From e3be8d6b146259285f085ac83ebfab881064142e Mon Sep 17 00:00:00 2001 From: "sas.fajri" Date: Fri, 12 Jun 2026 10:37:37 +0700 Subject: [PATCH] FHM09062601IBL - klinik/patient/search: bidx search + decrypt patient_name Co-Authored-By: Claude Sonnet 4.6 --- application/controllers/klinik/Patient.php | 41 ++++++++++++++++------ 1 file changed, 31 insertions(+), 10 deletions(-) diff --git a/application/controllers/klinik/Patient.php b/application/controllers/klinik/Patient.php index ef312442..8455a3e3 100644 --- a/application/controllers/klinik/Patient.php +++ b/application/controllers/klinik/Patient.php @@ -7,6 +7,7 @@ class Patient extends MY_Controller { parent::__construct(); $this->db = $this->load->database("onedev", true); + $this->load->library('ibl_encryptor'); } function index() @@ -40,20 +41,33 @@ class Patient extends MY_Controller $where = " orderIsActive = 'Y' $filter_date"; + $bidx_where = ''; if ($search != "") { - $where .= " AND (orderNumber LIKE '{$search}' OR M_PatientName LIKE '{$search}')"; + $raw_search = trim($prm['search']); + $tokens = $this->ibl_encryptor->query_tokens($raw_search); + if ($tokens) { + $bidx_conds = implode(' AND ', array_map(function($h) { + return "JSON_CONTAINS(M_PatientName_bidx, '\"$h\"')"; + }, $tokens)); + $bidx_where = " AND (orderNumber LIKE '{$search}' OR ({$bidx_conds}))"; + } else { + $bidx_where = " AND orderNumber LIKE '{$search}'"; + } + $where .= $bidx_where; } $sql_total = "SELECT COUNT(*) as total FROM ( SELECT `order`.*,S_MenuUrl, DATE_FORMAT(orderDate, '%d-%m-%Y %H:%i') as order_date, - CONCAT(M_TitleName,'. ',M_PatientName) as patient_fullname, + M_PatientName_enc as patient_name_enc, + M_PatientName as patient_name_masked, + M_PatientPrefix, M_PatientSuffix, M_TitleName, IFNULL(T_OrderHeaderLabNumber,'-') as labnumber FROM one_klinik.order JOIN m_patient ON orderM_PatientID = M_PatientID AND M_PatientIsActive = 'Y' JOIN s_menu ON S_MenuName = 'Registration' AND S_MenuIsActive = 'Y' - JOIN m_title ON M_PatientM_TitleID = M_TitleID + JOIN m_title ON M_PatientM_TitleID = M_TitleID AND M_TitleIsActive = 'Y' LEFT JOIN t_orderheader ON orderT_OrderHeaderID = T_OrderHeaderID WHERE $where @@ -74,13 +88,15 @@ class Patient extends MY_Controller $sql = "SELECT * FROM ( SELECT `order`.*,S_MenuUrl, DATE_FORMAT(orderDate, '%d-%m-%Y %H:%i') as order_date, - CONCAT(M_TitleName,'. ',M_PatientName) as patient_fullname, + M_PatientName_enc as patient_name_enc, + M_PatientName as patient_name_masked, + M_PatientPrefix, M_PatientSuffix, M_TitleName, IFNULL(T_OrderHeaderLabNumber,'-') as labnumber FROM one_klinik.order JOIN m_patient ON orderM_PatientID = M_PatientID AND M_PatientIsActive = 'Y' JOIN s_menu ON S_MenuName = 'Registration' AND S_MenuIsActive = 'Y' - JOIN m_title ON M_PatientM_TitleID = M_TitleID + JOIN m_title ON M_PatientM_TitleID = M_TitleID AND M_TitleIsActive = 'Y' LEFT JOIN t_orderheader ON orderT_OrderHeaderID = T_OrderHeaderID WHERE $where @@ -89,12 +105,17 @@ class Patient extends MY_Controller limit 0, $tot_count"; $qry = $this->db->query($sql); - $last_query = $this->db->last_query(); - // echo $last_query; - // exit; - if ($qry) { - $rows = $qry->result_array(); + $enc = $this->ibl_encryptor; + $rows = array_map(function($row) use ($enc) { + $name = $enc->decrypt($row['patient_name_enc'] ?? '') ?: $row['patient_name_masked']; + $title = $row['M_TitleName'] ? $row['M_TitleName'] . '. ' : ''; + $prefix = $row['M_PatientPrefix'] ? $row['M_PatientPrefix'] . ' ' : ''; + $suffix = $row['M_PatientSuffix'] ? ' ' . $row['M_PatientSuffix'] : ''; + $row['patient_fullname'] = trim($title . $prefix . $name . $suffix); + unset($row['patient_name_enc'], $row['patient_name_masked']); + return $row; + }, $qry->result_array()); } else { $this->sys_error_db("Select order error", $this->db); exit;