]>
Softwares of Agnibho - simpleipd.git/blob - lib/db.php
2 class DB
extends SQLite3
{
3 function __construct (){
4 $this -> open ( CONFIG_DB
);
6 function checkUser ( $username , $password ){
8 $stmt = $this -> prepare ( "SELECT hash FROM users WHERE user=:user" );
9 $stmt -> bindValue ( ":user" , $username );
10 $result = $stmt -> execute ();
11 $hash = $result -> fetchArray ();
13 return ( password_verify ( $password , $hash [ "hash" ]));
19 function getGroup ( $username ){
21 $stmt = $this -> prepare ( "SELECT usergroup FROM users WHERE user=:user" );
22 $stmt -> bindValue ( ":user" , $username );
23 $result = $stmt -> execute ();
26 function getDepartment ( $username ){
28 $stmt = $this -> prepare ( "SELECT department FROM users WHERE user=:user" );
29 $stmt -> bindValue ( ":user" , $username );
30 $result = $stmt -> execute ();
33 function admit ( $post ){
35 if (! checkAccess ( "admission" , "dbSet" )) return false ;
36 $post [ "name" ]= ucwords ( strtolower ( $post [ "name" ]));
37 $query = $this -> prepare ( "SELECT count(rowid) FROM patients WHERE pid=:pid" );
38 $query -> bindValue ( ":pid" , $post [ "pid" ]);
39 $exist = $query -> execute ();
40 if ( $exist -> fetchArray ()[ 0 ]== 0 ){
41 $stmt = $this -> prepare ( "INSERT INTO patients (pid,name,age,sex,admission,status,vp,ward,bed,data) VALUES (:pid,:name,:age,:sex,:admission,:status,:vp,:ward,:bed,:data);" );
44 $stmt = $this -> prepare ( "UPDATE patients SET name=:name,age=:age,sex=:sex,admission=:admission,ward=:ward,bed=:bed,vp=:vp,data=:data WHERE pid=:pid;" );
46 $stmt -> bindValue ( ":pid" , $post [ "pid" ]);
47 $stmt -> bindValue ( ":name" , $post [ "name" ]);
48 $stmt -> bindValue ( ":age" , $post [ "age" ]);
49 $stmt -> bindValue ( ":sex" , $post [ "sex" ]);
50 $stmt -> bindValue ( ":admission" , strtotime ( $post [ "date" ]. " " . $post [ "time" ]));
51 $stmt -> bindValue ( ":status" , "admitted" );
52 $stmt -> bindValue ( ":ward" , $post [ "ward" ]);
53 $stmt -> bindValue ( ":bed" , $post [ "bed" ]);
54 $stmt -> bindValue ( ":vp" , $post [ "vp" ]);
55 $stmt -> bindValue ( ":data" , json_encode ( $post ));
57 $log -> log ( $post [ "pid" ], "admit" , json_encode ( $post ));
59 function editCase ( $pid , $diagnosis , $summary ){
61 if (! checkAccess ( "history" , "dbSet" )) return false ;
62 $stmt = $this -> prepare ( "UPDATE patients SET diagnosis=:diagnosis,summary=:summary WHERE pid=:pid;" );
63 $stmt -> bindValue ( ":pid" , $pid );
64 $stmt -> bindValue ( ":diagnosis" , $diagnosis );
65 $stmt -> bindValue ( ":summary" , $summary );
67 $log -> log ( $pid , "case_edit" , json_encode ([ $diagnosis , $summary ]));
69 function updateHistory ( $post , $pid ){
71 if (! checkAccess ( "history" , "dbSet:" )) return false ;
72 $stmt = $this -> prepare ( "UPDATE patients SET history=:history WHERE pid=:pid;" );
73 $stmt -> bindValue ( ":history" , json_encode ( $post ));
74 $stmt -> bindValue ( ":pid" , $pid );
76 $log -> log ( $pid , "history" , json_encode ( $post ));
78 function advice ( $post , $pid ){
80 if (! checkAccess ( "treatment" , "dbSet" )) return false ;
81 $query = $this -> prepare ( "SELECT count(rowid) FROM advice WHERE pid=:pid" );
82 $query -> bindValue ( ":pid" , $pid );
83 $exist = $query -> execute ();
84 if ( $exist -> fetchArray ()[ 0 ]== 0 ){
85 $stmt = $this -> prepare ( "INSERT INTO advice (pid,time,data) VALUES (:pid,:time,:data);" );
88 $stmt = $this -> prepare ( "UPDATE advice SET pid=:pid,time=:time,data=:data WHERE pid=:pid;" );
90 $stmt -> bindValue ( ":pid" , $pid );
91 $stmt -> bindValue ( ":time" , time ());
92 $stmt -> bindValue ( ":data" , json_encode ( $post ));
94 $log -> log ( $pid , "advice" , json_encode ( $post ));
96 function addPhysician ( $post , $pid ){
98 if (! checkAccess ( "physician" , "dbSet" )) return false ;
99 $stmt = $this -> prepare ( "INSERT INTO physician (pid, time, data) VALUES (:pid, :time, :data);" );
100 $stmt -> bindValue ( ":pid" , $pid );
101 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
102 $stmt -> bindValue ( ":data" , json_encode ( $post ));
104 $log -> log ( $pid , "physician_note" , json_encode ( $post ));
106 function editPhysician ( $post , $pid , $id ){
108 if (! checkAccess ( "physician" , "dbSet" )) return false ;
109 $stmt = $this -> prepare ( "UPDATE physician SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;" );
110 $stmt -> bindValue ( ":pid" , $pid );
111 $stmt -> bindValue ( ":id" , $id );
112 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
113 $stmt -> bindValue ( ":data" , json_encode ( $post ));
115 $log -> log ( $pid , "edit_physician_note" , json_encode ( $post ));
117 function addNursing ( $post , $pid ){
119 if (! checkAccess ( "nursing" , "dbSet" )) return false ;
120 $stmt = $this -> prepare ( "INSERT INTO nursing (pid, time, data) VALUES (:pid, :time, :data);" );
121 $stmt -> bindValue ( ":pid" , $pid );
122 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
123 $stmt -> bindValue ( ":data" , json_encode ( $post ));
125 $log -> log ( $pid , "nursing_note" , json_encode ( $post ));
127 function editNursing ( $post , $pid , $id ){
129 if (! checkAccess ( "nursing" , "dbSet" )) return false ;
130 $stmt = $this -> prepare ( "UPDATE nursing SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;" );
131 $stmt -> bindValue ( ":pid" , $pid );
132 $stmt -> bindValue ( ":id" , $id );
133 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
134 $stmt -> bindValue ( ":data" , json_encode ( $post ));
136 $log -> log ( $pid , "edit_nursing_note" , json_encode ( $post ));
138 function addReport ( $post , $pid , $form ){
140 if (! checkAccess ( "report" , "dbSet" )) return false ;
141 $stmt = $this -> prepare ( "INSERT INTO reports (pid, time, form, data) VALUES (:pid, :time, :form, :data);" );
142 $stmt -> bindValue ( ":pid" , $pid );
143 if (! empty ( $post [ "time" ])){
144 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
147 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]));
149 $stmt -> bindValue ( ":form" , $post [ "form" ]);
150 $stmt -> bindValue ( ":data" , json_encode ( $post ));
152 $log -> log ( $pid , "report_added" , json_encode ( $post ));
154 function editReport ( $post , $pid , $id , $form ){
156 if (! checkAccess ( "report" , "dbSet" )) return false ;
157 $stmt = $this -> prepare ( "UPDATE reports SET time=:time,data=:data WHERE pid=:pid AND rowid=:id;" );
158 $stmt -> bindValue ( ":pid" , $pid );
159 $stmt -> bindValue ( ":id" , $id );
160 if (! empty ( $post [ "time" ])){
161 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
164 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]));
166 $stmt -> bindValue ( ":data" , json_encode ( $post ));
168 $log -> log ( $pid , "report_edited" , json_encode ( $post ));
170 function addDrug ( $pid , $drug , $dose , $route , $frequency , $date , $time , $duration , $addl ){
172 if (! checkAccess ( "treatment" , "dbSet" )) return false ;
173 $stmt = $this -> prepare ( "INSERT INTO treatment (pid, drug, dose, route, frequency, start, duration, omit, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :start, :duration, :omit, :addl);" );
174 $stmt -> bindValue ( ":pid" , $pid );
175 $stmt -> bindValue ( ":drug" , $drug );
176 $stmt -> bindValue ( ":dose" , $dose );
177 $stmt -> bindValue ( ":route" , $route );
178 $stmt -> bindValue ( ":frequency" , $frequency );
179 $stmt -> bindValue ( ":start" , strtotime ( $date . " " . $time ));
180 $stmt -> bindValue ( ":duration" , $duration );
181 $stmt -> bindValue ( ":addl" , $addl );
182 $stmt -> bindValue ( ":omit" , false );
184 $log -> log ( $pid , "drug_added" , json_encode ([ $drug , $dose , $route , $frequency , $date , $time , $duration , $addl ]));
186 function omitDrug ( $id , $date , $time ){
188 if (! checkAccess ( "treatment" , "dbSet" )) return false ;
189 $stmt = $this -> prepare ( "UPDATE treatment SET end=:end,omit=:omit WHERE rowid=:id;" );
190 $stmt -> bindValue ( ":end" , strtotime ( $date . " " . $time ));
191 $stmt -> bindValue ( ":omit" , true );
192 $stmt -> bindValue ( ":id" , $id );
194 $log -> log ( null , "drug_omitted" , $id );
196 function deleteDrug ( $id ){
198 if (! checkAccess ( "treatment" , "dbSet" )) return false ;
199 $stmt = $this -> prepare ( "UPDATE treatment SET omit=:omit WHERE rowid=:id;" );
200 $stmt -> bindValue ( ":omit" , - 1 );
201 $stmt -> bindValue ( ":id" , $id );
203 $log -> log ( null , "drug_deleted" , $id );
205 function giveDrug ( $id , $given ){
207 if (! checkAccess ( "nursing" , "dbSet" )) return false ;
208 $stmt = $this -> prepare ( "UPDATE treatment SET administer=:given WHERE rowid=:id;" );
209 $stmt -> bindValue ( ":given" , $given );
210 $stmt -> bindValue ( ":id" , $id );
212 $log -> log ( null , "drug_given" , $id );
214 function addRequisition ( $pid , $test , $sample , $date , $time , $room , $form , $addl ){
216 if (! checkAccess ( "requisition" , "dbSet" )) return false ;
217 $stmt = $this -> prepare ( "INSERT INTO requisition (pid, test, sample, time, room, form, status, addl) VALUES (:pid, :test, :sample, :time, :room, :form, :status, :addl);" );
218 $stmt -> bindValue ( ":pid" , $pid );
219 $stmt -> bindValue ( ":test" , $test );
220 $stmt -> bindValue ( ":sample" , $sample );
221 $stmt -> bindValue ( ":time" , strtotime ( $date . " " . $time ));
222 $stmt -> bindValue ( ":room" , $room );
223 $stmt -> bindValue ( ":form" , $form );
224 $stmt -> bindValue ( ":status" , "sent" );
225 $stmt -> bindValue ( ":addl" , $addl );
227 $log -> log ( $pid , "requisition_added" , json_encode ([ $test , $room , $form ]));
229 function receiveRequisition ( $id ){
231 if (! checkAccess ( "report" , "dbSet" )) return false ;
232 $stmt = $this -> prepare ( "UPDATE requisition SET status=:status WHERE rowid=:id;" );
233 $stmt -> bindValue ( ":status" , "received" );
234 $stmt -> bindValue ( ":id" , $id );
236 $log -> log ( null , "requisition_received" , $id );
238 function omitRequisition ( $id ){
240 if (! checkAccess ( "requisition" , "dbSet" )) return false ;
241 $stmt = $this -> prepare ( "UPDATE requisition SET status=:status WHERE rowid=:id;" );
242 $stmt -> bindValue ( ":status" , "done" );
243 $stmt -> bindValue ( ":id" , $id );
245 $log -> log ( null , "requisition_removed" , $id );
247 function addAdvice ( $pid , $drug , $dose , $route , $frequency , $duration , $addl ){
249 if (! checkAccess ( "discharge" , "dbSet" )) return false ;
250 $stmt = $this -> prepare ( "INSERT INTO discharge (pid, drug, dose, route, frequency, duration, addl) VALUES (:pid, :drug, :dose, :route, :frequency, :duration, :addl);" );
251 $stmt -> bindValue ( ":pid" , $pid );
252 $stmt -> bindValue ( ":drug" , $drug );
253 $stmt -> bindValue ( ":dose" , $dose );
254 $stmt -> bindValue ( ":route" , $route );
255 $stmt -> bindValue ( ":frequency" , $frequency );
256 $stmt -> bindValue ( ":duration" , $duration );
257 $stmt -> bindValue ( ":addl" , $addl );
260 function deleteAdvice ( $id ){
262 if (! checkAccess ( "discharge" , "dbSet" )) return false ;
263 $stmt = $this -> prepare ( "DELETE FROM discharge WHERE rowid=:id;" );
264 $stmt -> bindValue ( ":id" , $id );
267 function setDischarged ( $pid ){
269 if (! checkAccess ( "discharge" , "dbSet" )) return false ;
270 $stmt = $this -> prepare ( "UPDATE patients SET status=:discharged,departure=:time WHERE pid=:pid;" );
271 $stmt -> bindValue ( ":pid" , $pid );
272 $stmt -> bindValue ( ":discharged" , "discharged" );
273 $stmt -> bindValue ( ":time" , time ());
275 $log -> log ( $pid , "discharged" , null );
277 function setDead ( $pid , $post ){
279 if (! checkAccess ( "death" , "dbSet" )) return false ;
280 $stmt = $this -> prepare ( "INSERT INTO death (pid, time, data) VALUES (:pid, :time, :data);" );
281 $stmt -> bindValue ( ":pid" , $pid );
282 $stmt -> bindValue ( ":time" , strtotime ( $post [ "date" ]. $post [ "time" ]));
283 $stmt -> bindValue ( ":data" , json_encode ( $post ));
285 $stmt = $this -> prepare ( "UPDATE patients SET status=:expired,departure=:time WHERE pid=:pid;" );
286 $stmt -> bindValue ( ":pid" , $pid );
287 $stmt -> bindValue ( ":expired" , "expired" );
288 $stmt -> bindValue ( ":time" , time ());
290 $log -> log ( $pid , "death_declare" , json_encode ( $post ));
292 function getDrugs ( $pid ){
294 if (! checkAccess ( "treatment" , "dbGet" )) return false ;
295 $stmt = $this -> prepare ( "SELECT rowid,* FROM treatment WHERE pid=:pid AND omit!=:omit ORDER BY omit,drug,start;" );
296 $stmt -> bindValue ( ":pid" , $pid );
297 $stmt -> bindValue ( ":omit" , - 1 );
298 $result = $stmt -> execute ();
301 function getAdminister ( $id ){
303 if (! checkAccess ( "nursing" , "dbGet" )) return false ;
304 $stmt = $this -> prepare ( "SELECT rowid,administer FROM treatment WHERE rowid=:id;" );
305 $stmt -> bindValue ( ":id" , $id );
306 $result = $stmt -> execute ();
309 function getRequisitions ( $pid ){
311 if (! checkAccess ( "requisition" , "dbGet" )) return false ;
312 $stmt = $this -> prepare ( "SELECT rowid,* FROM requisition WHERE pid=:pid AND status!=:status ORDER BY room;" );
313 $stmt -> bindValue ( ":pid" , $pid );
314 $stmt -> bindValue ( ":status" , "done" );
315 $result = $stmt -> execute ();
318 function getDischargeAdvice ( $pid ){
320 if (! checkAccess ( "discharge" , "dbGet" )) return false ;
321 $stmt = $this -> prepare ( "SELECT rowid,* FROM discharge WHERE pid=:pid;" );
322 $stmt -> bindValue ( ":pid" , $pid );
323 $result = $stmt -> execute ();
326 function getDeath ( $pid ){
328 if (! checkAccess ( "discharge" , "dbGet" )) return false ;
329 $stmt = $this -> prepare ( "SELECT data FROM death WHERE pid=:pid;" );
330 $stmt -> bindValue ( ":pid" , $pid );
331 $result = $stmt -> execute ();
334 function getName ( $pid ){
336 if (! checkAccess ( "info" , "dbGet" )) return false ;
337 $stmt = $this -> prepare ( "SELECT name FROM patients WHERE pid=:pid;" );
338 $stmt -> bindValue ( ":pid" , $pid );
339 $result = $stmt -> execute ();
342 function getAge ( $pid ){
344 if (! checkAccess ( "info" , "dbGet" )) return false ;
345 $stmt = $this -> prepare ( "SELECT age FROM patients WHERE pid=:pid;" );
346 $stmt -> bindValue ( ":pid" , $pid );
347 $result = $stmt -> execute ();
350 function getSex ( $pid ){
352 if (! checkAccess ( "info" , "dbGet" )) return false ;
353 $stmt = $this -> prepare ( "SELECT sex FROM patients WHERE pid=:pid;" );
354 $stmt -> bindValue ( ":pid" , $pid );
355 $result = $stmt -> execute ();
358 function getWard ( $pid ){
360 if (! checkAccess ( "info" , "dbGet" )) return false ;
361 $stmt = $this -> prepare ( "SELECT ward FROM patients WHERE pid=:pid;" );
362 $stmt -> bindValue ( ":pid" , $pid );
363 $result = $stmt -> execute ();
366 function getBed ( $pid ){
368 if (! checkAccess ( "info" , "dbGet" )) return false ;
369 $stmt = $this -> prepare ( "SELECT bed FROM patients WHERE pid=:pid;" );
370 $stmt -> bindValue ( ":pid" , $pid );
371 $result = $stmt -> execute ();
374 function getStatus ( $pid ){
376 if (! checkAccess ( "info" , "dbGet" )) return false ;
377 $stmt = $this -> prepare ( "SELECT status FROM patients WHERE pid=:pid;" );
378 $stmt -> bindValue ( ":pid" , $pid );
379 $result = $stmt -> execute ();
382 function getDiagnosis ( $pid ){
384 if (! checkAccess ( "diagnosis" , "dbGet" )) return false ;
385 $stmt = $this -> prepare ( "SELECT diagnosis FROM patients WHERE pid=:pid;" );
386 $stmt -> bindValue ( ":pid" , $pid );
387 $result = $stmt -> execute ();
390 function getPatientList (){
392 if (! checkAccess ( "info" , "dbGet" )) return false ;
393 $stmt = $this -> prepare ( "SELECT pid,ward,bed,name,diagnosis,status FROM patients ORDER BY admission;" );
394 $result = $stmt -> execute ();
397 function getAdmittedPatientList (){
399 if (! checkAccess ( "info" , "dbGet" )) return false ;
400 $stmt = $this -> prepare ( "SELECT pid,ward,bed,name,diagnosis FROM patients WHERE status='admitted' ORDER BY UPPER(ward),bed;" );
401 $result = $stmt -> execute ();
404 function getArchivedPatientList (){
406 if (! checkAccess ( "info" , "dbGet" )) return false ;
407 $stmt = $this -> prepare ( "SELECT pid,ward,bed,name,diagnosis,status FROM patients WHERE status!='admitted' ORDER BY admission;" );
408 $result = $stmt -> execute ();
411 function getRequisitionList (){
413 if (! checkAccess ( "requisition" , "dbGet" )) return false ;
414 $stmt = $this -> prepare ( "SELECT requisition.rowid,requisition.* FROM requisition INNER JOIN patients ON requisition.pid=patients.pid WHERE requisition.status!=:status AND patients.status=:admitted ORDER BY requisition.room,requisition.test;" );
415 $stmt -> bindValue ( ":status" , "done" );
416 $stmt -> bindValue ( ":admitted" , "admitted" );
417 $stmt -> bindValue ( ":today" , time ());
418 $result = $stmt -> execute ();
421 function getForm ( $id ){
423 if (! checkAccess ( "report" , "dbGet" )) return false ;
424 $stmt = $this -> prepare ( "SELECT form FROM reports WHERE rowid=:id;" );
425 $stmt -> bindValue ( ":id" , $id );
426 $result = $stmt -> execute ();
429 function getAdmission ( $pid ){
431 if (! checkAccess ( "admission" , "dbGet" )) return false ;
432 $stmt = $this -> prepare ( "SELECT admission FROM patients WHERE pid=:pid;" );
433 $stmt -> bindValue ( ":pid" , $pid );
434 $result = $stmt -> execute ();
437 function getAdmissionData ( $pid ){
439 if (! checkAccess ( "admission" , "dbGet" )) return false ;
440 $stmt = $this -> prepare ( "SELECT data FROM patients WHERE pid=:pid;" );
441 $stmt -> bindValue ( ":pid" , $pid );
442 $result = $stmt -> execute ();
445 function getDeparture ( $pid ){
447 if (! checkAccess ( "admission" , "dbGet" )) return false ;
448 $stmt = $this -> prepare ( "SELECT departure FROM patients WHERE pid=:pid;" );
449 $stmt -> bindValue ( ":pid" , $pid );
450 $result = $stmt -> execute ();
453 function getSummary ( $pid ){
455 if (! checkAccess ( "summary" , "dbGet" )) return false ;
456 $stmt = $this -> prepare ( "SELECT summary FROM patients WHERE pid=:pid;" );
457 $stmt -> bindValue ( ":pid" , $pid );
458 $result = $stmt -> execute ();
461 function getHistory ( $pid ){
463 if (! checkAccess ( "history" , "dbGet" )) return false ;
464 $stmt = $this -> prepare ( "SELECT history FROM patients WHERE pid=:pid;" );
465 $stmt -> bindValue ( ":pid" , $pid );
466 $result = $stmt -> execute ();
469 function getAdvice ( $pid ){
471 if (! checkAccess ( "treatment" , "dbGet" )) return false ;
472 $stmt = $this -> prepare ( "SELECT data FROM advice WHERE pid=:pid;" );
473 $stmt -> bindValue ( ":pid" , $pid );
474 $result = $stmt -> execute ();
477 function getData ( $pid , $id , $cat ){
479 if ( $cat == "physician" ){
480 if (! checkAccess ( "physician" , "dbGet" )) return false ;
481 $stmt = $this -> prepare ( "SELECT data FROM physician WHERE pid=:pid AND rowid=:id ORDER BY time DESC;" );
482 } elseif ( $cat == "nursing" ){
483 if (! checkAccess ( "nursing" , "dbGet" )) return false ;
484 $stmt = $this -> prepare ( "SELECT data FROM nursing WHERE pid=:pid AND rowid=:id ORDER BY time DESC;" );
485 } elseif ( $cat == "reports" ){
486 if (! checkAccess ( "report" , "dbGet" )) return false ;
487 $stmt = $this -> prepare ( "SELECT form,data FROM reports WHERE pid=:pid AND rowid=:id ORDER BY time DESC;" );
491 $stmt -> bindValue ( ":pid" , $pid );
492 $stmt -> bindValue ( ":id" , $id );
493 $result = $stmt -> execute ();
496 function getAllData ( $pid , $cat ){
498 if ( $cat == "physician" ){
499 if (! checkAccess ( "physician" , "dbGet" )) return false ;
500 $stmt = $this -> prepare ( "SELECT rowid,data FROM physician WHERE pid=:pid ORDER BY time DESC;" );
501 } elseif ( $cat == "nursing" ){
502 if (! checkAccess ( "nursing" , "dbGet" )) return false ;
503 $stmt = $this -> prepare ( "SELECT rowid,data FROM nursing WHERE pid=:pid ORDER BY time DESC;" );
504 } elseif ( $cat == "reports" ){
505 if (! checkAccess ( "report" , "dbGet" )) return false ;
506 $stmt = $this -> prepare ( "SELECT rowid,form,data FROM reports WHERE pid=:pid ORDER BY time DESC;" );
507 } elseif ( $cat == "info" ){
508 if (! checkAccess ( "info" , "dbGet" )) return false ;
509 $stmt = $this -> prepare ( "SELECT rowid,data FROM patients WHERE pid=:pid ORDER BY time DESC;" );
510 } elseif ( $cat == "history" ){
511 if (! checkAccess ( "history" , "dbGet" )) return false ;
512 $stmt = $this -> prepare ( "SELECT rowid,history FROM patients WHERE pid=:pid ORDER BY time DESC;" );
516 $stmt -> bindValue ( ":pid" , $pid );
517 $result = $stmt -> execute ();