Menu
▾
▴
#31 Patches to track Prior Authorizations with more detail
We want to track prior authorizations so we can send out notifications about them.
Patch 1 -- Adds a sorely missing feature to our database abstraction layer.
Patch 2 -- Adds a new table to the creation routines in database.sql.
Patch 3 -- Adds a new page for adding, viewing, and deleting prior authorizations.
Patch 4 -- Adds a new section to the patient summary page that summarizes current prior authorizations and links to the management page.
Incomplete but slightly functional. Needs review. Forum topic for discussion: https://sourceforge.net/projects/openemr/forums/forum/202506/topic/3707288
Patches are against "patchset 2679", but still apply cleanly to HEAD.
a quick comment regarding patch #1:
This is included in the library/formdata.inc.php function. check out the file for more instructions.
Also can read more about those functions here:
http://www.openmedsoftware.org/wiki/Development_Policies#Input_Collection
and here:
http://www.openmedsoftware.org/wiki/Active_Projects#Clean_up_magic_quotes.2C_prevent_sql-injection.2C_and_prepare_for_PHP6
I'll try to review rest of code tonight
-brady
hey,
Here's some raw code review:
openemr/interface/patient_file/summary/stats.php:
----May not be able to use the auditSQLEvent function for low level error reporting; this is already built into every sqlStatement request. I don't think it's meant to be explicitly called. This fucntion (in library/log.inc) was recently added by Visolve, and would be good to clarify how/if can use as a custom function in the forums.
openemr/sql/database.sql
----stuff in there i don't know, so will defer to Rod
interface/patient_file/summary/prior_auths.php
----use the formdata.inc.php functions
----xl() of 'Add Prior Authorization' and 'Existing Prior Authorization' and 'Create New' and 'Clear'
----in xl() functions, no leading, trailing spaces within the strings and place the colon outside the translated string function
Can mover the discussion of how best to go about dealing with and reording prior authorization request in the forum thread.
-brady
BZIP-compressed tarball of patches.
New patch set. This should included all the fixes suggested by Brady, and also includes alterations to the Misc. Billing Options form to use a foreign key into the new table to replace where it was tracking a prior authorization number.
Still looking for more review. Please only try as a new install, I don't yet have the upgrade from the previous database layout documented or automated, yet.
OK, some feedback for you.
Regarding prior_auths.php:
Your date parsing logic looks like something we might see a lot of. Might want to make that a shared function somewhere.
Where you have:
} else if ($action == 'add') {
unset($pa_number, $pa_begin, $pa_end, $pa_service, $pa_units);
if (isset($_POST{'pa_number'}, ...
What are you guarding against? Keep in mind that code readability is important, and less code is easier to understand. If this is needed to sanitize input to your satisfaction, see if you can move that also to shared functions.
Regarding stats.php:
I wouldn't link to the PA management page here. This is for demographics. Suggest you use Notes/Messages or Documents as a model for navigation.
Other:
Check the code for other references to prior_auth_number. I do know that library/Claim.class.php has one of these.
Thanks!
Rod
hey,
put my code review in the forums:
http://sourceforge.net/projects/openemr/forums/forum/202506/topic/3707288/
-brady
-- I've taken my data parsing stuff and put it into formdata.inc.php
-- If register_globals was on, or if globals.php did extract($_POST), then $pa_end and $pa_begin would be set even if the date parsing failed. I've rearranged things a bit and the unset() should no longer be necessary there. Still, it doesn't hurt to be paranoid with global variables -- my names should be unique, but what if one included file starts using them?
is there new code? don't see it in files.
I haven't uploaded new code since your last review. I am still working on an upgrade script and chasing down the other uses of prior_auth_number in the code, before I make another upload.