BE_IBL/application/controllers/File_upload.php

<?php
/*
create table fpp (
   fppID int not null auto_increment primary key,
   fppT_OrderHeaderID int,
   fppUrl varchar(300),
   fppIsActive varchar(1) default 'Y',
   fppUserID int,
   fppCreated datetime default current_timestamp(),
   fppLastUpdated datetime default current_timestamp() on update current_timestamp(),
   key(fppT_OrderHeaderID),
   key(fppUserID),
   key(fppIsActive)
); 
 */
class File_upload extends MY_Controller
{
    function corss()
    {
        global $_SERVER;
        if (isset($_SERVER["HTTP_ORIGIN"])) {
            header("Access-Control-Allow-Origin: " . $_SERVER["HTTP_ORIGIN"]);
        } else {
            header("Access-Control-Allow-Origin: */*");
        }
        header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS");
        header(
            "Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization"
        );
        if (
            isset($_SERVER["REQUEST_METHOD"]) &&
            $_SERVER["REQUEST_METHOD"] == "OPTIONS"
        ) {
            http_response_code(200);
            echo json_encode("OK");
            exit();
        }
    }
    function get_param()
    {
        return json_decode(file_get_contents("php://input"), true);
    }
    function update_fpp()
    {
        $this->corss();
        $param = $this->get_param();
        $param["url"] = $param["url"];
        $userID = $this->sys_user["M_UserID"];
        if ($param["cmd"] == "replace") {
            $sql = "update fpp set fppUrl = ?, fppUserID = ?
            where fppT_OrderHeaderID = ?";
            $qry = $this->db->query($sql, [
                $param["url"],
                $userID,
                $param["orderHeaderID"],
            ]);
        } else {
            $sql =
                " insert into fpp (fppUrl, fppUserID, fppT_OrderHeaderID) values(?,?,?)";
            $qry = $this->db->query($sql, [
                $param["url"],
                $userID,
                $param["orderHeaderID"],
            ]);
        }
        if (!$qry) {
            echo json_encode([
                "status" => "ERR",
                "message" => $this->db->error()["message"],
            ]);
            exit();
        }
        echo json_encode(["status" => "OK", "message" => ""]);
    }
    function get_fpp($orderHeaderID)
    {
        $sql = "select fppUrl from fpp
         where fppT_OrderHeaderID = ? and fppIsActive = 'Y' ";
        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            echo json_encode([
                "status" => "ERR",
                "message" => $this->db->error()["message"],
            ]);
            exit();
        }
        $rows = $qry->result_array();
        echo json_encode(["status" => "OK", "rows" => $rows]);
    }
    function view_fpp($orderHeaderID)
    {
        $sql = "select fppUrl from fpp
         where fppT_OrderHeaderID = ? and fppIsActive = 'Y' ";
        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            echo "<div> Error : " . $this->db->error()["message"] . "</div>";
            exit();
        }
        $rows = $qry->result_array();
        if (count($rows) == 0) {
            echo "<div> Belum ada FPP </div>";
            exit();
        }
        $view = "";
        foreach ($rows as $r) {
            $pi = pathinfo($r["fppUrl"]);
            if ($pi["extenstion"] != "pdf") {
                $view .=
                    "<img src='" .
                    $r["fppUrl"] .
                    "' style='width:800px' /> <br/>";
            } else {
                $view .= "<a href='" . $r["fppUrl"] . "' > View FPP PDF </a>";
            }
        }
        echo "<div> $view </div>";
    }
    function upload_v2()
    {
        $this->corss();
        $file = $_FILES["file"];
        $host = "http://devone.aplikasi.web.id";
        $fpp_folder = "/data-fpp/";
        $param = $this->get_param();
        $userID = $this->sys_user["M_UserID"];
        if (!($userID > 0)) {
            echo json_encode([
                "status" => "ERR",
                "message" => "Authorization error",
            ]);
            exit();
        }
        $nolab = $_POST["nolab"];
        $orderHeaderID = $_POST["orderHeaderID"];
        $sql = "select fppID from fpp where fppT_OrderHeaderID=?
          and fppIsActive = 'Y'";
        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            echo json_encode([
                "status" => "ERR",
                "message" => $this->db->error()["message"],
            ]);
            exit();
        }
        $rows = $qry->result_array();
        $fppID = 0;
        if (count($rows) > 0) {
            $fppID = $rows[0]["fppID"];
        }
        if (file_exists($file["tmp_name"])) {
            $tmpName = tempnam($fpp_folder, "fpp-") . "-{$nolab}.pdf";
            $xname = substr($tmpName, strlen($fpp_folder));
            $upload_status = file_put_contents(
                $tmpName,
                file_get_contents($file["tmp_name"])
            );
            if (!$upload_status) {
                echo json_encode([
                    "status" => "ERR",
                    "message" => "Error Upload File",
                ]);
                exit();
            }
            $url = $host . "/one-api/file_upload/dlv2/" . $xname;
            if ($fppID == 0) {
                $sql = "insert into fpp (fppUrl, fppUserID, fppT_OrderHeaderID) values(?,?,?)";
                $qry = $this->db->query($sql, [$url, $userID, $orderHeaderID]);
            } else {
                $sql = "update fpp set fppUrl = ?, fppUserID = ?
                 where fppID = ?";
                $qry = $this->db->query($sql, [$url, $userID, $orderHeaderID]);
            }
            if (!$qry) {
                echo json_encode([
                    "status" => "ERR",
                    "message" => $this->db->error()["message"],
                ]);
                exit();
            }
            echo json_encode([
                "status" => "OK",
                "url" => $url,
            ]);
            exit();
        }
        echo json_encode([
            "status" => "ERR",
            "message" => "Failed upload file",
        ]);
    }
    function index()
    {
        $this->corss();
        $file = $_FILES["file"];
        $host = "";
        if (file_exists($file["tmp_name"])) {
            $tmpName = tempnam("/xtmp/", "fpp-") . $file["name"];
            $xname = substr($tmpName, 6);
            file_put_contents($tmpName, file_get_contents($file["tmp_name"]));
            $nolab = pathinfo($file["name"])["filename"];
            $order = $this->get_order($nolab);
            echo json_encode([
                "status" => "OK",
                "order" => $order,
                "name" => $file["name"],
                "url" => $host . "/one-api/file_upload/dl/" . $xname,
            ]);
            exit();
        }
        echo json_encode([
            "status" => "ERR",
            "message" => "Failed upload file",
        ]);
    }
    function get_order_by_id($headerID)
    {
        $sql = "select T_OrderHeaderID, T_OrderHeaderDate,
         T_OrderHeaderLabNumber, T_OrderHeaderLabNumberExt,
         T_OrderHeaderM_PatientID, T_OrderHeaderSenderM_DoctorID ,
         T_OrderHeaderSenderM_DoctorAddressID
         from t_orderheader
         where T_OrderHeaderID = ?
         and T_OrderHeaderIsActive = 'Y'";
        $qry = $this->db->query($sql, [$headerID]);
        $result = [];
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            echo json_encode($result);
            exit();
        }
        $rows = $qry->result_array();
        if (count($rows) == 0) {
            $result["status"] = "ERR";
            $result["message"] = "Order Lab tidak ada";
            echo json_encode($result);
            exit();
        }
        $orderHeaderID = $rows[0]["T_OrderHeaderID"];
        $orderDate = $rows[0]["T_OrderHeaderDate"];
        $labNo = $rows[0]["T_OrderHeaderLabNumber"];
        $labNoExt = $rows[0]["T_OrderHeaderLabNumberExt"];
        $doctorID = $rows[0]["T_OrderHeaderSenderM_DoctorID"];
        $patientID = $rows[0]["T_OrderHeaderM_PatientID"];
        $addressID = $rows[0]["T_OrderHeaderSenderM_DoctorAddressID"];

        $sql = "select fn_get_doctor_fullname(?) doctor,
         fn_get_patient_atribute(?) patient,
         M_DoctorAddressDescription
         from m_doctoraddress
         where M_DoctorAddressID = ?";
        $qry = $this->db->query($sql, [$doctorID, $patientID, $addressID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            echo json_encode($result);
            exit();
        }
        $rows = $qry->result_array();
        if (count($rows) == 0) {
            $result["status"] = "ERR";
            $result["message"] = "Alamat Dokter pengirim tidak ada";
            echo json_encode($result);
            exit();
        }
        $doctor = $rows[0]["doctor"];
        $address = $rows[0]["M_DoctorAddressDescrtiption"];
        $jpatient = json_decode($rows[0]["patient"], true);
        $patient = $jpatient["patient_fullname"];
        $sql = "select T_TestName 
         from t_orderdetail
         join t_test on T_OrderDetailT_OrderHeaderID = ?
            and T_OrderDetailIsActive = 'Y'
            and T_OrderDetailT_TestID = T_TestID 
               and T_TestIsPrice = 'Y'
         order by T_TestSasCode ";
        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            echo json_encode($result);
            exit();
        }
        $tests = $qry->result_array();
        $sql = "select fppUrl from fpp where fppT_OrderHeaderID=?";

        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            echo json_encode($result);
            exit();
        }
        $rows = $qry->result_array();
        $existingFpp = [];
        foreach ($rows as $r) {
            $existingFpp[] = $r["fppUrl"];
        }
        echo json_encode([
            "status" => "OK",
            "data" => [
                "orderHeaderID" => $orderHeaderID,
                "labNo" => $labNo,
                "labNoExt" => $labNoExt,
                "date" => $orderDate,
                "doctor" => $doctor,
                "address" => $address,
                "patient" => $patient,
                "test" => $tests,
                "status" => "OK",
                "haveExisting" => count($existingFpp) > 0,
                "existing" => $existingFpp,
                "message" => "",
            ],
        ]);
    }
    function get_order($nolab)
    {
        $sql = "select T_OrderHeaderID, T_OrderHeaderDate,
         T_OrderHeaderLabNumber, T_OrderHeaderLabNumberExt,
         T_OrderHeaderM_PatientID, T_OrderHeaderSenderM_DoctorID ,
         T_OrderHeaderSenderM_DoctorAddressID
         from t_orderheader
         where T_OrderHeaderLabNumber like ?
         or T_OrderHeaderLabNumberExt like ?
         and T_OrderHeaderIsActive = 'Y'";
        $param = "%" . $nolab;
        $qry = $this->db->query($sql, [$param, $param]);
        $result = [];
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            return $result;
        }
        $rows = $qry->result_array();
        if (count($rows) == 0) {
            $result["status"] = "ERR";
            $result["message"] = "Order dengan No. Lab $nolab tidak ada";
            return $result;
        }
        $orderHeaderID = $rows[0]["T_OrderHeaderID"];
        $orderDate = $rows[0]["T_OrderHeaderDate"];
        $labNo = $rows[0]["T_OrderHeaderLabNumber"];
        $labNoExt = $rows[0]["T_OrderHeaderLabNumberExt"];
        $doctorID = $rows[0]["T_OrderHeaderSenderM_DoctorID"];
        $patientID = $rows[0]["T_OrderHeaderM_PatientID"];
        $addressID = $rows[0]["T_OrderHeaderSenderM_DoctorAddressID"];

        $sql = "select fn_get_doctor_fullname(?) doctor,
         fn_get_patient_atribute(?) patient,
         M_DoctorAddressDescription
         from m_doctoraddress
         where M_DoctorAddressID = ?";
        $qry = $this->db->query($sql, [$doctorID, $patientID, $addressID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            return $result;
        }
        $rows = $qry->result_array();
        if (count($rows) == 0) {
            $result["status"] = "ERR";
            $result["message"] = "Alamat Dokter pengirim tidak ada";
            return $result;
        }
        $doctor = $rows[0]["doctor"];
        $address = $rows[0]["M_DoctorAddressDescrtiption"];
        $jpatient = json_decode($rows[0]["patient"], true);
        $patient = $jpatient["patient_fullname"];
        $sql = "select T_TestName 
         from t_orderdetail
         join t_test on T_OrderDetailT_OrderHeaderID = ?
            and T_OrderDetailIsActive = 'Y'
            and T_OrderDetailT_TestID = T_TestID 
               and T_TestIsPrice = 'Y'
         order by T_TestSasCode ";
        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            return $result;
        }
        $tests = $qry->result_array();
        $sql = "select fppUrl from fpp where fppT_OrderHeaderID=?";

        $qry = $this->db->query($sql, [$orderHeaderID]);
        if (!$qry) {
            $result["status"] = "ERR";
            $result["message"] = $this->db->error()["message"];
            return $result;
        }
        $rows = $qry->result_array();
        $existingFpp = [];
        foreach ($rows as $r) {
            $existingFpp[] = $r["fppUrl"];
        }
        return [
            "orderHeaderID" => $orderHeaderID,
            "labNo" => $labNo,
            "labNoExt" => $labNoExt,
            "date" => $orderDate,
            "doctor" => $doctor,
            "address" => $address,
            "patient" => $patient,
            "test" => $tests,
            "status" => "OK",
            "haveExisting" => count($existingFpp) > 0,
            "existing" => $existingFpp,
            "message" => "",
        ];
    }
    function dl($xname)
    {
        $fpath = "/xtmp/" . $xname;
        header("Content-type: " . $this->get_mime_type($fpath));
        echo file_get_contents($fpath);
    }
    function dlv2($xname)
    {
        $fpath = "/data-fpp/" . $xname;
        header("Content-type: " . $this->get_mime_type($fpath));
        echo file_get_contents($fpath);
    }

    function get_mime_type($filename)
    {
        $idx = explode(".", $filename);
        $count_explode = count($idx);
        $idx = strtolower($idx[$count_explode - 1]);

        $mimet = [
            "txt" => "text/plain",
            "htm" => "text/html",
            "html" => "text/html",
            "php" => "text/html",
            "css" => "text/css",
            "js" => "application/javascript",
            "json" => "application/json",
            "xml" => "application/xml",
            "swf" => "application/x-shockwave-flash",
            "flv" => "video/x-flv",

            // images
            "png" => "image/png",
            "jpe" => "image/jpeg",
            "jpeg" => "image/jpeg",
            "jpg" => "image/jpeg",
            "gif" => "image/gif",
            "bmp" => "image/bmp",
            "ico" => "image/vnd.microsoft.icon",
            "tiff" => "image/tiff",
            "tif" => "image/tiff",
            "svg" => "image/svg+xml",
            "svgz" => "image/svg+xml",

            // archives
            "zip" => "application/zip",
            "rar" => "application/x-rar-compressed",
            "exe" => "application/x-msdownload",
            "msi" => "application/x-msdownload",
            "cab" => "application/vnd.ms-cab-compressed",

            // audio/video
            "mp3" => "audio/mpeg",
            "qt" => "video/quicktime",
            "mov" => "video/quicktime",

            // adobe
            "pdf" => "application/pdf",
            "psd" => "image/vnd.adobe.photoshop",
            "ai" => "application/postscript",
            "eps" => "application/postscript",
            "ps" => "application/postscript",

            // ms office
            "doc" => "application/msword",
            "rtf" => "application/rtf",
            "xls" => "application/vnd.ms-excel",
            "ppt" => "application/vnd.ms-powerpoint",
            "docx" => "application/msword",
            "xlsx" => "application/vnd.ms-excel",
            "pptx" => "application/vnd.ms-powerpoint",

            // open office
            "odt" => "application/vnd.oasis.opendocument.text",
            "ods" => "application/vnd.oasis.opendocument.spreadsheet",
        ];

        if (isset($mimet[$idx])) {
            return $mimet[$idx];
        } else {
            return "application/octet-stream";
        }
    }
}
?>