Location: PHPKode > scripts > Symptoms and Diseases Database > Symptoms-and-diseases-database/patients_dml.php
<?php

// Data functions for table patients

// This script and data application were generated by AppGini 4.52
// Download AppGini for free from http://www.bigprof.com/appgini/download/

function patients_insert(){
	global $Translation;

	if($_GET['insert_x']!=''){$_POST=$_GET;}

	// mm: can member insert record?
	$arrPerm=getTablePermissions('patients');
	if(!$arrPerm[1]){
		return 0;
	}

	$data['last_name'] = makeSafe($_POST['last_name']);
	$data['first_name'] = makeSafe($_POST['first_name']);
	$data['gender'] = makeSafe($_POST['gender']);
	$data['birth_date'] = makeSafe($_POST['birth_dateYear']) . '-' . makeSafe($_POST['birth_dateMonth']) . '-' . makeSafe($_POST['birth_dateDay']);
	$data['birth_date'] = parseMySQLDate($data['birth_date'], '');
	$data['age'] = makeSafe($_POST['age']);
	$data['address'] = makeSafe($_POST['address']);
	$data['city'] = makeSafe($_POST['city']);
	$data['state'] = makeSafe($_POST['state']);
	$data['zip'] = makeSafe($_POST['zip']);
	$data['home_phone'] = makeSafe($_POST['home_phone']);
	$data['work_phone'] = makeSafe($_POST['work_phone']);
	$data['mobile'] = makeSafe($_POST['mobile']);
	$data['other_details'] = makeSafe($_POST['other_details']);
	$data['comments'] = makeSafe($_POST['comments']);
	$data['filed'] = parseCode('<%%creationDateTime%%>', true, true);
	if($data['last_name']== ''){
		echo StyleSheet() . "\n\n<div class=\"Error\">" . $Translation['error:'] . " 'Last name': " . $Translation['field not null'] . '<br /><br />';
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}
	if($data['first_name']== ''){
		echo StyleSheet() . "\n\n<div class=\"Error\">" . $Translation['error:'] . " 'First name': " . $Translation['field not null'] . '<br /><br />';
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}
	if($data['gender'] == '') $data['gender'] = "Unknown";
	if($data['gender']== ''){
		echo StyleSheet() . "\n\n<div class=\"Error\">" . $Translation['error:'] . " 'Gender': " . $Translation['field not null'] . '<br /><br />';
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}

	// hook: patients_before_insert
	if(function_exists('patients_before_insert')){
		$args=array();
		if(!patients_before_insert($data, getMemberInfo(), $args)){ return FALSE; }
	}

	sql('insert into `patients` set `last_name`=' . (($data['last_name'] != '') ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . (($data['first_name'] != '') ? "'{$data['first_name']}'" : 'NULL') . ', `gender`=' . (($data['gender'] != '') ? "'{$data['gender']}'" : 'NULL') . ', `birth_date`=' . (($data['birth_date'] != '') ? "'{$data['birth_date']}'" : 'NULL') . ', `age`=' . (($data['age'] != '') ? "'{$data['age']}'" : 'NULL') . ', `address`=' . (($data['address'] != '') ? "'{$data['address']}'" : 'NULL') . ', `city`=' . (($data['city'] != '') ? "'{$data['city']}'" : 'NULL') . ', `state`=' . (($data['state'] != '') ? "'{$data['state']}'" : 'NULL') . ', `zip`=' . (($data['zip'] != '') ? "'{$data['zip']}'" : 'NULL') . ', `home_phone`=' . (($data['home_phone'] != '') ? "'{$data['home_phone']}'" : 'NULL') . ', `work_phone`=' . (($data['work_phone'] != '') ? "'{$data['work_phone']}'" : 'NULL') . ', `mobile`=' . (($data['mobile'] != '') ? "'{$data['mobile']}'" : 'NULL') . ', `other_details`=' . (($data['other_details'] != '') ? "'{$data['other_details']}'" : 'NULL') . ', `comments`=' . (($data['comments'] != '') ? "'{$data['comments']}'" : 'NULL') . ', `filed`=' . "'{$data['filed']}'");
	$recID=mysql_insert_id();

	// hook: patients_after_insert
	if(function_exists('patients_after_insert')){
		$data['selectedID']=$recID;
		$args=array();
		if(!patients_after_insert($data, getMemberInfo(), $args)){ return; }
	}

	// mm: save ownership data
	sql("insert into membership_userrecords set tableName='patients', pkValue='$recID', memberID='".getLoggedMemberID()."', dateAdded='".time()."', dateUpdated='".time()."', groupID='".getLoggedGroupID()."'");

	return (get_magic_quotes_gpc() ? stripslashes($recID) : $recID);
}

function patients_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
	// insure referential integrity ...
	global $Translation;
	$selected_id=makeSafe($selected_id);

	// mm: can member delete record?
	$arrPerm=getTablePermissions('patients');
	$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='$selected_id'");
	$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='$selected_id'");
	if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
		// delete allowed, so continue ...
	}else{
		return FALSE;
	}

	// hook: patients_before_delete
	if(function_exists('patients_before_delete')){
		$args=array();
		if(!patients_before_delete($selected_id, $skipChecks, getMemberInfo(), $args)){ return FALSE; }
	}

	// child table: patient_symptoms
	$res = sql("select `id` from `patients` where `id`='$selected_id'");
	$id = mysql_fetch_row($res);
	$rires = sql("select count(1) from `patient_symptoms` where `patient`='".addslashes($id[0])."'");
	$rirow = mysql_fetch_row($rires);
	if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
		$RetMsg = $Translation["couldn't delete"];
		$RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
		$RetMsg = str_replace("<TableName>", "patient_symptoms", $RetMsg);
		return $RetMsg;
	}elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
		$RetMsg = $Translation["confirm delete"];
		$RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
		$RetMsg = str_replace("<TableName>", "patient_symptoms", $RetMsg);
		$RetMsg = str_replace("<Delete>", "<input type=button class=button value=\"".$Translation['yes']."\" onClick=\"window.location='patients_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
		$RetMsg = str_replace("<Cancel>", "<input type=button class=button value=\"".$Translation['no']."\" onClick=\"window.location='patients_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
		return $RetMsg;
	}

	sql("delete from `patients` where `id`='$selected_id'");

	// hook: patients_after_delete
	if(function_exists('patients_after_delete')){
		$args=array();
		patients_after_delete($selected_id, getMemberInfo(), $args);
	}

	// mm: delete ownership data
	sql("delete from membership_userrecords where tableName='patients' and pkValue='$selected_id'");
}

function patients_update($selected_id){
	global $Translation;

	if($_GET['update_x']!=''){$_POST=$_GET;}

	// mm: can member edit record?
	$arrPerm=getTablePermissions('patients');
	$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='".makeSafe($selected_id)."'");
	$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='".makeSafe($selected_id)."'");
	if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
		// update allowed, so continue ...
	}else{
		return;
	}

	$data['last_name'] = makeSafe($_POST['last_name']);
	if($data['last_name']==''){
		echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Last name': {$Translation['field not null']}<br /><br />";
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}
	$data['first_name'] = makeSafe($_POST['first_name']);
	if($data['first_name']==''){
		echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'First name': {$Translation['field not null']}<br /><br />";
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}
	$data['gender'] = makeSafe($_POST['gender']);
	if($data['gender']==''){
		echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Gender': {$Translation['field not null']}<br /><br />";
		echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
		exit;
	}
	$data['birth_date'] = makeSafe($_POST['birth_dateYear']) . '-' . makeSafe($_POST['birth_dateMonth']) . '-' . makeSafe($_POST['birth_dateDay']);
	$data['birth_date'] = parseMySQLDate($data['birth_date'], '');
	$data['age'] = makeSafe($_POST['age']);
	$data['address'] = makeSafe($_POST['address']);
	$data['city'] = makeSafe($_POST['city']);
	$data['state'] = makeSafe($_POST['state']);
	$data['zip'] = makeSafe($_POST['zip']);
	$data['home_phone'] = makeSafe($_POST['home_phone']);
	$data['work_phone'] = makeSafe($_POST['work_phone']);
	$data['mobile'] = makeSafe($_POST['mobile']);
	$data['other_details'] = makeSafe($_POST['other_details']);
	$data['comments'] = makeSafe($_POST['comments']);
	$data['last_modified'] = parseCode('<%%editingDateTime%%>', false);
	$data['selectedID']=makeSafe($selected_id);

	// hook: patients_before_update
	if(function_exists('patients_before_update')){
		$args=array();
		if(!patients_before_update($data, getMemberInfo(), $args)){ return FALSE; }
	}

	sql('update `patients` set `last_name`=' . (($data['last_name'] != '') ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . (($data['first_name'] != '') ? "'{$data['first_name']}'" : 'NULL') . ', `gender`=' . (($data['gender'] != '') ? "'{$data['gender']}'" : 'NULL') . ', `birth_date`=' . (($data['birth_date'] != '') ? "'{$data['birth_date']}'" : 'NULL') . ', `age`=' . (($data['age'] != '') ? "'{$data['age']}'" : 'NULL') . ', `address`=' . (($data['address'] != '') ? "'{$data['address']}'" : 'NULL') . ', `city`=' . (($data['city'] != '') ? "'{$data['city']}'" : 'NULL') . ', `state`=' . (($data['state'] != '') ? "'{$data['state']}'" : 'NULL') . ', `zip`=' . (($data['zip'] != '') ? "'{$data['zip']}'" : 'NULL') . ', `home_phone`=' . (($data['home_phone'] != '') ? "'{$data['home_phone']}'" : 'NULL') . ', `work_phone`=' . (($data['work_phone'] != '') ? "'{$data['work_phone']}'" : 'NULL') . ', `mobile`=' . (($data['mobile'] != '') ? "'{$data['mobile']}'" : 'NULL') . ', `other_details`=' . (($data['other_details'] != '') ? "'{$data['other_details']}'" : 'NULL') . ', `comments`=' . (($data['comments'] != '') ? "'{$data['comments']}'" : 'NULL') . ', `last_modified`=' . "'{$data['last_modified']}'" . " where `id`='".makeSafe($selected_id)."'");

	// hook: patients_after_update
	if(function_exists('patients_after_update')){
		$args=array();
		if(!patients_after_update($data, getMemberInfo(), $args)){ return FALSE; }
	}

	// mm: update ownership data
	sql("update membership_userrecords set dateUpdated='".time()."' where tableName='patients' and pkValue='".makeSafe($selected_id)."'");

}

function patients_form($selected_id = "", $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0){
	// function to return an editable form for a table records
	// and fill it with data of record whose ID is $selected_id. If $selected_id
	// is empty, an empty form is shown, with only an 'Add New'
	// button displayed.

	global $Translation;


	// mm: get table permissions
	$arrPerm=getTablePermissions('patients');
	if(!$arrPerm[1] && $selected_id==""){ return ""; }
	// combobox: gender
	$combo_gender = new Combo;
	$combo_gender->ListType = 2;
	$combo_gender->MultipleSeparator = ', ';
	$combo_gender->ListBoxHeight = 10;
	$combo_gender->RadiosPerLine = 1;
	if(is_file(dirname(__FILE__).'/hooks/patients.gender.csv')){
		$gender_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/patients.gender.csv')));
		$combo_gender->ListItem = explode(";;", $gender_data);
		$combo_gender->ListData = explode(";;", $gender_data);
	}else{
		$combo_gender->ListItem = explode(";;", "Male;;Female;;Other;;Unknown");
		$combo_gender->ListData = explode(";;", "Male;;Female;;Other;;Unknown");
	}
	$combo_gender->SelectName = "gender";
	$combo_gender->AllowNull = false;
	// combobox: birth_date
	$combo_birth_date = new DateCombo;
	$combo_birth_date->DateFormat = "mdy";
	$combo_birth_date->MinYear = 1900;
	$combo_birth_date->MaxYear = 2100;
	$combo_birth_date->DefaultDate = parseMySQLDate('', '');
	$combo_birth_date->MonthNames = $Translation['month names'];
	$combo_birth_date->CSSOptionClass = 'Option';
	$combo_birth_date->CSSSelectedClass = 'SelectedOption';
	$combo_birth_date->NamePrefix = 'birth_date';
	// combobox: state
	$combo_state = new Combo;
	$combo_state->ListType = 0;
	$combo_state->MultipleSeparator = ', ';
	$combo_state->ListBoxHeight = 10;
	$combo_state->RadiosPerLine = 1;
	if(is_file(dirname(__FILE__).'/hooks/patients.state.csv')){
		$state_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/patients.state.csv')));
		$combo_state->ListItem = explode(";;", $state_data);
		$combo_state->ListData = explode(";;", $state_data);
	}else{
		$combo_state->ListItem = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY");
		$combo_state->ListData = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY");
	}
	$combo_state->SelectName = "state";

	if($selected_id){
		// mm: check member permissions
		if(!$arrPerm[2]){
			return "";
		}
		// mm: who is the owner?
		$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='".makeSafe($selected_id)."'");
		$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='".makeSafe($selected_id)."'");
		if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
			return "";
		}
		if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
			return "";
		}

		// can edit?
		if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
			$AllowUpdate=1;
		}else{
			$AllowUpdate=0;
		}

		$res = sql("select * from `patients` where `id`='".makeSafe($selected_id)."'");
		$row = mysql_fetch_array($res);
		$combo_gender->SelectedData = $row["gender"];
		$combo_birth_date->DefaultDate = $row["birth_date"];
		$combo_state->SelectedData = $row["state"];
		$row['filed']=sqlValue("select DATE_FORMAT(`filed`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='".makeSafe($selected_id)."'");
		$row['last_modified']=sqlValue("select DATE_FORMAT(`last_modified`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='".makeSafe($selected_id)."'");
	}else{
		$combo_gender->SelectedText = ( $_REQUEST['FilterField'][1]=='4' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "Unknown");
		$combo_state->SelectedText = ( $_REQUEST['FilterField'][1]=='9' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
	}
	$combo_gender->Render();
	$combo_state->Render();

	// code for template based detail view forms

	// open the detail view template
	if(($_POST['dvprint_x']!='' || $_GET['dvprint_x']!='') && $selected_id){
		$templateCode=@implode('', @file('./templates/patients_templateDVP.html'));
		$dvprint=true;
	}else{
		$templateCode=@implode('', @file('./templates/patients_templateDV.html'));
		$dvprint=false;
	}

	// process form title
	$templateCode=str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Patient details', $templateCode);
	// unique random identifier
	$rnd1=($dvprint ? rand(1000000, 9999999) : '');
	$templateCode=str_replace('<%%RND1%%>', $rnd1, $templateCode);
	// process buttons
	if($arrPerm[1] && !$selected_id){ // allow insert and no record selected?
		$templateCode=str_replace('<%%INSERT_BUTTON%%>', '<input type="image" src="insert.gif" name="insert" alt="' . $Translation['add new record'] . '" onclick="return validateData();">', $templateCode);
	}else{
		$templateCode=str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
	}
	if($selected_id){
		$templateCode=str_replace('<%%DVPRINT_BUTTON%%>', '<input type="image" src="print.gif" vspace="1" name="dvprint" id="dvprint" alt="' . $Translation['printer friendly view'] . '" onclick="document.myform.reset(); return true;" style="margin-bottom: 20px;">', $templateCode);
		if($AllowUpdate){
			$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '<input type="image" src="update.gif" vspace="1" name="update" alt="' . $Translation['update record'] . '" onclick="return validateData();">', $templateCode);
		}else{
			$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);

			// set records to read only if user can't insert new records
			if(!$arrPerm[1]){
				$jsReadOnly.="\n\n\tif(document.getElementsByName('id').length){ document.getElementsByName('id')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('last_name').length){ document.getElementsByName('last_name')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('first_name').length){ document.getElementsByName('first_name')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('gender').length){ var gender=document.getElementsByName('gender'); for(var i=0; i<gender.length; i++){ gender[i].disabled=true; } }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('birth_date').length){ document.getElementsByName('birth_date')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('birth_dateDay').length){ var birth_dateDay=document.getElementsByName('birth_dateDay')[0]; birth_dateDay.disabled=true; birth_dateDay.style.backgroundColor='white'; birth_dateDay.style.color='black'; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('birth_dateMonth').length){ var birth_dateMonth=document.getElementsByName('birth_dateMonth')[0]; birth_dateMonth.disabled=true; birth_dateMonth.style.backgroundColor='white'; birth_dateMonth.style.color='black'; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('birth_dateYear').length){ var birth_dateYear=document.getElementsByName('birth_dateYear')[0]; birth_dateYear.disabled=true; birth_dateYear.style.backgroundColor='white'; birth_dateYear.style.color='black'; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('age').length){ document.getElementsByName('age')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('address').length){ document.getElementsByName('address')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('city').length){ document.getElementsByName('city')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('state').length){ var state=document.getElementsByName('state')[0]; state.disabled=true; state.style.backgroundColor='white'; state.style.color='black'; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('zip').length){ document.getElementsByName('zip')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('home_phone').length){ document.getElementsByName('home_phone')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('work_phone').length){ document.getElementsByName('work_phone')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('mobile').length){ document.getElementsByName('mobile')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('filed').length){ document.getElementsByName('filed')[0].readOnly=true; }\n";
				$jsReadOnly.="\n\n\tif(document.getElementsByName('last_modified').length){ document.getElementsByName('last_modified')[0].readOnly=true; }\n";

				$noUploads=true;
			}
		}
		if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
			$templateCode=str_replace('<%%DELETE_BUTTON%%>', '<input type="image" src="delete.gif" vspace="1" name="delete" alt="' . $Translation['delete record'] . '" onClick="return confirm(\'' . $Translation['are you sure?'] . '\');">', $templateCode);
		}else{
			$templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
		}
		$templateCode=str_replace('<%%DESELECT_BUTTON%%>', "<input type=image src=deselect.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">", $templateCode);
	}else{
		$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
		$templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
		$templateCode=str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? "<input type=image src=cancel.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">" : ''), $templateCode);
	}

	// process combos
	$templateCode=str_replace('<%%COMBO(gender)%%>', $combo_gender->HTML, $templateCode);
	$templateCode=str_replace('<%%COMBOTEXT(gender)%%>', $combo_gender->SelectedData, $templateCode);
	$templateCode=str_replace('<%%COMBO(birth_date)%%>', $combo_birth_date->GetHTML(), $templateCode);
	$templateCode=str_replace('<%%COMBOTEXT(birth_date)%%>', $combo_birth_date->GetHTML(true), $templateCode);
	$templateCode=str_replace('<%%COMBO(state)%%>', $combo_state->HTML, $templateCode);
	$templateCode=str_replace('<%%COMBOTEXT(state)%%>', $combo_state->SelectedData, $templateCode);

	// process foreign key links
	if($selected_id){
	}

	// process images
	$templateCode=str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(last_name)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(first_name)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(gender)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(birth_date)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(age)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(address)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(city)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(state)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(zip)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(home_phone)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(work_phone)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(mobile)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(other_details)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(filed)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(last_modified)%%>', '', $templateCode);

	// process values
	if($selected_id){
		$templateCode=str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(last_name)%%>', htmlspecialchars($row['last_name'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(first_name)%%>', htmlspecialchars($row['first_name'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(gender)%%>', htmlspecialchars($row['gender'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(birth_date)%%>', @date('n/j/Y', @strtotime(htmlspecialchars($row['birth_date'], ENT_QUOTES))), $templateCode);
		$templateCode=str_replace('<%%VALUE(age)%%>', htmlspecialchars($row['age'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(address)%%>', htmlspecialchars($row['address'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(city)%%>', htmlspecialchars($row['city'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(state)%%>', htmlspecialchars($row['state'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(zip)%%>', htmlspecialchars($row['zip'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(home_phone)%%>', htmlspecialchars($row['home_phone'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(work_phone)%%>', htmlspecialchars($row['work_phone'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(mobile)%%>', htmlspecialchars($row['mobile'], ENT_QUOTES), $templateCode);
		if($AllowUpdate || $AllowInsert){
			$templateCode=str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox">'.htmlspecialchars($row['other_details'], ENT_QUOTES).'</textarea>', $templateCode);
		}else{
			$templateCode=str_replace('<%%HTMLAREA(other_details)%%>', $row['other_details'], $templateCode);
		}
		$templateCode=str_replace('<%%VALUE(other_details)%%>', $row['other_details'], $templateCode);
		if($AllowUpdate || $AllowInsert){
			$templateCode=str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox">'.htmlspecialchars($row['comments'], ENT_QUOTES).'</textarea>', $templateCode);
		}else{
			$templateCode=str_replace('<%%HTMLAREA(comments)%%>', $row['comments'], $templateCode);
		}
		$templateCode=str_replace('<%%VALUE(comments)%%>', $row['comments'], $templateCode);
		$templateCode=str_replace('<%%VALUE(filed)%%>', htmlspecialchars($row['filed'], ENT_QUOTES), $templateCode);
		$templateCode=str_replace('<%%VALUE(last_modified)%%>', htmlspecialchars($row['last_modified'], ENT_QUOTES), $templateCode);
	}else{
		$templateCode=str_replace('<%%VALUE(id)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(last_name)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(first_name)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(gender)%%>', 'Unknown', $templateCode);
		$templateCode=str_replace('<%%VALUE(birth_date)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(age)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(address)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(city)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(state)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(zip)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(home_phone)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(work_phone)%%>', '', $templateCode);
		$templateCode=str_replace('<%%VALUE(mobile)%%>', '', $templateCode);
		$templateCode=str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
		$templateCode=str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
		$templateCode=str_replace('<%%VALUE(filed)%%>', '<%%creationDateTime%%>', $templateCode);
		$templateCode=str_replace('<%%VALUE(last_modified)%%>', '<%%editingDateTime%%>', $templateCode);
	}

	// process translations
	foreach($Translation as $symbol=>$trans){
		$templateCode=str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
	}

	// clear scrap
	$templateCode=str_replace('<%%', '<!--', $templateCode);
	$templateCode=str_replace('%%>', '-->', $templateCode);

	// hide links to inaccessible tables
	if($_POST['dvprint_x']==''){
		$templateCode.="\n\n<script>\n";
		$arrTables=getTableList();
		foreach($arrTables as $name=>$caption){
			$templateCode.="\tif(document.getElementById('".$name."_link')!=undefined){\n";
			$templateCode.="\t\tdocument.getElementById('".$name."_link').style.visibility='visible';\n";
			$templateCode.="\t}\n";
			for($i=1; $i<10; $i++){
				$templateCode.="\tif(document.getElementById('".$name."_plink$i')!=undefined){\n";
				$templateCode.="\t\tdocument.getElementById('".$name."_plink$i').style.visibility='visible';\n";
				$templateCode.="\t}\n";
			}
		}

		$templateCode.=$jsReadOnly;

		if(!$selected_id){
		}

		$templateCode.="\n\tfunction validateData(){";
		$templateCode.="\n\t\tif(\$F('last_name')==''){ alert('".addslashes($Translation['error:']).' "Last name": '.addslashes($Translation['field not null'])."'); \$('last_name').focus(); return false; }";
		$templateCode.="\n\t\tif(\$F('first_name')==''){ alert('".addslashes($Translation['error:']).' "First name": '.addslashes($Translation['field not null'])."'); \$('first_name').focus(); return false; }";
		$templateCode.="\n\t\tif(\$F('gender')==''){ alert('".addslashes($Translation['error:']).' "Gender": '.addslashes($Translation['field not null'])."'); \$('gender').focus(); return false; }";
		$templateCode.="\n\t\treturn true;";
		$templateCode.="\n\t}";
		$templateCode.="\n</script>\n";
	}

	// ajaxed auto-fill fields
	$templateCode.="<script>";
	$templateCode.="document.observe('dom:loaded', function() {";


	$templateCode.="});";
	$templateCode.="</script>";

	// handle enforced parent values for read-only lookup fields

	// don't include blank images in lightbox gallery
	$templateCode=preg_replace('/blank.gif" rel="lightbox\[.*?\]"/', 'blank.gif"', $templateCode);

	// don't display empty email links
	$templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);

	// hook: patients_dv
	if(function_exists('patients_dv')){
		$args=array();
		patients_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
	}

	return $templateCode;
}
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: Symptoms and Diseases Database