The OpenEMR API

From OpenEMR Project Wiki
Revision as of 10:24, 8 December 2012 by Julia Longtin (talk | contribs) (begin documenting proper escaping.)

Overview

The OpenEMR API is divided into many modules, few of which have been documented.

There is presently a documentation project underway. please see OpenEMR API for an overview.

Core API

globals.php

globals.php defines a series of global variables, most of which are editable via the 'Administration->Globals' page.

The prefered method of including globals.php is to use require_once, providing a relative path from where your file is located, to interface/globals.php. for instance: require_once('../../globals.php');.

The following variables are common to use everywhere in OpenEMR:

Variable Used For Default Value.
$GLOBALS['athletic_team'] True if we need to check squads. part of 'sports team' functionality. False
$GLOBALS['concurrent_layout'] decide on target of back action in a form. True or False
$GLOBALS['encounter'] the ID of the current encounter, or empty for none. is_numeric() or ""
$GLOBALS['fileroot'] the path to the top of openemr in the filesystem. /var/www/openemr/
$GLOBALS['phone_country_code'] calendar code.
$GLOBALS['pid'] The unique identifier of the current patient. is_numeric(), or empty.
$GLOBALS['srcdir'] find files for inclusion. $webserver_root/library/
$GLOBALS['style']
$GLOBALS['webroot'] the path of the top of openemr, when generating URIs. /openemr/
$css_header include the global css stylesheet.
$tmore the text string that should be the label next to the page name, on a show form page.

The following variables are old, and depreciated.

Variable Use Reason for Depreciation
$top_bg_line colour selection. the same function can be accomplished by editing the global openemr CSS stylesheet.
$srcdir find includes. replaced by $GLOBALS['srcdir']

api.inc

The prefered method of including api.inc is to use require_once. for instance: require_once($GLOBALS['srcdir'].'/api.inc');.

The following functions are common to use everywhere in OpenEMR:

Function Use Accepts Returns
acl_check Check if a user has a given type or types of access to an access control object A category/subcategory describing a specific ACO, and optionally, a username to check, and type or types of access being requested TRUE or FALSE if a single type of access is being checked, or an array of TRUE/FALSE values coresponding to the types of access requested

htmlspecialchars.inc.php

htmlspecialchars.inc.php includes functionality for handling escaping of characters in html received from the client, and stored in the database.

The preferred method of including htmlspecialchars.inc.php is to use require_once. for instance: require_once($GLOBALS['srcdir'].'/htmlspecialchars.inc.php');.

The following functions should be used in OpenEMR, in leiu of calling htmlspecialchars:

Function Use Accepts Returns
text Escape a PHP string for use as (part of) an HTML / XML text node. The string to escape, possibly including "&", "<", or ">". The string, with "&", "<", and ">" escaped.

patient.inc

patient.inc includes functions for manipulating patient information.

The preferred method of including patient.inc is to use require_once. for instance: require_once($GLOBALS['srcdir'].'/patient.inc');.

The following functions are common to use everywhere in OpenEMR:

Function Use Accepts Returns
getPatientData Get a patient's demographic data. A patient ID, and optionally a subsection of the patient's demographic data to retrieve. The requested subsection of a patient's demographic data. If no subsection was given, returns everything, with the date of birth as the last field.

sql.inc

sql.inc includes functions for manipulating the database directly. Please try to use one of the APIs and the built in functions for manipulating/retrieving your data, rather than always reaching for a SQL statement.

The preferred method of including sql.inc is to use require_once. for instance: require_once($GLOBALS['srcdir'].'/sql.inc');.

Function Use Returns
sqlInsert perform insert query the id of the newly inserted row.
sqlStatement perform query result of mysql_query
sqlQuery perform query result of mysql_fetch_array

Forms API

The Forms API includes all of the functions required to create both per-encounter and non-encounter forms in the OpenEMR system. see The Forms API for more information.

Notes API

The Notes API manages non-medical notes, attached to a client's medical record. see The Notes API for more information.