1 <?php
2
3 // Data functions (insert, update, delete, form) for table events
4
5 // This script and data application were generated by AppGini 5.62
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function events_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('events');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['title'] = makeSafe($_REQUEST['title']);
18 if($data['title'] == empty_lookup_value){ $data['title'] = ''; }
19 $data['date'] = intval($_REQUEST['dateYear']) . '-' . intval($_REQUEST['dateMonth']) . '-' . intval($_REQUEST['dateDay']);
20 $data['date'] = parseMySQLDate($data['date'], '');
21 $data['status'] = makeSafe($_REQUEST['status']);
22 if($data['status'] == empty_lookup_value){ $data['status'] = ''; }
23 $data['name_patient'] = makeSafe($_REQUEST['name_patient']);
24 if($data['name_patient'] == empty_lookup_value){ $data['name_patient'] = ''; }
25 $data['time'] = makeSafe($_REQUEST['time']);
26 if($data['time'] == empty_lookup_value){ $data['time'] = ''; }
27 $data['time'] = time24($data['time']);
28 $data['prescription'] = makeSafe($_REQUEST['prescription']);
29 if($data['prescription'] == empty_lookup_value){ $data['prescription'] = ''; }
30 $data['diagnosis'] = makeSafe($_REQUEST['diagnosis']);
31 if($data['diagnosis'] == empty_lookup_value){ $data['diagnosis'] = ''; }
32 $data['comments'] = makeSafe($_REQUEST['comments']);
33 if($data['comments'] == empty_lookup_value){ $data['comments'] = ''; }
34 if($data['status']== ''){
35 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Status': " . $Translation['field not null'] . '<br><br>';
36 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
37 exit;
38 }
39 if($data['time'] == '') $data['time'] = "12:00";
40
41 // hook: events_before_insert
42 if(function_exists('events_before_insert')){
43 $args=array();
44 if(!events_before_insert($data, getMemberInfo(), $args)){ return false; }
45 }
46
47 $o = array('silentErrors' => true);
48 sql('insert into `events` set `title`=' . (($data['title'] !== '' && $data['title'] !== NULL) ? "'{$data['title']}'" : 'NULL') . ', `date`=' . (($data['date'] !== '' && $data['date'] !== NULL) ? "'{$data['date']}'" : 'NULL') . ', `status`=' . (($data['status'] !== '' && $data['status'] !== NULL) ? "'{$data['status']}'" : 'NULL') . ', `name_patient`=' . (($data['name_patient'] !== '' && $data['name_patient'] !== NULL) ? "'{$data['name_patient']}'" : 'NULL') . ', `time`=' . (($data['time'] !== '' && $data['time'] !== NULL) ? "'{$data['time']}'" : 'NULL') . ', `prescription`=' . (($data['prescription'] !== '' && $data['prescription'] !== NULL) ? "'{$data['prescription']}'" : 'NULL') . ', `diagnosis`=' . (($data['diagnosis'] !== '' && $data['diagnosis'] !== NULL) ? "'{$data['diagnosis']}'" : 'NULL') . ', `comments`=' . (($data['comments'] !== '' && $data['comments'] !== NULL) ? "'{$data['comments']}'" : 'NULL'), $o);
49 if($o['error']!=''){
50 echo $o['error'];
51 echo "<a href=\"events_view.php?addNew_x=1\">{$Translation['< back']}</a>";
52 exit;
53 }
54
55 $recID = db_insert_id(db_link());
56
57 // hook: events_after_insert
58 if(function_exists('events_after_insert')){
59 $res = sql("select * from `events` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
60 if($row = db_fetch_assoc($res)){
61 $data = array_map('makeSafe', $row);
62 }
63 $data['selectedID'] = makeSafe($recID, false);
64 $args=array();
65 if(!events_after_insert($data, getMemberInfo(), $args)){ return $recID; }
66 }
67
68 // mm: save ownership data
69 sql("insert ignore into membership_userrecords set tableName='events', pkValue='" . makeSafe($recID, false) . "', memberID='" . makeSafe(getLoggedMemberID(), false) . "', dateAdded='" . time() . "', dateUpdated='" . time() . "', groupID='" . getLoggedGroupID() . "'", $eo);
70
71 return $recID;
72 }
73
74 function events_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
75 // insure referential integrity ...
76 global $Translation;
77 $selected_id=makeSafe($selected_id);
78
79 // mm: can member delete record?
80 $arrPerm=getTablePermissions('events');
81 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='events' and pkValue='$selected_id'");
82 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='events' and pkValue='$selected_id'");
83 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
84 // delete allowed, so continue ...
85 }else{
86 return $Translation['You don\'t have enough permissions to delete this record'];
87 }
88
89 // hook: events_before_delete
90 if(function_exists('events_before_delete')){
91 $args=array();
92 if(!events_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
93 return $Translation['Couldn\'t delete this record'];
94 }
95
96 sql("delete from `events` where `id`='$selected_id'", $eo);
97
98 // hook: events_after_delete
99 if(function_exists('events_after_delete')){
100 $args=array();
101 events_after_delete($selected_id, getMemberInfo(), $args);
102 }
103
104 // mm: delete ownership data
105 sql("delete from membership_userrecords where tableName='events' and pkValue='$selected_id'", $eo);
106 }
107
108 function events_update($selected_id){
109 global $Translation;
110
111 // mm: can member edit record?
112 $arrPerm=getTablePermissions('events');
113 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='events' and pkValue='".makeSafe($selected_id)."'");
114 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='events' and pkValue='".makeSafe($selected_id)."'");
115 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
116 // update allowed, so continue ...
117 }else{
118 return false;
119 }
120
121 $data['title'] = makeSafe($_REQUEST['title']);
122 if($data['title'] == empty_lookup_value){ $data['title'] = ''; }
123 $data['date'] = intval($_REQUEST['dateYear']) . '-' . intval($_REQUEST['dateMonth']) . '-' . intval($_REQUEST['dateDay']);
124 $data['date'] = parseMySQLDate($data['date'], '');
125 $data['status'] = makeSafe($_REQUEST['status']);
126 if($data['status'] == empty_lookup_value){ $data['status'] = ''; }
127 if($data['status']==''){
128 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>";
129 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
130 exit;
131 }
132 $data['name_patient'] = makeSafe($_REQUEST['name_patient']);
133 if($data['name_patient'] == empty_lookup_value){ $data['name_patient'] = ''; }
134 $data['time'] = makeSafe($_REQUEST['time']);
135 if($data['time'] == empty_lookup_value){ $data['time'] = ''; }
136 $data['time'] = time24($data['time']);
137 $data['prescription'] = makeSafe($_REQUEST['prescription']);
138 if($data['prescription'] == empty_lookup_value){ $data['prescription'] = ''; }
139 $data['diagnosis'] = makeSafe($_REQUEST['diagnosis']);
140 if($data['diagnosis'] == empty_lookup_value){ $data['diagnosis'] = ''; }
141 $data['comments'] = makeSafe($_REQUEST['comments']);
142 if($data['comments'] == empty_lookup_value){ $data['comments'] = ''; }
143 $data['selectedID']=makeSafe($selected_id);
144
145 // hook: events_before_update
146 if(function_exists('events_before_update')){
147 $args=array();
148 if(!events_before_update($data, getMemberInfo(), $args)){ return false; }
149 }
150
151 $o=array('silentErrors' => true);
152 sql('update `events` set `title`=' . (($data['title'] !== '' && $data['title'] !== NULL) ? "'{$data['title']}'" : 'NULL') . ', `date`=' . (($data['date'] !== '' && $data['date'] !== NULL) ? "'{$data['date']}'" : 'NULL') . ', `status`=' . (($data['status'] !== '' && $data['status'] !== NULL) ? "'{$data['status']}'" : 'NULL') . ', `name_patient`=' . (($data['name_patient'] !== '' && $data['name_patient'] !== NULL) ? "'{$data['name_patient']}'" : 'NULL') . ', `time`=' . (($data['time'] !== '' && $data['time'] !== NULL) ? "'{$data['time']}'" : 'NULL') . ', `prescription`=' . (($data['prescription'] !== '' && $data['prescription'] !== NULL) ? "'{$data['prescription']}'" : 'NULL') . ', `diagnosis`=' . (($data['diagnosis'] !== '' && $data['diagnosis'] !== NULL) ? "'{$data['diagnosis']}'" : 'NULL') . ', `comments`=' . (($data['comments'] !== '' && $data['comments'] !== NULL) ? "'{$data['comments']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
153 if($o['error']!=''){
154 echo $o['error'];
155 echo '<a href="events_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
156 exit;
157 }
158
159
160 // hook: events_after_update
161 if(function_exists('events_after_update')){
162 $res = sql("SELECT * FROM `events` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
163 if($row = db_fetch_assoc($res)){
164 $data = array_map('makeSafe', $row);
165 }
166 $data['selectedID'] = $data['id'];
167 $args = array();
168 if(!events_after_update($data, getMemberInfo(), $args)){ return; }
169 }
170
171 // mm: update ownership data
172 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='events' and pkValue='".makeSafe($selected_id)."'", $eo);
173
174 }
175
176 function events_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
177 // function to return an editable form for a table records
178 // and fill it with data of record whose ID is $selected_id. If $selected_id
179 // is empty, an empty form is shown, with only an 'Add New'
180 // button displayed.
181
182 global $Translation;
183
184 // mm: get table permissions
185 $arrPerm=getTablePermissions('events');
186 if(!$arrPerm[1] && $selected_id==''){ return ''; }
187 $AllowInsert = ($arrPerm[1] ? true : false);
188 // print preview?
189 $dvprint = false;
190 if($selected_id && $_REQUEST['dvprint_x'] != ''){
191 $dvprint = true;
192 }
193
194 $filterer_name_patient = thisOr(undo_magic_quotes($_REQUEST['filterer_name_patient']), '');
195
196 // populate filterers, starting from children to grand-parents
197
198 // unique random identifier
199 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
200 // combobox: date
201 $combo_date = new DateCombo;
202 $combo_date->DateFormat = "mdy";
203 $combo_date->MinYear = 1900;
204 $combo_date->MaxYear = 2100;
205 $combo_date->DefaultDate = parseMySQLDate('', '');
206 $combo_date->MonthNames = $Translation['month names'];
207 $combo_date->NamePrefix = 'date';
208 // combobox: status
209 $combo_status = new Combo;
210 $combo_status->ListType = 2;
211 $combo_status->MultipleSeparator = ', ';
212 $combo_status->ListBoxHeight = 10;
213 $combo_status->RadiosPerLine = 1;
214 if(is_file(dirname(__FILE__).'/hooks/events.status.csv')){
215 $status_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/events.status.csv')));
216 $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($status_data)));
217 $combo_status->ListData = $combo_status->ListItem;
218 }else{
219 $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Active;;Cancelled")));
220 $combo_status->ListData = $combo_status->ListItem;
221 }
222 $combo_status->SelectName = 'status';
223 $combo_status->AllowNull = false;
224 // combobox: name_patient
225 $combo_name_patient = new DataCombo;
226
227 if($selected_id){
228 // mm: check member permissions
229 if(!$arrPerm[2]){
230 return "";
231 }
232 // mm: who is the owner?
233 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='events' and pkValue='".makeSafe($selected_id)."'");
234 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='events' and pkValue='".makeSafe($selected_id)."'");
235 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
236 return "";
237 }
238 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
239 return "";
240 }
241
242 // can edit?
243 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
244 $AllowUpdate=1;
245 }else{
246 $AllowUpdate=0;
247 }
248
249 $res = sql("select * from `events` where `id`='".makeSafe($selected_id)."'", $eo);
250 if(!($row = db_fetch_array($res))){
251 return error_message($Translation['No records found'], 'events_view.php', false);
252 }
253 $urow = $row; /* unsanitized data */
254 $hc = new CI_Input();
255 $row = $hc->xss_clean($row); /* sanitize data */
256 $combo_date->DefaultDate = $row['date'];
257 $combo_status->SelectedData = $row['status'];
258 $combo_name_patient->SelectedData = $row['name_patient'];
259 }else{
260 $combo_status->SelectedText = ( $_REQUEST['FilterField'][1]=='4' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
261 $combo_name_patient->SelectedData = $filterer_name_patient;
262 }
263 $combo_status->Render();
264 $combo_name_patient->HTML = '<span id="name_patient-container' . $rnd1 . '"></span><input type="hidden" name="name_patient" id="name_patient' . $rnd1 . '" value="' . html_attr($combo_name_patient->SelectedData) . '">';
265 $combo_name_patient->MatchText = '<span id="name_patient-container-readonly' . $rnd1 . '"></span><input type="hidden" name="name_patient" id="name_patient' . $rnd1 . '" value="' . html_attr($combo_name_patient->SelectedData) . '">';
266
267 ob_start();
268 ?>
269
270 <script>
271 // initial lookup values
272 AppGini.current_name_patient__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['name_patient'] : $filterer_name_patient); ?>"};
273
274 jQuery(function() {
275 setTimeout(function(){
276 if(typeof(name_patient_reload__RAND__) == 'function') name_patient_reload__RAND__();
277 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
278 });
279 function name_patient_reload__RAND__(){
280 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
281
282 $j("#name_patient-container__RAND__").select2({
283 /* initial default value */
284 initSelection: function(e, c){
285 $j.ajax({
286 url: 'ajax_combo.php',
287 dataType: 'json',
288 data: { id: AppGini.current_name_patient__RAND__.value, t: 'events', f: 'name_patient' },
289 success: function(resp){
290 c({
291 id: resp.results[0].id,
292 text: resp.results[0].text
293 });
294 $j('[name="name_patient"]').val(resp.results[0].id);
295 $j('[id=name_patient-container-readonly__RAND__]').html('<span id="name_patient-match-text">' + resp.results[0].text + '</span>');
296 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=patients_view_parent]').hide(); }else{ $j('.btn[id=patients_view_parent]').show(); }
297
298
299 if(typeof(name_patient_update_autofills__RAND__) == 'function') name_patient_update_autofills__RAND__();
300 }
301 });
302 },
303 width: ($j('fieldset .col-xs-11').width() - select2_max_width_decrement()) + 'px',
304 formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
305 minimumResultsForSearch: 10,
306 loadMorePadding: 200,
307 ajax: {
308 url: 'ajax_combo.php',
309 dataType: 'json',
310 cache: true,
311 data: function(term, page){ return { s: term, p: page, t: 'events', f: 'name_patient' }; },
312 results: function(resp, page){ return resp; }
313 },
314 escapeMarkup: function(str){ return str; }
315 }).on('change', function(e){
316 AppGini.current_name_patient__RAND__.value = e.added.id;
317 AppGini.current_name_patient__RAND__.text = e.added.text;
318 $j('[name="name_patient"]').val(e.added.id);
319 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=patients_view_parent]').hide(); }else{ $j('.btn[id=patients_view_parent]').show(); }
320
321
322 if(typeof(name_patient_update_autofills__RAND__) == 'function') name_patient_update_autofills__RAND__();
323 });
324
325 if(!$j("#name_patient-container__RAND__").length){
326 $j.ajax({
327 url: 'ajax_combo.php',
328 dataType: 'json',
329 data: { id: AppGini.current_name_patient__RAND__.value, t: 'events', f: 'name_patient' },
330 success: function(resp){
331 $j('[name="name_patient"]').val(resp.results[0].id);
332 $j('[id=name_patient-container-readonly__RAND__]').html('<span id="name_patient-match-text">' + resp.results[0].text + '</span>');
333 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=patients_view_parent]').hide(); }else{ $j('.btn[id=patients_view_parent]').show(); }
334
335 if(typeof(name_patient_update_autofills__RAND__) == 'function') name_patient_update_autofills__RAND__();
336 }
337 });
338 }
339
340 <?php }else{ ?>
341
342 $j.ajax({
343 url: 'ajax_combo.php',
344 dataType: 'json',
345 data: { id: AppGini.current_name_patient__RAND__.value, t: 'events', f: 'name_patient' },
346 success: function(resp){
347 $j('[id=name_patient-container__RAND__], [id=name_patient-container-readonly__RAND__]').html('<span id="name_patient-match-text">' + resp.results[0].text + '</span>');
348 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=patients_view_parent]').hide(); }else{ $j('.btn[id=patients_view_parent]').show(); }
349
350 if(typeof(name_patient_update_autofills__RAND__) == 'function') name_patient_update_autofills__RAND__();
351 }
352 });
353 <?php } ?>
354
355 }
356 </script>
357 <?php
358
359 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
360 ob_end_clean();
361
362
363 // code for template based detail view forms
364
365 // open the detail view template
366 if($dvprint){
367 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/events_templateDVP.html';
368 $templateCode = @file_get_contents($template_file);
369 }else{
370 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/events_templateDV.html';
371 $templateCode = @file_get_contents($template_file);
372 }
373
374 // process form title
375 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Event details', $templateCode);
376 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
377 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
378 // process buttons
379 if($AllowInsert){
380 if(!$selected_id) $templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return events_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
381 $templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return events_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
382 }else{
383 $templateCode=str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
384 }
385
386 // 'Back' button action
387 if($_REQUEST['Embedded']){
388 $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
389 }else{
390 $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
391 }
392
393 if($selected_id){
394 if(!$_REQUEST['Embedded']) $templateCode=str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
395 if($AllowUpdate){
396 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return events_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
397 }else{
398 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
399 }
400 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
401 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
402 }else{
403 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
404 }
405 $templateCode=str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
406 }else{
407 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
408 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
409 $templateCode=str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
410 }
411
412 // set records to read only if user can't insert new records and can't edit current record
413 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
414 $jsReadOnly .= "\tjQuery('#title').replaceWith('<div class=\"form-control-static\" id=\"title\">' + (jQuery('#title').val() || '') + '</div>');\n";
415 $jsReadOnly .= "\tjQuery('#date').prop('readonly', true);\n";
416 $jsReadOnly .= "\tjQuery('#dateDay, #dateMonth, #dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
417 $jsReadOnly .= "\tjQuery('input[name=status]').parent().html('<div class=\"form-control-static\">' + jQuery('input[name=status]:checked').next().text() + '</div>')\n";
418 $jsReadOnly .= "\tjQuery('#name_patient').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
419 $jsReadOnly .= "\tjQuery('#name_patient_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
420 $jsReadOnly .= "\tjQuery('#time').replaceWith('<div class=\"form-control-static\" id=\"time\">' + (jQuery('#time').val() || '') + '</div>');\n";
421 $jsReadOnly .= "\tjQuery('#prescription').replaceWith('<div class=\"form-control-static\" id=\"prescription\">' + (jQuery('#prescription').val() || '') + '</div>');\n";
422 $jsReadOnly .= "\tjQuery('#diagnosis').replaceWith('<div class=\"form-control-static\" id=\"diagnosis\">' + (jQuery('#diagnosis').val() || '') + '</div>');\n";
423 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
424
425 $noUploads = true;
426 }elseif($AllowInsert){
427 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
428 $jsEditable .= "\tjQuery('#time').addClass('always_shown').timepicker({ defaultTime: false, showSeconds: true, showMeridian: true, showInputs: false, disableFocus: true, minuteStep: 5 });";
429 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
430 }
431
432 // process combos
433 $templateCode=str_replace('<%%COMBO(date)%%>', ($selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_date->GetHTML(true) . '</div>' : $combo_date->GetHTML()), $templateCode);
434 $templateCode=str_replace('<%%COMBOTEXT(date)%%>', $combo_date->GetHTML(true), $templateCode);
435 $templateCode=str_replace('<%%COMBO(status)%%>', $combo_status->HTML, $templateCode);
436 $templateCode=str_replace('<%%COMBOTEXT(status)%%>', $combo_status->SelectedData, $templateCode);
437 $templateCode=str_replace('<%%COMBO(name_patient)%%>', $combo_name_patient->HTML, $templateCode);
438 $templateCode=str_replace('<%%COMBOTEXT(name_patient)%%>', $combo_name_patient->MatchText, $templateCode);
439 $templateCode=str_replace('<%%URLCOMBOTEXT(name_patient)%%>', urlencode($combo_name_patient->MatchText), $templateCode);
440
441 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
442 $lookup_fields = array( 'name_patient' => array('patients', 'Patient Name'));
443 foreach($lookup_fields as $luf => $ptfc){
444 $pt_perm = getTablePermissions($ptfc[0]);
445
446 // process foreign key links
447 if($pt_perm['view'] || $pt_perm['edit']){
448 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
449 }
450
451 // if user has insert permission to parent table of a lookup field, put an add new button
452 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
453 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
454 }
455 }
456
457 // process images
458 $templateCode=str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
459 $templateCode=str_replace('<%%UPLOADFILE(title)%%>', '', $templateCode);
460 $templateCode=str_replace('<%%UPLOADFILE(date)%%>', '', $templateCode);
461 $templateCode=str_replace('<%%UPLOADFILE(status)%%>', '', $templateCode);
462 $templateCode=str_replace('<%%UPLOADFILE(name_patient)%%>', '', $templateCode);
463 $templateCode=str_replace('<%%UPLOADFILE(time)%%>', '', $templateCode);
464 $templateCode=str_replace('<%%UPLOADFILE(prescription)%%>', '', $templateCode);
465 $templateCode=str_replace('<%%UPLOADFILE(diagnosis)%%>', '', $templateCode);
466 $templateCode=str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode);
467
468 // process values
469 if($selected_id){
470 $templateCode=str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
471 $templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
472 $templateCode=str_replace('<%%VALUE(title)%%>', html_attr($row['title']), $templateCode);
473 $templateCode=str_replace('<%%URLVALUE(title)%%>', urlencode($urow['title']), $templateCode);
474 $templateCode=str_replace('<%%VALUE(date)%%>', @date('m/d/Y', @strtotime(html_attr($row['date']))), $templateCode);
475 $templateCode=str_replace('<%%URLVALUE(date)%%>', urlencode(@date('m/d/Y', @strtotime(html_attr($urow['date'])))), $templateCode);
476 $templateCode=str_replace('<%%VALUE(status)%%>', html_attr($row['status']), $templateCode);
477 $templateCode=str_replace('<%%URLVALUE(status)%%>', urlencode($urow['status']), $templateCode);
478 $templateCode=str_replace('<%%VALUE(name_patient)%%>', html_attr($row['name_patient']), $templateCode);
479 $templateCode=str_replace('<%%URLVALUE(name_patient)%%>', urlencode($urow['name_patient']), $templateCode);
480 $templateCode=str_replace('<%%VALUE(time)%%>', time12(html_attr($row['time'])), $templateCode);
481 $templateCode=str_replace('<%%URLVALUE(time)%%>', urlencode(time12($urow['time'])), $templateCode);
482 $templateCode=str_replace('<%%VALUE(prescription)%%>', html_attr($row['prescription']), $templateCode);
483 $templateCode=str_replace('<%%URLVALUE(prescription)%%>', urlencode($urow['prescription']), $templateCode);
484 $templateCode=str_replace('<%%VALUE(diagnosis)%%>', html_attr($row['diagnosis']), $templateCode);
485 $templateCode=str_replace('<%%URLVALUE(diagnosis)%%>', urlencode($urow['diagnosis']), $templateCode);
486 if($AllowUpdate || $AllowInsert){
487 $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" rows="5">' . html_attr($row['comments']) . '</textarea>', $templateCode);
488 }else{
489 $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<div id="comments" class="form-control-static">' . $row['comments'] . '</div>', $templateCode);
490 }
491 $templateCode=str_replace('<%%VALUE(comments)%%>', nl2br($row['comments']), $templateCode);
492 $templateCode=str_replace('<%%URLVALUE(comments)%%>', urlencode($urow['comments']), $templateCode);
493 }else{
494 $templateCode=str_replace('<%%VALUE(id)%%>', '', $templateCode);
495 $templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
496 $templateCode=str_replace('<%%VALUE(title)%%>', '', $templateCode);
497 $templateCode=str_replace('<%%URLVALUE(title)%%>', urlencode(''), $templateCode);
498 $templateCode=str_replace('<%%VALUE(date)%%>', '', $templateCode);
499 $templateCode=str_replace('<%%URLVALUE(date)%%>', urlencode(''), $templateCode);
500 $templateCode=str_replace('<%%VALUE(status)%%>', '', $templateCode);
501 $templateCode=str_replace('<%%URLVALUE(status)%%>', urlencode(''), $templateCode);
502 $templateCode=str_replace('<%%VALUE(name_patient)%%>', '', $templateCode);
503 $templateCode=str_replace('<%%URLVALUE(name_patient)%%>', urlencode(''), $templateCode);
504 $templateCode=str_replace('<%%VALUE(time)%%>', '12:00', $templateCode);
505 $templateCode=str_replace('<%%URLVALUE(time)%%>', urlencode('12:00'), $templateCode);
506 $templateCode=str_replace('<%%VALUE(prescription)%%>', '', $templateCode);
507 $templateCode=str_replace('<%%URLVALUE(prescription)%%>', urlencode(''), $templateCode);
508 $templateCode=str_replace('<%%VALUE(diagnosis)%%>', '', $templateCode);
509 $templateCode=str_replace('<%%URLVALUE(diagnosis)%%>', urlencode(''), $templateCode);
510 $templateCode=str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" rows="5"></textarea>', $templateCode);
511 }
512
513 // process translations
514 foreach($Translation as $symbol=>$trans){
515 $templateCode=str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
516 }
517
518 // clear scrap
519 $templateCode=str_replace('<%%', '<!-- ', $templateCode);
520 $templateCode=str_replace('%%>', ' -->', $templateCode);
521
522 // hide links to inaccessible tables
523 if($_REQUEST['dvprint_x'] == ''){
524 $templateCode .= "\n\n<script>\$j(function(){\n";
525 $arrTables = getTableList();
526 foreach($arrTables as $name => $caption){
527 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
528 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
529 }
530
531 $templateCode .= $jsReadOnly;
532 $templateCode .= $jsEditable;
533
534 if(!$selected_id){
535 }
536
537 $templateCode.="\n});</script>\n";
538 }
539
540 // ajaxed auto-fill fields
541 $templateCode .= '<script>';
542 $templateCode .= '$j(function() {';
543
544
545 $templateCode.="});";
546 $templateCode.="</script>";
547 $templateCode .= $lookups;
548
549 // handle enforced parent values for read-only lookup fields
550
551 // don't include blank images in lightbox gallery
552 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
553
554 // don't display empty email links
555 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
556
557 /* default field values */
558 $rdata = $jdata = get_defaults('events');
559 if($selected_id){
560 $jdata = get_joined_record('events', $selected_id);
561 $rdata = $row;
562 }
563 $cache_data = array(
564 'rdata' => array_map('nl2br', array_map('addslashes', $rdata)),
565 'jdata' => array_map('nl2br', array_map('addslashes', $jdata)),
566 );
567 $templateCode .= loadView('events-ajax-cache', $cache_data);
568
569 // hook: events_dv
570 if(function_exists('events_dv')){
571 $args=array();
572 events_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
573 }
574
575 return $templateCode;
576 }
577 ?>
