[med-svn] [openemr] 01/02: Imported Upstream version 4.1.2p7+dfsg
Ian Wallace
iankarlwallace-guest at moszumanska.debian.org
Wed Jul 2 04:59:59 UTC 2014
This is an automated email from the git hooks/post-receive script.
iankarlwallace-guest pushed a commit to branch master
in repository openemr.
commit a1289d08ab41ac7a91ba27b2b1d8338487893840
Author: Ian Wallace <iankarlwallace at gmail.com>
Date: Tue Jul 1 21:47:40 2014 -0700
Imported Upstream version 4.1.2p7+dfsg
---
contrib/util/ubuntu_package_scripts/README | 12 +-
.../development/README.Debian | 4 +-
.../development/changelog.Debian | 6 +
.../ubuntu_package_scripts/development/control | 4 +-
.../ubuntu_package_scripts/development/copyright | 6 +-
.../development/git-openemr.conf | 14 +
.../ubuntu_package_scripts/development/postinst | 6 +-
.../util/ubuntu_package_scripts/development/prerm | 6 +-
.../production/README.Debian | 4 +-
.../production/changelog.Debian | 7 +
.../util/ubuntu_package_scripts/production/control | 4 +-
.../ubuntu_package_scripts/production/copyright | 6 +-
.../ubuntu_package_scripts/production/openemr.conf | 14 +
.../ubuntu_package_scripts/production/postinst | 328 ++++++++++-----------
.../util/ubuntu_package_scripts/production/prerm | 16 +-
controllers/C_Document.class.php | 4 +-
index.php | 2 +-
.../date_qualifier_options.php | 53 ++++
interface/forms/misc_billing_options/new.php | 26 +-
interface/forms/misc_billing_options/report.php | 48 +--
interface/forms/misc_billing_options/save.php | 2 +
interface/forms/misc_billing_options/table.sql | 2 +
interface/globals.php | 12 +-
.../default/views/day/ajax_template.html | 2 +-
interface/main/finder/dynamic_finder_ajax.php | 12 +-
interface/main/left_nav.php | 2 +-
interface/new/new_comprehensive_save.php | 2 +-
interface/patient_file/deleter.php | 12 +-
interface/patient_file/letter.php | 1 +
interface/patient_file/summary/shot_record.php | 7 +-
library/Claim.class.php | 55 +++-
library/adodb/tests/testsessions.php | 4 +-
library/clinical_rules.php | 2 +-
library/gen_hcfa_1500.inc.php | 238 ++++++++++-----
library/gen_hfca_1500_02_12.inc.php | 179 +++++++++++
library/globals.inc.php | 33 +++
library/immunization_helper.php | 2 +-
library/log.inc | 2 +-
library/pid.inc | 16 +-
library/report.inc | 2 +-
library/translation.inc.php | 7 +-
setup.php | 2 +-
sql/database.sql | 2 +
sql/patch.sql | 10 +
sql_upgrade.php | 12 +
version.php | 2 +-
46 files changed, 853 insertions(+), 339 deletions(-)
diff --git a/contrib/util/ubuntu_package_scripts/README b/contrib/util/ubuntu_package_scripts/README
index 395c56e..8c1baa9 100644
--- a/contrib/util/ubuntu_package_scripts/README
+++ b/contrib/util/ubuntu_package_scripts/README
@@ -19,6 +19,7 @@ Directory structure of package.
/DEBIAN/postrm
/DEBIAN/config
/DEBIAN/templates
+/etc/apache2/sites-available/openemr.conf
DEVELOPMENT CVS PACKAGE
@@ -26,11 +27,11 @@ development directory - hold the development version package scripts
Directory structure of package:
--Note the maintenance scripts need broad execution privileges
--Note when gzip something use --best switch
-/usr/share/applications/cvs-openemr.desktop
-/usr/share/doc/cvs-openemr/README.Debian
-/usr/share/doc/cvs-openemr/changelog.Debian.gz
-/usr/share/doc/cvs-openemr/copyright
-/usr/share/man/man8/cvs-openemr.8.gz
+/usr/share/applications/git-openemr.desktop
+/usr/share/doc/git-openemr/README.Debian
+/usr/share/doc/git-openemr/changelog.Debian.gz
+/usr/share/doc/git-openemr/copyright
+/usr/share/man/man8/git-openemr.8.gz
/DEBIAN/control
/DEBIAN/preinst
/DEBIAN/postinst
@@ -38,3 +39,4 @@ Directory structure of package:
/DEBIAN/postrm
/DEBIAN/config
/DEBIAN/templates
+/etc/apache2/sites-available/git-openemr.conf
diff --git a/contrib/util/ubuntu_package_scripts/development/README.Debian b/contrib/util/ubuntu_package_scripts/development/README.Debian
index 3d82486..f0e6057 100644
--- a/contrib/util/ubuntu_package_scripts/development/README.Debian
+++ b/contrib/util/ubuntu_package_scripts/development/README.Debian
@@ -48,5 +48,5 @@ just installed it is very helpful.
Authors of debianized OpenEMR:
------------------------------
--- Brady Miller <brady at sparmy.com> Tue, 26 Jul 2011 17:40:00 -0700
--- Amalu Obinna <amaluobinna at aol.com> Tue, 26 Jul 2011 17:40:00 -0700
+-- Brady Miller <brady at sparmy.com> Tue, 29 Apr 2014 18:59:45 -0700
+-- Amalu Obinna <amaluobinna at aol.com> Tue, 29 Apr 2014 18:59:45 -0700
diff --git a/contrib/util/ubuntu_package_scripts/development/changelog.Debian b/contrib/util/ubuntu_package_scripts/development/changelog.Debian
index af109df..b90e091 100644
--- a/contrib/util/ubuntu_package_scripts/development/changelog.Debian
+++ b/contrib/util/ubuntu_package_scripts/development/changelog.Debian
@@ -1,3 +1,9 @@
+git-openemr (1.0.0-2) stable; urgency=low
+
+ * Fixes to work on Ubuntu 14.04.
+
+ -- Brady Miller <brady at sparmy.com> Tue, 29 Apr 2014 18:59:45 -0700
+
git-openemr (1.0.0-1) stable; urgency=low
* Initial Release.
diff --git a/contrib/util/ubuntu_package_scripts/development/control b/contrib/util/ubuntu_package_scripts/development/control
index a0d5a0b..4742ff2 100644
--- a/contrib/util/ubuntu_package_scripts/development/control
+++ b/contrib/util/ubuntu_package_scripts/development/control
@@ -1,5 +1,5 @@
Package: git-openemr
-Version: 1.0.0-1
+Version: 1.0.0-2
Maintainer: Brady Miller <brady at sparmy.com>
Installed-Size: 46000
Priority: optional
@@ -7,7 +7,7 @@ Section: web
Architecture: all
Homepage: http://www.open-emr.org/
Pre-Depends: debconf
-Depends: mysql-server, apache2-mpm-prefork, makepasswd, libapache2-mod-php5, libdate-calc-perl, libdbd-mysql-perl, libdbi-perl, libhtml-parser-perl, libtiff-tools, libwww-mechanize-perl, libxml-parser-perl, php5, php5-mysql, php5-cli, php5-gd, php5-xsl, php5-curl, php5-mcrypt, php-soap, imagemagick, git-core
+Depends: mysql-server, apache2-mpm-prefork, makepasswd, libapache2-mod-php5, libdate-calc-perl, libdbd-mysql-perl, libdbi-perl, libhtml-parser-perl, libtiff-tools, libwww-mechanize-perl, libxml-parser-perl, php5, php5-mysql, php5-cli, php5-gd, php5-xsl, php5-curl, php5-mcrypt, php-soap, php5-json, imagemagick, git-core
Description: Comprehensive Medical Practice Management Application
OpenEMR provides office scheduling, electronic medical records,
prescriptions, insurance billing, accounting and access controls.
diff --git a/contrib/util/ubuntu_package_scripts/development/copyright b/contrib/util/ubuntu_package_scripts/development/copyright
index ed4df3b..24d9709 100644
--- a/contrib/util/ubuntu_package_scripts/development/copyright
+++ b/contrib/util/ubuntu_package_scripts/development/copyright
@@ -1,14 +1,14 @@
This package was debianized by Brady Miller <brady at sparmy.com> on
-Tue, 26 Jul 2011 17:40:00 -0700.
+Tue, 29 Apr 2014 18:59:45 -0700.
Upstream Author:
http://www.open-emr.org
Copyright:
- Copyright (C) 2011 http://www.oemr.org
+ Copyright (C) 2014 http://www.oemr.org
License:
GPL
-The Debian packaging is (C) 2011, Brady Miller <brady at sparmy.com> and
+The Debian packaging is (C) 2014, Brady Miller <brady at sparmy.com> and
is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
diff --git a/contrib/util/ubuntu_package_scripts/development/git-openemr.conf b/contrib/util/ubuntu_package_scripts/development/git-openemr.conf
new file mode 100644
index 0000000..1d037a4
--- /dev/null
+++ b/contrib/util/ubuntu_package_scripts/development/git-openemr.conf
@@ -0,0 +1,14 @@
+# OpenEMR default Apache configuration
+Alias /git-openemr /var/www/git-openemr
+<Directory "/var/www/git-openemr/sites/*/documents">
+ order deny,allow
+ Deny from all
+</Directory>
+<Directory "/var/www/git-openemr/sites/*/edi">
+ order deny,allow
+ Deny from all
+</Directory>
+<Directory "/var/www/git-openemr/sites/*/era">
+ order deny,allow
+ Deny from all
+</Directory>
diff --git a/contrib/util/ubuntu_package_scripts/development/postinst b/contrib/util/ubuntu_package_scripts/development/postinst
index 9a1c6d1..0c9140b 100644
--- a/contrib/util/ubuntu_package_scripts/development/postinst
+++ b/contrib/util/ubuntu_package_scripts/development/postinst
@@ -5,7 +5,7 @@
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
-# Copyright 2011
+# Copyright 2011-2014
# authors: Brady Miller <brady at sparmy.com>
# Amalu Obinna <amaluobinna at aol.com>
#
@@ -258,6 +258,10 @@ case "$1" in
log_only "Done configuring OpenEMR"
fi
+ # Activate the OpenEMR conf file for apache
+ log_only "Activate OpenEMR config file for Apache"
+ a2ensite git-openemr.conf
+
log_only "Restarting Apache service..."
invoke-rc.d apache2 restart >> $LOG 2>&1
diff --git a/contrib/util/ubuntu_package_scripts/development/prerm b/contrib/util/ubuntu_package_scripts/development/prerm
index c843d8c..365a017 100644
--- a/contrib/util/ubuntu_package_scripts/development/prerm
+++ b/contrib/util/ubuntu_package_scripts/development/prerm
@@ -5,7 +5,7 @@
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
-# Copyright 2011
+# Copyright 2011-2014
# authors: Brady Miller <brady at sparmy.com>
# Amalu Obinna <amaluobinna at aol.com>
#
@@ -155,6 +155,10 @@ case "$1" in
mysql -f -u root -h "$SQLLOCATION" --password="$MPASS" -e "DELETE FROM mysql.user WHERE User = '$SQLUSER';FLUSH PRIVILEGES;" >> $LOG 2>&1
log_only "Removed OpenEMR MySQL user"
+ #remove OpenEMR apache set up as active config
+ log_only "Turn off apache conf for OpenEMR"
+ a2dissite git-openemr.conf
+
#stop db
db_stop
diff --git a/contrib/util/ubuntu_package_scripts/production/README.Debian b/contrib/util/ubuntu_package_scripts/production/README.Debian
index f1ee163..306bc15 100644
--- a/contrib/util/ubuntu_package_scripts/production/README.Debian
+++ b/contrib/util/ubuntu_package_scripts/production/README.Debian
@@ -46,5 +46,5 @@ just installed it is very helpful.
Authors of debianized OpenEMR:
------------------------------
--- Brady Miller <brady at sparmy.com> Sat, 02 Nov 2013 01:15:32 -0700
--- Amalu Obinna <amaluobinna at aol.com> Sat, 02 Nov 2013 01:15:32 -0700
+-- Brady Miller <brady at sparmy.com> Tue, 29 Apr 2014 19:12:02 -0700
+-- Amalu Obinna <amaluobinna at aol.com> Tue, 29 Apr 2014 19:12:02 -0700
diff --git a/contrib/util/ubuntu_package_scripts/production/changelog.Debian b/contrib/util/ubuntu_package_scripts/production/changelog.Debian
index cda2531..1a9c9a8 100644
--- a/contrib/util/ubuntu_package_scripts/production/changelog.Debian
+++ b/contrib/util/ubuntu_package_scripts/production/changelog.Debian
@@ -1,3 +1,10 @@
+openemr (4.1.2-3) stable; urgency=low
+
+ * New upstream patch (patch number 7)
+ * Fixes to work with Ubuntu 12.10, 13.10 and 14.04
+
+ -- Brady Miller <brady at sparmy.com> Tue, 29 Apr 2014 19:12:02 -0700
+
openemr (4.1.2-2) stable; urgency=low
* New upstream patch (patch number 3)
diff --git a/contrib/util/ubuntu_package_scripts/production/control b/contrib/util/ubuntu_package_scripts/production/control
index 6fd4507..46f537d 100644
--- a/contrib/util/ubuntu_package_scripts/production/control
+++ b/contrib/util/ubuntu_package_scripts/production/control
@@ -1,5 +1,5 @@
Package: openemr
-Version: 4.1.2-2
+Version: 4.1.2-3
Maintainer: Brady Miller <brady at sparmy.com>
Installed-Size: 127000
Priority: optional
@@ -8,7 +8,7 @@ Architecture: all
Source: openemr
Homepage: http://www.open-emr.org/
Pre-Depends: debconf
-Depends: mysql-server, apache2-mpm-prefork, makepasswd, libapache2-mod-php5, libdate-calc-perl, libdbd-mysql-perl, libdbi-perl, libhtml-parser-perl, libtiff-tools, libwww-mechanize-perl, libxml-parser-perl, php5, php5-mysql, php5-cli, php5-gd, php5-xsl, php5-curl, php5-mcrypt, php-soap, imagemagick
+Depends: mysql-server, apache2-mpm-prefork, makepasswd, libapache2-mod-php5, libdate-calc-perl, libdbd-mysql-perl, libdbi-perl, libhtml-parser-perl, libtiff-tools, libwww-mechanize-perl, libxml-parser-perl, php5, php5-mysql, php5-cli, php5-gd, php5-xsl, php5-curl, php5-mcrypt, php-soap, php5-json, imagemagick
Description: Comprehensive Medical Practice Management Application
OpenEMR provides office scheduling, electronic medical records,
prescriptions, insurance billing, accounting and access controls.
diff --git a/contrib/util/ubuntu_package_scripts/production/copyright b/contrib/util/ubuntu_package_scripts/production/copyright
index 9b30cb5..61b07a5 100644
--- a/contrib/util/ubuntu_package_scripts/production/copyright
+++ b/contrib/util/ubuntu_package_scripts/production/copyright
@@ -1,5 +1,5 @@
This package was debianized by Brady Miller <brady at sparmy.com> on
-Sat, 02 Nov 2013 01:15:32 -0700.
+Tue, 29 Apr 2014 19:12:02 -0700.
It was downloaded from sourceforge.
@@ -7,10 +7,10 @@ Upstream Author:
http://www.open-emr.org
Copyright:
- Copyright (C) 2013 http://www.oemr.org
+ Copyright (C) 2014 http://www.oemr.org
License:
GPL
-The Debian packaging is (C) 2013, Brady Miller <brady at sparmy.com> and
+The Debian packaging is (C) 2014, Brady Miller <brady at sparmy.com> and
is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
diff --git a/contrib/util/ubuntu_package_scripts/production/openemr.conf b/contrib/util/ubuntu_package_scripts/production/openemr.conf
new file mode 100644
index 0000000..1f274b1
--- /dev/null
+++ b/contrib/util/ubuntu_package_scripts/production/openemr.conf
@@ -0,0 +1,14 @@
+# OpenEMR default Apache configuration
+Alias /openemr /var/www/openemr
+<Directory "/var/www/openemr/sites/*/documents">
+ order deny,allow
+ Deny from all
+</Directory>
+<Directory "/var/www/openemr/sites/*/edi">
+ order deny,allow
+ Deny from all
+</Directory>
+<Directory "/var/www/openemr/sites/*/era">
+ order deny,allow
+ Deny from all
+</Directory>
diff --git a/contrib/util/ubuntu_package_scripts/production/postinst b/contrib/util/ubuntu_package_scripts/production/postinst
index 6d34753..dfaf93c 100644
--- a/contrib/util/ubuntu_package_scripts/production/postinst
+++ b/contrib/util/ubuntu_package_scripts/production/postinst
@@ -5,7 +5,7 @@
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
-# Copyright 2012
+# Copyright 2011-2014
# authors: Amalu Obinna <amaluobinna at aol.com>
# Brady Miller <brady at sparmy.com>
#
@@ -65,7 +65,6 @@ case "$1" in
INSTTEMP=$OPENEMR/contrib/util/installScripts/InstallerAutoTemp.php
#php and apache files
PHP=/etc/php5/apache2/php.ini
- APACHE=/etc/apache2/httpd.conf
#web user and group
WEB_GROUP=www-data
WEB_USER=www-data
@@ -264,6 +263,12 @@ case "$1" in
sed -i "/^[ ]*.*sqldatabase[ =].*$/d" $CONFIG
sed -i "/^[ ]*.*sqlutfflag[ =].*$/d" $CONFIG
+ # Activate the OpenEMR conf file for apache and restart apache
+ log_only "Activate OpenEMR config file for Apache"
+ a2ensite openemr.conf
+ log_only "Restarting Apache service"
+ invoke-rc.d apache2 restart >> $LOG 2>&1
+
#done upgrading
prompt_input openemr/success_upgrade critical ret_result
log_only "OpenEMR upgrade is complete."
@@ -275,6 +280,9 @@ case "$1" in
log_only "(We recommend you copy this somewhere protected since it"
log_only "contains confidential patient information)"
+ #stop db
+ db_stop
+
exit 0
elif [ "$PLAN" == "install" ] ; then
@@ -284,167 +292,6 @@ case "$1" in
unable_exit "Error reading plan variable in configuration file."
fi
- #collect the mysql root password (if applicable)
- MPASS=""
- if check_mysql "$MPASS" "mysql"; then
- log_only "Passed the mysql check loop"
- else
- #the blank initial mysql password didn't work, so prompt for password
- # (will give 3 chances to provide correct password)
- COUNTDOWN=1
- while true; do
- prompt_input openemr/mysql_p_install_${COUNTDOWN} critical ret_result
- MPASS="$ret_result"
- if check_mysql "$MPASS" "mysql"; then
- #the mysql root password works, so can exit loop
- log_only "Passed the mysql check loop"
- break
- else
- #the mysql root password did not work
- if [ "$COUNTDOWN" -ge "3" ]; then
- prompt_input openemr/no_configure_mysql_root high ret_result
- log_only "Will install OpenEMR, however will not configure OpenEMR. (unable to provide root password)"
- break
- fi
- fi
- let "COUNTDOWN += 1"
- done
- fi
-
- #decide whether to configure OpenEMR after it is installed
- configure_flag=true
- if check_mysql "$MPASS" "mysql"; then
- #before auto configuration, ensure the openemr user and database do not exist
- # Check for openemr database in mysql, if exist then will not configure
- if check_mysql "$MPASS" "$INSTALL_DATABASE"; then
- prompt_input openemr/no_configure_mysql_database high ret_result
- log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (MySQL database already exists)"
- configure_flag=false;
- fi
- # Check for OpenEMR user in mysql.user, if exist then will not configure
- USER=$(mysql -s -u root -h localhost --password="$MPASS" -e "SELECT User from mysql.user where User='$INSTALL_USER'")
- if [ "$USER" == "$INSTALL_USER" ]; then
- prompt_input openemr/no_configure_mysql_user high ret_result
- log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (MySQL user already exists)"
- configure_flag=false;
- fi
- else
- #the mysql root password didn't work, so do not configure OpenEMR
- log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (root password did not work)"
- configure_flag=false;
- fi
-
- #go to openemr directory
- cd $OPENEMR
-
- #secure openemr
- chown -Rf root:root $OPENEMR
-
- #INSTALL/CONFIGURE OPENEMR
- # Install openemr
- if $configure_flag; then
- log_only "Installing/Configuring OpenEMR..."
- else
- log_only "Installing OpenEMR ..."
- fi
-
- # Set file and directory permissions (note use default site directory for new install)
- chmod 666 $SITEDIR/default/sqlconf.php
- chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/documents
- chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/edi
- chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/era
- chown -R $WEB_GROUP.$WEB_USER $OPENEMR/library/freeb
- chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/letter_templates
- chown -R $WEB_GROUP.$WEB_USER $OPENEMR/interface/main/calendar/modules/PostCalendar/pntemplates/cache
- chown -R $WEB_GROUP.$WEB_USER $OPENEMR/interface/main/calendar/modules/PostCalendar/pntemplates/compiled
- chown -R $WEB_GROUP.$WEB_USER $OPENEMR/gacl/admin/templates_c
-
- if $configure_flag; then
- # Create a random password for the openemr mysql user
- password=$(makepasswd --char=12)
-
- # openemr installation VARIABLES
- if [ "$MPASS" == "" ] ; then
- rootpass="rootpass=BLANK" #MySQL server root password
- else
- rootpass="rootpass=$MPASS" #MySQL server root password
- fi
- login="login=$INSTALL_USER" #username to MySQL openemr database
- pass="pass=$password" #password to MySQL openemr database
- dbname="dbname=$INSTALL_DATABASE" #MySQL openemr database name
-
- #
- # Run Auto Installer
- #
- sed -e 's@^exit;@ @' <$INST >$INSTTEMP
- php -f $INSTTEMP $rootpass $login $pass $dbname >> $LOG 2>&1
- rm -f $INSTTEMP
-
- #remove global permission to all setup scripts
- chmod 600 $OPENEMR/acl_setup.php
- chmod 600 $OPENEMR/acl_upgrade.php
- chmod 600 $OPENEMR/sl_convert.php
- chmod 600 $OPENEMR/setup.php
- chmod 600 $OPENEMR/sql_upgrade.php
- chmod 600 $OPENEMR/ippf_upgrade.php
- chmod 600 $OPENEMR/gacl/setup.php
-
- log_only "Done configuring OpenEMR"
- fi
-
- #This section configures Apache for OpenEMR
- log_only "Configuring Apache for OpenEMR"
-
- #Check to ensure the apache configuration files exists
- if [ -f $APACHE ]; then
-
- # First, backup the httpd.conf file before modifying
- cp -f $APACHE $APACHE.BAK
-
- # Second, append information to secure selected directories in OpenEMR
- echo "#This is the start of the Apache configuration for OpenEMR." >> $APACHE
- echo "#Below will secure directories with patient information." >> $APACHE
- echo "<Directory \"$SITEDIR/*/documents\">" >> $APACHE
- echo " order deny,allow" >> $APACHE
- echo " Deny from all" >> $APACHE
- echo "</Directory>" >> $APACHE
- echo "<Directory \"$SITEDIR/*/edi\">" >> $APACHE
- echo " order deny,allow" >> $APACHE
- echo " Deny from all" >> $APACHE
- echo "</Directory>" >> $APACHE
- echo "<Directory \"$SITEDIR/*/era\">" >> $APACHE
- echo " order deny,allow" >> $APACHE
- echo " Deny from all" >> $APACHE
- echo "</Directory>" >> $APACHE
- echo "#This is the end of the Apache configuration for OpenEMR." >> $APACHE
-
- #let user know the plan
- prompt_input openemr/apache_configure high ret_result
- log_only "Added entries to apache configuration to secure directories with patient information."
- log_only "Placed backup of your original apache configuration file to $APACHE.BAK"
-
- else
- #can't find apache config file, so just echo instructions
- log_only "We recommend placing below lines into your apache configuration file:"
- log_only "#This is the start of the Apache configuration for OpenEMR."
- log_only "#Below will secure directories with patient information."
- log_only "<Directory \"$SITEDIR/*/documents\">"
- log_only " order deny,allow"
- log_only " Deny from all"
- log_only "</Directory>"
- log_only "<Directory \"$SITEDIR/*/edi\">"
- log_only " order deny,allow"
- log_only " Deny from all"
- log_only "</Directory>"
- log_only "<Directory \"$SITEDIR/*/era\">"
- log_only " order deny,allow"
- log_only " Deny from all"
- log_only "</Directory>"
- log_only "#This is the end of the Apache configuration for OpenEMR."
- fi
-
- log_only "Done configuring Apache"
-
#This Section edits the php.ini file to accomodate the proper functioning of OpenEMR using php
log_only "Configuring PHP for OpenEMR"
@@ -454,6 +301,9 @@ case "$1" in
collect_php () {
echo `grep -i "^[[:space:]]*$1[[:space:]=]" $PHP | cut -d \= -f 2 | cut -d \; -f 1 | sed 's/[ M]//gi'`
}
+ collect_php_commented_out () {
+ echo `grep -i "^;[[:space:]]*$1[[:space:]=]" $PHP | cut -d \= -f 2 | cut -d \; -f 1 | sed 's/[ M]//gi'`
+ }
TAG_TEXT="short_open_tag"
TAG=$(collect_php "$TAG_TEXT")
EXEC_TEXT="max_execution_time"
@@ -476,6 +326,7 @@ case "$1" in
FILESIZE=$(collect_php "$FILESIZE_TEXT")
MAXINPUTVARS_TEXT="max_input_vars"
MAXINPUTVARS=$(collect_php "$MAXINPUTVARS_TEXT")
+ MAXINPUTVARS_IF_COMMENTED=$(collect_php_commented_out "$MAXINPUTVARS_TEXT")
# Second, backup the php.ini file before modifying
cp $PHP $PHP.BAK
@@ -498,40 +349,56 @@ case "$1" in
log_only "Successfully set $1 = $2"
fi
}
+ process_php_commented_out () {
+ if [ "$3" -eq "1" ]; then
+ # make rec to php.ini
+ if [ "$FLAG_ON" -eq "0" ]; then
+ log_only "We changed the following setting(s) in your php configuration file at $PHP :"
+ fi
+ FLAG_ON=1
+ else
+ # modify php.ini
+ sed -i "s/^;[ ]*$1[ =].*$/$1 = $2/" $PHP
+ log_only "Successfully set $1 = $2"
+ fi
+ }
for i in `seq 1 2`; do
- if [ "$TAG" != "On" ]; then
+ if [ ! -z "$TAG" ] && [ "$TAG" != "On" ]; then
process_php "$TAG_TEXT" "On" $i
fi
- if [ "$EXEC" -lt "60" ]; then
+ if [ ! -z "$EXEC" ] && [ "$EXEC" -lt "60" ]; then
process_php "$EXEC_TEXT" "60" $i
fi
- if [ "$INPUT" -lt "90" ]; then
+ if [ ! -z "$INPUT" ] && [ "$INPUT" -lt "90" ]; then
process_php "$INPUT_TEXT" "90" $i
fi
- if [ "$MEM" -lt "128" ]; then
+ if [ ! -z "$MEM" ] && [ "$MEM" -lt "128" ]; then
process_php "$MEM_TEXT" "128M" $i
fi
- if [ "$DISP" != "Off" ]; then
+ if [ ! -z "$DISP" ] && [ "$DISP" != "Off" ]; then
process_php "$DISP_TEXT" "Off" $i
fi
- if [ "$LOGG" != "On" ]; then
+ if [ ! -z "$LOGG" ] && [ "$LOGG" != "On" ]; then
process_php "$LOGG_TEXT" "On" $i
fi
- if [ "$GLOB" != "Off" ]; then
+ if [ ! -z "$GLOB" ] && [ "$GLOB" != "Off" ]; then
process_php "$GLOB_TEXT" "Off" $i
fi
- if [ "$POST" -lt "30" ]; then
+ if [ ! -z "$POST" ] && [ "$POST" -lt "30" ]; then
process_php "$POST_TEXT" "30M" $i
fi
- if [ "$UPLOAD" != "On" ]; then
+ if [ ! -z "$UPLOAD" ] && [ "$UPLOAD" != "On" ]; then
process_php "$UPLOAD_TEXT" "On" $i
fi
- if [ "$FILESIZE" -lt "30" ]; then
+ if [ ! -z "$FILESIZE" ] && [ "$FILESIZE" -lt "30" ]; then
process_php "$FILESIZE_TEXT" "30M" $i
fi
- if [ "$MAXINPUTVARS" -lt "3000" ]; then
+ if [ ! -z "$MAXINPUTVARS" ] && [ "$MAXINPUTVARS" -lt "3000" ]; then
process_php "$MAXINPUTVARS_TEXT" "3000" $i
fi
+ if [ ! -z "$MAXINPUTVARS_IF_COMMENTED" ] && [ "$MAXINPUTVARS_IF_COMMENTED" -lt "3000" ]; then
+ process_php_commented_out "$MAXINPUTVARS_TEXT" "3000" $i
+ fi
if [ "$FLAG_ON" -eq "0" ]; then
log_only "Your PHP configuration is perfect for OpenEMR."
break
@@ -563,9 +430,122 @@ case "$1" in
log_only "Done configuring PHP"
+ # Activate the OpenEMR conf file for apache
+ log_only "Activate OpenEMR config file for Apache"
+ a2ensite openemr.conf
+
+ # Restart apache
log_only "Restarting Apache service"
invoke-rc.d apache2 restart >> $LOG 2>&1
+ #collect the mysql root password (if applicable)
+ MPASS=""
+ if check_mysql "$MPASS" "mysql"; then
+ log_only "Passed the mysql check loop"
+ else
+ #the blank initial mysql password didn't work, so prompt for password
+ # (will give 3 chances to provide correct password)
+ COUNTDOWN=1
+ while true; do
+ prompt_input openemr/mysql_p_install_${COUNTDOWN} critical ret_result
+ MPASS="$ret_result"
+ if check_mysql "$MPASS" "mysql"; then
+ #the mysql root password works, so can exit loop
+ log_only "Passed the mysql check loop"
+ break
+ else
+ #the mysql root password did not work
+ if [ "$COUNTDOWN" -ge "3" ]; then
+ prompt_input openemr/no_configure_mysql_root high ret_result
+ log_only "Will install OpenEMR, however will not configure OpenEMR. (unable to provide root password)"
+ break
+ fi
+ fi
+ let "COUNTDOWN += 1"
+ done
+ fi
+
+ #decide whether to configure OpenEMR after it is installed
+ configure_flag=true
+ if check_mysql "$MPASS" "mysql"; then
+ #before auto configuration, ensure the openemr user and database do not exist
+ # Check for openemr database in mysql, if exist then will not configure
+ if check_mysql "$MPASS" "$INSTALL_DATABASE"; then
+ prompt_input openemr/no_configure_mysql_database high ret_result
+ log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (MySQL database already exists)"
+ configure_flag=false;
+ fi
+ # Check for OpenEMR user in mysql.user, if exist then will not configure
+ USER=$(mysql -s -u root -h localhost --password="$MPASS" -e "SELECT User from mysql.user where User='$INSTALL_USER'")
+ if [ "$USER" == "$INSTALL_USER" ]; then
+ prompt_input openemr/no_configure_mysql_user high ret_result
+ log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (MySQL user already exists)"
+ configure_flag=false;
+ fi
+ else
+ #the mysql root password didn't work, so do not configure OpenEMR
+ log_only "Will install OpenEMR, however will not automatically configure OpenEMR. (root password did not work)"
+ configure_flag=false;
+ fi
+
+ #go to openemr directory
+ cd $OPENEMR
+
+ #secure openemr
+ chown -Rf root:root $OPENEMR
+
+ #INSTALL/CONFIGURE OPENEMR
+ # Install openemr
+ if $configure_flag; then
+ log_only "Installing/Configuring OpenEMR..."
+ else
+ log_only "Installing OpenEMR ..."
+ fi
+
+ # Set file and directory permissions (note use default site directory for new install)
+ chmod 666 $SITEDIR/default/sqlconf.php
+ chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/documents
+ chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/edi
+ chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/era
+ chown -R $WEB_GROUP.$WEB_USER $OPENEMR/library/freeb
+ chown -R $WEB_GROUP.$WEB_USER $SITEDIR/default/letter_templates
+ chown -R $WEB_GROUP.$WEB_USER $OPENEMR/interface/main/calendar/modules/PostCalendar/pntemplates/cache
+ chown -R $WEB_GROUP.$WEB_USER $OPENEMR/interface/main/calendar/modules/PostCalendar/pntemplates/compiled
+ chown -R $WEB_GROUP.$WEB_USER $OPENEMR/gacl/admin/templates_c
+
+ if $configure_flag; then
+ # Create a random password for the openemr mysql user
+ password=$(makepasswd --char=12)
+
+ # openemr installation VARIABLES
+ if [ "$MPASS" == "" ] ; then
+ rootpass="rootpass=BLANK" #MySQL server root password
+ else
+ rootpass="rootpass=$MPASS" #MySQL server root password
+ fi
+ login="login=$INSTALL_USER" #username to MySQL openemr database
+ pass="pass=$password" #password to MySQL openemr database
+ dbname="dbname=$INSTALL_DATABASE" #MySQL openemr database name
+
+ #
+ # Run Auto Installer
+ #
+ sed -e 's@^exit;@ @' <$INST >$INSTTEMP
+ php -f $INSTTEMP $rootpass $login $pass $dbname >> $LOG 2>&1
+ rm -f $INSTTEMP
+
+ #remove global permission to all setup scripts
+ chmod 600 $OPENEMR/acl_setup.php
+ chmod 600 $OPENEMR/acl_upgrade.php
+ chmod 600 $OPENEMR/sl_convert.php
+ chmod 600 $OPENEMR/setup.php
+ chmod 600 $OPENEMR/sql_upgrade.php
+ chmod 600 $OPENEMR/ippf_upgrade.php
+ chmod 600 $OPENEMR/gacl/setup.php
+
+ log_only "Done configuring OpenEMR"
+ fi
+
if $configure_flag; then
prompt_input openemr/success_install_config high ret_result
log_only "You can now use OpenEMR by browsing to:"
diff --git a/contrib/util/ubuntu_package_scripts/production/prerm b/contrib/util/ubuntu_package_scripts/production/prerm
index dba3ddd..6a6547d 100644
--- a/contrib/util/ubuntu_package_scripts/production/prerm
+++ b/contrib/util/ubuntu_package_scripts/production/prerm
@@ -5,7 +5,7 @@
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
-# Copyright 2012
+# Copyright 2011-2014
# authors: Amalu Obinna <amaluobinna at aol.com>
# Brady Miller <brady at sparmy.com>
#
@@ -171,12 +171,18 @@ case "$1" in
log_only "Finished removing OpenEMR web directory"
#remove tmp directory
- sudo rm -fr $TMPDIR
+ rm -fr $TMPDIR
log_only "Removed OpenEMR tmp directory"
- #removes the configuration section for OpenEMR in Apache config file
- sed -i '/#This is the start of the Apache configuration for OpenEMR./,/#This is the end of the Apache configuration for OpenEMR./d' /etc/apache2/httpd.conf
- log_only "Removed OpenEMR Apache configuration"
+ #removes the configuration section for OpenEMR in Apache config file (deprecated, but keeping for older packages)
+ if [ -f /etc/apache2/httpd.conf ]; then
+ sed -i '/#This is the start of the Apache configuration for OpenEMR./,/#This is the end of the Apache configuration for OpenEMR./d' /etc/apache2/httpd.conf
+ log_only "Removed OpenEMR Apache configuration in /etc/apache2/httpd.conf"
+ fi
+
+ #remove OpenEMR apache set up as active config
+ log_only "Turn off apache conf for OpenEMR"
+ a2dissite openemr.conf
#stop db
db_stop
diff --git a/controllers/C_Document.class.php b/controllers/C_Document.class.php
index a7a682a..ee0e662 100644
--- a/controllers/C_Document.class.php
+++ b/controllers/C_Document.class.php
@@ -335,8 +335,8 @@ class C_Document extends Controller {
// Added by Rod to support document issue update:
$issues_options = "<option value='0'>-- " . xl('Select Issue') . " --</option>";
$ires = sqlStatement("SELECT id, type, title, begdate FROM lists WHERE " .
- "pid = $patient_id " . // AND enddate IS NULL " .
- "ORDER BY type, begdate");
+ "pid = ? " . // AND enddate IS NULL " .
+ "ORDER BY type, begdate", array($patient_id) );
while ($irow = sqlFetchArray($ires)) {
$desc = $irow['type'];
if ($ISSUE_TYPES[$desc]) $desc = $ISSUE_TYPES[$desc][2];
diff --git a/index.php b/index.php
index 3196ebe..aff440c 100644
--- a/index.php
+++ b/index.php
@@ -14,7 +14,7 @@ else
$site_id = 'default';
if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id))
- die("Site ID '$site_id' contains invalid characters.");
+ die("Site ID '".htmlspecialchars($site_id,ENT_NOQUOTES)."' contains invalid characters.");
require_once "sites/$site_id/sqlconf.php";
diff --git a/interface/forms/misc_billing_options/date_qualifier_options.php b/interface/forms/misc_billing_options/date_qualifier_options.php
new file mode 100644
index 0000000..968eea6
--- /dev/null
+++ b/interface/forms/misc_billing_options/date_qualifier_options.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * Reusable data entries for new Box 14 and Box 15 date qualifiers that are part of
+ * HCFA 1500 02/12 format
+ *
+ * For details on format refer to:
+ * <http://www.nucc.org/index.php?option=com_content&view=article&id=186&Itemid=138>
+ *
+ * Copyright (C) 2013 Kevin Yeh <kevin.y at integralemr.com> and OEMR <www.oemr.org>
+ *
+ * LICENSE: This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 3
+ * of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
+ *
+ * @package OpenEMR
+ * @author Kevin Yeh <kevin.y at integralemr.com>
+ * @link http://www.open-emr.org
+ */
+
+$box_14_qualifier_options=array(array(xl("Onset of Current Symptoms or Illness"),"431"),
+ array(xl("Last Menstrual Period"),"484"));
+
+$box_15_qualifier_options=array(array(xl("Initial Treatment"),"454"),
+ array(xl("Latest Visit or Consultation"),"304"),
+ array(xl("Acute Manifestation of a Chronic Condition"),"453"),
+ array(xl("Accident"),"439"),
+ array(xl("Last X-ray"),"455"),
+ array(xl("Prescription"),"471"),
+ array(xl("Report Start (Assumed Care Date)"),"090"),
+ array(xl("Report End (Relinquished Care Date)"),"091"),
+ array(xl("First Visit or Consultation"),"444")
+ );
+$hcfa_date_quals=array("box_14_date_qual"=>$box_14_qualifier_options,"box_15_date_qual"=>$box_15_qualifier_options);
+function qual_id_to_description($qual_type,$value)
+{
+ $options=$GLOBALS['hcfa_date_quals'][$qual_type];
+ for($idx=0;$idx<count($options);$idx++)
+ {
+ if($options[$idx][1]==$value)
+ {
+ return $options[$idx][0];
+ }
+ }
+ return null;
+}
+?>
\ No newline at end of file
diff --git a/interface/forms/misc_billing_options/new.php b/interface/forms/misc_billing_options/new.php
index de6cc32..d65862b 100755
--- a/interface/forms/misc_billing_options/new.php
+++ b/interface/forms/misc_billing_options/new.php
@@ -2,6 +2,8 @@
require_once("../../globals.php");
require_once("$srcdir/api.inc");
require_once("$srcdir/formdata.inc.php");
+require_once("date_qualifier_options.php");
+
if (! $encounter) { // comes from globals.php
die(xl("Internal error: we do not seem to be in an encounter!"));
@@ -11,6 +13,18 @@ $formid = 0 + formData('id', 'G');
$obj = $formid ? formFetch("form_misc_billing_options", $formid) : array();
formHeader("Form: misc_billing_options");
+function generateDateQualifierSelect($name,$options,$obj)
+{
+ echo "<select name='".attr($name)."'>";
+ for($idx=0;$idx<count($options);$idx++)
+ {
+ echo "<option value='".attr($options[$idx][1])."'";
+ if($obj[$name]==$options[$idx][1]) echo " selected";
+ echo ">".text($options[$idx][0])."</option>";
+ }
+ echo "</select>";
+
+}
?>
<html><head>
<?php html_header_show(); ?>
@@ -27,8 +41,16 @@ echo "<form method='post' name='my_form' " .
<span class=text><?php xl('BOX 10 B. Auto Accident ','e'); ?>: </span><input type=checkbox name="auto_accident" value="1" <?php if ($obj['auto_accident'] == "1") echo "checked";?>>
<span class=text><?php xl('State','e'); ?>: </span><input type=entry name="accident_state" size=1 value="<?php echo $obj{"accident_state"};?>" ><br><br>
<span class=text><?php xl('BOX 10 C. Other Accident ','e'); ?>: </span><input type=checkbox name="other_accident" value="1" <?php if ($obj['other_accident'] == "1") echo "checked";?>><br><br>
-<span class=text><?php xl('BOX 15. Date of same or similar illness (yyyy-mm-dd):','e');?> </span><input type='entry' size='9' name="date_initial_treatment" value="<?php echo $obj{"date_initial_treatment"};?>" /><br><br>
-<span class=text><?php xl('BOX 16. Date unable to work from (yyyy-mm-dd):','e');?> </span><input type=entry size=9 name="off_work_from" value="<?php echo $obj{"off_work_from"};?>" >
+<span class="text" title="<?php echo xla("For HCFA 02/12 Onset date specified on the Encounter Form needs a qualifier");?>">
+ <?php echo xlt('BOX 14 Date Qualifier'); ?>: </span>
+ <?php generateDateQualifierSelect("box_14_date_qual",$box_14_qualifier_options,$obj); ?>
+ <br><br>
+<span class=text title="<?php echo xla('For HCFA 02/12 Box 15 is Other Date with a qualifier to specify what the date indicates');?>">
+ <?php xl('BOX 15. Date of same or similar illness/Other Date (yyyy-mm-dd):','e');?> </span><input type='entry' size='9' name="date_initial_treatment" value="<?php echo $obj{"date_initial_treatment"};?>" />
+
+<span class="text"><?php echo xlt('BOX 15 Other Date Qualifier'); ?>: </span>
+ <?php generateDateQualifierSelect("box_15_date_qual",$box_15_qualifier_options,$obj); ?>
+ <br><br><span class=text><?php xl('BOX 16. Date unable to work from (yyyy-mm-dd):','e');?> </span><input type=entry size=9 name="off_work_from" value="<?php echo $obj{"off_work_from"};?>" >
<span class=text><?php xl('BOX 16. Date unable to work to (yyyy-mm-dd):','e');?> </span><input type=entry size=9 name="off_work_to" value="<?php echo $obj{"off_work_to"};?>" ><br><br>
<span class=text><?php xl('BOX 18. Hospitalization date from (yyyy-mm-dd): ','e');?></span><input type=entry size=9 name="hospitalization_date_from" value="<?php echo $obj{"hospitalization_date_from"};?>" >
<span class=text><?php xl('BOX 18. Hospitalization date to (yyyy-mm-dd): ','e');?></span><input type=entry size=9 name="hospitalization_date_to" value="<?php echo $obj{"hospitalization_date_to"};?>" ><br><br>
diff --git a/interface/forms/misc_billing_options/report.php b/interface/forms/misc_billing_options/report.php
index 8b5ee79..3896e3b 100755
--- a/interface/forms/misc_billing_options/report.php
+++ b/interface/forms/misc_billing_options/report.php
@@ -1,28 +1,32 @@
<?php
include_once("../../globals.php");
include_once($GLOBALS["srcdir"]."/api.inc");
+require_once("date_qualifier_options.php");
function misc_billing_options_report( $pid, $encounter, $cols, $id) {
-$count = 0;
-$data = formFetch("form_misc_billing_options", $id);
-if ($data) {
-print "<table><tr>";
-foreach($data as $key => $value) {
-if ($key == "id" || $key == "pid" || $key == "user" || $key == "groupname" || $key == "authorized" || $key == "activity" || $key == "date" || $value == "" || $value == "0" || $value == "0000-00-00 00:00:00" || $value =="0000-00-00") {
- continue;
-}
-if ($value == "1") {
-$value = "yes";
-}
-
-$key=ucwords(str_replace("_"," ",$key));
-print "<td><span class=bold>$key: </span><span class=text>$value</span></td>";
-$count++;
-if ($count == $cols) {
-$count = 0;
-print "</tr><tr>\n";
-}
-}
-}
-print "</tr></table>";
+ $count = 0;
+ $data = formFetch("form_misc_billing_options", $id);
+ if ($data) {
+ print "<table><tr>";
+ foreach($data as $key => $value) {
+ if ($key == "id" || $key == "pid" || $key == "user" || $key == "groupname" || $key == "authorized" || $key == "activity" || $key == "date" || $value == "" || $value == "0" || $value == "0000-00-00 00:00:00" || $value =="0000-00-00") {
+ continue;
+ }
+ if ($value == "1") {
+ $value = "yes";
+ }
+ if(($key==='box_14_date_qual')||$key==='box_15_date_qual')
+ {
+ $value=text(qual_id_to_description($key,$value));
+ }
+ $key=ucwords(str_replace("_"," ",$key));
+ print "<td><span class=bold>$key: </span><span class=text>$value</span></td>";
+ $count++;
+ if ($count == $cols) {
+ $count = 0;
+ print "</tr><tr>\n";
+ }
+ }
+ }
+ print "</tr></table>";
}
?>
diff --git a/interface/forms/misc_billing_options/save.php b/interface/forms/misc_billing_options/save.php
index a7c4d78..63bd1b9 100755
--- a/interface/forms/misc_billing_options/save.php
+++ b/interface/forms/misc_billing_options/save.php
@@ -39,6 +39,8 @@ $sets = "pid = {$_SESSION["pid"]},
medicaid_original_reference = '" . formData("medicaid_original_reference") . "',
prior_auth_number = '" . formData("prior_auth_number") . "',
replacement_claim = '" . formData("replacement_claim") . "',
+ box_14_date_qual = '" . formData("box_14_date_qual") . "',
+ box_15_date_qual = '" . formData("box_15_date_qual") . "',
comments = '" . formData("comments") . "'";
if (empty($id)) {
diff --git a/interface/forms/misc_billing_options/table.sql b/interface/forms/misc_billing_options/table.sql
index ac2bb8d..4bdfc0a 100755
--- a/interface/forms/misc_billing_options/table.sql
+++ b/interface/forms/misc_billing_options/table.sql
@@ -24,5 +24,7 @@ CREATE TABLE IF NOT EXISTS `form_misc_billing_options` (
prior_auth_number varchar(20) default NULL,
comments varchar(255) default NULL,
replacement_claim tinyint(1) default 0,
+ box_14_date_qual char(3) default NULL,
+ box_15_date_qual char(3) default NULL,
PRIMARY KEY (id)
) ENGINE=MyISAM;
diff --git a/interface/globals.php b/interface/globals.php
index dc8182b..28519b8 100644
--- a/interface/globals.php
+++ b/interface/globals.php
@@ -60,9 +60,19 @@ if (IS_WINDOWS) {
//convert windows path separators
$webserver_root = str_replace("\\","/",$webserver_root);
}
+// Collect the apache server document root (and convert to windows slashes, if needed)
+$server_document_root = $_SERVER['DOCUMENT_ROOT'];
+if (IS_WINDOWS) {
+ //convert windows path separators
+ $server_document_root = str_replace("\\","/",$server_document_root);
+}
// Auto collect the relative html path, i.e. what you would type into the web
// browser after the server address to get to OpenEMR.
-$web_root = substr($webserver_root, strlen($_SERVER['DOCUMENT_ROOT']));
+// This removes the leading portion of $webserver_root that it has in common with the web server's document
+// root and assigns the result to $web_root. In addition to the common case where $webserver_root is
+// /var/www/openemr and document root is /var/www, this also handles the case where document root is
+// /var/www/html and there is an Apache "Alias" command that directs /openemr to /var/www/openemr.
+$web_root = substr($webserver_root, strspn($webserver_root ^ $server_document_root, "\0"));
// Ensure web_root starts with a path separator
if (preg_match("/^[^\/]/",$web_root)) {
$web_root = "/".$web_root;
diff --git a/interface/main/calendar/modules/PostCalendar/pntemplates/default/views/day/ajax_template.html b/interface/main/calendar/modules/PostCalendar/pntemplates/default/views/day/ajax_template.html
index dda11e6..d66509d 100644
--- a/interface/main/calendar/modules/PostCalendar/pntemplates/default/views/day/ajax_template.html
+++ b/interface/main/calendar/modules/PostCalendar/pntemplates/default/views/day/ajax_template.html
@@ -711,7 +711,7 @@ foreach ($providers as $provider) {
// output the DIV and content
// For "OUT" events, applying the background color in CSS.
- $background_string= ($event['catid'] == 3) ? "" : "; background-color:".$event["catcolor"];
+ $background_string= ($event['catid'] == 3) ? "" : "; background-color:".$color;
echo "<div class='".$evtClass." event' style='top:".$evtTop."; height:".$evtHeight.
$background_string.
"; $divWidth".
diff --git a/interface/main/finder/dynamic_finder_ajax.php b/interface/main/finder/dynamic_finder_ajax.php
index f818b9b..ab542b9 100644
--- a/interface/main/finder/dynamic_finder_ajax.php
+++ b/interface/main/finder/dynamic_finder_ajax.php
@@ -31,7 +31,7 @@ $iDisplayStart = isset($_GET['iDisplayStart' ]) ? 0 + $_GET['iDisplayStart' ] :
$iDisplayLength = isset($_GET['iDisplayLength']) ? 0 + $_GET['iDisplayLength'] : -1;
$limit = '';
if ($iDisplayStart >= 0 && $iDisplayLength >= 0) {
- $limit = "LIMIT $iDisplayStart, $iDisplayLength";
+ $limit = "LIMIT " . escape_limit($iDisplayStart) . ", " . escape_limit($iDisplayLength);
}
// Column sorting parameters.
@@ -41,7 +41,7 @@ if (isset($_GET['iSortCol_0'])) {
for ($i = 0; $i < intval($_GET['iSortingCols']); ++$i) {
$iSortCol = intval($_GET["iSortCol_$i"]);
if ($_GET["bSortable_$iSortCol"] == "true" ) {
- $sSortDir = add_escape_custom($_GET["sSortDir_$i"]); // ASC or DESC
+ $sSortDir = escape_sort_order($_GET["sSortDir_$i"]); // ASC or DESC
// We are to sort on column # $iSortCol in direction $sSortDir.
$orderby .= $orderby ? ', ' : 'ORDER BY ';
//
@@ -49,7 +49,7 @@ if (isset($_GET['iSortCol_0'])) {
$orderby .= "lname $sSortDir, fname $sSortDir, mname $sSortDir";
}
else {
- $orderby .= "`" . add_escape_custom($aColumns[$iSortCol]) . "` $sSortDir";
+ $orderby .= "`" . escape_sql_column_name($aColumns[$iSortCol],array('patient_data')) . "` $sSortDir";
}
}
}
@@ -69,7 +69,7 @@ if (isset($_GET['sSearch']) && $_GET['sSearch'] !== "") {
"mname LIKE '$sSearch%' ";
}
else {
- $where .= "`" . add_escape_custom($colname) . "` LIKE '$sSearch%' ";
+ $where .= "`" . escape_sql_column_name($colname,array('patient_data')) . "` LIKE '$sSearch%' ";
}
}
if ($where) $where .= ")";
@@ -89,7 +89,7 @@ for ($i = 0; $i < count($aColumns); ++$i) {
"mname LIKE '$sSearch%' )";
}
else {
- $where .= " `" . add_escape_custom($colname) . "` LIKE '$sSearch%'";
+ $where .= " `" . escape_sql_column_name($colname,array('patient_data')) . "` LIKE '$sSearch%'";
}
}
}
@@ -105,7 +105,7 @@ foreach ($aColumns as $colname) {
$sellist .= "lname, fname, mname";
}
else {
- $sellist .= "`" . add_escape_custom($colname) . "`";
+ $sellist .= "`" . escape_sql_column_name($colname,array('patient_data')) . "`";
}
}
diff --git a/interface/main/left_nav.php b/interface/main/left_nav.php
index eb41674..34d3d83 100644
--- a/interface/main/left_nav.php
+++ b/interface/main/left_nav.php
@@ -157,7 +157,7 @@
acl_check('admin', 'database') || acl_check('admin', 'forms') ||
acl_check('admin', 'practice') || acl_check('admin', 'users') ||
acl_check('admin', 'acl') || acl_check('admin', 'super') ||
- acl_check('admin', 'superbill'));
+ acl_check('admin', 'superbill') || acl_check('admin', 'drugs'));
$disallowed['bil'] = !(acl_check('acct', 'rep') || acl_check('acct', 'eob') ||
acl_check('acct', 'bill'));
diff --git a/interface/new/new_comprehensive_save.php b/interface/new/new_comprehensive_save.php
index 247a3b9..4815c02 100644
--- a/interface/new/new_comprehensive_save.php
+++ b/interface/new/new_comprehensive_save.php
@@ -14,7 +14,7 @@ $alertmsg = '';
if (!empty($_POST["form_pubpid"])) {
$form_pubpid = trim($_POST["form_pubpid"]);
$result = sqlQuery("SELECT count(*) AS count FROM patient_data WHERE " .
- "pubpid = '$form_pubpid'");
+ "pubpid = '" . formDataCore($form_pubpid) . "'");
if ($result['count']) {
// Error, not unique.
$alertmsg = xl('Warning: Patient ID is not unique!');
diff --git a/interface/patient_file/deleter.php b/interface/patient_file/deleter.php
index 5b79b4c..95aa57f 100644
--- a/interface/patient_file/deleter.php
+++ b/interface/patient_file/deleter.php
@@ -130,11 +130,11 @@ function form_delete($formdir, $formid) {
// Delete a specified document including its associated relations and file.
//
function delete_document($document) {
- $trow = sqlQuery("SELECT url FROM documents WHERE id = '$document'");
+ $trow = sqlQuery("SELECT url FROM documents WHERE id = ?", array($document));
$url = $trow['url'];
- row_delete("categories_to_documents", "document_id = '$document'");
- row_delete("documents", "id = '$document'");
- row_delete("gprelations", "type1 = 1 AND id1 = '$document'");
+ row_delete("categories_to_documents", "document_id = '" . add_escape_custom($document) . "'");
+ row_delete("documents", "id = '" . add_escape_custom($document) . "'");
+ row_delete("gprelations", "type1 = 1 AND id1 = '" . add_escape_custom($document) . "'");
if (substr($url, 0, 7) == 'file://') {
@unlink(substr($url, 7));
}
@@ -374,7 +374,7 @@ function popup_close() {
}
?>
-<form method='post' name="deletefrm" action='deleter.php?patient=<?php echo $patient ?>&encounterid=<?php echo $encounterid ?>&formid=<?php echo $formid ?>&issue=<?php echo $issue ?>&document=<?php echo $document ?>&payment=<?php echo $payment ?>&billing=<?php echo $billing ?>&transaction=<?php echo $transaction ?>' onsubmit="javascript:alert('1');document.deleform.submit();">
+<form method='post' name="deletefrm" action='deleter.php?patient=<?php echo $patient ?>&encounterid=<?php echo $encounterid ?>&formid=<?php echo $formid ?>&issue=<?php echo $issue ?>&document=<?php echo attr($document) ?>&payment=<?php echo $payment ?>&billing=<?php echo $billing ?>&transaction=<?php echo $transaction ?>' onsubmit="javascript:alert('1');document.deleform.submit();">
<p class="text"> <br><?php xl('Do you really want to delete','e'); ?>
@@ -388,7 +388,7 @@ function popup_close() {
} else if ($issue) {
echo xl('issue') . " $issue";
} else if ($document) {
- echo xl('document') . " $document";
+ echo xl('document') . " " . text($document);
} else if ($payment) {
echo xl('payment') . " $payment";
} else if ($billing) {
diff --git a/interface/patient_file/letter.php b/interface/patient_file/letter.php
index 7072f19..44a1487 100644
--- a/interface/patient_file/letter.php
+++ b/interface/patient_file/letter.php
@@ -143,6 +143,7 @@ if ($_POST['formaction']=="generate") {
exit;
}
else { // $form_format = html
+ $cpstring = text($cpstring); //escape to prevent stored cross script attack
$cpstring = str_replace("\n", "<br>", $cpstring);
$cpstring = str_replace("\t", " ", $cpstring);
?>
diff --git a/interface/patient_file/summary/shot_record.php b/interface/patient_file/summary/shot_record.php
index 2ef9eb2..e115820 100644
--- a/interface/patient_file/summary/shot_record.php
+++ b/interface/patient_file/summary/shot_record.php
@@ -72,9 +72,14 @@ function convertToDataArray($data_array) {
$data[$current][xl('Amount') . "\n" . xl('Admin')] = "";
}
- //expiration date
+ //expiration date fixed by checking for empty value, smw 040214
+ if (isset($row['expiration_date'])) {
$temp_date = new DateTime($row['expiration_date']);
$data[$current][xl('Expiration') . "\n" . xl('Date')] = $temp_date->format('Y-m-d');
+ }
+ else{
+ $data[$current][xl('Expiration') . "\n" . xl('Date')] = '';//$temp_date->format('Y-m-d');
+ }
//Manufacturer
$data[$current][xl('Manufacturer')] = $row['manufacturer'];
diff --git a/library/Claim.class.php b/library/Claim.class.php
index 1ddfc24..c80d892 100644
--- a/library/Claim.class.php
+++ b/library/Claim.class.php
@@ -38,6 +38,7 @@ class Claim {
var $encounter_id; // encounter id
var $procs; // array of procedure rows from billing table
var $diags; // array of icd9 codes from billing table
+ var $diagtype= "ICD9"; // diagnosis code_type.Assume ICD9 unless otherwise specified.
var $x12_partner; // row from x12_partners table
var $encounter; // row from form_encounter table
var $facility; // row from facility table
@@ -831,6 +832,11 @@ class Claim {
return $this->payers[$ins]['object']->get_freeb_claim_type();
}
+ function claimTypeRaw($ins=0) {
+ if (empty($this->payers[$ins]['object'])) return 0;
+ return $this->payers[$ins]['object']->get_freeb_type();
+ }
+
function insuredLastName($ins=0) {
return x12clean(trim($this->payers[$ins]['data']['subscriber_lname']));
}
@@ -1123,21 +1129,58 @@ class Claim {
return cleanDate($this->billing_options['date_initial_treatment']);
}
- // Returns an array of unique diagnoses. Periods are stripped.
- function diagArray() {
+ function box14qualifier()
+ {
+ // If no box qualifier specified use "431" indicating Onset
+ return empty($this->billing_options['box_14_date_qual']) ? '431' :
+ $this->billing_options['box_14_date_qual'];
+ }
+
+ function box15qualifier()
+ {
+ // If no box qualifier specified use "454" indicating Initial Treatment
+ return empty($this->billing_options['box_15_date_qual']) ? '454' :
+ $this->billing_options['box_15_date_qual'];
+ }
+ // Returns an array of unique diagnoses. Periods are stripped by default
+ // Option to keep periods is to support HCFA 1500 02/12 version
+ function diagArray($strip_periods=true) {
$da = array();
foreach ($this->procs as $row) {
$atmp = explode(':', $row['justify']);
foreach ($atmp as $tmp) {
if (!empty($tmp)) {
$code_data = explode('|',$tmp);
+
+ // If there was a | in the code data, the the first part of the array is the type, and the second is the identifier
if (!empty($code_data[1])) {
- //Strip the prepended code type label
- $diag = str_replace('.', '', $code_data[1]);
+
+ // This is the simplest way to determine if the claim is using ICD9 or ICD10 codes
+ // a mix of code types is generally not allowed as there is only one specifier for all diagnoses on HCFA-1500 form
+ // and there would be ambiguity with E and V codes
+ $this->diagtype=$code_data[0];
+
+ //code is in the second part of the $code_data array.
+ if($strip_periods==true)
+ {
+ $diag = str_replace('.', '', $code_data[1]);
+
+ }
+ else
+ {
+ $diag=$code_data[1];
+ }
+
}
else {
//No prepended code type label
- $diag = str_replace('.', '', $code_data[0]);
+ if($strip_periods) {
+ $diag = str_replace('.', '', $code_data[0]);
+ }
+ else
+ {
+ $diag=$code_data[1];
+ }
}
$da[$diag] = $diag;
}
@@ -1148,7 +1191,7 @@ class Claim {
// or not, to make sure they all get into the claim. We do it this way
// so that the more important diagnoses appear first.
foreach ($this->diags as $diag) {
- $diag = str_replace('.', '', $diag);
+ if($strip_periods) {$diag = str_replace('.', '', $diag);}
$da[$diag] = $diag;
}
return $da;
diff --git a/library/adodb/tests/testsessions.php b/library/adodb/tests/testsessions.php
index 0176973..5c9ae5a 100644
--- a/library/adodb/tests/testsessions.php
+++ b/library/adodb/tests/testsessions.php
@@ -1,5 +1,7 @@
<?php
+exit();
+
/*
V4.80 8 Mar 2006 (c) 2000-2011 John Lim (jlim#natsoft.com). All rights reserved.
Released under both BSD license and Lesser GPL library license.
@@ -96,4 +98,4 @@ default:
$rr = $DB->qstr(rand());
$DB->Execute("insert into {$options['table']} (sesskey,expiry,expireref,sessdata,created,modified) values ($sessk,$olddate, $rr,'',$olddate,$olddate)");
}
-?>
\ No newline at end of file
+?>
diff --git a/library/clinical_rules.php b/library/clinical_rules.php
index 55b6752..4004644 100644
--- a/library/clinical_rules.php
+++ b/library/clinical_rules.php
@@ -1053,7 +1053,7 @@ function set_plan_activity_patient($plan,$type,$setting,$patient_id) {
}
// Update patient specific row
- $query = "UPDATE `clinical_plans` SET `" . add_escape_custom($type) . "_flag`= ? WHERE id = ? AND pid = ?";
+ $query = "UPDATE `clinical_plans` SET `" . escape_sql_column_name($type."_flag",array("clinical_plans")) . "`= ? WHERE id = ? AND pid = ?";
sqlStatementCdrEngine($query, array($setting,$plan,$patient_id) );
}
diff --git a/library/gen_hcfa_1500.inc.php b/library/gen_hcfa_1500.inc.php
index c455e0e..74b6c2a 100644
--- a/library/gen_hcfa_1500.inc.php
+++ b/library/gen_hcfa_1500.inc.php
@@ -7,13 +7,28 @@
// of the License, or (at your option) any later version.
require_once("Claim.class.php");
+require_once("gen_hfca_1500_02_12.inc.php");
$hcfa_curr_line = 1;
$hcfa_curr_col = 1;
$hcfa_data = '';
$hcfa_proc_index = 0;
-function put_hcfa($line, $col, $maxlen, $data) {
+
+/**
+ * take the data element and place it at the correct coordinates on the page
+ *
+ * @global int $hcfa_curr_line
+ * @global type $hcfa_curr_col
+ * @global type $hcfa_data
+ * @param type $line
+ * @param type $col
+ * @param type $maxlen
+ * @param type $data
+ * @param type $strip regular expression for what to strip from the data. period and has are the defaults
+ * 02/12 version needs to include periods in the diagnoses hence the need to override
+ */
+function put_hcfa($line, $col, $maxlen, $data,$strip='/[.#]/') {
global $hcfa_curr_line, $hcfa_curr_col, $hcfa_data;
if ($line < $hcfa_curr_line)
die("Data item at ($line, $col) precedes current line.");
@@ -28,7 +43,7 @@ function put_hcfa($line, $col, $maxlen, $data) {
$hcfa_data .= " ";
++$hcfa_curr_col;
}
- $data = preg_replace('/[.#]/', '', strtoupper($data));
+ $data = preg_replace($strip, '', strtoupper($data));
$len = min(strlen($data), $maxlen);
$hcfa_data .= substr($data, 0, $len);
$hcfa_curr_col += $len;
@@ -82,14 +97,17 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(5, 41, 31, $tmp . $claim->payerState() . ' ' . $claim->payerZip());
// Box 1. Insurance Type
- $ct = $claim->claimType();
- $tmpcol = 45; // Other
- if ($ct === 'MB') $tmpcol = 1; // Medicare
- else if ($ct === 'MC') $tmpcol = 8; // Medicaid
- else if ($ct === 'CH') $tmpcol = 15; // Champus
- else if ($ct === 'CH') $tmpcol = 24; // Champus VA (why same code?)
- else if ($ct === 'BL') $tmpcol = 31; // Group Health Plan (only BCBS?)
- else if ($ct === '16') $tmpcol = 39; // FECA
+ // claimTypeRaw() gets the integer value from insurance_companies.freeb_type.
+ // Previous version of this code called claimType() which maps freeb_type to
+ // a 2-character code and that was not specific enough.
+ $ct = $claim->claimTypeRaw();
+ $tmpcol = 45; // Other
+ if ($ct == 2) $tmpcol = 1; // Medicare
+ else if ($ct == 3) $tmpcol = 8; // Medicaid
+ else if ($ct == 5) $tmpcol = 15; // TriCare (formerly CHAMPUS)
+ else if ($ct == 4) $tmpcol = 24; // Champus VA
+ else if ($ct == 6) $tmpcol = 31; // Group Health Plan (only BCBS?)
+ else if ($ct == 7) $tmpcol = 39; // FECA
put_hcfa(8, $tmpcol, 1, 'X');
// Box 1a. Insured's ID Number
@@ -133,12 +151,15 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(14, 26, 2, $claim->patientState());
// Box 8. Patient (Marital) Status
- $tmp = $claim->patientStatus();
- $tmpcol = 47; // Other
- if ($tmp === 'S') $tmpcol = 35; // Single
- else if ($tmp === 'M') $tmpcol = 41; // Married
- put_hcfa(14, $tmpcol, 1, 'X');
-
+ if(!hcfa_1500_version_02_12()) // Box 8 Reserved for NUCC Use in 02/12
+ {
+ $tmp = $claim->patientStatus();
+ $tmpcol = 47; // Other
+ if ($tmp === 'S') $tmpcol = 35; // Single
+ else if ($tmp === 'M') $tmpcol = 41; // Married
+ put_hcfa(14, $tmpcol, 1, 'X');
+ }
+
// Box 7 continued. Insured's City and State
put_hcfa(14, 50, 20, $claim->insuredCity());
put_hcfa(14, 74, 2, $claim->insuredState());
@@ -150,10 +171,13 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(16, 19, 7, substr($tmp,3));
// Box 8 continued. Patient (Employment) Status
- $tmp = $claim->patientOccupation();
- if ($tmp === 'STUDENT' ) put_hcfa(16, 41, 1, 'X');
- else if ($tmp === 'PT STUDENT') put_hcfa(16, 47, 1, 'X');
- else if ($tmp !== 'UNEMPLOYED') put_hcfa(16, 35, 1, 'X');
+ if(!hcfa_1500_version_02_12()) // Box 8 Reserved for NUCC Use in 02/12
+ {
+ $tmp = $claim->patientOccupation();
+ if ($tmp === 'STUDENT' ) put_hcfa(16, 41, 1, 'X');
+ else if ($tmp === 'PT STUDENT') put_hcfa(16, 47, 1, 'X');
+ else if ($tmp !== 'UNEMPLOYED') put_hcfa(16, 35, 1, 'X');
+ }
// Box 7 continued. Insured's Zip Code and Telephone
put_hcfa(16, 50, 10, $claim->insuredZip());
@@ -220,19 +244,22 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
}
// Box 9b. Other Insured's Birth Date and Sex
- if ($new_medicare_logic) {
- // TBD: Medigap stuff?
- }
- else {
- if ($claim->payerCount() > 1) {
- $tmp = $claim->insuredDOB(1);
- put_hcfa(22, 2, 2, substr($tmp,4,2));
- put_hcfa(22, 5, 2, substr($tmp,6,2));
- put_hcfa(22, 8, 4, substr($tmp,0,4));
- put_hcfa(22, $claim->insuredSex(1) == 'M' ? 18 : 24, 1, 'X');
+ if(!hcfa_1500_version_02_12()) // Box 9b Reserved for NUCC Use in 02/12
+ {
+ if ($new_medicare_logic) {
+ // TBD: Medigap stuff?
+ }
+ else {
+ if ($claim->payerCount() > 1) {
+ $tmp = $claim->insuredDOB(1);
+ put_hcfa(22, 2, 2, substr($tmp,4,2));
+ put_hcfa(22, 5, 2, substr($tmp,6,2));
+ put_hcfa(22, 8, 4, substr($tmp,0,4));
+ put_hcfa(22, $claim->insuredSex(1) == 'M' ? 18 : 24, 1, 'X');
+ }
}
}
-
+
// Box 10b. Auto Accident
put_hcfa(22, $claim->isRelatedAuto() ? 35 : 41, 1, 'X');
if ($claim->isRelatedAuto())
@@ -248,15 +275,18 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(22, 50, 30, $tmp);
// Box 9c. Other Insured's Employer/School Name
- if ($new_medicare_logic) {
- // TBD: Medigap stuff?
- }
- else {
- if ($claim->payerCount() > 1) {
- put_hcfa(24, 1, 28, $claim->groupName(1));
+ if(!hcfa_1500_version_02_12()) // Box 9c Reserved for NUCC Use in 02/12
+ {
+ if ($new_medicare_logic) {
+ // TBD: Medigap stuff?
+ }
+ else {
+ if ($claim->payerCount() > 1) {
+ put_hcfa(24, 1, 28, $claim->groupName(1));
+ }
}
}
-
+
// Box 10c. Other Accident
put_hcfa(24, $claim->isRelatedOther() ? 35 : 41, 1, 'X');
@@ -300,12 +330,26 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(32, 2, 2, substr($tmp,4,2));
put_hcfa(32, 5, 2, substr($tmp,6,2));
put_hcfa(32, 8, 4, substr($tmp,0,4));
-
+
+ if(hcfa_1500_version_02_12() && !empty($tmp))
+ {
+ // Only include the Box 14 qualifier if there we are using version 02/12 and there is a Box 14 date.
+ put_hcfa(32, 16, 3, $claim->box14qualifier());
+
+ }
// Box 15. First Date of Same or Similar Illness, if applicable
$tmp = $claim->dateInitialTreatment();
- put_hcfa(32,36, 2, substr($tmp,4,2));
- put_hcfa(32,39, 2, substr($tmp,6,2));
- put_hcfa(32,42, 4, substr($tmp,0,4));
+ if(hcfa_1500_version_02_12() && !empty($tmp))
+ {
+ // Only include the Box 15 qualifier if there we are using version 02/12 and there is a Box 15 date.
+ put_hcfa(32, 31, 3, $claim->box15qualifier());
+ }
+
+
+ put_hcfa(32,37, 2, substr($tmp,4,2));
+ put_hcfa(32,40, 2, substr($tmp,6,2));
+ put_hcfa(32,43, 4, substr($tmp,0,4));
+
// Box 16. Dates Patient Unable to Work in Current Occupation
if ($claim->isUnableToWork()) {
@@ -327,10 +371,14 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
(empty($GLOBALS['MedicareReferrerIsRenderer']) || $claim->claimType() != 'MB'))
{
// Box 17a. Referring Provider Alternate Identifier
+ // Commented this out because UPINs are obsolete, leaving the code as an
+ // example in case some other identifier needs to be supported.
+ /*****************************************************************
if ($claim->referrerUPIN() && $claim->claimType() != 'MB') {
put_hcfa(33, 30, 2, '1G');
put_hcfa(33, 33, 15, $claim->referrerUPIN());
}
+ *****************************************************************/
// Box 17. Name of Referring Provider or Other Source
$tmp = $claim->referrerLastName() . ', ' . $claim->referrerFirstName();
@@ -367,36 +415,42 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(36, 63, 8, sprintf('%8s', $claim->outsideLabAmount()));
}
- // Box 21. Diagnoses
- $tmp = $claim->diagArray();
- $diags = array();
- foreach ($tmp as $diag) $diags[] = $diag;
- if (!empty($diags[0])) {
- put_hcfa(38, 3, 3, substr($diags[0], 0, 3));
- put_hcfa(38, 7, 2, substr($diags[0], 3));
- }
- if (!empty($diags[2])) {
- put_hcfa(38, 30, 3, substr($diags[2], 0, 3));
- put_hcfa(38, 34, 2, substr($diags[2], 3));
- }
-
- // Box 22. Medicaid Resubmission Code and Original Ref. No.
- put_hcfa(38, 50, 10, $claim->medicaidResubmissionCode());
- put_hcfa(38, 62, 10, $claim->medicaidOriginalReference());
-
- // Box 21 continued. Diagnoses
- if (!empty($diags[1])) {
- put_hcfa(40, 3, 3, substr($diags[1], 0, 3));
- put_hcfa(40, 7, 2, substr($diags[1], 3));
+ if(hcfa_1500_version_02_12())
+ {
+ process_diagnoses_02_12($claim,$log);
}
- if (!empty($diags[3])) {
- put_hcfa(40, 30, 3, substr($diags[3], 0, 3));
- put_hcfa(40, 34, 2, substr($diags[3], 3));
+ else
+ {
+ // Box 21. Diagnoses
+ $tmp = $claim->diagArray();
+ $diags = array();
+ foreach ($tmp as $diag) $diags[] = $diag;
+ if (!empty($diags[0])) {
+ put_hcfa(38, 3, 3, substr($diags[0], 0, 3));
+ put_hcfa(38, 7, 2, substr($diags[0], 3));
+ }
+ if (!empty($diags[2])) {
+ put_hcfa(38, 30, 3, substr($diags[2], 0, 3));
+ put_hcfa(38, 34, 2, substr($diags[2], 3));
+ }
+
+ // Box 22. Medicaid Resubmission Code and Original Ref. No.
+ put_hcfa(38, 50, 10, $claim->medicaidResubmissionCode());
+ put_hcfa(38, 62, 10, $claim->medicaidOriginalReference());
+
+ // Box 21 continued. Diagnoses
+ if (!empty($diags[1])) {
+ put_hcfa(40, 3, 3, substr($diags[1], 0, 3));
+ put_hcfa(40, 7, 2, substr($diags[1], 3));
+ }
+ if (!empty($diags[3])) {
+ put_hcfa(40, 30, 3, substr($diags[3], 0, 3));
+ put_hcfa(40, 34, 2, substr($diags[3], 3));
+ }
+
+ // Box 23. Prior Authorization Number
+ put_hcfa(40, 50, 28, $claim->priorAuth());
}
-
- // Box 23. Prior Authorization Number
- put_hcfa(40, 50, 28, $claim->priorAuth());
-
$proccount = $claim->procCount(); // number of procedures
// Charges, adjustments and payments are accumulated by line item so that
@@ -494,7 +548,15 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
// 24e. Diagnosis Pointer
$tmp = '';
- foreach ($claim->diagIndexArray($hcfa_proc_index) as $value) $tmp .= $value;
+ foreach ($claim->diagIndexArray($hcfa_proc_index) as $value)
+ {
+ if(hcfa_1500_version_02_12())// For 02/12 Version convert number to letter.
+ {
+ // ASCII A is 65, since diagIndexArray is ones based, this will make 1->A, 2->B...
+ $value=chr($value+64);
+ }
+ $tmp .= $value;
+ }
put_hcfa($lino, 45, 4, $tmp);
// 24f. Charges
@@ -540,9 +602,12 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
// 30. Balance Due
// For secondary payers this reflects primary "contracted rate" adjustments,
// so in general box 30 will not equal box 28 minus box 29.
- put_hcfa(56, 71, 8, str_replace('.',' ',sprintf('%8.2f',
- $clm_total_charges - $clm_amount_paid - $clm_amount_adjusted)));
-
+ if(!hcfa_1500_version_02_12()) // Box 30 Reserved for NUCC Use in 02/12
+ {
+ put_hcfa(56, 71, 8, str_replace('.',' ',sprintf('%8.2f',
+ $clm_total_charges - $clm_amount_paid - $clm_amount_adjusted)));
+ }
+
// 33. Billing Provider: Phone Number
$tmp = $claim->billingContactPhone();
put_hcfa(57, 66, 3, substr($tmp,0,3));
@@ -564,7 +629,15 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
// FreeB printed the rendering provider's name and the current date here,
// but according to my instructions it must be a real signature and date,
// or else "Signature on File" or "SOF".
- put_hcfa(60, 1, 20, 'Signature on File');
+
+ if($GLOBALS['cms_1500_box_31_format']==0)
+ {
+ put_hcfa(60, 1, 20, 'Signature on File');
+ }
+ else if($GLOBALS['cms_1500_box_31_format']==1)
+ {
+ put_hcfa(60, 1, 22, $claim->providerFirstName()." ".$claim->providerLastName());
+ }
//
// $tmp = $claim->providerFirstName();
// if ($claim->providerMiddleName()) $tmp .= ' ' . substr($claim->providerMiddleName(),0,1);
@@ -580,6 +653,21 @@ function gen_hcfa_1500_page($pid, $encounter, &$log, &$claim) {
put_hcfa(60, 50, 27, $tmp . $claim->billingFacilityState() . ' ' .
$claim->billingFacilityZip());
+ // 31. Signature of Physician or Supplier: Date
+ if($GLOBALS['cms_1500_box_31_date']>0)
+ {
+ if($GLOBALS['cms_1500_box_31_date']==1)
+ {
+ $date_of_service= $claim->serviceDate();
+ $MDY=substr($date_of_service,4,2)." ".substr($date_of_service,6,2)." ".substr($date_of_service,2,2);
+ }
+ else if($GLOBALS['cms_1500_box_31_date']==2)
+ {
+ $MDY=date("m/d/y");
+ }
+ put_hcfa(61,6,10,$MDY);
+ }
+
// 32a. Service Facility NPI
put_hcfa(61, 24, 10, $claim->facilityNPI());
diff --git a/library/gen_hfca_1500_02_12.inc.php b/library/gen_hfca_1500_02_12.inc.php
new file mode 100644
index 0000000..481209b
--- /dev/null
+++ b/library/gen_hfca_1500_02_12.inc.php
@@ -0,0 +1,179 @@
+<?php
+/**
+ * Utilities to support HCFA 1500 02/12 Version
+ * For details on format refer to:
+ * <http://www.nucc.org/index.php?option=com_content&view=article&id=186&Itemid=138>
+ *
+ * Copyright (C) 2013 Kevin Yeh <kevin.y at integralemr.com> and OEMR <www.oemr.org>
+ *
+ * LICENSE: This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 3
+ * of the License, or (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
+ *
+ * @package OpenEMR
+ * @author Kevin Yeh <kevin.y at integralemr.com>
+ * @link http://www.open-emr.org
+ */
+
+/**
+ *
+ * @return type Is the system configured to use the 02/12 version of the form
+ */
+function hcfa_1500_version_02_12()
+{
+ return $GLOBALS['cms_1500']=='1';
+}
+
+
+/**
+ * Helper class to manage which rows and columns information belong in.
+ * This allows "out of order" creation of the content.
+ */
+class hcfa_info
+{
+ protected $row;
+ protected $column;
+ protected $width;
+ protected $info;
+
+ /**
+ *
+ * @param type $row Which row to put this data on
+ * @param type $column Which column to put this data in
+ * @param type $width How many characters max to print on
+ * @param type $info The text to print on the form at the specified location
+ */
+ public function __construct($row,$column,$width,$info)
+ {
+ $this->row=$row;
+ $this->column=$column;
+ $this->width=$width;
+ $this->info=$info;
+ }
+
+ /**
+ * Determine relative position of an element
+ *
+ * @return type integer
+ */
+ public function get_position()
+ {
+ return $this->row*100+$this->column;
+ }
+
+ /**
+ * Add the info to the form
+ */
+ public function put()
+ {
+ // Override the default value for "strip" with put_hcfa to keep periods
+ put_hcfa($this->row,$this->column,$this->width,$this->info,'/#/');
+ }
+}
+
+/**
+ * comparator function for hfca_info class to allow proper sorting
+ *
+ * @param type $first
+ * @param type $second
+ * @return int
+ */
+function cmp_hcfa_info($first,$second)
+{
+ $first_value=$first->get_position();
+ $second_value=$second->get_position();
+ if($first_value==$second_value)
+ {
+ return 0;
+ }
+ return $first_value<$second_value ? -1 : 1;
+}
+
+/**
+ * calculate where on the form a given diagnosis belongs and add it to the entries
+ *
+ * @param array $hcfa_entries
+ * @param type $number
+ * @param type $diag
+ */
+function add_diagnosis(&$hcfa_entries,$number,$diag)
+{
+ /*
+ * The diagnoses go across the page.
+ * Positioned
+ * A B C D
+ * E F G H
+ * I J K L
+ */
+ $column_num = ($number%4);
+ $row_num = (int)($number / 4);
+
+ // First column is at location 3, each column is 13 wide
+ $col_pos=3+13*$column_num;
+
+ // First diagnosis row is 38
+ $row_pos=38+$row_num;
+ $hcfa_entries[]=new hcfa_info($row_pos,$col_pos,6,$diag);
+
+
+}
+
+/**
+ * Process the diagnoses for a given claim. log any errors
+ *
+ * @param type $claim
+ * @param string $log
+ */
+function process_diagnoses_02_12(&$claim,&$log)
+{
+
+ $hcfa_entries=array();
+ $diags = $claim->diagArray(false);
+ if($claim->diagtype=='ICD10')
+ {
+ $icd_indicator='0';
+ }
+ else
+ {
+ $icd_indicator='9';
+ }
+
+ $hcfa_entries[]=new hcfa_info(37,42,1,$icd_indicator);
+
+ // Box 22. Medicaid Resubmission Code and Original Ref. No.
+ $hcfa_entries[]=new hcfa_info(38,50,10,$claim->medicaidResubmissionCode());
+ $hcfa_entries[]=new hcfa_info(38,62,10,$claim->medicaidOriginalReference());
+
+ // Box 23. Prior Authorization Number
+ $hcfa_entries[]=new hcfa_info(40,50,28,$claim->priorAuth());
+
+ $diag_count=0;
+ foreach($diags as $diag)
+ {
+ if($diag_count<12)
+ {
+ add_diagnosis($hcfa_entries,$diag_count,$diag);
+ }
+ else
+ {
+ $log.= "***Too many diagnoses ".($diag_count+1).":".$diag;
+ }
+ $diag_count++;
+ }
+
+ // Sort the entries to put them in the page base sequence.
+ usort($hcfa_entries,"cmp_hcfa_info");
+
+ foreach($hcfa_entries as $hcfa_entry)
+ {
+ $hcfa_entry->put();
+ }
+}
+?>
diff --git a/library/globals.inc.php b/library/globals.inc.php
index b727c7a..4786017 100644
--- a/library/globals.inc.php
+++ b/library/globals.inc.php
@@ -659,6 +659,39 @@ $GLOBALS_METADATA = array(
'0', // default = true
xl('This will use the custom immunizations list rather than the standard CVX immunization list.')
),
+
+ 'cms_1500' => array(
+ xl('CMS 1500 Paper Form Format'),
+ array(
+ '0' => xl('08/05'),
+ '1' => xl('02/12'),
+ ),
+ '0', // default
+ xl('This specifies which revision of the form the billing module should generate')
+ ),
+
+ 'cms_1500_box_31_format' => array(
+ xl('CMS 1500: Box 31 Format'),
+ array(
+ '0' => xl('Signature on File'),
+ '1' => xl('Firstname Lastname'),
+ '2' => xl('None'),
+ ),
+ '0', // default
+ xl('This specifies whether to include date in Box 31.')
+ ),
+
+
+ 'cms_1500_box_31_date' => array(
+ xl('CMS 1500: Date in Box 31 (Signature)'),
+ array(
+ '0' => xl('None'),
+ '1' => xl('Date of Service'),
+ '2' => xl('Today'),
+ ),
+ '0', // default
+ xl('This specifies whether to include date in Box 31.')
+ ),
),
diff --git a/library/immunization_helper.php b/library/immunization_helper.php
index bfdbde7..40f8214 100644
--- a/library/immunization_helper.php
+++ b/library/immunization_helper.php
@@ -32,7 +32,7 @@ function getImmunizationList($pid,$sortby,$showError) {
$sql = "select i1.id ,i1.immunization_id, i1.cvx_code, i1.administered_date, c.code_text_short, c.code".
",i1.manufacturer ,i1.lot_number ".
",ifnull(concat(u.lname,', ',u.fname),'Other') as administered_by ".
- ",i1.education_date ,i1.note ".
+ ",i1.education_date ,i1.note ". ",i1.expiration_date " .
",i1.amount_administered, i1.amount_administered_unit, i1.route, i1.administration_site, i1.added_erroneously".
" from immunizations i1 ".
" left join users u on i1.administered_by_id = u.id ".
diff --git a/library/log.inc b/library/log.inc
index b0f751c..876ffd4 100644
--- a/library/log.inc
+++ b/library/log.inc
@@ -764,7 +764,7 @@ function updateRecordedDisclosure($dates,$event,$recipient,$description,$disclos
*/
function deleteDisclosure($deletelid)
{
- $sql="delete from extended_log where id='$deletelid'";
+ $sql="delete from extended_log where id='" . add_escape_custom($deletelid) . "'";
$ret = sqlInsertClean_audit($sql);
}
?>
diff --git a/library/pid.inc b/library/pid.inc
index 44bd3c7..5e758fa 100644
--- a/library/pid.inc
+++ b/library/pid.inc
@@ -11,13 +11,23 @@ require_once("$srcdir/log.inc");
function setpid($new_pid) {
global $pid, $encounter;
+ // Escape $new_pid by forcing it to an integer to protect from sql injection
+ $new_pid_int = intval($new_pid);
+ // If the $new_pid was not an integer, then send an error to error log
+ if (!is_numeric($new_pid)) {
+ error_log("Critical OpenEMR Error: Attempt to set pid to following non-integer value was denied: ".$new_pid,0);
+ error_log("Requested pid ".$new_pid,0);
+ error_log("Returned pid ".$new_pid_int,0);
+ }
+
// Be careful not to clear the encounter unless the pid is really changing.
- if (!isset($_SESSION['pid']) || $pid != $new_pid || $pid != $_SESSION['pid']) {
+ if (!isset($_SESSION['pid']) || $pid != $new_pid_int || $pid != $_SESSION['pid']) {
$_SESSION['encounter'] = $encounter = 0;
}
- $_SESSION['pid'] = $new_pid;
- $pid = $new_pid;
+ // Set pid to the escaped pid
+ $_SESSION['pid'] = $new_pid_int;
+ $pid = $new_pid_int;
newEvent("view", $_SESSION["authUser"], $_SESSION["authProvider"], 1, $pid);
}
diff --git a/library/report.inc b/library/report.inc
index 745e34e..5760fc3 100644
--- a/library/report.inc
+++ b/library/report.inc
@@ -91,7 +91,7 @@ subscriber_lname => "Subscriber Last Name: ",
subscriber_relationship => "Subscriber Relationship: ",
subscriber_ss => "Subscriber SS: ",
subscriber_DOB => "Subscriber Date of Birth: ",
-subscriber_phone => "Subscribter Phone: ",
+subscriber_phone => "Subscriber Phone: ",
subscriber_street => "Subscriber Address: ",
subscriber_postal_code => "Subscriber Zip: ",
subscriber_city => "Subscriber City: ",
diff --git a/library/translation.inc.php b/library/translation.inc.php
index 8ceb060..650cfc0 100644
--- a/library/translation.inc.php
+++ b/library/translation.inc.php
@@ -32,9 +32,8 @@ function xl($constant,$mode='r',$prepend='',$append='') {
// second, attempt translation
$sql="SELECT * FROM lang_definitions JOIN lang_constants ON " .
"lang_definitions.cons_id = lang_constants.cons_id WHERE " .
- "lang_id='$lang_id' AND constant_name = '" .
- add_escape_custom($constant) . "' LIMIT 1";
- $res = sqlStatementNoLog($sql);
+ "lang_id=? AND constant_name = ? LIMIT 1";
+ $res = sqlStatementNoLog($sql,array($lang_id,$constant));
$row = SqlFetchArray($res);
$string = $row['definition'];
if ($string == '') { $string = "$constant"; }
@@ -223,7 +222,7 @@ function getLanguageTitle($val) {
}
// get language title
- $res = sqlStatement("select lang_description from lang_languages where lang_id = '".$lang_id."'");
+ $res = sqlStatement("select lang_description from lang_languages where lang_id =?",array($lang_id));
for ($iter = 0;$row = sqlFetchArray($res);$iter++) $result[$iter] = $row;
$languageTitle = $result[0]{"lang_description"};
return $languageTitle;
diff --git a/setup.php b/setup.php
index 9ac2e36..81af791 100644
--- a/setup.php
+++ b/setup.php
@@ -54,7 +54,7 @@ if (!$COMMAND_LINE && !empty($_REQUEST['site'])) {
// Die if site ID is empty or has invalid characters.
if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id))
- die("Site ID '$site_id' contains invalid characters.");
+ die("Site ID '".htmlspecialchars($site_id,ENT_NOQUOTES)."' contains invalid characters.");
//If having problems with file and directory permission
// checking, then can be manually disabled here.
diff --git a/sql/database.sql b/sql/database.sql
index 3d36acc..16913d0 100644
--- a/sql/database.sql
+++ b/sql/database.sql
@@ -1166,6 +1166,8 @@ CREATE TABLE `form_misc_billing_options` (
`prior_auth_number` varchar(20) default NULL,
`comments` varchar(255) default NULL,
`replacement_claim` tinyint(1) default 0,
+ `box_14_date_qual` char(3) default NULL,
+ `box_15_date_qual` char(3) default NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 ;
diff --git a/sql/patch.sql b/sql/patch.sql
index 19770ee..5595c46 100644
--- a/sql/patch.sql
+++ b/sql/patch.sql
@@ -48,3 +48,13 @@
-- #EndIf
-- all blocks are terminated with and #EndIf statement.
+#IfMissingColumn form_misc_billing_options box_14_date_qual
+ALTER TABLE `form_misc_billing_options`
+ADD COLUMN `box_14_date_qual` CHAR(3) NULL DEFAULT NULL;
+#EndIf
+
+#IfMissingColumn form_misc_billing_options box_15_date_qual
+ALTER TABLE `form_misc_billing_options`
+ADD COLUMN `box_15_date_qual` CHAR(3) NULL DEFAULT NULL;
+#EndIf
+
diff --git a/sql_upgrade.php b/sql_upgrade.php
index ae7799a..db5021f 100644
--- a/sql_upgrade.php
+++ b/sql_upgrade.php
@@ -60,7 +60,13 @@ if (!empty($_POST['form_submit'])) {
upgradeFromSqlFile('ippf_upgrade.sql');
}
+ if ( (!empty($v_realpatch)) && ($v_realpatch != "") && ($v_realpatch > 0) ) {
+ // This release contains a patch file, so process it.
+ upgradeFromSqlFile('patch.sql');
+ }
+
flush();
+
echo "<font color='green'>Updating global configuration defaults...</font><br />\n";
require_once("library/globals.inc.php");
foreach ($GLOBALS_METADATA as $grpname => $grparr) {
@@ -84,6 +90,12 @@ if (!empty($_POST['form_submit'])) {
sqlStatement("UPDATE version SET v_major = '$v_major', v_minor = '$v_minor', " .
"v_patch = '$v_patch', v_tag = '$v_tag', v_database = '$v_database'");
+ if ( (!empty($v_realpatch)) && ($v_realpatch != "") && ($v_realpatch > 0) ) {
+ // This release contains a patch file, so update patch indicator.
+ echo "<font color='green'>Patch was also installed, so update version patch indicator...</font><br />\n";
+ sqlStatement("UPDATE version SET v_realpatch = '$v_realpatch'");
+ }
+
echo "<p><font color='green'>Database and Access Control upgrade finished.</font></p>\n";
echo "</body></html>\n";
exit();
diff --git a/version.php b/version.php
index 2d57164..c8dd0e7 100644
--- a/version.php
+++ b/version.php
@@ -11,7 +11,7 @@ $v_tag = ''; // minor revision number, should be empty for production releases
// A real patch identifier. This is incremented when release a patch for a
// production release. Not the above $v_patch variable is a misnomer and actually
// stores release version information.
-$v_realpatch = '3';
+$v_realpatch = '7';
// Database version identifier, this is to be incremented whenever there
// is a database change in the course of development. It is used
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-med/openemr.git
More information about the debian-med-commit
mailing list