When I upload a patient picture into the Patient Photograph category all is well. But when I go to the patient via Management->Current for the Patient Picture I get “can’t find the server at controller.php.” in the frame where the patients picture should be. I double checked the apache rights over the documents directory. The images are viewable in reports and in document management but not on the patients page.
I just looked at the code and noticed that Larry fixed my mistake of hardcoding the web root as /openemr. He fixed it six weeks ago, so if your installation is older than that and you named your $webroot other than /openemr, that might be the problem. The problem is in:
Ok
So I took a look at my apache error log and it says that $web_root is undefined when I access patient_picture.php. It is in my globals.php and set as default to /openemr as is my install.
I decided to test for a possible variable error by hard coding the web_root location (like it was in the previous version of patient_picture.php. And it worked.
I don’t think $web_root works. It should probably be $GLOBALS[‘webroot’].
I also changed it for my office so that the picture appears at the top of the page when I go into a patient chart. This way, I always see it and don’t have to scroll down.
Well I tried looking at the code to figure out how you go the picture on top, I noticed that demographics.php make reference to Patient ID. I uploaded a Patient ID into the Patient ID category, and guess what, it doesnt work.
So two questions:
1) What change did you make to get the picture on top.
2) What has to be done to get the Patient ID to work.
FYI: I tried changing $web_root for $GLOBALS[‘webroot’] in patient_picture.php and that didnt seem to work either, but if I were you I’d double check it.
I moved it to the top of the page, right under <body>. I guess if anyone goes through the trouble to use this feature, they probably want the picture at the top.
All of the other code for displaying the picture is in /openemr/interface/patient_file/summary/patient_picture.php. The documents category the pictures have to be in is ‘Patient Photograph’. If you want to change it to Patient ID, or anything else, go into patient_picture.php and look for this line:
$picture_directory = "Patient Photograph"; //change this if you want
I tried $GLOBALS[‘webroot’] for the path and it worked fine so I updated the file.
I highly recommend several changes to the patient picture.
1) Move the code block in demographics.php that displays the patient’s picture down. It ought to come after the security check on the page.
2) Put the patient picture HTML within a named and ID’d DIV tag. This will help with stylizing the site through CSS.
3) Put some restrictions in the patient_picture.php code so that only JPG images are loaded since the content type of the iFrame is hard-coded to PJPEG.
Thanks for the advice. I moved picture display code down to below the security check. I changed from an iframe to an img tag for displaying the picture. I put the img tag in a div with a name and class. I used class because more than one picture can be displayed. I sometimes include a picture of a family member or caretaker that comes in with the patient, so there may be two or more pictures. If you have a chance, let me know if everything looks ok.
This is probably something really stupid on my part but…
No image gets displayed on the patient current display. It can only be displayed in documents->Patient Photograph.
Here is the Apache log error I found.
"client denied by server configuration: /var/www/openemr/documents/1/mr-bean.jpg,…"
I have these set in the apache2/conf.d in secureemr.conf
<Directory /var/www/openemr/documents>
order deny,allow
Deny from all
</Directory>
<Directory /var/www/openemr/edi>
order deny,allow
Deny from all
</Directory>
<Directory /var/www/openemr/era>
order deny,allow
Deny from all
</Directory>
Really poor code to think users would leave the documents directory open to the public. To get this to work you’d need to remove the /var/www/openemr/documents stuff from conf.d file and remove the .htaccess file from the documents directory. Of course then your documents directory (all your patients confidential documents) would be open to anybody with a browser. The secure way to do this is to request it like it’s requested in the documents section (I think through the openemr/controllers/C_Document.class.php retrieve_action function).
Committed the fix to the /openemr/interface/patient_file/summary/patient_picture.php file. It now works well and goes through the openemr/controllers/C_Document.class.php retrieve function (so can keep your documents directory secure). It works well in the cvs version, however there may be some issues if you try this mod in version 3.0.1 since we have made some changes to the retrieve function since 3.0.1 release. Let us know how it goes.
Just thinking. Would it be useful to make the Patient Photograph a category in the install sql database?
I think would look like this (make Patient Photograph a sub-category of Patient Information):
INSERT INTO `categories` VALUES (1, ‘Categories’, ‘’, 0, 0, 9);
INSERT INTO `categories` VALUES (2, ‘Lab Report’, ‘’, 1, 1, 2);
INSERT INTO `categories` VALUES (3, ‘Medical Record’, ‘’, 1, 3, 4);
INSERT INTO `categories` VALUES (4, ‘Patient Information’, ‘’, 1, 5, 10);
INSERT INTO `categories` VALUES (5, ‘Patient ID card’, ‘’, 4, 6, 7);
INSERT INTO `categories` VALUES (5, ‘Patient Photograph’, ‘’, 4, 8, 9);