events SET " . "pc_catid = '" . add_escape_custom($_POST['form_category']) . "', " . "pc_aid = '" . add_escape_custom($prov) . "', " . "pc_pid = '" . add_escape_custom($_SESSION['pid']) . "', " . "pc_title = '" . add_escape_custom($_POST['form_title']) . "', " . "pc_time = NOW(), " . "pc_hometext = '" . add_escape_custom($_POST['form_comments']) . "', " . "pc_informant = '" . add_escape_custom($_SESSION['providerId']) . "', " . "pc_eventDate = '" . add_escape_custom($event_date) . "', " . "pc_endDate = '" . add_escape_custom(fixDate($_POST['form_enddate'] ?? '')) . "', " . "pc_duration = '" . add_escape_custom(($duration * 60)) . "', " . "pc_recurrtype = '" . (($_POST['form_repeat'] ?? null) ? '1' : '0') . "', " . "pc_recurrspec = '" . add_escape_custom($recurrspec) . "', " . "pc_startTime = '" . add_escape_custom($starttime) . "', " . "pc_endTime = '" . add_escape_custom($endtime) . "', " . "pc_alldayevent = '" . add_escape_custom(($_POST['form_allday'] ?? '')) . "', " . "pc_apptstatus = '" . add_escape_custom($_POST['form_apptstatus']) . "', " . "pc_prefcatid = '" . add_escape_custom(($_POST['form_prefcat'] ?? '')) . "', " . "pc_facility = '" . (int)($_POST['facility'] ?? null) . "' " . // FF stuff "WHERE pc_eid = '" . add_escape_custom($eid) . "'"); } // ======================================= // EOS multi providers case // ======================================= // EVENTS TO FACILITIES $e2f = (int)$eid; /* ======================================================= // INSERT EVENTS ========================================================*/ } else { // ======================================= // multi providers case // ======================================= if (is_array($_POST['form_provider_ae'])) { // obtain the next available unique key to group multiple providers around some event $q = sqlStatement("SELECT MAX(pc_multiple) as max FROM openemr_postcalendar_events"); $max = sqlFetchArray($q); $new_multiple_value = $max['max'] + 1; foreach ($_POST['form_provider_ae'] as $provider) { sqlStatement("INSERT INTO openemr_postcalendar_events ( " . "pc_catid, pc_multiple, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " . "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " . "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " . "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " . ") VALUES ( " . "'" . add_escape_custom($_POST['form_category']) . "', " . "'" . add_escape_custom($new_multiple_value) . "', " . "'" . add_escape_custom($provider) . "', " . "'" . add_escape_custom($_SESSION['pid']) . "', " . "'" . add_escape_custom($_POST['form_title']) . "', " . "NOW(), " . "'" . add_escape_custom($_POST['form_comments']) . "', " . "'" . add_escape_custom($_SESSION['providerId']) . "', " . "'" . add_escape_custom($event_date) . "', " . "'" . add_escape_custom(fixDate($_POST['form_enddate'])) . "', " . "'" . add_escape_custom(($duration * 60)) . "', " . "'" . ($_POST['form_repeat'] ? '1' : '0') . "', " . "'" . add_escape_custom($recurrspec) . "', " . "'" . add_escape_custom($starttime) . "', " . "'" . add_escape_custom($endtime) . "', " . "'" . add_escape_custom($_POST['form_allday']) . "', " . "'" . add_escape_custom($_POST['form_apptstatus']) . "', " . "'" . add_escape_custom($_POST['form_prefcat']) . "', " . "'" . add_escape_custom($locationspec) . "', " . "1, " . "1, " . (int)$_POST['facility'] . " )"); // FF stuff } // foreach } else { $_POST['form_apptstatus'] = '^'; $insert = true; sqlStatement("INSERT INTO openemr_postcalendar_events ( " . "pc_catid, pc_aid, pc_pid, pc_title, pc_time, pc_hometext, " . "pc_informant, pc_eventDate, pc_endDate, pc_duration, pc_recurrtype, " . "pc_recurrspec, pc_startTime, pc_endTime, pc_alldayevent, " . "pc_apptstatus, pc_prefcatid, pc_location, pc_eventstatus, pc_sharing, pc_facility " . ") VALUES ( " . "'" . add_escape_custom($_POST['form_category']) . "', " . "'" . add_escape_custom($_POST['form_provider_ae']) . "', " . "'" . add_escape_custom($_SESSION['pid']) . "', " . "'" . add_escape_custom($_POST['form_title']) . "', " . "NOW(), " . "'" . add_escape_custom($_POST['form_comments']) . "', " . "'" . add_escape_custom($_SESSION['providerId']) . "', " . "'" . add_escape_custom($event_date) . "', " . "'" . add_escape_custom(fixDate(($_POST['form_enddate'] ?? ''))) . "', " . "'" . add_escape_custom(($duration * 60)) . "', " . "'" . (($_POST['form_repeat'] ?? null) ? '1' : '0') . "', " . "'" . add_escape_custom($recurrspec) . "', " . "'" . add_escape_custom($starttime) . "', " . "'" . add_escape_custom($endtime) . "', " . "'" . add_escape_custom(($_POST['form_allday'] ?? '')) . "', " . "'" . add_escape_custom($_POST['form_apptstatus']) . "', " . "'" . add_escape_custom(($_POST['form_prefcat'] ?? null)) . "', " . "'" . add_escape_custom($locationspec) . "', " . "1, " . "1, " . (int)($_POST['facility'] ?? null) . ")"); // FF stuff } // INSERT single } // else - insert } elseif (($_POST['form_action'] ?? null) == "delete") { // ======================================= // multi providers case // ======================================= if ($GLOBALS['select_multi_providers']) { // what is multiple key around this $eid? $row = sqlQuery("SELECT pc_multiple FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid)); if ($row['pc_multiple']) { sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_multiple = ?", array($row['pc_multiple'])); } else { sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid)); } // ======================================= // EOS multi providers case // ======================================= } else { sqlStatement("DELETE FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid)); } } if (!empty($_POST['form_action'])) { // Leave $type = $insert ? xl("A New Appointment") : xl("An Updated Appointment"); $note = $type . " " . xl("request was received from portal patient") . " "; $note .= $_SESSION['ptName'] . " " . xl("regarding appointment dated") . " " . $event_date . " " . $starttime . ". "; $note .= !empty($_POST['form_comments']) ? (xl("Reason") . " " . $_POST['form_comments']) : ""; $note .= ". " . xl("Use Portal Dashboard to confirm with patient."); $title = xl("Patient Reminders"); $user = sqlQueryNoLog("SELECT users.username FROM users WHERE authorized = 1 And id = ?", array($_POST['form_provider_ae'])); $rtn = addPnote($_SESSION['pid'], $note, 1, 1, $title, $user['username'], '', 'New'); $_SESSION['whereto'] = '#appointmentcard'; header('Location:./home.php'); exit(); } // If we get this far then we are displaying the form. $statuses = array( '-' => '', '*' => xl('* Reminder done'), '+' => xl('+ Chart pulled'), 'x' => xl('x Cancelled'), // added Apr 2008 by JRM '?' => xl('? No show'), '@' => xl('@ Arrived'), '~' => xl('~ Arrived late'), '!' => xl('! Left w/o visit'), '#' => xl('# Ins/fin issue'), '<' => xl('< In exam room'), '>' => xl('> Checked out'), '$' => xl('$ Coding done'), '^' => xl('^ Pending'), ); $repeats = 0; // if the event repeats $repeattype = '0'; $repeatfreq = '0'; $patienttitle = ""; $hometext = ""; $row = array(); // If we are editing an existing event, then get its data. if ($eid) { $row = sqlQuery("SELECT * FROM openemr_postcalendar_events WHERE pc_eid = ?", array($eid)); $date = $row['pc_eventDate']; $userid = $row['pc_aid']; $patientid = $row['pc_pid']; $starttimeh = substr($row['pc_startTime'], 0, 2) + 0; $starttimem = substr($row['pc_startTime'], 3, 2); $repeats = $row['pc_recurrtype']; $multiple_value = $row['pc_multiple']; if (preg_match('/"event_repeat_freq_type";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) { $repeattype = $matches[1]; } if (preg_match('/"event_repeat_freq";s:1:"(\d)"/', $row['pc_recurrspec'], $matches)) { $repeatfreq = $matches[1]; } $hometext = $row['pc_hometext']; if (substr($hometext, 0, 6) == ':text:') { $hometext = substr($hometext, 6); } } else { $patientid = $_GET['pid']; } // If we have a patient ID, get the name and phone numbers to display. if ($patientid) { $prow = sqlQuery("SELECT lname, fname, phone_home, phone_biz, DOB " . "FROM patient_data WHERE pid = ?", array($patientid)); $patientname = $prow['lname'] . ", " . $prow['fname']; if ($prow['phone_home']) { $patienttitle .= " H=" . $prow['phone_home']; } if ($prow['phone_biz']) { $patienttitle .= " W=" . $prow['phone_biz']; } } // Get the providers list. $ures = sqlStatement("SELECT `id`, `username`, `fname`, `lname`, `mname` FROM `users` WHERE " . "`authorized` != 0 AND `active` = 1 AND `username` > '' ORDER BY `lname`, `fname`"); //Set default facility for a new event based on the given 'userid' if ($userid) { $pref_facility = sqlFetchArray(sqlStatement("SELECT facility_id, facility FROM users WHERE id = ?", array($userid))); $e2f = $pref_facility['facility_id']; $e2f_name = $pref_facility['facility']; } ?> <?php echo $eid ? xlt("Edit Event") : xlt("Add New Event"); ?>
' /> ' />
' />
' title='' readonly /> ' title='' readonly />
' readonly />
' onclick='find_available()' />
' />
' onclick="cancel_appointment()" /> ' onclick="validate()" />