From 17acf294baa4112277fe410b8b5fb575ce7530a0 Mon Sep 17 00:00:00 2001 From: "sas.fajri" Date: Fri, 12 Jun 2026 13:50:52 +0700 Subject: [PATCH] FHM09062601IBL - cashierklinik/patient/search: PDP decrypt M_PatientName, fix bidx search Co-Authored-By: Claude Sonnet 4.6 --- .../klinik/cashierklinik/Patient.php | 101 ++++++++++-------- 1 file changed, 59 insertions(+), 42 deletions(-) diff --git a/application/controllers/klinik/cashierklinik/Patient.php b/application/controllers/klinik/cashierklinik/Patient.php index 6ef21030..c88687bd 100644 --- a/application/controllers/klinik/cashierklinik/Patient.php +++ b/application/controllers/klinik/cashierklinik/Patient.php @@ -10,7 +10,7 @@ class Patient extends MY_Controller { parent::__construct(); $this->db_onedev = $this->load->database("onedev", true); - //$this->db_onedev = $this->load->database("onedev", true); + $this->load->library('ibl_encryptor'); } public function add_notes($orderid){ @@ -61,62 +61,66 @@ class Patient extends MY_Controller */ $number_limit = 10; - $number_offset = ($prm['current_page'] - 1) * $number_limit ; - $where = " ( DATE(orderDate) = '{$startdate}' ) AND "; - if($search != ''){ - $where = "( M_PatientName LIKE '%{$search}%' OR orderNumber LIKE '%{$search}%' ) AND "; - if(strlen($search) == 11){ + $number_offset = ($prm['current_page'] - 1) * $number_limit; + $where = " ( DATE(orderDate) BETWEEN '{$startdate}' AND '{$enddate}' ) AND "; + if ($search != '') { + if (strlen($search) == 11) { $where = "orderNumber = '{$search}' AND "; + } else { + $tokens = $this->ibl_encryptor->query_tokens($search); + if ($tokens) { + $bidx_conds = implode(' AND ', array_map(function($h) { + return "JSON_CONTAINS(M_PatientName_bidx, '\"$h\"')"; + }, $tokens)); + $where = "( orderNumber LIKE '%{$search}%' OR ({$bidx_conds}) ) AND "; + } else { + $where = "orderNumber LIKE '%{$search}%' AND "; + } } } - - - $sql = " SELECT count(*) as total + $sql = "SELECT count(*) as total FROM one_klinik.`order` JOIN m_patient ON orderM_PatientID = M_PatientID - JOIN m_title ON M_PatientM_TitleID = M_TitleID + JOIN m_title ON M_PatientM_TitleID = M_TitleID JOIN m_sex ON M_PatientM_SexID = M_SexID WHERE $where ( ('{$status}' = 'N' AND orderIsLunas = 'N') OR ('{$status}' = 'Y' AND orderIsLunas = 'Y') )"; - $query = $this->db_onedev->query($sql, $sql_param); - - //echo $this->db_onedev->last_query(); - + $query = $this->db_onedev->query($sql); $tot_count = 0; - $tot_page = 0; + $tot_page = 0; if ($query) { $tot_count = $query->result_array()[0]["total"]; - $tot_page = ceil($tot_count/$number_limit); + $tot_page = ceil($tot_count / $number_limit); } else { - $this->sys_error_db("t_samplestorage count", $this->db_onedev); + $this->sys_error_db("patient count", $this->db_onedev); exit; - } - - - $sql = "SELECT orderID, + } + + $sql = "SELECT orderID, orderDate, orderNumber, orderM_PatientID, M_PatientNoReg, orderKeluhan, DATE_FORMAT(orderDate,'%d-%m-%Y %H:%i') as order_date, - CONCAT(M_TitleName,'. ',M_PatientName) as M_PatientName, - CONCAT(M_TitleLangName,'. ',M_PatientName) as M_PatientName_eng, - M_TitleName, + M_PatientName_enc, + M_PatientName AS patient_name_masked, + M_PatientPrefix, M_PatientSuffix, + M_TitleName, M_TitleLangName, orderTotal as totalbill, 0 as paid, 0 as unpaid, orderIsLunas as flaglunas, '' as notes, - 100 as mindp_percent, + 100 as mindp_percent, settingPriceDefault as mindp_amount, 0 as F_BillDetailID FROM one_klinik.`order` JOIN m_patient ON orderM_PatientID = M_PatientID - JOIN m_title ON M_PatientM_TitleID = M_TitleID + JOIN m_title ON M_PatientM_TitleID = M_TitleID JOIN m_sex ON M_PatientM_SexID = M_SexID JOIN one_klinik.`setting` ON settingIsActive = 'Y' WHERE @@ -124,23 +128,36 @@ class Patient extends MY_Controller ( ('{$status}' = 'N' AND orderIsLunas = 'N') OR ('{$status}' = 'Y' AND orderIsLunas = 'Y') ) GROUP BY orderID ORDER BY orderID ASC - limit $number_limit offset $number_offset"; - //echo $sql; - $query = $this->db_onedev->query($sql, $sql_param); - //echo $this->db_onedev->last_query(); - $rows = $query->result_array(); - if($rows){ - foreach($rows as $k => $v){ - $sql = "SELECT IFNULL(SUM(PaymentTotal),0) as total - FROM one_klinik.payment - WHERE - PaymentOrderID = ? AND PaymentIsActive = 'Y'"; - $data_payment = $this->db_onedev->query($sql, array($v['orderID']))->row(); - $unpaid = $v['totalbill'] - $data_payment->total; - $rows[$k]['unpaid'] = $unpaid; - $rows[$k]['paid'] = $data_payment->total; + LIMIT $number_limit OFFSET $number_offset"; - $rows[$k]['notes'] = $this->add_notes($v['orderID']); + $query = $this->db_onedev->query($sql); + if (!$query) { + $this->sys_error_db("patient rows", $this->db_onedev); + exit; + } + $rows = $query->result_array(); + $enc = $this->ibl_encryptor; + if ($rows) { + foreach ($rows as $k => $v) { + $p_name = $enc->decrypt($v['M_PatientName_enc'] ?? '') ?: $v['patient_name_masked']; + $title = $v['M_TitleName'] ? $v['M_TitleName'] . '. ' : ''; + $title_e = $v['M_TitleLangName'] ? $v['M_TitleLangName'] . '. ': ''; + $prefix = $v['M_PatientPrefix'] ? $v['M_PatientPrefix'] . ' ' : ''; + $suffix = $v['M_PatientSuffix'] ? ' ' . $v['M_PatientSuffix'] : ''; + $rows[$k]['M_PatientName'] = trim($title . $prefix . $p_name . $suffix); + $rows[$k]['M_PatientName_eng'] = trim($title_e . $prefix . $p_name . $suffix); + unset($rows[$k]['M_PatientName_enc'], $rows[$k]['patient_name_masked'], + $rows[$k]['M_PatientPrefix'], $rows[$k]['M_PatientSuffix'], + $rows[$k]['M_TitleLangName']); + + $data_payment = $this->db_onedev->query( + "SELECT IFNULL(SUM(PaymentTotal),0) as total FROM one_klinik.payment + WHERE PaymentOrderID = ? AND PaymentIsActive = 'Y'", + [$v['orderID']] + )->row(); + $rows[$k]['unpaid'] = $v['totalbill'] - $data_payment->total; + $rows[$k]['paid'] = $data_payment->total; + $rows[$k]['notes'] = $this->add_notes($v['orderID']); } }