edit visit update

2026-03-22 13:03:15 +00:00 · 2026-03-22 13:03:15 +00:00 · e73384ddbc
commit e73384ddbc
parent 0d5768a3f8
4 changed files with 95 additions and 12 deletions
--- a/includes/actions.php
+++ b/includes/actions.php
@ -308,7 +308,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
            }
        } elseif ($_POST['action'] === 'edit_visit') {
            $id = $_POST['id'] ?? '';
-            $patient_id = $_POST['patient_id'] ?? '';
+            // Note: patient_id is not updated as it should be immutable
            $doctor_id = $_POST['doctor_id'] ?? '';
            $weight = $_POST['weight'] ?? '';
            $bp = $_POST['blood_pressure'] ?? '';
@ -318,9 +318,33 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
            $diagnosis = $_POST['diagnosis'] ?? '';
            $treatment = $_POST['treatment_plan'] ?? '';
            
-            if ($id && $patient_id && $doctor_id) {
-                $stmt = $db->prepare("UPDATE visits SET patient_id = ?, doctor_id = ?, weight = ?, blood_pressure = ?, heart_rate = ?, temperature = ?, symptoms = ?, diagnosis = ?, treatment_plan = ? WHERE id = ?");
-                $stmt->execute([$patient_id, $doctor_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment, $id]);
+            // Check for 24h restriction
+            $stmtSet = $db->prepare("SELECT setting_value FROM settings WHERE setting_key = 'disable_visit_edit_24h'");
+            $stmtSet->execute();
+            $setting = $stmtSet->fetch();
+            $disableEdit24h = ($setting && $setting['setting_value'] == '1');
+
+            if ($disableEdit24h && $id) {
+                $stmtDate = $db->prepare("SELECT visit_date FROM visits WHERE id = ?");
+                $stmtDate->execute([$id]);
+                $visit = $stmtDate->fetch();
+                
+                if ($visit) {
+                    $visitDate = new DateTime($visit['visit_date']);
+                    $now = new DateTime();
+                    // If more than 24 hours (86400 seconds)
+                    if (($now->getTimestamp() - $visitDate->getTimestamp()) > 86400) {
+                        $_SESSION['flash_message'] = __('error') . ': ' . __('disable_visit_edit_24h_desc');
+                        header("Location: " . $_SERVER['REQUEST_URI']);
+                        exit;
+                    }
+                }
+            }
+            
+            if ($id && $doctor_id) {
+                // Removed patient_id from UPDATE
+                $stmt = $db->prepare("UPDATE visits SET doctor_id = ?, weight = ?, blood_pressure = ?, heart_rate = ?, temperature = ?, symptoms = ?, diagnosis = ?, treatment_plan = ? WHERE id = ?");
+                $stmt->execute([$doctor_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment, $id]);
                $stmt = $db->prepare("DELETE FROM visit_prescriptions WHERE visit_id = ?");
                $stmt->execute([$id]);
                if (isset($_POST['prescriptions']) && is_array($_POST['prescriptions'])) {
--- a/includes/layout/footer.php
+++ b/includes/layout/footer.php
@ -1073,10 +1073,15 @@
                            </button>
                        </div>
                    </div>
+                    
+                    <div id="visitEditAlert" class="alert alert-warning mt-3 d-none">
+                        <i class="bi bi-exclamation-triangle-fill me-2"></i>
+                        <?php echo __('disable_visit_edit_24h_desc'); ?>
+                    </div>
                </div>
                <div class="modal-footer bg-light">
                    <button type="button" class="btn btn-secondary" data-bs-dismiss="modal"><?php echo __('cancel'); ?></button>
-                    <button type="submit" class="btn btn-primary px-4"><?php echo __('save'); ?></button>
+                    <button type="submit" class="btn btn-primary px-4" id="visitSaveBtn"><?php echo __('save'); ?></button>
                </div>
            </div>
        </form>
@ -1319,6 +1324,8 @@
 <script src="assets/js/ai_helper.js"></script>
 <script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
 <script>
+const disableVisitEdit24h = <?php echo !empty($settings['disable_visit_edit_24h']) ? 'true' : 'false'; ?>;
+
 // --- Patient Modals ---
 function showEditPatientModal(data) {
    document.getElementById('edit_patient_id').value = data.id;
@ -1353,6 +1360,13 @@ function showRecordVisitModal(patientId = null) {
    document.getElementById('visitId').value = '';
    document.getElementById('visitModalTitle').innerText = '<?php echo __('add_visit'); ?>';
    
+    // Enable patient select
+    $('#visit_patient_id').prop('disabled', false);
+    
+    // Reset UI state
+    document.getElementById('visitSaveBtn').disabled = false;
+    document.getElementById('visitEditAlert').classList.add('d-none');
+    
    // Reset Summernote fields
    $('#visit_symptoms').summernote('code', '');
    $('#visit_diagnosis').summernote('code', '');
@ -1381,6 +1395,39 @@ function showEditVisitModal(data) {
    document.getElementById('visitId').value = data.id;
    document.getElementById('visitModalTitle').innerText = '<?php echo __('edit_visit'); ?>';
    
+    // Disable patient select
+    $('#visit_patient_id').prop('disabled', true);
+    
+    // Check 24h restriction
+    let isEditable = true;
+    if (disableVisitEdit24h && data.visit_date) {
+        const visitDate = new Date(data.visit_date);
+        const now = new Date();
+        const diffHours = (now - visitDate) / 1000 / 60 / 60;
+        
+        if (diffHours > 24) {
+            isEditable = false;
+        }
+    }
+    
+    const saveBtn = document.getElementById('visitSaveBtn');
+    const alertBox = document.getElementById('visitEditAlert');
+    
+    if (!isEditable) {
+        saveBtn.disabled = true;
+        alertBox.classList.remove('d-none');
+        // Optionally disable inputs
+        $('#visitForm input, #visitForm select, #visitForm textarea').prop('disabled', true);
+        $('.summernote').summernote('disable');
+    } else {
+        saveBtn.disabled = false;
+        alertBox.classList.add('d-none');
+        $('#visitForm input, #visitForm select, #visitForm textarea').prop('disabled', false);
+        // Ensure patient ID stays disabled
+        $('#visit_patient_id').prop('disabled', true); 
+        $('.summernote').summernote('enable');
+    }
+    
    // Populate fields
    $('#visit_patient_id').val(data.patient_id).trigger('change');
    $('#visit_doctor_id').val(data.doctor_id).trigger('change');
--- a/includes/pages/settings.php
+++ b/includes/pages/settings.php
@ -75,6 +75,20 @@
                                <input type="time" class="form-control" id="working_hours_end" name="working_hours_end" value="<?php echo htmlspecialchars($settings['working_hours_end'] ?? '17:00'); ?>">
                            </div>

+                            <!-- Visit Settings -->
+                            <div class="col-12 mt-4"><hr></div>
+                            <div class="col-12 mb-2">
+                                <h6 class="fw-bold text-dark"><i class="bi bi-gear me-2"></i> <?php echo __('visit_settings'); ?></h6>
+                            </div>
+                            <div class="col-12">
+                                <div class="form-check form-switch">
+                                    <input type="hidden" name="disable_visit_edit_24h" value="0">
+                                    <input class="form-check-input" type="checkbox" id="disable_visit_edit_24h" name="disable_visit_edit_24h" value="1" <?php echo !empty($settings['disable_visit_edit_24h']) ? 'checked' : ''; ?>>
+                                    <label class="form-check-label" for="disable_visit_edit_24h"><?php echo __('disable_visit_edit_24h'); ?></label>
+                                    <div class="form-text text-muted"><?php echo __('disable_visit_edit_24h_desc'); ?></div>
+                                </div>
+                            </div>
+
                            <!-- Currency Settings -->
                            <div class="col-12 mt-4"><hr></div>
                            <div class="col-12 mb-2">
--- a/lang.php
+++ b/lang.php
@ -349,11 +349,9 @@ $translations = [
        'delete_employee' => 'Delete Employee',
        'select_position' => 'Select Position',
        'no_employees_found' => 'No employees found',
-        'add_employee' => 'Add Employee',
-        'edit_employee' => 'Edit Employee',
-        'delete_employee' => 'Delete Employee',
-        'select_position' => 'Select Position',
-        'no_employees_found' => 'No employees found',
+        'visit_settings' => 'Visit Settings',
+        'disable_visit_edit_24h' => 'Disable editing visits after 24 hours',
+        'disable_visit_edit_24h_desc' => 'If enabled, visits cannot be edited 24 hours after their creation.',
    ],
    'ar' => [
        'dashboard' => 'لوحة التحكم',