]>
Softwares of Agnibho - simpleipd.git/blob - lib/db.php
2 class DB
extends SQLite3
{
3 function __construct(){
4 $this->open(CONFIG_DB
);
6 function checkUser($username, $password){
8 $stmt=$this->prepare("SELECT hash FROM users WHERE user=:user");
9 $stmt->bindValue(":user", $username);
10 $result=$stmt->execute();
11 $hash=$result->fetchArray();
13 return(password_verify($password, $hash["hash"]));
19 function getGroup($username){
21 $stmt=$this->prepare("SELECT usergroup FROM users WHERE user=:user");
22 $stmt->bindValue(":user", $username);
23 $result=$stmt->execute();
26 function getDepartment($username){
28 $stmt=$this->prepare("SELECT department FROM users WHERE user=:user");
29 $stmt->bindValue(":user", $username);
30 $result=$stmt->execute();
33 function admit($post){
35 if(!checkAccess("admission", "dbSet")) return false;
36 $query=$this->prepare("SELECT count(rowid) FROM patients WHERE pid=:pid");
37 $query->bindValue(":pid", $post["pid"]);
38 $exist=$query->execute();
39 if($exist->fetchArray()[0]==0){
40 $stmt=$this->prepare("INSERT INTO patients (pid,name,age,sex,status,vp,ward,bed,data) VALUES (:pid,:name,:age,:sex,:status,:vp,:ward,:bed,:data);");
43 $stmt=$this->prepare("UPDATE patients SET name=:name,age=:age,sex=:sex,ward=:ward,bed=:bed,vp=:vp,data=:data WHERE pid=:pid;");
45 $stmt->bindValue(":pid", $post["pid"]);
46 $stmt->bindValue(":name", $post["name"]);
47 $stmt->bindValue(":age", $post["age"]);
48 $stmt->bindValue(":sex", $post["sex"]);
49 $stmt->bindValue(":status", "admitted");
50 $stmt->bindValue(":ward", $post["ward"]);
51 $stmt->bindValue(":bed", $post["bed"]);
52 $stmt->bindValue(":vp", $post["vp"]);
53 $stmt->bindValue(":data", json_encode($post));
55 $log->log($post["pid"], "admit", json_encode($post));
57 function editCase($pid, $diagnosis, $summary){
59 if(!checkAccess("history", "dbSet")) return false;
60 $stmt=$this->prepare("UPDATE patients SET diagnosis=:diagnosis,summary=:summary WHERE pid=:pid;");
61 $stmt->bindValue(":pid", $pid);
62 $stmt->bindValue(":diagnosis", $diagnosis);
63 $stmt->bindValue(":summary", $summary);
65 $log->log($pid, "case_edit", json_encode([$diagnosis, $summary]));
67 function updateHistory($post, $pid){
69 if(!checkAccess("history", "dbSet:")) return false;
70 $stmt=$this->prepare("UPDATE patients SET history=:history WHERE pid=:pid;");
71 $stmt->bindValue(":history", json_encode($post));
72 $stmt->bindValue(":pid", $pid);
74 $log->log($pid, "history", json_encode($post));
76 function addPhysician($post, $pid){
78 if(!checkAccess("physician", "dbSet")) return false;
79 $stmt=$this->prepare("INSERT INTO physician (pid, time, data) VALUES (:pid, :time, :data);");
80 $stmt->bindValue(":pid", $pid);
81 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
82 $stmt->bindValue(":data", json_encode($post));
84 $log->log($pid, "physician_note", json_encode($post));
86 function editPhysician($post, $pid, $id){
88 if(!checkAccess("physician", "dbSet")) return false;
89 $stmt=$this->prepare("UPDATE physician SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
90 $stmt->bindValue(":pid", $pid);
91 $stmt->bindValue(":id", $id);
92 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
93 $stmt->bindValue(":data", json_encode($post));
95 $log->log($pid, "edit_physician_note", json_encode($post));
97 function addNursing($post, $pid){
99 if(!checkAccess("nursing", "dbSet")) return false;
100 $stmt=$this->prepare("INSERT INTO nursing (pid, time, data) VALUES (:pid, :time, :data);");
101 $stmt->bindValue(":pid", $pid);
102 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
103 $stmt->bindValue(":data", json_encode($post));
105 $log->log($pid, "nursing_note", json_encode($post));
107 function editNursing($post, $pid, $id){
109 if(!checkAccess("nursing", "dbSet")) return false;
110 $stmt=$this->prepare("UPDATE nursing SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
111 $stmt->bindValue(":pid", $pid);
112 $stmt->bindValue(":id", $id);
113 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
114 $stmt->bindValue(":data", json_encode($post));
116 $log->log($pid, "edit_nursing_note", json_encode($post));
118 function addReport($post, $pid, $form){
120 if(!checkAccess("report", "dbSet")) return false;
121 $stmt=$this->prepare("INSERT INTO reports (pid, time, form, data) VALUES (:pid, :time, :form, :data);");
122 $stmt->bindValue(":pid", $pid);
123 if(!empty($post["time"])){
124 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
127 $stmt->bindValue(":time", strtotime($post["date"]));
129 $stmt->bindValue(":form", $post["form"]);
130 $stmt->bindValue(":data", json_encode($post));
132 $log->log($pid, "report_added", json_encode($post));
134 function editReport($post, $pid, $id, $form){
136 if(!checkAccess("report", "dbSet")) return false;
137 $stmt=$this->prepare("UPDATE reports SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;");
138 $stmt->bindValue(":pid", $pid);
139 $stmt->bindValue(":id", $id);
140 if(!empty($post["time"])){
141 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
144 $stmt->bindValue(":time", strtotime($post["date"]));
146 $stmt->bindValue(":data", json_encode($post));
148 $log->log($pid, "report_edited", json_encode($post));
150 function addDrug($pid, $drug, $dose, $route, $frequency, $date, $time, $duration, $addl){
152 if(!checkAccess("treatment", "dbSet")) return false;
153 $stmt=$this->prepare("INSERT INTO treatment (pid, drug, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :start, :duration, :omit, :addl);");
154 $stmt->bindValue(":pid", $pid);
155 $stmt->bindValue(":drug", $drug);
156 $stmt->bindValue(":dose", $dose);
157 $stmt->bindValue(":route", $route);
158 $stmt->bindValue(":frequency", $frequency);
159 $stmt->bindValue(":start", strtotime($date." ".$time));
160 $stmt->bindValue(":duration", $duration);
161 $stmt->bindValue(":addl", $addl);
162 $stmt->bindValue(":omit", false);
164 $log->log($pid, "drug_added", json_encode([$drug,$dose,$route,$frequency,$date,$time,$duration,$addl]));
166 function omitDrug($id, $date, $time){
168 if(!checkAccess("treatment", "dbSet")) return false;
169 $stmt=$this->prepare("UPDATE treatment SET end=:end,omit=:omit WHERE rowid=:id;");
170 $stmt->bindValue(":end", strtotime($date." ".$time));
171 $stmt->bindValue(":omit", true);
172 $stmt->bindValue(":id", $id);
174 $log->log(null, "drug_omitted", $id);
176 function giveDrug($id, $given){
178 if(!checkAccess("nursing", "dbSet")) return false;
179 $stmt=$this->prepare("UPDATE treatment SET administer=:given WHERE rowid=:id;");
180 $stmt->bindValue(":given", $given);
181 $stmt->bindValue(":id", $id);
183 $log->log(null, "drug_given", $id);
185 function addRequisition($pid, $test, $sample, $date, $time, $room, $form){
187 if(!checkAccess("requisition", "dbSet")) return false;
188 $stmt=$this->prepare("INSERT INTO requisition (pid, test, sample, time, room, form, status) VALUES (:pid, :test, :sample, :time, :room, :form, :status);");
189 $stmt->bindValue(":pid", $pid);
190 $stmt->bindValue(":test", $test);
191 $stmt->bindValue(":sample", $sample);
192 $stmt->bindValue(":time", strtotime($date." ".$time));
193 $stmt->bindValue(":room", $room);
194 $stmt->bindValue(":form", $form);
195 $stmt->bindValue(":status", "active");
197 $log->log($pid, "requisition_added", json_encode([$test,$room,$form]));
199 function omitRequisition($id){
201 if(!checkAccess("requisition", "dbSet")) return false;
202 $stmt=$this->prepare("UPDATE requisition SET status=:status WHERE rowid=:id;");
203 $stmt->bindValue(":status", "done");
204 $stmt->bindValue(":id", $id);
206 $log->log(null, "requisition_removed", $id);
208 function addAdvice($pid, $drug, $dose, $route, $frequency, $duration, $addl){
210 if(!checkAccess("discharge", "dbSet")) return false;
211 $stmt=$this->prepare("INSERT INTO discharge (pid, drug, dose, route, frequency, duration, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :duration, :addl);");
212 $stmt->bindValue(":pid", $pid);
213 $stmt->bindValue(":drug", $drug);
214 $stmt->bindValue(":dose", $dose);
215 $stmt->bindValue(":route", $route);
216 $stmt->bindValue(":frequency", $frequency);
217 $stmt->bindValue(":duration", $duration);
218 $stmt->bindValue(":addl", $addl);
221 function deleteAdvice($id){
223 if(!checkAccess("discharge", "dbSet")) return false;
224 $stmt=$this->prepare("DELETE FROM discharge WHERE rowid=:id;");
225 $stmt->bindValue(":id", $id);
228 function setDischarged($pid){
230 if(!checkAccess("discharge", "dbSet")) return false;
231 $stmt=$this->prepare("UPDATE patients SET status=:discharged WHERE pid=:pid;");
232 $stmt->bindValue(":pid", $pid);
233 $stmt->bindValue(":discharged", "discharged");
235 $log->log($pid, "discharged", null);
237 function setDead($pid, $post){
239 if(!checkAccess("death", "dbSet")) return false;
240 $stmt=$this->prepare("INSERT INTO death (pid, time, data) VALUES (:pid, :time, :data);");
241 $stmt->bindValue(":pid", $pid);
242 $stmt->bindValue(":time", strtotime($post["date"].$post["time"]));
243 $stmt->bindValue(":data", json_encode($post));
245 $stmt=$this->prepare("UPDATE patients SET status='expired' WHERE pid=:pid;");
246 $stmt->bindValue(":pid", $pid);
248 $log->log($pid, "death_declare", json_encode($post));
250 function getDrugs($pid){
252 if(!checkAccess("treatment", "dbGet")) return false;
253 $stmt=$this->prepare("SELECT rowid,* FROM treatment WHERE pid=:pid;");
254 $stmt->bindValue(":pid", $pid);
255 $result=$stmt->execute();
258 function getAdminister($pid){
260 if(!checkAccess("nursing", "dbGet")) return false;
261 $stmt=$this->prepare("SELECT rowid,administer FROM treatment WHERE pid=:pid;");
262 $stmt->bindValue(":pid", $pid);
263 $result=$stmt->execute();
266 function getRequisitions($pid){
268 if(!checkAccess("requisition", "dbGet")) return false;
269 $stmt=$this->prepare("SELECT rowid,* FROM requisition WHERE pid=:pid AND status=:status ORDER BY room;");
270 $stmt->bindValue(":pid", $pid);
271 $stmt->bindValue(":status", "active");
272 $result=$stmt->execute();
275 function getAdvice($pid){
277 if(!checkAccess("discharge", "dbGet")) return false;
278 $stmt=$this->prepare("SELECT rowid,* FROM discharge WHERE pid=:pid;");
279 $stmt->bindValue(":pid", $pid);
280 $result=$stmt->execute();
283 function getName($pid){
285 if(!checkAccess("info", "dbGet")) return false;
286 $stmt=$this->prepare("SELECT name FROM patients WHERE pid=:pid;");
287 $stmt->bindValue(":pid", $pid);
288 $result=$stmt->execute();
291 function getAge($pid){
293 if(!checkAccess("info", "dbGet")) return false;
294 $stmt=$this->prepare("SELECT age FROM patients WHERE pid=:pid;");
295 $stmt->bindValue(":pid", $pid);
296 $result=$stmt->execute();
299 function getSex($pid){
301 if(!checkAccess("info", "dbGet")) return false;
302 $stmt=$this->prepare("SELECT sex FROM patients WHERE pid=:pid;");
303 $stmt->bindValue(":pid", $pid);
304 $result=$stmt->execute();
307 function getWard($pid){
309 if(!checkAccess("info", "dbGet")) return false;
310 $stmt=$this->prepare("SELECT ward FROM patients WHERE pid=:pid;");
311 $stmt->bindValue(":pid", $pid);
312 $result=$stmt->execute();
315 function getBed($pid){
317 if(!checkAccess("info", "dbGet")) return false;
318 $stmt=$this->prepare("SELECT bed FROM patients WHERE pid=:pid;");
319 $stmt->bindValue(":pid", $pid);
320 $result=$stmt->execute();
323 function getStatus($pid){
325 if(!checkAccess("info", "dbGet")) return false;
326 $stmt=$this->prepare("SELECT status FROM patients WHERE pid=:pid;");
327 $stmt->bindValue(":pid", $pid);
328 $result=$stmt->execute();
331 function getDiagnosis($pid){
333 if(!checkAccess("diagnosis", "dbGet")) return false;
334 $stmt=$this->prepare("SELECT diagnosis FROM patients WHERE pid=:pid;");
335 $stmt->bindValue(":pid", $pid);
336 $result=$stmt->execute();
339 function getPatientList(){
341 if(!checkAccess("info", "dbGet")) return false;
342 $stmt=$this->prepare("SELECT pid,ward,bed,name,diagnosis FROM patients;");
343 $result=$stmt->execute();
346 function getRequisitionList(){
348 if(!checkAccess("requisition", "dbGet")) return false;
349 $stmt=$this->prepare("SELECT rowid,pid,test,sample,room,time,form FROM requisition WHERE status=:active;");
350 $stmt->bindValue(":active", "active");
351 $result=$stmt->execute();
354 function getForm($id){
356 if(!checkAccess("report", "dbGet")) return false;
357 $stmt=$this->prepare("SELECT form FROM reports WHERE rowid=:id;");
358 $stmt->bindValue(":id", $id);
359 $result=$stmt->execute();
362 function getAdmission($pid){
364 if(!checkAccess("admission", "dbGet")) return false;
365 $stmt=$this->prepare("SELECT admission FROM patients WHERE pid=:pid;");
366 $stmt->bindValue(":pid", $pid);
367 $result=$stmt->execute();
370 function getAdmissionData($pid){
372 if(!checkAccess("admission", "dbGet")) return false;
373 $stmt=$this->prepare("SELECT data FROM patients WHERE pid=:pid;");
374 $stmt->bindValue(":pid", $pid);
375 $result=$stmt->execute();
378 function getDeparture($pid){
380 if(!checkAccess("admission", "dbGet")) return false;
381 $stmt=$this->prepare("SELECT departure FROM patients WHERE pid=:pid;");
382 $stmt->bindValue(":pid", $pid);
383 $result=$stmt->execute();
386 function getSummary($pid){
388 if(!checkAccess("summary", "dbGet")) return false;
389 $stmt=$this->prepare("SELECT summary FROM patients WHERE pid=:pid;");
390 $stmt->bindValue(":pid", $pid);
391 $result=$stmt->execute();
394 function getHistory($pid){
396 if(!checkAccess("history", "dbGet")) return false;
397 $stmt=$this->prepare("SELECT history FROM patients WHERE pid=:pid;");
398 $stmt->bindValue(":pid", $pid);
399 $result=$stmt->execute();
402 function getData($pid, $id, $cat){
404 if($cat=="physician"){
405 if(!checkAccess("physician", "dbGet")) return false;
406 $stmt=$this->prepare("SELECT data FROM physician WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
407 } elseif($cat=="nursing"){
408 if(!checkAccess("nursing", "dbGet")) return false;
409 $stmt=$this->prepare("SELECT data FROM nursing WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
410 } elseif($cat=="reports"){
411 if(!checkAccess("report", "dbGet")) return false;
412 $stmt=$this->prepare("SELECT form,data FROM reports WHERE pid=:pid AND rowid=:id ORDER BY time DESC;");
416 $stmt->bindValue(":pid", $pid);
417 $stmt->bindValue(":id", $id);
418 $result=$stmt->execute();
421 function getAllData($pid, $cat){
423 if($cat=="physician"){
424 if(!checkAccess("physician", "dbGet")) return false;
425 $stmt=$this->prepare("SELECT rowid,data FROM physician WHERE pid=:pid ORDER BY time DESC;");
426 } elseif($cat=="nursing"){
427 if(!checkAccess("nursing", "dbGet")) return false;
428 $stmt=$this->prepare("SELECT rowid,data FROM nursing WHERE pid=:pid ORDER BY time DESC;");
429 } elseif($cat=="reports"){
430 if(!checkAccess("report", "dbGet")) return false;
431 $stmt=$this->prepare("SELECT rowid,form,data FROM reports WHERE pid=:pid ORDER BY time DESC;");
432 } elseif($cat=="info"){
433 if(!checkAccess("info", "dbGet")) return false;
434 $stmt=$this->prepare("SELECT rowid,data FROM patients WHERE pid=:pid ORDER BY time DESC;");
435 } elseif($cat=="history"){
436 if(!checkAccess("history", "dbGet")) return false;
437 $stmt=$this->prepare("SELECT rowid,history FROM patients WHERE pid=:pid ORDER BY time DESC;");
441 $stmt->bindValue(":pid", $pid);
442 $result=$stmt->execute();