]> Softwares of Agnibho - simpleipd.git/blob - lib/db.php
projects / simpleipd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bugfix
[simpleipd.git] / lib / db.php
1 <?php
2 class DB extends SQLite3 {
3 function __construct(){
4 $this->open(CONFIG_DB);
5 }
6 function checkUser($username, $password){
7 global $log;
8 $stmt=$this->prepare("SELECT hash FROM users WHERE user=:user");
9 $stmt->bindValue(":user", $username);
10 $result=$stmt->execute();
11 $hash=$result->fetchArray();
12 if($hash){
13 return(password_verify($password, $hash["hash"]));
14 }
15 else{
16 return(false);
17 }
18 }
19 function getGroup($username){
20 global $log;
21 $stmt=$this->prepare("SELECT usergroup FROM users WHERE user=:user");
22 $stmt->bindValue(":user", $username);
23 $result=$stmt->execute();
24 return($result);
25 }
26 function getDepartment($username){
27 global $log;
28 $stmt=$this->prepare("SELECT department FROM users WHERE user=:user");
29 $stmt->bindValue(":user", $username);
30 $result=$stmt->execute();
31 return($result);
32 }
33 function admit($post){
34 global $log;
35 if(!checkAccess("admission", "dbSet")) return false;
36 $query=$this->prepare("SELECT count(rowid) FROM patients WHERE pid=:pid");
37 $query->bindValue(":pid", $post["pid"]);
38 $exist=$query->execute();
39 if($exist->fetchArray()[0]==0){
40 $stmt=$this->prepare("INSERT INTO patients (pid,name,age,sex,status,vp,ward,bed,data) VALUES (:pid,:name,:age,:sex,:status,:vp,:ward,:bed,:data);");
41 }
42 else{
43 $stmt=$this->prepare("UPDATE patients SET name=:name,age=:age,sex=:sex,ward=:ward,bed=:bed,vp=:vp,data=:data WHERE pid=:pid;");
44 }
45 $stmt->bindValue(":pid", $post["pid"]);
46 $stmt->bindValue(":name", $post["name"]);
47 $stmt->bindValue(":age", $post["age"]);
48 $stmt->bindValue(":sex", $post["sex"]);
49 $stmt->bindValue(":status", "admitted");
50 $stmt->bindValue(":ward", $post["ward"]);
51 $stmt->bindValue(":bed", $post["bed"]);
52 $stmt->bindValue(":vp", $post["vp"]);
53 $stmt->bindValue(":data", json_encode($post));
54 $stmt->execute();
55 $log->log($post["pid"], "admit", json_encode($post));
56 }
57 function editCase($pid, $diagnosis, $summary){
58 global $log;
59 if(!checkAccess("history", "dbSet")) return false;
60 $stmt=$this->prepare("UPDATE patients SET diagnosis=:diagnosis,summary=:summary WHERE pid=:pid;");
61 $stmt->bindValue(":pid", $pid);
62 $stmt->bindValue(":diagnosis", $diagnosis);
63 $stmt->bindValue(":summary", $summary);
64 $stmt->execute();
65 $log->log($pid, "case_edit", json_encode([$diagnosis, $summary]));
66 }
67 function updateHistory($post, $pid){
68 global $log;
69 if(!checkAccess("history", "dbSet:")) return false;
70 $stmt=$this->prepare("UPDATE patients SET history=:history WHERE pid=:pid;");
71 $stmt->bindValue(":history", json_encode($post));
72 $stmt->bindValue(":pid", $pid);
73 $stmt->execute();
74 $log->log($pid, "history", json_encode($post));
75 }
76 function addPhysician($post, $pid){
77 global $log;
78 if(!checkAccess("physician", "dbSet")) return false;
79 $stmt=$this->prepare("INSERT INTO physician (pid, time, data) VALUES (:pid, :time, :data);");
80 $stmt->bindValue(":pid", $pid);
81 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
82 $stmt->bindValue(":data", json_encode($post));
83 $stmt->execute();
84 $log->log($pid, "physician_note", json_encode($post));
85 }
86 function editPhysician($post, $pid, $id){
87 global $log;
88 if(!checkAccess("physician", "dbSet")) return false;
89 $stmt=$this->prepare("UPDATE physician SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
90 $stmt->bindValue(":pid", $pid);
91 $stmt->bindValue(":id", $id);
92 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
93 $stmt->bindValue(":data", json_encode($post));
94 $stmt->execute();
95 $log->log($pid, "edit_physician_note", json_encode($post));
96 }
97 function addNursing($post, $pid){
98 global $log;
99 if(!checkAccess("nursing", "dbSet")) return false;
100 $stmt=$this->prepare("INSERT INTO nursing (pid, time, data) VALUES (:pid, :time, :data);");
101 $stmt->bindValue(":pid", $pid);
102 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
103 $stmt->bindValue(":data", json_encode($post));
104 $stmt->execute();
105 $log->log($pid, "nursing_note", json_encode($post));
106 }
107 function editNursing($post, $pid, $id){
108 global $log;
109 if(!checkAccess("nursing", "dbSet")) return false;
110 $stmt=$this->prepare("UPDATE nursing SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
111 $stmt->bindValue(":pid", $pid);
112 $stmt->bindValue(":id", $id);
113 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
114 $stmt->bindValue(":data", json_encode($post));
115 $stmt->execute();
116 $log->log($pid, "edit_nursing_note", json_encode($post));
117 }
118 function addReport($post, $pid, $form){
119 global $log;
120 if(!checkAccess("report", "dbSet")) return false;
121 $stmt=$this->prepare("INSERT INTO reports (pid, time, form, data) VALUES (:pid, :time, :form, :data);");
122 $stmt->bindValue(":pid", $pid);
123 if(!empty($post["time"])){
124 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
125 }
126 else{
127 $stmt->bindValue(":time", strtotime($post["date"]));
128 }
129 $stmt->bindValue(":form", $post["form"]);
130 $stmt->bindValue(":data", json_encode($post));
131 $stmt->execute();
132 $log->log($pid, "report_added", json_encode($post));
133 }
134 function editReport($post, $pid, $id, $form){
135 global $log;
136 if(!checkAccess("report", "dbSet")) return false;
137 $stmt=$this->prepare("UPDATE reports SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
138 $stmt->bindValue(":pid", $pid);
139 $stmt->bindValue(":id", $id);
140 if(!empty($post["time"])){
141 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
142 }
143 else{
144 $stmt->bindValue(":time", strtotime($post["date"]));
145 }
146 $stmt->bindValue(":data", json_encode($post));
147 $stmt->execute();
148 $log->log($pid, "report_edited", json_encode($post));
149 }
150 function addDrug($pid, $drug, $dose, $route, $frequency, $date, $time, $duration, $addl){
151 global $log;
152 if(!checkAccess("treatment", "dbSet")) return false;
153 $stmt=$this->prepare("INSERT INTO treatment (pid, drug, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :start, :duration, :omit, :addl);");
154 $stmt->bindValue(":pid", $pid);
155 $stmt->bindValue(":drug", $drug);
156 $stmt->bindValue(":dose", $dose);
157 $stmt->bindValue(":route", $route);
158 $stmt->bindValue(":frequency", $frequency);
159 $stmt->bindValue(":start", strtotime($date." ".$time));
160 $stmt->bindValue(":duration", $duration);
161 $stmt->bindValue(":addl", $addl);
162 $stmt->bindValue(":omit", false);
163 $stmt->execute();
164 $log->log($pid, "drug_added", json_encode([$drug,$dose,$route,$frequency,$date,$time,$duration,$addl]));
165 }
166 function omitDrug($id, $date, $time){
167 global $log;
168 if(!checkAccess("treatment", "dbSet")) return false;
169 $stmt=$this->prepare("UPDATE treatment SET end=:end,omit=:omit WHERE rowid=:id;");
170 $stmt->bindValue(":end", strtotime($date." ".$time));
171 $stmt->bindValue(":omit", true);
172 $stmt->bindValue(":id", $id);
173 $stmt->execute();
174 $log->log(null, "drug_omitted", $id);
175 }
176 function giveDrug($id, $given){
177 global $log;
178 if(!checkAccess("nursing", "dbSet")) return false;
179 $stmt=$this->prepare("UPDATE treatment SET administer=:given WHERE rowid=:id;");
180 $stmt->bindValue(":given", $given);
181 $stmt->bindValue(":id", $id);
182 $stmt->execute();
183 $log->log(null, "drug_given", $id);
184 }
185 function addRequisition($pid, $test, $sample, $date, $time, $room, $form){
186 global $log;
187 if(!checkAccess("requisition", "dbSet")) return false;
188 $stmt=$this->prepare("INSERT INTO requisition (pid, test, sample, time, room, form, status) VALUES (:pid, :test, :sample, :time, :room, :form, :status);");
189 $stmt->bindValue(":pid", $pid);
190 $stmt->bindValue(":test", $test);
191 $stmt->bindValue(":sample", $sample);
192 $stmt->bindValue(":time", strtotime($date." ".$time));
193 $stmt->bindValue(":room", $room);
194 $stmt->bindValue(":form", $form);
195 $stmt->bindValue(":status", "active");
196 $stmt->execute();
197 $log->log($pid, "requisition_added", json_encode([$test,$room,$form]));
198 }
199 function omitRequisition($id){
200 global $log;
201 if(!checkAccess("requisition", "dbSet")) return false;
202 $stmt=$this->prepare("UPDATE requisition SET status=:status WHERE rowid=:id;");
203 $stmt->bindValue(":status", "done");
204 $stmt->bindValue(":id", $id);
205 $stmt->execute();
206 $log->log(null, "requisition_removed", $id);
207 }
208 function addAdvice($pid, $drug, $dose, $route, $frequency, $duration, $addl){
209 global $log;
210 if(!checkAccess("discharge", "dbSet")) return false;
211 $stmt=$this->prepare("INSERT INTO discharge (pid, drug, dose, route, frequency, duration, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :duration, :addl);");
212 $stmt->bindValue(":pid", $pid);
213 $stmt->bindValue(":drug", $drug);
214 $stmt->bindValue(":dose", $dose);
215 $stmt->bindValue(":route", $route);
216 $stmt->bindValue(":frequency", $frequency);
217 $stmt->bindValue(":duration", $duration);
218 $stmt->bindValue(":addl", $addl);
219 $stmt->execute();
220 }
221 function deleteAdvice($id){
222 global $log;
223 if(!checkAccess("discharge", "dbSet")) return false;
224 $stmt=$this->prepare("DELETE FROM discharge WHERE rowid=:id;");
225 $stmt->bindValue(":id", $id);
226 $stmt->execute();
227 }
228 function setDischarged($pid){
229 global $log;
230 if(!checkAccess("discharge", "dbSet")) return false;
231 $stmt=$this->prepare("UPDATE patients SET status=:discharged WHERE pid=:pid;");
232 $stmt->bindValue(":pid", $pid);
233 $stmt->bindValue(":discharged", "discharged");
234 $stmt->execute();
235 $log->log($pid, "discharged", null);
236 }
237 function setDead($pid, $post){
238 global $log;
239 if(!checkAccess("death", "dbSet")) return false;
240 $stmt=$this->prepare("INSERT INTO death (pid, time, data) VALUES (:pid, :time, :data);");
241 $stmt->bindValue(":pid", $pid);
242 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
243 $stmt->bindValue(":data", json_encode($post));
244 $stmt->execute();
245 $stmt=$this->prepare("UPDATE patients SET status='expired' WHERE pid=:pid;");
246 $stmt->bindValue(":pid", $pid);
247 $stmt->execute();
248 $log->log($pid, "death_declare", json_encode($post));
249 }
250 function getDrugs($pid){
251 global $log;
252 if(!checkAccess("treatment", "dbGet")) return false;
253 $stmt=$this->prepare("SELECT rowid,* FROM treatment WHERE pid=:pid;");
254 $stmt->bindValue(":pid", $pid);
255 $result=$stmt->execute();
256 return($result);
257 }
258 function getAdminister($pid){
259 global $log;
260 if(!checkAccess("nursing", "dbGet")) return false;
261 $stmt=$this->prepare("SELECT rowid,administer FROM treatment WHERE pid=:pid;");
262 $stmt->bindValue(":pid", $pid);
263 $result=$stmt->execute();
264 return($result);
265 }
266 function getRequisitions($pid){
267 global $log;
268 if(!checkAccess("requisition", "dbGet")) return false;
269 $stmt=$this->prepare("SELECT rowid,* FROM requisition WHERE pid=:pid AND status=:status ORDER BY room;");
270 $stmt->bindValue(":pid", $pid);
271 $stmt->bindValue(":status", "active");
272 $result=$stmt->execute();
273 return($result);
274 }
275 function getAdvice($pid){
276 global $log;
277 if(!checkAccess("discharge", "dbGet")) return false;
278 $stmt=$this->prepare("SELECT rowid,* FROM discharge WHERE pid=:pid;");
279 $stmt->bindValue(":pid", $pid);
280 $result=$stmt->execute();
281 return($result);
282 }
283 function getName($pid){
284 global $log;
285 if(!checkAccess("info", "dbGet")) return false;
286 $stmt=$this->prepare("SELECT name FROM patients WHERE pid=:pid;");
287 $stmt->bindValue(":pid", $pid);
288 $result=$stmt->execute();
289 return($result);
290 }
291 function getAge($pid){
292 global $log;
293 if(!checkAccess("info", "dbGet")) return false;
294 $stmt=$this->prepare("SELECT age FROM patients WHERE pid=:pid;");
295 $stmt->bindValue(":pid", $pid);
296 $result=$stmt->execute();
297 return($result);
298 }
299 function getSex($pid){
300 global $log;
301 if(!checkAccess("info", "dbGet")) return false;
302 $stmt=$this->prepare("SELECT sex FROM patients WHERE pid=:pid;");
303 $stmt->bindValue(":pid", $pid);
304 $result=$stmt->execute();
305 return($result);
306 }
307 function getWard($pid){
308 global $log;
309 if(!checkAccess("info", "dbGet")) return false;
310 $stmt=$this->prepare("SELECT ward FROM patients WHERE pid=:pid;");
311 $stmt->bindValue(":pid", $pid);
312 $result=$stmt->execute();
313 return($result);
314 }
315 function getBed($pid){
316 global $log;
317 if(!checkAccess("info", "dbGet")) return false;
318 $stmt=$this->prepare("SELECT bed FROM patients WHERE pid=:pid;");
319 $stmt->bindValue(":pid", $pid);
320 $result=$stmt->execute();
321 return($result);
322 }
323 function getStatus($pid){
324 global $log;
325 if(!checkAccess("info", "dbGet")) return false;
326 $stmt=$this->prepare("SELECT status FROM patients WHERE pid=:pid;");
327 $stmt->bindValue(":pid", $pid);
328 $result=$stmt->execute();
329 return($result);
330 }
331 function getDiagnosis($pid){
332 global $log;
333 if(!checkAccess("diagnosis", "dbGet")) return false;
334 $stmt=$this->prepare("SELECT diagnosis FROM patients WHERE pid=:pid;");
335 $stmt->bindValue(":pid", $pid);
336 $result=$stmt->execute();
337 return($result);
338 }
339 function getPatientList(){
340 global $log;
341 if(!checkAccess("info", "dbGet")) return false;
342 $stmt=$this->prepare("SELECT pid,ward,bed,name,diagnosis FROM patients;");
343 $result=$stmt->execute();
344 return($result);
345 }
346 function getRequisitionList(){
347 global $log;
348 if(!checkAccess("requisition", "dbGet")) return false;
349 $stmt=$this->prepare("SELECT rowid,pid,test,sample,room,time,form FROM requisition WHERE status=:active;");
350 $stmt->bindValue(":active", "active");
351 $result=$stmt->execute();
352 return($result);
353 }
354 function getForm($id){
355 global $log;
356 if(!checkAccess("report", "dbGet")) return false;
357 $stmt=$this->prepare("SELECT form FROM reports WHERE rowid=:id;");
358 $stmt->bindValue(":id", $id);
359 $result=$stmt->execute();
360 return($result);
361 }
362 function getAdmission($pid){
363 global $log;
364 if(!checkAccess("admission", "dbGet")) return false;
365 $stmt=$this->prepare("SELECT admission FROM patients WHERE pid=:pid;");
366 $stmt->bindValue(":pid", $pid);
367 $result=$stmt->execute();
368 return($result);
369 }
370 function getAdmissionData($pid){
371 global $log;
372 if(!checkAccess("admission", "dbGet")) return false;
373 $stmt=$this->prepare("SELECT data FROM patients WHERE pid=:pid;");
374 $stmt->bindValue(":pid", $pid);
375 $result=$stmt->execute();
376 return($result);
377 }
378 function getDeparture($pid){
379 global $log;
380 if(!checkAccess("admission", "dbGet")) return false;
381 $stmt=$this->prepare("SELECT departure FROM patients WHERE pid=:pid;");
382 $stmt->bindValue(":pid", $pid);
383 $result=$stmt->execute();
384 return($result);
385 }
386 function getSummary($pid){
387 global $log;
388 if(!checkAccess("summary", "dbGet")) return false;
389 $stmt=$this->prepare("SELECT summary FROM patients WHERE pid=:pid;");
390 $stmt->bindValue(":pid", $pid);
391 $result=$stmt->execute();
392 return($result);
393 }
394 function getHistory($pid){
395 global $log;
396 if(!checkAccess("history", "dbGet")) return false;
397 $stmt=$this->prepare("SELECT history FROM patients WHERE pid=:pid;");
398 $stmt->bindValue(":pid", $pid);
399 $result=$stmt->execute();
400 return($result);
401 }
402 function getData($pid, $id, $cat){
403 global $log;
404 if($cat=="physician"){
405 if(!checkAccess("physician", "dbGet")) return false;
406 $stmt=$this->prepare("SELECT data FROM physician WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
407 } elseif($cat=="nursing"){
408 if(!checkAccess("nursing", "dbGet")) return false;
409 $stmt=$this->prepare("SELECT data FROM nursing WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
410 } elseif($cat=="reports"){
411 if(!checkAccess("report", "dbGet")) return false;
412 $stmt=$this->prepare("SELECT form,data FROM reports WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
413 } else{
414 return(false);
415 }
416 $stmt->bindValue(":pid", $pid);
417 $stmt->bindValue(":id", $id);
418 $result=$stmt->execute();
419 return($result);
420 }
421 function getAllData($pid, $cat){
422 global $log;
423 if($cat=="physician"){
424 if(!checkAccess("physician", "dbGet")) return false;
425 $stmt=$this->prepare("SELECT rowid,data FROM physician WHERE pid=:pid ORDER BY time DESC;");
426 } elseif($cat=="nursing"){
427 if(!checkAccess("nursing", "dbGet")) return false;
428 $stmt=$this->prepare("SELECT rowid,data FROM nursing WHERE pid=:pid ORDER BY time DESC;");
429 } elseif($cat=="reports"){
430 if(!checkAccess("report", "dbGet")) return false;
431 $stmt=$this->prepare("SELECT rowid,form,data FROM reports WHERE pid=:pid ORDER BY time DESC;");
432 } elseif($cat=="info"){
433 if(!checkAccess("info", "dbGet")) return false;
434 $stmt=$this->prepare("SELECT rowid,data FROM patients WHERE pid=:pid ORDER BY time DESC;");
435 } elseif($cat=="history"){
436 if(!checkAccess("history", "dbGet")) return false;
437 $stmt=$this->prepare("SELECT rowid,history FROM patients WHERE pid=:pid ORDER BY time DESC;");
438 } else{
439 return(false);
440 }
441 $stmt->bindValue(":pid", $pid);
442 $result=$stmt->execute();
443 return($result);
444 }
445 }
446 $db = new DB();
447 ?>
Paperless management system for hospital admitted patients