;. * * @package OpenEMR * @author Brady Miller * @link http://www.open-emr.org */ //SANITIZE ALL ESCAPES $sanitize_all_escapes=true; // //STOP FAKE REGISTER GLOBALS $fake_register_globals=false; // require_once("../../globals.php"); require_once("$srcdir/patient.inc"); require_once("$srcdir/formdata.inc.php"); $fstart = isset($_REQUEST['fstart']) ? $_REQUEST['fstart'] : 0; $popup = empty($_REQUEST['popup']) ? 0 : 1; $message = isset($_GET['message']) ? $_GET['message'] : ""; ?>
\n"; if ($popup) { echo "\n"; // Construct WHERE clause and save search parameters as form fields. $sqlBindArray = array(); $where = "1 = 1"; $fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = 'DEM' AND uor > 0 AND field_id != '' " . "ORDER BY group_name, seq"); while ($frow = sqlFetchArray($fres)) { $field_id = $frow['field_id']; if (strpos($field_id, 'em_') === 0) continue; $data_type = $frow['data_type']; if (!empty($_REQUEST[$field_id])) { $value = trim($_REQUEST[$field_id]); if ($field_id == 'pid') { $where .= " AND $field_id = ?"; array_push($sqlBindArray,$value); } else if ($field_id == 'pubpid') { $where .= " AND $field_id LIKE ?"; array_push($sqlBindArray,$value); } else { $where .= " AND $field_id LIKE ?"; array_push($sqlBindArray,$value."%"); } echo "\n"; } } // If a non-empty service code was given, then restrict to patients who // have been provided that service. Since the code is used in a LIKE // clause, % and _ wildcards are supported. if ($search_service_code) { $where .= " AND ( SELECT COUNT(*) FROM billing AS b WHERE " . "b.pid = patient_data.pid AND " . "b.activity = 1 AND " . "b.code_type != 'COPAY' AND " . "b.code LIKE ? " . ") > 0"; array_push($sqlBindArray, $search_service_code); } $sql = "SELECT $given FROM patient_data " . "WHERE $where ORDER BY $orderby LIMIT $fstart, $sqllimit"; $rez = sqlStatement($sql,$sqlBindArray); $result = array(); while ($row = sqlFetchArray($rez)) $result[] = $row; _set_patient_inc_count($sqllimit, count($result), $where, $sqlBindArray); } else { $patient = $_REQUEST['patient']; $findBy = $_REQUEST['findBy']; $searchFields = $_REQUEST['searchFields']; echo "\n"; echo "\n"; if ($findBy == "Last") $result = getPatientLnames("$patient", $given, $orderby, $sqllimit, $fstart); else if ($findBy == "ID") $result = getPatientId("$patient", $given, "id ASC, ".$orderby, $sqllimit, $fstart); else if ($findBy == "DOB") $result = getPatientDOB("$patient", $given, "DOB ASC, ".$orderby, $sqllimit, $fstart); else if ($findBy == "SSN") $result = getPatientSSN("$patient", $given, "ss ASC, ".$orderby, $sqllimit, $fstart); elseif ($findBy == "Phone") //(CHEMED) Search by phone number $result = getPatientPhone("$patient", $given, $orderby, $sqllimit, $fstart); else if ($findBy == "Any") $result = getByPatientDemographics("$patient", $given, $orderby, $sqllimit, $fstart); else if ($findBy == "Filter") { $result = getByPatientDemographicsFilter($searchFields, "$patient", $given, $orderby, $sqllimit, $fstart, $search_service_code); } } ?>
[ ".htmlspecialchars( $message, ENT_NOQUOTES)."\n"; ?> $count) $fend = $count; ?> <<    $fend) { ?>    >>
1 AND field_id != '' " . "OR uor > 0 AND field_id = 'street' ) AND " . "field_id NOT LIKE '_name' AND " . "field_id NOT LIKE 'phone%' AND " . "field_id NOT LIKE 'title' AND " . "field_id NOT LIKE 'ss' AND " . "field_id NOT LIKE 'DOB' AND " . "field_id NOT LIKE 'pubpid' " . "ORDER BY group_name, seq LIMIT 5"); while ($trow = sqlFetchArray($tres)) { $extracols[$trow['field_id']] = $trow['title']; echo "\n"; } } ?>
0) { $add_days = $matches[1]; $patient = $matches[2]; } ?> [ ] " . htmlspecialchars(xl($trow['title']), ENT_NOQUOTES) . "
"; echo "\n"; //other phone number display setup for tooltip $phone_biz = ''; if ($iter{"phone_biz"} != "") { $phone_biz = " [business phone ".$iter{"phone_biz"}."] "; } $phone_contact = ''; if ($iter{"phone_contact"} != "") { $phone_contact = " [contact phone ".$iter{"phone_contact"}."] "; } $phone_cell = ''; if ($iter{"phone_cell"} != "") { $phone_cell = " [cell phone ".$iter{"phone_cell"}."] "; } $all_other_phones = $phone_biz.$phone_contact.$phone_cell; if ($all_other_phones == '') {$all_other_phones = xl('No other phone numbers listed');} //end of phone number display setup, now display the phone number(s) echo "\n"; echo ""; if ($iter{"DOB"} != "0000-00-00 00:00:00") { echo ""; } else { echo ""; } echo ""; if (empty($GLOBALS['patient_search_results_style'])) { echo ""; //setup for display of encounter date info $encounter_count = 0; $day_diff = ''; $last_date_seen = ''; $next_appt_date= ''; $pid = ''; // calculate date differences based on date of last encounter with billing entries $query = "select DATE_FORMAT(max(form_encounter.date),'$date_format_result') as mydate," . " (to_days(current_date())-to_days(max(form_encounter.date))) as day_diff," . " DATE_FORMAT(max(form_encounter.date) + interval " . add_escape_custom($add_days) . " day,'$date_format_result') as next_appt, dayname(max(form_encounter.date) + interval " . add_escape_custom($add_days) . " day) as next_appt_day from form_encounter " . "join billing on billing.encounter = form_encounter.encounter and " . "billing.pid = form_encounter.pid and billing.activity = 1 and " . "billing.code_type not like 'COPAY' where ". "form_encounter.pid = ?"; $statement= sqlStatement($query, array($iter{"pid"}) ); if ($results = sqlFetchArray($statement)) { $last_date_seen = $results['mydate']; $day_diff = $results['day_diff']; $next_appt_date= $results['next_appt_day'].', '.$results['next_appt']; } // calculate date differences based on date of last encounter regardless of billing $query = "select DATE_FORMAT(max(form_encounter.date),'$date_format_result') as mydate," . " (to_days(current_date())-to_days(max(form_encounter.date))) as day_diff," . " DATE_FORMAT(max(form_encounter.date) + interval " . add_escape_custom($add_days) . " day,'$date_format_result') as next_appt, dayname(max(form_encounter.date) + interval " . add_escape_custom($add_days) . " day) as next_appt_day from form_encounter " . " where form_encounter.pid = ?"; $statement= sqlStatement($query, array($iter{"pid"}) ); if ($results = sqlFetchArray($statement)) { $last_date_seen = $results['mydate']; $day_diff = $results['day_diff']; $next_appt_date= $results['next_appt_day'].', '.$results['next_appt']; } //calculate count of encounters by distinct billing dates with cpt4 //entries $query = "select count(distinct date) as encounter_count " . " from billing ". " where code_type not like 'COPAY' and activity = 1 " . " and pid = ?"; $statement= sqlStatement($query, array($iter{"pid"}) ); if ($results = sqlFetchArray($statement)) { $encounter_count_billed = $results['encounter_count']; } // calculate count of encounters, regardless of billing $query = "select count(date) as encounter_count ". " from form_encounter where ". " pid = ?"; $statement= sqlStatement($query, array($iter{"pid"}) ); if ($results = sqlFetchArray($statement)) { $encounter_count = $results['encounter_count']; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; } else { // alternate search results style foreach ($extracols as $field_id => $title) { echo "\n"; } } } } ?>
" . htmlspecialchars($iter['lname'] . ", " . $iter['fname']) . "" . htmlspecialchars( $iter['phone_home'], ENT_NOQUOTES) . "" . htmlspecialchars( $iter['ss'], ENT_NOQUOTES) . "" . htmlspecialchars( $iter['DOB_TS'], ENT_NOQUOTES) . " " . htmlspecialchars( $iter['pubpid'], ENT_NOQUOTES) . "" . htmlspecialchars( $iter['pid'], ENT_NOQUOTES) . "" . htmlspecialchars( $encounter_count, ENT_NOQUOTES) . "" . htmlspecialchars( $day_diff, ENT_NOQUOTES) . "" . htmlspecialchars( $last_date_seen, ENT_NOQUOTES) . "" . htmlspecialchars( $next_appt_date, ENT_NOQUOTES) . "" . htmlspecialchars( $iter[$field_id], ENT_NOQUOTES) . "