2 include_once("../globals.php");
3 include_once("$srcdir/auth.inc");
4 include_once("../../library/acl.inc");
6 include_once("$srcdir/md5.js");
7 include_once("$srcdir/sql.inc");
8 require_once(dirname(__FILE__
) . "/../../library/classes/WSProvider.class.php");
15 <link rel
=stylesheet href
="<?echo $css_header;?>" type
="text/css">
18 <body
<?
echo $top_bg_line;?
> topmargin
=0 rightmargin
=0 leftmargin
=2 bottommargin
=0 marginwidth
=2 marginheight
=0>
21 <a href
="usergroup_admin.php"><span
class="title"><?
xl('User Administration','e'); ?
></span
></a
>
25 if (!$_GET["id"] ||
!acl_check('admin', 'users'))
28 if ($_GET["mode"] == "update") {
29 if ($_GET["username"]) {
30 $tqvar = addslashes($_GET["username"]);
31 $user_data = mysql_fetch_array(sqlStatement("select * from users where id={$_GET["id
"]}"));
32 sqlStatement("update users set username='$tqvar' where id={$_GET["id
"]}");
33 sqlStatement("update groups set user='$tqvar' where user='". $user_data["username"] ."'");
34 //echo "query was: " ."update groups set user='$tqvar' where user='". $user_data["username"] ."'" ;
37 $tqvar = addslashes($_GET["taxid"]);
38 sqlStatement("update users set federaltaxid='$tqvar' where id={$_GET["id
"]}");
40 if ($_GET["drugid"]) {
41 $tqvar = addslashes($_GET["drugid"]);
42 sqlStatement("update users set federaldrugid='$tqvar' where id={$_GET["id
"]}");
45 $tqvar = addslashes($_GET["upin"]);
46 sqlStatement("update users set upin='$tqvar' where id={$_GET["id
"]}");
49 $tqvar = addslashes($_GET["npi"]);
50 sqlStatement("update users set npi='$tqvar' where id={$_GET["id
"]}");
53 $tqvar = addslashes($_GET["lname"]);
54 sqlStatement("update users set lname='$tqvar' where id={$_GET["id
"]}");
57 $tqvar = addslashes($_GET["job"]);
58 sqlStatement("update users set specialty='$tqvar' where id={$_GET["id
"]}");
61 $tqvar = addslashes($_GET["mname"]);
62 sqlStatement("update users set mname='$tqvar' where id={$_GET["id
"]}");
64 if ($_GET["facility"]) {
65 $tqvar = addslashes($_GET["facility"]);
66 sqlStatement("update users set facility='$tqvar' where id={$_GET["id
"]}");
69 $tqvar = addslashes($_GET["fname"]);
70 sqlStatement("update users set fname='$tqvar' where id={$_GET["id
"]}");
72 if ($_GET["newauthPass"] && $_GET["newauthPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
73 $tqvar = addslashes($_GET["newauthPass"]);
74 sqlStatement("update users set password='$tqvar' where id={$_GET["id
"]}");
77 $tqvar = $_GET["authorized"] ?
1 : 0;
78 $actvar = $_GET["active"] ?
1 : 0;
80 sqlStatement("UPDATE users SET authorized = $tqvar, active = $actvar, " .
81 "see_auth = '" . $_GET['see_auth'] . "' WHERE " .
82 "id = {$_GET["id
"]}");
84 if ($_GET["comments"]) {
85 $tqvar = addslashes($_GET["comments"]);
86 sqlStatement("update users set info='$tqvar' where id={$_GET["id
"]}");
88 $ws = new WSProvider($_GET['id']);
91 $res = sqlStatement("select * from users where id={$_GET["id
"]}");
92 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
93 $result[$iter] = $row;
97 <FORM NAME
="user_form" METHOD
="GET" ACTION
="user_admin.php">
98 <TABLE border
=0 cellpadding
=0 cellspacing
=0>
100 <TD
><span
class=text
><?
xl('Username','e'); ?
>: </span
></TD
><TD
><input type
=entry name
=username size
=20 value
="<? echo $iter["username
"]; ?>" disabled
>  
;</td
>
101 <TD
><span
class=text
><?
xl('Password','e'); ?
>: </span
></TD
><TD
class='text'><input type
=password name
=clearPass size
=20 value
=""> * <?
xl('Leave blank to keep password unchanged.','e'); ?
></td
>
105 <td
><span
class="text"> 
;</span
></td
><td
> 
;</td
>
106 <TD
><span
class=text
><?
xl('Authorized','e'); ?
>: </TD
>
108 <input type
="checkbox" name
="authorized"<?php
if ($iter["authorized"]) echo " checked"; ?
> />
109  
; 
;<span
class='text'><?
xl('Active','e'); ?
>:
110 <input type
="checkbox" name
="active"<?php
if ($iter["active"]) echo " checked"; ?
> />
115 <TD
><span
class=text
><?
xl('First Name','e'); ?
>: </span
></TD
>
116 <TD
><input type
=entry name
=fname size
=20 value
="<? echo $iter["fname
"]; ?>"></td
>
117 <td
><span
class=text
><?
xl('Middle Name','e'); ?
>: </span
></TD
><td
><input type
=entry name
=mname size
=20 value
="<? echo $iter["mname
"]; ?>"></td
>
121 <td
><span
class=text
><?
xl('Last Name','e'); ?
>: </span
></td
><td
><input type
=entry name
=lname size
=20 value
="<? echo $iter["lname
"]; ?>"></td
>
122 <td
><span
class=text
><?
xl('Default Facility','e'); ?
>: </span
></td
><td
><select name
=facility
>
124 $fres = sqlStatement("select * from facility order by name");
126 for ($iter2 = 0;$frow = sqlFetchArray($fres);$iter2++
)
127 $result[$iter2] = $frow;
128 foreach($result as $iter2) {
130 <option value
="<?echo $iter2{name};?>" <?
if ($iter{"facility"} == $iter2{name
}) {echo "selected";};?
>><?
echo $iter2{name
};?
></option
>
139 <TD
><span
class=text
><?
xl('Federal Tax ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=taxid size
=20 value
="<? echo $iter["federaltaxid
"]?>"></td
>
140 <TD
><span
class=text
><?
xl('Federal Drug ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=drugid size
=20 value
="<? echo $iter["federaldrugid
"]?>"></td
>
144 <td
><span
class="text"><?
xl('UPIN','e'); ?
>: </span
></td
><td
><input type
="text" name
="upin" size
="20" value
="<? echo $iter["upin
"]?>"></td
>
145 <td
class='text'><?
xl('See Authorizations','e'); ?
>: </td
>
146 <td
><select name
="see_auth">
148 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
150 echo " <option value='$key'";
151 if ($key == $iter['see_auth']) echo " selected";
152 echo ">$value</option>\n";
158 <td
><span
class="text"><?
xl('NPI','e'); ?
>: </span
></td
><td
><input type
="text" name
="npi" size
="20" value
="<? echo $iter["npi
"]?>"></td
>
162 <td
><span
class="text"><?
xl('Job Description','e'); ?
>: </span
></td
><td
><input type
="text" name
="job" size
="20" value
="<? echo $iter["specialty
"]?>"></td
>
167 <span
class=text
><?
xl('Additional Info','e'); ?
>:</span
><br
>
168 <textarea name
="comments" wrap
=auto rows
=4 cols
=30><?
echo $iter["info"];?
></textarea
>
170 <br
> 
; 
; 
;
171 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<? echo $_GET["id
"]; ?>">
172 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
173 <INPUT TYPE
="HIDDEN" NAME
="newauthPass" VALUE
="">
174 <INPUT TYPE
="Submit" VALUE
=<?
xl('Save Changes','e'); ?
> onClick
="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';">
176 <a href
="usergroup_admin.php" class=link_submit
>[<?
xl('Back','e'); ?
>]</font
></a
>
184 // d41d8cd98f00b204e9800998ecf8427e == blank