]>
Softwares of Agnibho - simpleipd.git/blob - lib/db.php
66131e86c46bb259622b34483e5c2e4278ac4ff0
2 class DB
extends SQLite3
{
3 function __construct(){
4 $this->open(CONFIG_DB
);
6 function checkUser($username, $password){
8 $stmt=$this->prepare("SELECT hash FROM users WHERE user=:user");
9 $stmt->bindValue(":user", $username);
10 $result=$stmt->execute();
11 $hash=$result->fetchArray();
13 return(password_verify($password, $hash["hash"]));
19 function getGroup($username){
21 $stmt=$this->prepare("SELECT usergroup FROM users WHERE user=:user");
22 $stmt->bindValue(":user", $username);
23 $result=$stmt->execute();
26 function getDepartment($username){
28 $stmt=$this->prepare("SELECT department FROM users WHERE user=:user");
29 $stmt->bindValue(":user", $username);
30 $result=$stmt->execute();
33 function admit($post){
35 if(!checkAccess("admission", "dbSet")) return false;
36 $query=$this->prepare("SELECT count(rowid) FROM patients WHERE pid=:pid");
37 $query->bindValue(":pid", $post["pid"]);
38 $exist=$query->execute();
39 if($exist->fetchArray()[0]==0){
40 $stmt=$this->prepare("INSERT INTO patients (pid,name,age,sex,status,vp,ward,bed,data) VALUES (:pid,:name,:age,:sex,:status,:vp,:ward,:bed,:data);");
43 $stmt=$this->prepare("UPDATE patients SET name=:name,age=:age,sex=:sex,ward=:ward,bed=:bed,vp=:vp,data=:data WHERE pid=:pid;");
45 $stmt->bindValue(":pid", $post["pid"]);
46 $stmt->bindValue(":name", $post["name"]);
47 $stmt->bindValue(":age", $post["age"]);
48 $stmt->bindValue(":sex", $post["sex"]);
49 $stmt->bindValue(":status", "admitted");
50 $stmt->bindValue(":ward", $post["ward"]);
51 $stmt->bindValue(":bed", $post["bed"]);
52 $stmt->bindValue(":vp", $post["vp"]);
53 $stmt->bindValue(":data", json_encode($post));
55 $log->log($post["pid"], "admit", json_encode($post));
57 function editCase($pid, $diagnosis, $summary){
59 if(!checkAccess("history", "dbSet")) return false;
60 $stmt=$this->prepare("UPDATE patients SET diagnosis=:diagnosis,summary=:summary WHERE pid=:pid;");
61 $stmt->bindValue(":pid", $pid);
62 $stmt->bindValue(":diagnosis", $diagnosis);
63 $stmt->bindValue(":summary", $summary);
65 $log->log($pid, "case_edit", json_encode([$diagnosis, $summary]));
67 function updateHistory($post, $pid){
69 if(!checkAccess("history", "dbSet:")) return false;
70 $stmt=$this->prepare("UPDATE patients SET history=:history WHERE pid=:pid;");
71 $stmt->bindValue(":history", json_encode($post));
72 $stmt->bindValue(":pid", $pid);
74 $log->log($pid, "history", json_encode($post));
76 function addPhysician($post, $pid){
78 if(!checkAccess("physician", "dbSet")) return false;
79 $stmt=$this->prepare("INSERT INTO physician (pid, time, data) VALUES (:pid, :time, :data);");
80 $stmt->bindValue(":pid", $pid);
81 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
82 $stmt->bindValue(":data", json_encode($post));
84 $log->log($pid, "physician_note", json_encode($post));
86 function editPhysician($post, $pid, $id){
88 if(!checkAccess("physician", "dbSet")) return false;
89 $stmt=$this->prepare("UPDATE physician SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
90 $stmt->bindValue(":pid", $pid);
91 $stmt->bindValue(":id", $id);
92 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
93 $stmt->bindValue(":data", json_encode($post));
95 $log->log($pid, "edit_physician_note", json_encode($post));
97 function addNursing($post, $pid){
99 if(!checkAccess("nursing", "dbSet")) return false;
100 $stmt=$this->prepare("INSERT INTO nursing (pid, time, data) VALUES (:pid, :time, :data);");
101 $stmt->bindValue(":pid", $pid);
102 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
103 $stmt->bindValue(":data", json_encode($post));
105 $log->log($pid, "nursing_note", json_encode($post));
107 function editNursing($post, $pid, $id){
109 if(!checkAccess("nursing", "dbSet")) return false;
110 $stmt=$this->prepare("UPDATE nursing SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
111 $stmt->bindValue(":pid", $pid);
112 $stmt->bindValue(":id", $id);
113 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
114 $stmt->bindValue(":data", json_encode($post));
116 $log->log($pid, "edit_nursing_note", json_encode($post));
118 function addReport($post, $pid, $form){
120 if(!checkAccess("report", "dbSet")) return false;
121 $stmt=$this->prepare("INSERT INTO reports (pid, time, form, data) VALUES (:pid, :time, :form, :data);");
122 $stmt->bindValue(":pid", $pid);
123 if(!empty($post["time"])){
124 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
127 $stmt->bindValue(":time", strtotime($post["date"]));
129 $stmt->bindValue(":form", $post["form"]);
130 $stmt->bindValue(":data", json_encode($post));
132 $log->log($pid, "report_added", json_encode($post));
134 function editReport($post, $pid, $id, $form){
136 if(!checkAccess("report", "dbSet")) return false;
137 $stmt=$this->prepare("UPDATE reports SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
138 $stmt->bindValue(":pid", $pid);
139 $stmt->bindValue(":id", $id);
140 if(!empty($post["time"])){
141 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
144 $stmt->bindValue(":time", strtotime($post["date"]));
146 $stmt->bindValue(":data", json_encode($post));
148 $log->log($pid, "report_edited", json_encode($post));
150 function addDrug($pid, $drug, $dose, $route, $frequency, $date, $time, $duration, $addl){
152 if(!checkAccess("treatment", "dbSet")) return false;
153 $stmt=$this->prepare("INSERT INTO treatment (pid, drug, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :start, :duration, :omit, :addl);");
154 $stmt->bindValue(":pid", $pid);
155 $stmt->bindValue(":drug", $drug);
156 $stmt->bindValue(":dose", $dose);
157 $stmt->bindValue(":route", $route);
158 $stmt->bindValue(":frequency", $frequency);
159 $stmt->bindValue(":start", strtotime($date." ".$time));
160 $stmt->bindValue(":duration", $duration);
161 $stmt->bindValue(":addl", $addl);
162 $stmt->bindValue(":omit", false);
164 $log->log($pid, "drug_added", json_encode([$drug,$dose,$route,$frequency,$date,$time,$duration,$addl]));
166 function omitDrug($id, $date, $time){
168 if(!checkAccess("treatment", "dbSet")) return false;
169 $stmt=$this->prepare("UPDATE treatment SET end=:end,omit=:omit WHERE rowid=:id;");
170 $stmt->bindValue(":end", strtotime($date." ".$time));
171 $stmt->bindValue(":omit", true);
172 $stmt->bindValue(":id", $id);
174 $log->log(null, "drug_omitted", $id);
176 function giveDrug($id, $given){
178 if(!checkAccess("nursing", "dbSet")) return false;
179 $stmt=$this->prepare("UPDATE treatment SET administer=:given WHERE rowid=:id;");
180 $stmt->bindValue(":given", $given);
181 $stmt->bindValue(":id", $id);
183 $log->log(null, "drug_given", $id);
185 function addRequisition($pid, $test, $sample, $date, $time, $room, $form, $addl){
187 if(!checkAccess("requisition", "dbSet")) return false;
188 $stmt=$this->prepare("INSERT INTO requisition (pid, test, sample, time, room, form, status, addl) VALUES (:pid, :test, :sample, :time, :room, :form, :status, :addl);");
189 $stmt->bindValue(":pid", $pid);
190 $stmt->bindValue(":test", $test);
191 $stmt->bindValue(":sample", $sample);
192 $stmt->bindValue(":time", strtotime($date." ".$time));
193 $stmt->bindValue(":room", $room);
194 $stmt->bindValue(":form", $form);
195 $stmt->bindValue(":status", "active");
196 $stmt->bindValue(":addl", $addl);
198 $log->log($pid, "requisition_added", json_encode([$test,$room,$form]));
200 function omitRequisition($id){
202 if(!checkAccess("requisition", "dbSet")) return false;
203 $stmt=$this->prepare("UPDATE requisition SET status=:status WHERE rowid=:id;");
204 $stmt->bindValue(":status", "done");
205 $stmt->bindValue(":id", $id);
207 $log->log(null, "requisition_removed", $id);
209 function addAdvice($pid, $drug, $dose, $route, $frequency, $duration, $addl){
211 if(!checkAccess("discharge", "dbSet")) return false;
212 $stmt=$this->prepare("INSERT INTO discharge (pid, drug, dose, route, frequency, duration, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :duration, :addl);");
213 $stmt->bindValue(":pid", $pid);
214 $stmt->bindValue(":drug", $drug);
215 $stmt->bindValue(":dose", $dose);
216 $stmt->bindValue(":route", $route);
217 $stmt->bindValue(":frequency", $frequency);
218 $stmt->bindValue(":duration", $duration);
219 $stmt->bindValue(":addl", $addl);
222 function deleteAdvice($id){
224 if(!checkAccess("discharge", "dbSet")) return false;
225 $stmt=$this->prepare("DELETE FROM discharge WHERE rowid=:id;");
226 $stmt->bindValue(":id", $id);
229 function setDischarged($pid){
231 if(!checkAccess("discharge", "dbSet")) return false;
232 $stmt=$this->prepare("UPDATE patients SET status=:discharged WHERE pid=:pid;");
233 $stmt->bindValue(":pid", $pid);
234 $stmt->bindValue(":discharged", "discharged");
236 $log->log($pid, "discharged", null);
238 function setDead($pid, $post){
240 if(!checkAccess("death", "dbSet")) return false;
241 $stmt=$this->prepare("INSERT INTO death (pid, time, data) VALUES (:pid, :time, :data);");
242 $stmt->bindValue(":pid", $pid);
243 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
244 $stmt->bindValue(":data", json_encode($post));
246 $stmt=$this->prepare("UPDATE patients SET status='expired' WHERE pid=:pid;");
247 $stmt->bindValue(":pid", $pid);
249 $log->log($pid, "death_declare", json_encode($post));
251 function getDrugs($pid){
253 if(!checkAccess("treatment", "dbGet")) return false;
254 $stmt=$this->prepare("SELECT rowid,* FROM treatment WHERE pid=:pid ORDER BY omit,start;");
255 $stmt->bindValue(":pid", $pid);
256 $result=$stmt->execute();
259 function getAdminister($pid){
261 if(!checkAccess("nursing", "dbGet")) return false;
262 $stmt=$this->prepare("SELECT rowid,administer FROM treatment WHERE pid=:pid;");
263 $stmt->bindValue(":pid", $pid);
264 $result=$stmt->execute();
267 function getRequisitions($pid){
269 if(!checkAccess("requisition", "dbGet")) return false;
270 $stmt=$this->prepare("SELECT rowid,* FROM requisition WHERE pid=:pid AND status=:status ORDER BY room;");
271 $stmt->bindValue(":pid", $pid);
272 $stmt->bindValue(":status", "active");
273 $result=$stmt->execute();
276 function getAdvice($pid){
278 if(!checkAccess("discharge", "dbGet")) return false;
279 $stmt=$this->prepare("SELECT rowid,* FROM discharge WHERE pid=:pid;");
280 $stmt->bindValue(":pid", $pid);
281 $result=$stmt->execute();
284 function getDeath($pid){
286 if(!checkAccess("discharge", "dbGet")) return false;
287 $stmt=$this->prepare("SELECT data FROM death WHERE pid=:pid;");
288 $stmt->bindValue(":pid", $pid);
289 $result=$stmt->execute();
292 function getName($pid){
294 if(!checkAccess("info", "dbGet")) return false;
295 $stmt=$this->prepare("SELECT name FROM patients WHERE pid=:pid;");
296 $stmt->bindValue(":pid", $pid);
297 $result=$stmt->execute();
300 function getAge($pid){
302 if(!checkAccess("info", "dbGet")) return false;
303 $stmt=$this->prepare("SELECT age FROM patients WHERE pid=:pid;");
304 $stmt->bindValue(":pid", $pid);
305 $result=$stmt->execute();
308 function getSex($pid){
310 if(!checkAccess("info", "dbGet")) return false;
311 $stmt=$this->prepare("SELECT sex FROM patients WHERE pid=:pid;");
312 $stmt->bindValue(":pid", $pid);
313 $result=$stmt->execute();
316 function getWard($pid){
318 if(!checkAccess("info", "dbGet")) return false;
319 $stmt=$this->prepare("SELECT ward FROM patients WHERE pid=:pid;");
320 $stmt->bindValue(":pid", $pid);
321 $result=$stmt->execute();
324 function getBed($pid){
326 if(!checkAccess("info", "dbGet")) return false;
327 $stmt=$this->prepare("SELECT bed FROM patients WHERE pid=:pid;");
328 $stmt->bindValue(":pid", $pid);
329 $result=$stmt->execute();
332 function getStatus($pid){
334 if(!checkAccess("info", "dbGet")) return false;
335 $stmt=$this->prepare("SELECT status FROM patients WHERE pid=:pid;");
336 $stmt->bindValue(":pid", $pid);
337 $result=$stmt->execute();
340 function getDiagnosis($pid){
342 if(!checkAccess("diagnosis", "dbGet")) return false;
343 $stmt=$this->prepare("SELECT diagnosis FROM patients WHERE pid=:pid;");
344 $stmt->bindValue(":pid", $pid);
345 $result=$stmt->execute();
348 function getPatientList(){
350 if(!checkAccess("info", "dbGet")) return false;
351 $stmt=$this->prepare("SELECT pid,ward,bed,name,diagnosis,status FROM patients;");
352 $result=$stmt->execute();
355 function getAdmittedPatientList(){
357 if(!checkAccess("info", "dbGet")) return false;
358 $stmt=$this->prepare("SELECT pid,ward,bed,name,diagnosis FROM patients WHERE status='admitted';");
359 $result=$stmt->execute();
362 function getRequisitionList(){
364 if(!checkAccess("requisition", "dbGet")) return false;
365 $stmt=$this->prepare("SELECT rowid,* FROM requisition WHERE status=:active ORDER BY room,test;");
366 $stmt->bindValue(":active", "active");
367 $result=$stmt->execute();
370 function getForm($id){
372 if(!checkAccess("report", "dbGet")) return false;
373 $stmt=$this->prepare("SELECT form FROM reports WHERE rowid=:id;");
374 $stmt->bindValue(":id", $id);
375 $result=$stmt->execute();
378 function getAdmission($pid){
380 if(!checkAccess("admission", "dbGet")) return false;
381 $stmt=$this->prepare("SELECT admission FROM patients WHERE pid=:pid;");
382 $stmt->bindValue(":pid", $pid);
383 $result=$stmt->execute();
386 function getAdmissionData($pid){
388 if(!checkAccess("admission", "dbGet")) return false;
389 $stmt=$this->prepare("SELECT data FROM patients WHERE pid=:pid;");
390 $stmt->bindValue(":pid", $pid);
391 $result=$stmt->execute();
394 function getDeparture($pid){
396 if(!checkAccess("admission", "dbGet")) return false;
397 $stmt=$this->prepare("SELECT departure FROM patients WHERE pid=:pid;");
398 $stmt->bindValue(":pid", $pid);
399 $result=$stmt->execute();
402 function getSummary($pid){
404 if(!checkAccess("summary", "dbGet")) return false;
405 $stmt=$this->prepare("SELECT summary FROM patients WHERE pid=:pid;");
406 $stmt->bindValue(":pid", $pid);
407 $result=$stmt->execute();
410 function getHistory($pid){
412 if(!checkAccess("history", "dbGet")) return false;
413 $stmt=$this->prepare("SELECT history FROM patients WHERE pid=:pid;");
414 $stmt->bindValue(":pid", $pid);
415 $result=$stmt->execute();
418 function getData($pid, $id, $cat){
420 if($cat=="physician"){
421 if(!checkAccess("physician", "dbGet")) return false;
422 $stmt=$this->prepare("SELECT data FROM physician WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
423 } elseif($cat=="nursing"){
424 if(!checkAccess("nursing", "dbGet")) return false;
425 $stmt=$this->prepare("SELECT data FROM nursing WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
426 } elseif($cat=="reports"){
427 if(!checkAccess("report", "dbGet")) return false;
428 $stmt=$this->prepare("SELECT form,data FROM reports WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
432 $stmt->bindValue(":pid", $pid);
433 $stmt->bindValue(":id", $id);
434 $result=$stmt->execute();
437 function getAllData($pid, $cat){
439 if($cat=="physician"){
440 if(!checkAccess("physician", "dbGet")) return false;
441 $stmt=$this->prepare("SELECT rowid,data FROM physician WHERE pid=:pid ORDER BY time DESC;");
442 } elseif($cat=="nursing"){
443 if(!checkAccess("nursing", "dbGet")) return false;
444 $stmt=$this->prepare("SELECT rowid,data FROM nursing WHERE pid=:pid ORDER BY time DESC;");
445 } elseif($cat=="reports"){
446 if(!checkAccess("report", "dbGet")) return false;
447 $stmt=$this->prepare("SELECT rowid,form,data FROM reports WHERE pid=:pid ORDER BY time DESC;");
448 } elseif($cat=="info"){
449 if(!checkAccess("info", "dbGet")) return false;
450 $stmt=$this->prepare("SELECT rowid,data FROM patients WHERE pid=:pid ORDER BY time DESC;");
451 } elseif($cat=="history"){
452 if(!checkAccess("history", "dbGet")) return false;
453 $stmt=$this->prepare("SELECT rowid,history FROM patients WHERE pid=:pid ORDER BY time DESC;");
457 $stmt->bindValue(":pid", $pid);
458 $result=$stmt->execute();