Running OpenEMR Headless

mwhitlaw wrote on Wednesday, April 13, 2011:

I have a need to integrate some other applications with OpenEMR and am wondering if there’s a way to programmatically login to the the system and execute functionality. I was thinking of just using curl, but that seems to be a bit too much like screen scraping. Any help, suggestions or examples would be greatly appreciated.

penguin8r wrote on Wednesday, April 13, 2011:

Basically everything that happens in OpenEMR boils down to what’s in the database.  Using Perl/PHP to interact with MySQL will allow you to do virtually anything you want, but understand that interacting directly with the database can also be extremely risky if not done properly.  If you could give an example of what you’re trying to accomplish, someone on here may be able to give you a better idea of how it would best be done.

mwhitlaw wrote on Wednesday, April 13, 2011:

I am trying to avoid going directly against the database as this would bypass the logic and rules that are embedded in the php code, and preclude any code reuse that maybe available. I suppose a better way to pose my original question would be to ask if there is an API to the OpenEMR functionality, and if there’s not a formal API, maybe there’s some techniques for using the existing modules without going through an http session. What seems to be a big gotcha for me is that there are some security checks laced throughout the logic that rely on an http session (and security info) being established.

As an example, I’d like to initiate the lab_exchange.php from an external program or script.

Thanks,

Mike

mdsupport wrote on Thursday, April 14, 2011:

We have run into the same issue and settled on creating quick web services to publish the information about patients and encounters using authentication information in the request.  If it works well, we will allow updates.

mwhitlaw wrote on Thursday, April 14, 2011:

Yes, a Web Service interface would be perfect. Is there any framework or code set in place to facilitate that? Perhaps I could look at the implementation of the Quick Web Services you mentioned to see how it was accomplished.

mdsupport wrote on Thursday, April 14, 2011:

After reading your example, it looks like you are looking for automating certain processes.  Sorry.  Look at the email / sms send process and its scheduling instructions for cron jobs.

If you are still interested in web services, it is added to php through php-soap package.

mwhitlaw wrote on Thursday, April 14, 2011:

These examples still do not solve my original problem. I do not want to go directly against the DB. I’d rather call an existing OpenEMR function, like lab_exchange.php or creation of eligibility batch file. It seems that execution of those and similar functions rely on the session object, which gets populated by the UI login process.  So, my headless, non-ui,  process ould have to create and populate the execution environment “manually”. Is this possible? Is there example?

whimmel wrote on Thursday, April 14, 2011:

I started something like this a while ago but never finished. I used Zend Framework’s Soap Server classes to expose a few things to the outside. I made it authenticate against the regular user base (but with a separate ACL for web services) and set up the environment.  Subsequent calls to member functions would maintain the session.

It worked well but probably could be done without requiring yet another framework as a dependency.

mwhitlaw wrote on Thursday, April 14, 2011:

That sounds good, and I agree that it would be better to do it without yet another framework. Would you care to share an example of how you authenticated and set up the environment so that you could make calls to member functions.

whimmel wrote on Friday, April 15, 2011:

Looking back over it, I cheated. I authenticated manually and ignored library functions, but there’s no reason that the code in auth.inc couldn’t be used to set up the environment. Ideally, auth.inc itself would have to be separated into library functions or classes instead of assuming it’s going to run inline with GET or POST variables.

This was for pre-3.2 code that relied on groups:

private function Authenticate($group, $userid, $password) {
                // get md5 of the password
                $authPass = md5($password);
                // authenticate against EMR database...
                $authDB = sqlQuery("
                        select id, 
                               password,
                               facility_id
                          from users
                         where username = '$userid'
                ");
                if ($authDB['password'] == $authPass)
                {
                        //here, we check to see if the user is in fact a member of the correct group:
                        if (sqlQuery("
                                select *
                                  from groups 
                                 where user='$userid' 
                                   and name='$group'"))
                                return $authDB['facility_id'];
                }
                return false;
        }

But once you have a class that does what you need, it’s pretty easy (with ZF) to export it as a web service. The method above is a member of the class Integration:

require_once("Zend/Controller/Action.php");
require_once("Zend/Soap/Server.php");
require_once("Integration.php");
class IndexController extends Zend_Controller_Action
{
    public function indexAction() {
                $wsdl = Zend_Registry::get("wsdl");
                $server = new SoapServer($wsdl);
                $server->setClass('Integration');
                $server->handle();
                exit;
        }
}