Linux 软件免费装
Banner图

Referti IGEA

开发者 apiganti
更新时间 2026年7月15日 00:33
捐献地址: 去捐款
PHP版本: 7.4 及以上
WordPress版本: 7.0
版权: GPLv2 or later
版权网址: 版权信息

标签

download healthcare medical records referti area riservata

下载

1.0.0

详情介绍:

Referti IGEA adds a private area to your WordPress site where registered patients of a facility using the IGEA CRM by S0ft.it can download their medical reports (referti). Patients identify themselves with their Italian fiscal code (validated with check digit and "omocodia" support) and verify their identity with a one-time password sent via SMS or with a personal password issued in the "report ready" email — optionally combined (two-step verification). Reports are exported by the CRM to docs/{PATIENT_ID}/referti/ and registered with the PUSHReferto() helper, which updates the referti table and notifies the patient by email and/or SMS according to the plugin settings. Main features Security The API key never leaves the server: the patient's browser only talks to WordPress, which forwards requests to the CRM. Nonce on every call, field whitelisting, session tokens issued only after identity verification, ownership check on every download, path hardening on the CRM side, rate limiting per IP and per patient. Requirements This plugin is a connector: it requires an installation of the IGEA CRM by S0ft.it, reachable over HTTPS, with the referti_api.php endpoint, the referti_push.php helper, the SQL script (referti.sql) executed, and — for OTP and SMS notifications — an SMS provider configured. Without the CRM the plugin has no standalone functionality. More about the CRM: www.s0ft.it. External services This plugin sends data to the IGEA CRM server configured by the site administrator (URL and API key in the plugin settings). The data transmitted is what the patient enters in the form (fiscal code, verification codes or password) plus the visitor's IP address, used exclusively for anti-abuse rate limiting and access logging. Downloaded reports travel from your CRM server to the patient's browser through your WordPress site. No data is ever sent to S0ft.it or to any third party by this plugin: the destination server is chosen and operated by the site owner.

安装:

  1. Install and activate the plugin from Plugins → Add New, or upload the referti-igea folder to /wp-content/plugins/.
  2. On the IGEA CRM server: copy referti_api.php and referti_push.php into the ajax/ folder (next to orari.php), edit the API key, token secret and WordPress origin at the top of referti_api.php, and run the referti.sql script on the CRM database.
  3. Go to Settings → Referti IGEA and enter the API URL and key (the same key configured on the CRM).
  4. Choose the access method, notifications, visibility mode and the page that will contain the shortcode (its link is used in emails and SMS).
  5. Add the [referti_crm] shortcode to that page.
  6. In the CRM, call PUSHReferto($patientId, $fileName, $meta) after exporting each report file to docs/{patientId}/referti/. In "approval" visibility mode, call PubblicaReferto($reportId) to publish and notify.
  7. Optional: create the SEND_REF email template in the CRM templates_email table to customize the notification (placeholders: [nome] [cognome] [nominativo] [cf] [email] [cellulare] [tiporeferto] [descrizione] [specialita] [datareferto] [datadisponibile] [password] [linkreferti]).

屏幕截图:

  • Identity verification: SMS code or personal password
  • Report list with "new" badge and download
  • Plugin settings page

升级注意事项:

1.0.0 First release. Requires referti_api.php, referti_push.php and the referti.sql script on the IGEA CRM server.

常见问题:

Does the plugin work without the IGEA CRM?

No. It is a connector for the IGEA CRM by S0ft.it: report files, patient records, email and SMS sending all live on the CRM. The plugin provides the private area on the website and the secure connection.

Where are the report files stored?

On the CRM server, in docs/{PATIENT_ID}/referti/. They are streamed to the patient through WordPress only after identity verification and an ownership check; they are never copied to the WordPress server.

How does the patient get their personal password?

It is generated by PUSHReferto() the first time a report is published for that patient (when the access method includes the password) and delivered in the notification email. Only a hash is stored. If lost, the patient can use the SMS code (when enabled) or the secretary can regenerate it with the rigenera_password option of PUSHReferto().

Can new patients register from the website?

No. The reports area is reserved for patients already in the CRM archive: registration happens at the facility (or through the Prenotazioni IGEA plugin).

Is the plugin GDPR compliant?

Reports are health data: the plugin verifies the patient's identity before any access, never exposes clinical details in SMS, and logs every login and download with date and IP on the CRM. Overall compliance depends on the site owner's privacy policy and processes.

How do I customize the notification email?

Create the SEND_REF template in the CRM templates_email table (same mechanism as Prenotazioni IGEA). If the template does not exist, a built-in fallback body is used which, for confidentiality, does not include the clinical description of the report.

更新日志:

1.0.0