pbmc-cmod/app/Controllers/API_HISOrders.php

<?php
namespace App\Controllers;

use CodeIgniter\RESTful\ResourceController;

class API_HISOrders extends ResourceController {
	protected $format = 'json';
    
	public function index() {
		$db = \Config\Database::connect();
		$date1 = $this->request->getPost('date1');
		$date2 = $this->request->getPost('date2');
		$sql = "select o.ORDERID, o.VISITNUMBER, o.VISITDATE, o.PAYERNAME, o.TREATDOC, p.PATNUMBER, p.SEX, p.PATNAME,
			TESTS=stuff(( select ', '+t.HISCODE from
			( select t.HISCODE from cmod.dbo.CM_HIS_TESTS t 
				where t.ORDERID=o.ORDERID
			) as T
			for xml path('')),1,1,'')
			from cmod.dbo.CM_HIS_ORDERS o 
			left join cmod.dbo.CM_HIS_PATIENTS p on p.PATID=o.PATID";
		$query = $db->query($sql);
		$results = $query->getResultArray();
		$data['data'] = $results;
        return $this->respond($data,200);
    }
	
	public function detail($orderid) {
		$db = \Config\Database::connect();
		$sql = "select * from cmod.dbo.CM_HIS_ORDERS o where o.ORDERID='$orderid'";
		$query = $db->query($sql);
		$results = $query->getResultArray();
		$data['orders'] = $results;
		$sql = "select * from cmod.dbo.CM_HIS_TESTS where ORDERID='$orderid'";
		$query = $db->query($sql);
		$results = $query->getResultArray();
		$data['tests'] = $results;
        return $this->respond($data,200);
    }
	
	public function save() {
		$db = \Config\Database::connect();
		//Object { patid: "9", visitnumber: "9989", visitdate: "2024-12-13", treatdoc: "alam", payername: "mala", tests: (2) […] }
		$orderid = $this->request->getPost('orderid');
		$patid = $this->request->getPost('patid');
		$visitnumber = $this->request->getPost('visitnumber');
		$visitdate = $this->request->getPost('visitdate');
		$treatdoc = $this->request->getPost('treatdoc');
		$payername = $this->request->getPost('payername');
		$tests = $this->request->getPost('tests');
		
		if($orderid == '0') { 
			$sql = "INSERT INTO cmod.dbo.CM_HIS_ORDERS (PATID, VISITNUMBER, VISITDATE, TREATDOC, PAYERNAME) 
				VALUES ('$patid', '$visitnumber', '$visitdate', '$treatdoc', '$payername')";
		} else { 
			$sql = "UPDATE cmod.dbo.CM_HIS_ORDERS set PATID='$patid', VISITNUMBER='$visitnumber', VISITDATE='$visitdate',
				TREATDOC='$treatdoc', PAYERNAME='$payername' where ORDERID='$orderid'";  
		}
		
		// query HIS_ORDERS
		if( $db->query($sql) )  { 
			if($orderid == '0') { // new order
				$orderid = $db->insertID(); 
				$test = '';
				foreach($tests as $qtest) { $test .= "('$orderid', '$qtest'),"; }
				$test = rtrim($test, ",");
				$sql = "INSERT into cmod.dbo.CM_HIS_TESTS(ORDERID,HISCODE) VALUES $test";
			} else { // update
				$test = '';
				foreach($tests as $qtest) { $test .= "('$orderid', '$qtest'),"; }
				$test = rtrim($test, ",");				
				$sql = "MERGE INTO cmod.dbo.CM_HIS_TESTS AS t
					USING ( VALUES 
						$test
					) AS s (ORDERID, HISCODE) on s.ORDERID=t.ORDERID and s.HISCODE=t.HISCODE
					WHEN NOT MATCHED BY TARGET THEN
						INSERT (ORDERID, HISCODE)
						VALUES (s.ORDERID, s.HISCODE)
					WHEN NOT MATCHED BY SOURCE and t.ORDERID='$orderid' THEN
						UPDATE SET TESTSTATUS=1;";
			}
			
			// done
			if( $db->query($sql) )  { 
				return $this->respond(['message' => 'Save Success', 'sql' => $sql],201);
			} else {
				$response = [
					'errors' => $db->errors(),
					'message' => 'Query test error',
					'sql' => $sql
				];
				return $this->fail($response , 409);
			}
		} else {
			$response = [
				'errors' => $db->errors(),
				'message' => 'Query order error'
			];
			return $this->fail($response , 409);
        }
	}
	
	public function patSearch($patnumber) {
		$db = \Config\Database::connect();
		$sql = "select * from cmod.dbo.CM_HIS_PATIENTS where PATNUMBER like '%$patnumber%'";
		$query = $db->query($sql);
		$results = $query->getResultArray();
		$data['patients'] = $results;
        return $this->respond($data,200);
	}
	
	public function patDetail($patnumber) {
		$db = \Config\Database::connect();
		$sql = "select * from cmod.dbo.CM_HIS_PATIENTS where PATNUMBER='$patnumber'";
		$query = $db->query($sql);
		$results = $query->getResultArray();
		$data['patient'] = $results[0];
        return $this->respond($data,200);
	}
	
	public function patSave() {
		$db = \Config\Database::connect();
		$patid = $this->request->getPost('patid');
		$patnumber = $this->request->getPost('patnumber');
		$patname = $this->request->getPost('patname');
		$sex = $this->request->getPost('sex');
		$birthdate = $this->request->getPost('birthdate');
		$address = $this->request->getPost('address');
		$phone = $this->request->getPost('phone');
		if($patid == 0) {
			$sql = "INSERT INTO cmod.dbo.CM_HIS_PATIENTS (PATNUMBER, PATNAME, SEX, BIRTHDATE, ADDRESS, PHONE) 
				VALUES ('$patnumber', '$patname', '$sex', '$birthdate', '$address','$phone')";
		} else {
			$sql = "update cmod.dbo.CM_HIS_PATIENTS set PATNUMBER='$patnumber', PATNAME='$patname', 
				SEX='$sex', BIRTHDATE='$birthdate', ADDRESS='$address', PHONE='$phone' Where PATID='$patid'";
		}
		$query = $db->query($sql);
		if($patid == 0 ) { $patid = $db->insertID(); }
		$data['patid'] = $patid;
		$data['patnumber'] = $patnumber;
		$data['sql'] = $sql;
		return $this->respond($data , 200);	
	}
	
	public function resend($visitnumber) {
		$db = \Config\Database::connect();
		$sql = "update cmod.dbo.CM_HIS_ORDERS set ISTAKEN=null where VISITNUMBER='$visitnumber'";
        if( $db->query($sql) )  { 
			return $this->respond(['message' => 'Update Success'],201);
		} else {
			$response = [
				'errors' => $db->errors(),
				'message' => 'Query error'
			];
			return $this->fail($response , 409);
		}
	}
}