FHM31052601IBL - sampling & klinik controllers: decrypt PII pasien untuk pengambilan sampel
- samplinglab-v15, samplingradiodiagnostic-v5, samplingelectromedis-v5, doctorclinicv2: search via bidx, nolab search tanpa nama, decrypt di hasil - sampling-lab-mobile-cpone-v10: decrypt nama/HP/email/DOB/NIP - klinik/Registrationv3: search bidx (nama/HP/DOB/NIK), hapus address search, decrypt Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
sas.fajri
@@ -13,6 +13,7 @@ class Registrationv3 extends MY_Controller
|
||||
$this->db_onedev = $this->load->database("onedev", true);
|
||||
$this->db_oneklinik = $this->load->database("onedev", true);
|
||||
$this->db_antrione = $this->load->database("antrione", true);
|
||||
$this->load->library('ibl_encryptor');
|
||||
// $this->IP_SOCKET_IO = "devone.aplikasi.web.id";
|
||||
|
||||
$this->IP_SOCKET_IO = "localhost";
|
||||
@@ -875,18 +876,47 @@ class Registrationv3 extends MY_Controller
|
||||
if ($prm['snorm'] == '') {
|
||||
if ($prm['search'] != '') {
|
||||
$e = explode('+', $prm['search']);
|
||||
if (isset($e[0])) {
|
||||
$e[0] = str_replace("'", "\\'", $e[0]);
|
||||
$q['name'] = "AND M_PatientName LIKE '%{$e[0]}%'";
|
||||
// nama via trigram bidx
|
||||
if (!empty($e[0]) && mb_strlen(trim($e[0])) >= 3) {
|
||||
$toks = $this->ibl_encryptor->query_tokens($e[0]);
|
||||
$conds = [];
|
||||
foreach ($toks as $tok) {
|
||||
$tok_esc = $this->db_onedev->escape_str($tok);
|
||||
$conds[] = "JSON_CONTAINS(M_PatientName_bidx, '\"$tok_esc\"')";
|
||||
}
|
||||
if ($conds) $q['name'] = 'AND (' . implode(' AND ', $conds) . ')';
|
||||
}
|
||||
// HP via trigram bidx
|
||||
if (!empty($e[1]) && mb_strlen(trim($e[1])) >= 3) {
|
||||
$toks = $this->ibl_encryptor->query_tokens($e[1]);
|
||||
$conds = [];
|
||||
foreach ($toks as $tok) {
|
||||
$tok_esc = $this->db_onedev->escape_str($tok);
|
||||
$conds[] = "JSON_CONTAINS(M_PatientHP_bidx, '\"$tok_esc\"')";
|
||||
}
|
||||
if ($conds) $q['hp'] = 'AND (' . implode(' AND ', $conds) . ')';
|
||||
}
|
||||
// DOB via trigram bidx
|
||||
if (!empty($e[2]) && mb_strlen(trim($e[2])) >= 3) {
|
||||
$toks = $this->ibl_encryptor->query_tokens($e[2]);
|
||||
$conds = [];
|
||||
foreach ($toks as $tok) {
|
||||
$tok_esc = $this->db_onedev->escape_str($tok);
|
||||
$conds[] = "JSON_CONTAINS(M_PatientDOB_bidx, '\"$tok_esc\"')";
|
||||
}
|
||||
if ($conds) $q['dob'] = 'AND (' . implode(' AND ', $conds) . ')';
|
||||
}
|
||||
// Alamat dihapus dari search
|
||||
// NIK via trigram bidx (e[3] — sebelumnya e[4])
|
||||
if (!empty($e[3]) && mb_strlen(trim($e[3])) >= 3) {
|
||||
$toks = $this->ibl_encryptor->query_tokens($e[3]);
|
||||
$conds = [];
|
||||
foreach ($toks as $tok) {
|
||||
$tok_esc = $this->db_onedev->escape_str($tok);
|
||||
$conds[] = "JSON_CONTAINS(M_PatientNIK_bidx, '\"$tok_esc\"')";
|
||||
}
|
||||
if ($conds) $q['nik'] = 'AND (' . implode(' AND ', $conds) . ')';
|
||||
}
|
||||
if (isset($e[1]))
|
||||
$q['hp'] = "AND ((M_PatientHP LIKE '%{$e[1]}%' and M_PatientHP IS NOT NULL) OR (M_PatientHP IS NULL AND '{$e[1]}' = ''))";
|
||||
if (isset($e[2]))
|
||||
$q['dob'] = "AND ((DATE_FORMAT(M_PatientDOB, '%d-%m-%Y') LIKE '%{$e[2]}%' and M_PatientDOB IS NOT NULL) OR (M_PatientDOB IS NULL AND '{$e[2]}' = ''))";
|
||||
if (isset($e[3]))
|
||||
$q['address'] = "AND M_PatientAddressDescription LIKE '%{$e[3]}%'";
|
||||
if (isset($e[4]))
|
||||
$q['nik'] = "AND M_PatientIDNumber = '{$e[4]}'";
|
||||
}
|
||||
} else {
|
||||
$q_pid = "AND M_PatientNoReg = '{$prm['snorm']}'";
|
||||
@@ -900,14 +930,10 @@ class Registrationv3 extends MY_Controller
|
||||
$sql = "SELECT 'N' divider,M_PatientID,
|
||||
M_PatientNoReg,
|
||||
M_PatientPrefix,
|
||||
M_PatientName,
|
||||
M_PatientName_enc, M_PatientHP_enc, M_PatientEmail_enc,
|
||||
M_PatientPOB_enc, M_PatientPhone_enc, M_PatientIDNumber_enc, M_PatientNIK_enc,
|
||||
M_PatientDOB_enc, M_PatientDOB as dob_raw,
|
||||
M_PatientSuffix,
|
||||
M_PatientHP,
|
||||
M_PatientEmail,
|
||||
M_PatientPOB,
|
||||
M_PatientPhone,
|
||||
M_PatientIDNumber,
|
||||
DATE_FORMAT(M_PatientDOB,'%d-%m-%Y') as M_PatientDOB,
|
||||
M_PatientNote,
|
||||
M_PatientNIK,
|
||||
M_PatientJabatan,
|
||||
@@ -953,10 +979,22 @@ class Registrationv3 extends MY_Controller
|
||||
|
||||
if ($query) {
|
||||
$rows = $query->result_array();
|
||||
$enc = $this->ibl_encryptor;
|
||||
|
||||
foreach ($rows as $k => $v) {
|
||||
$rows[$k]['M_PatientName'] = stripslashes($rows[$k]['M_PatientName']);
|
||||
$rows[$k]['M_PatientAddressDescription'] = stripslashes($v['M_PatientAddressDescription']);
|
||||
$rows[$k]['M_PatientName'] = $enc->decrypt($v['M_PatientName_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientHP'] = $enc->decrypt($v['M_PatientHP_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientEmail'] = $enc->decrypt($v['M_PatientEmail_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientPOB'] = $enc->decrypt($v['M_PatientPOB_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientPhone'] = $enc->decrypt($v['M_PatientPhone_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientIDNumber'] = $enc->decrypt($v['M_PatientIDNumber_enc']?? '') ?? '';
|
||||
$rows[$k]['M_PatientNIK'] = $enc->decrypt($v['M_PatientNIK_enc'] ?? '') ?? '';
|
||||
$rows[$k]['M_PatientDOB'] = $enc->decrypt($v['M_PatientDOB_enc'] ?? '') ?? date('d-m-Y', strtotime($v['dob_raw'] ?? 'now'));
|
||||
$rows[$k]['M_PatientAddressDescription'] = $enc->decrypt($v['M_PatientAddressDescription_enc'] ?? '') ?? '';
|
||||
foreach (array_keys($rows[$k]) as $col) {
|
||||
if (substr($col, -4) === '_enc') unset($rows[$k][$col]);
|
||||
}
|
||||
unset($rows[$k]['dob_raw']);
|
||||
$patient_name = str_replace("'", "\\'", $prm['M_PatientName']);
|
||||
$sql = "SELECT *, concat('{$rows[$k]['M_PatientAddressDescription']}', '\n\n',
|
||||
m_kelurahanname, ', ',
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -12,6 +12,7 @@ class Patient extends MY_Controller
|
||||
parent::__construct();
|
||||
$this->db_onedev = $this->load->database("onedev", true);
|
||||
$this->load->library('Nonlabtemplate');
|
||||
$this->load->library('ibl_encryptor');
|
||||
$this->IP_SOCKET_IO = "127.0.0.1";
|
||||
}
|
||||
|
||||
@@ -127,16 +128,16 @@ class Patient extends MY_Controller
|
||||
SELECT DATE_FORMAT(T_OrderHeaderDate,'%d-%m-%Y %H:%i') as order_date,
|
||||
T_OrderHeaderLabNumber as labnumber,
|
||||
T_OrderHeaderM_PatientAge as patient_age,
|
||||
M_PatientName as patient_name,
|
||||
M_PatientName_enc as patient_name_enc,
|
||||
M_PatientNoReg as noreg,
|
||||
M_SexName as gender,
|
||||
DATE_FORMAT(M_PatientDOB,'%d-%m-%Y') as dob,
|
||||
M_PatientDOB_enc as dob_enc, M_PatientDOB as dob_raw,
|
||||
M_PatientJob as job,
|
||||
M_PatientPosisi as posisi,
|
||||
IF(M_PatientDivisi = '','-',M_PatientDivisi) as divisi,
|
||||
M_PatientHp as hp,
|
||||
M_PatientNIP as nip,
|
||||
M_PatientEmail as email,
|
||||
M_PatientHP_enc as hp_enc,
|
||||
M_PatientNIP_enc as nip_enc,
|
||||
M_PatientEmail_enc as email_enc,
|
||||
M_PatientPhoto as photo,
|
||||
T_OrderHeaderID as xid,
|
||||
0 as testid,
|
||||
@@ -208,6 +209,15 @@ class Patient extends MY_Controller
|
||||
}
|
||||
|
||||
$data_patient = $query->row_array();
|
||||
if ($data_patient) {
|
||||
$enc = $this->ibl_encryptor;
|
||||
$data_patient['patient_name'] = $enc->decrypt($data_patient['patient_name_enc'] ?? '') ?? '';
|
||||
$data_patient['hp'] = $enc->decrypt($data_patient['hp_enc'] ?? '') ?? '';
|
||||
$data_patient['email'] = $enc->decrypt($data_patient['email_enc'] ?? '') ?? '';
|
||||
$data_patient['nip'] = $enc->decrypt($data_patient['nip_enc'] ?? '') ?? '';
|
||||
$data_patient['dob'] = $enc->decrypt($data_patient['dob_enc'] ?? '') ?? date('d-m-Y', strtotime($data_patient['dob_raw'] ?? 'now'));
|
||||
unset($data_patient['patient_name_enc'], $data_patient['hp_enc'], $data_patient['email_enc'], $data_patient['nip_enc'], $data_patient['dob_enc'], $data_patient['dob_raw']);
|
||||
}
|
||||
if (intval($stationid) == 11 || intval($stationid) == 35) {
|
||||
$sql = "SELECT
|
||||
T_SamplingAdditionalFisikBBTBID,
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -11,6 +11,7 @@ class Samplingcall extends MY_Controller
|
||||
{
|
||||
parent::__construct();
|
||||
$this->db_onedev = $this->load->database("onedev", true);
|
||||
$this->load->library('ibl_encryptor');
|
||||
// $this->IP_SOCKET_IO = "devone.aplikasi.web.id";
|
||||
$this->IP_SOCKET_IO = "localhost";
|
||||
}
|
||||
@@ -181,17 +182,17 @@ class Samplingcall extends MY_Controller
|
||||
$sql_where = "WHERE T_OrderHeaderIsActive = 'Y' AND ( DATE(T_OrderHeaderAddonIsComingDate) = '{$xdate}' OR DATE(T_OrderHeaderDate) = '{$xdate}' ) {$where_status}";
|
||||
|
||||
//$sql_param = array();
|
||||
if ($name != "") {
|
||||
if ($sql_where != "") {
|
||||
$sql_where .= " and ";
|
||||
if ($name != "" && mb_strlen(trim($name)) >= 3) {
|
||||
$toks = $this->ibl_encryptor->query_tokens($name);
|
||||
foreach ($toks as $tok) {
|
||||
$tok_esc = $this->db_onedev->escape_str($tok);
|
||||
$sql_where .= " AND JSON_CONTAINS(M_PatientName_bidx, '\"$tok_esc\"')";
|
||||
}
|
||||
$sql_where .= " M_PatientName like '%$name%' ";
|
||||
//$sql_param[] = "%$nama%";
|
||||
}
|
||||
$filter_search = '';
|
||||
if ($nolab != "") {
|
||||
|
||||
$filter_search = "WHERE ( T_OrderHeaderLabNumber like '%$nolab%' OR M_PatientName like '%$nolab%' OR T_OrderHeaderLabNumberExt like '%$nolab%' )";
|
||||
// Hanya cari by nomor lab — nama pasien sudah dimasking
|
||||
$filter_search = "WHERE ( T_OrderHeaderLabNumber like '%$nolab%' OR T_OrderHeaderLabNumberExt like '%$nolab%' )";
|
||||
}
|
||||
|
||||
if ($search != '') {
|
||||
@@ -207,11 +208,10 @@ class Samplingcall extends MY_Controller
|
||||
IFNULL(M_PatientPhotoThumb,'') as M_PatientPhotoThumb,
|
||||
M_SexName as M_SexName,
|
||||
M_TitleName as M_TitleName,
|
||||
CONCAT(M_TitleName,' ',M_PatientName) as patient_fullname,
|
||||
M_PatientName as M_PatientName,
|
||||
M_PatientName_enc, M_PatientDOB_enc, M_TitleName,
|
||||
M_CompanyName,
|
||||
fn_sampling_queue_status_name(T_OrderHeaderID,T_SampleStationID) as status,
|
||||
DATE_FORMAT(M_PatientDOB,'%d-%m-%Y') as patient_dob,
|
||||
M_PatientDOB as patient_dob_raw,
|
||||
fn_sampling_queue_status_id(T_OrderHeaderID,T_SampleStationID) as statusid, T_SampleStationID, T_SampleTypeID,
|
||||
T_SampleStationID as stationid,
|
||||
fn_fo_get_laststatus(T_OrderHeaderID) as last_status_fo,
|
||||
@@ -257,13 +257,17 @@ class Samplingcall extends MY_Controller
|
||||
$query = $this->db_onedev->query($sql);
|
||||
//echo $this->db_onedev->last_query();
|
||||
$rows = $query->result_array();
|
||||
//$rst = array_merge($rows_cito,$rows_not_cito);
|
||||
//$this->_add_address($rows);
|
||||
if($rows){
|
||||
if ($rows) {
|
||||
$enc = $this->ibl_encryptor;
|
||||
$count_arr = count($rows);
|
||||
foreach ($rows as $key => $value) {
|
||||
if($key+1 != $count_arr){
|
||||
$rows[$key]['skip_time'] = $rows[$key+1]['antri_time'];
|
||||
$name = $enc->decrypt($value['M_PatientName_enc']) ?? '';
|
||||
$rows[$key]['M_PatientName'] = $name;
|
||||
$rows[$key]['patient_fullname'] = trim(($value['M_TitleName'] ? $value['M_TitleName'] . ' ' : '') . $name);
|
||||
$rows[$key]['patient_dob'] = $enc->decrypt($value['M_PatientDOB_enc']) ?? date('d-m-Y', strtotime($value['patient_dob_raw']));
|
||||
unset($rows[$key]['M_PatientName_enc'], $rows[$key]['M_PatientDOB_enc'], $rows[$key]['patient_dob_raw']);
|
||||
if ($key + 1 != $count_arr) {
|
||||
$rows[$key]['skip_time'] = $rows[$key + 1]['antri_time'];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -400,9 +404,9 @@ class Samplingcall extends MY_Controller
|
||||
|
||||
$sql_where = "WHERE T_OrderHeaderLabNumber LIKE '{$search}' AND T_OrderHeaderIsActive = 'Y' {$where_status}";
|
||||
$rows = [];
|
||||
$query = "SELECT t_orderheader.*,m_patient.*, IFNULL(M_PatientPhoto,'') as M_PatientPhotoThumb,
|
||||
M_SexName, M_TitleName, CONCAT(M_TitleName,' ',M_PatientName) as patient_fullname, M_CompanyName,
|
||||
IF(ISNULL(T_SamplingQueueLastStatusID), 'New',T_SamplingQueueStatusName) as status, DATE_FORMAT(M_PatientDOB,'%d-%m-%Y') as patient_dob,
|
||||
$query = "SELECT t_orderheader.*, IFNULL(M_PatientPhoto,'') as M_PatientPhotoThumb,
|
||||
M_SexName, M_TitleName, M_PatientName_enc, M_PatientDOB_enc, M_PatientDOB as patient_dob_raw, M_CompanyName,
|
||||
IF(ISNULL(T_SamplingQueueLastStatusID), 'New',T_SamplingQueueStatusName) as status,
|
||||
IF(ISNULL(T_SamplingQueueLastStatusID), 0,T_SamplingQueueLastStatusT_SamplingQueueStatusID) as statusid, T_SampleStationID, T_SampleTypeID,
|
||||
{$stationid} as stationid,
|
||||
fn_global_check_is_cito(T_OrderHeaderID) as iscito
|
||||
@@ -431,12 +435,16 @@ class Samplingcall extends MY_Controller
|
||||
ORDER BY T_OrderHeaderID DESC
|
||||
limit 1";
|
||||
//echo $query;
|
||||
$rows = $this->db_onedev->query($query)->row();
|
||||
|
||||
$result = array(
|
||||
"total" => count($rows),
|
||||
"records" => $rows,
|
||||
);
|
||||
$row = $this->db_onedev->query($query)->row_array();
|
||||
if ($row) {
|
||||
$enc = $this->ibl_encryptor;
|
||||
$name = $enc->decrypt($row['M_PatientName_enc']) ?? '';
|
||||
$row['M_PatientName'] = $name;
|
||||
$row['patient_fullname'] = trim(($row['M_TitleName'] ? $row['M_TitleName'] . ' ' : '') . $name);
|
||||
$row['patient_dob'] = $enc->decrypt($row['M_PatientDOB_enc']) ?? date('d-m-Y', strtotime($row['patient_dob_raw']));
|
||||
unset($row['M_PatientName_enc'], $row['M_PatientDOB_enc'], $row['patient_dob_raw']);
|
||||
}
|
||||
$result = array("total" => 1, "records" => $row);
|
||||
$this->sys_ok($result);
|
||||
exit;
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user