2 /* +-----------------------------------------------------------------------------+
3 * OpenEMR - Open Source Electronic Medical Record
4 * Copyright (C) 2013 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 * @author Remesh Babu S <remesh@zhservices.com>
19 * +------------------------------------------------------------------------------+
22 namespace Application\Model
;
24 use Zend\Db\TableGateway\AbstractTableGateway
;
25 use Zend\Db\ResultSet\ResultSet
;
27 class ApplicationTable
extends AbstractTableGateway
29 protected $table = 'application';
34 * @param \Zend\Db\Adapter\Adapter $adapter
36 public function __construct()
38 $adapter = \Zend\Db\TableGateway\Feature\GlobalAdapterFeature
::getStaticAdapter();
39 $this->adapter
= $adapter;
40 $this->resultSetPrototype
= new ResultSet();
41 $this->resultSetPrototype
->setArrayObjectPrototype(new Application());
47 * All DB Transactions take place
49 * @param String $sql SQL Query Statment
50 * @param array $params SQL Parameters
51 * @param boolean $log Logging True / False
52 * @param boolean $error Error Display True / False
55 public function zQuery($sql, $params = '', $log = TRUE, $error = TRUE)
61 $statement = $this->adapter
->query($sql);
62 $return = $statement->execute($params);
64 } catch (\Zend\Db\Adapter\ExceptionInterface
$e) {
66 $this->errorHandler($e, $sql, $params);
68 } catch (\Exception
$e) {
70 $this->errorHandler($e, $sql, $params);
75 * Function auditSQLEvent
78 * using OpenEMR log function (auditSQLEvent)
79 * Path /library/log.inc
80 * Logging, if the $log is true
83 auditSQLEvent($sql, $result, $params);
89 * Function errorHandler
90 * All error display and log
91 * Display the Error, Line and File
92 * Same behavior of HelpfulDie fuction in OpenEMR
93 * Path /library/sql.inc
99 public function errorHandler($e, $sql, $binds = '')
101 $escaper = new \Zend\Escaper\
Escaper('utf-8');
102 $trace = $e->getTraceAsString();
103 $nLast = strpos($trace , '[internal function]');
104 $trace = substr($trace, 0, ($nLast - 3));
107 $logMsg .= "\r Exception: " . $escaper->escapeHtml($e->getMessage());
108 } while ($e = $e->getPrevious());
109 /** List all Params */
110 $processedBinds = "";
111 if (is_array($binds)) {
113 foreach ($binds as $valueBind) {
115 $processedBinds .= "'" . $valueBind . "'";
118 $processedBinds .= ",'" . $valueBind . "'";
121 if (!empty($processedBinds)) {
122 $processedBinds = "(" . $processedBinds . ")";
125 echo '<pre><span style="color: red;">';
126 echo 'ERROR : ' . $logMsg;
128 echo 'SQL statement : ' . $escaper->escapeHtml($sql);
129 echo $escaper->escapeHtml($processedBinds);
130 echo '</span></pre>';
135 $logMsg .= "\n SQL statement : $sql" . $processedBinds;
136 $logMsg .= "\n $trace";
137 error_log("ERROR: " . $logMsg, 0);
141 * Function quoteValue
142 * Escape Quotes in the value
147 public function quoteValue($value)
149 return $this->adapter
->platform
->quoteValue($value);
156 * Same Functionality in the OpemEMR
157 * for Left Nav ACL Check
158 * Path openemr/library/acl.inc
159 * Function Name zh_acl_check
161 * @param int $user_id Auth user Id
162 * $param String $section_identifier ACL Section id
165 public function zAclCheck($user_id,$section_identifier)
167 $sql_user_acl = " SELECT
168 COUNT(allowed) AS count
170 module_acl_user_settings AS usr_settings
171 LEFT JOIN module_acl_sections AS acl_sections
172 ON usr_settings.section_id = acl_sections.`section_id`
174 acl_sections.section_identifier = ? AND usr_settings.user_id = ? AND usr_settings.allowed = ?";
175 $sql_group_acl = " SELECT
176 COUNT(allowed) AS count
178 module_acl_group_settings AS group_settings
179 LEFT JOIN module_acl_sections AS acl_sections
180 ON group_settings.section_id = acl_sections.section_id
182 acl_sections.`section_identifier` = ? AND group_settings.group_id IN (?) AND group_settings.allowed = ?";
183 $sql_user_group = " SELECT
187 LEFT JOIN `gacl_groups_aro_map` AS gamp
188 ON garo.id = gamp.aro_id
189 LEFT JOIN `gacl_aro_groups` AS gagp
190 ON gagp.id = gamp.group_id
191 RIGHT JOIN `users_secure` usr
192 ON usr. username = garo.value
194 garo.section_value = ? AND usr. id = ?";
196 $res_groups = $this->zQuery($sql_user_group,array('users',$user_id));
198 foreach($res_groups as $row){
199 array_push($groups,$row['group_id']);
201 $groups_str = implode(",",$groups);
203 $count_user_denied = 0;
204 $count_user_allowed = 0;
205 $count_group_denied = 0;
206 $count_group_allowed = 0;
208 $res_user_denied = $this->zQuery($sql_user_acl,array($section_identifier,$user_id,0));
209 foreach($res_user_denied as $row){
210 $count_user_denied = $row['count'];
213 $res_user_allowed = $this->zQuery($sql_user_acl,array($section_identifier,$user_id,1));
214 foreach($res_user_allowed as $row){
215 $count_user_allowed = $row['count'];
218 $res_group_denied = $this->zQuery($sql_group_acl,array($section_identifier,$groups_str,0));
219 foreach($res_group_denied as $row){
220 $count_group_denied = $row['count'];
223 $res_group_allowed = $this->zQuery($sql_group_acl,array($section_identifier,$groups_str,1));
224 foreach($res_group_allowed as $row){
225 $count_group_allowed = $row['count'];
228 if($count_user_denied > 0)
230 elseif($count_user_allowed > 0)
232 elseif($count_group_denied > 0)
234 elseif($count_group_allowed > 0)