search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
added gacl config files to upgrade instructions
[openemr.git] / interface / usergroup / user_admin.php
blobab978636965d84dba78b740227da69c2a32a44c5
1 <?php
2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
6
7 require_once("../globals.php");
8 require_once("../../library/acl.inc");
9 require_once("$srcdir/md5.js");
10 require_once("$srcdir/sql.inc");
11 require_once(dirname(__FILE__) . "/../../library/classes/WSProvider.class.php");
12 ?>
13
14 <html>
15 <head>
16
17 <link rel="stylesheet" href="<?php echo $css_header; ?>" type="text/css">
18
19 </head>
20 <body class="body_top">
21
22 <a href="usergroup_admin.php"><span class="title"><?php xl('User Administration','e'); ?></span></a>
23 <br><br>
24
25 <?php
26 if (!$_GET["id"] || !acl_check('admin', 'users'))
27 exit();
28
29 if ($_GET["mode"] == "update") {
30 if ($_GET["username"]) {
31 $tqvar = addslashes($_GET["username"]);
32 $user_data = mysql_fetch_array(sqlStatement("select * from users where id={$_GET["id"]}"));
33 sqlStatement("update users set username='$tqvar' where id={$_GET["id"]}");
34 sqlStatement("update groups set user='$tqvar' where user='". $user_data["username"] ."'");
35 //echo "query was: " ."update groups set user='$tqvar' where user='". $user_data["username"] ."'" ;
36 }
37 if ($_GET["taxid"]) {
38 $tqvar = addslashes($_GET["taxid"]);
39 sqlStatement("update users set federaltaxid='$tqvar' where id={$_GET["id"]}");
40 }
41 if ($_GET["drugid"]) {
42 $tqvar = addslashes($_GET["drugid"]);
43 sqlStatement("update users set federaldrugid='$tqvar' where id={$_GET["id"]}");
44 }
45 if ($_GET["upin"]) {
46 $tqvar = addslashes($_GET["upin"]);
47 sqlStatement("update users set upin='$tqvar' where id={$_GET["id"]}");
48 }
49 if ($_GET["npi"]) {
50 $tqvar = addslashes($_GET["npi"]);
51 sqlStatement("update users set npi='$tqvar' where id={$_GET["id"]}");
52 }
53 if ($_GET["taxonomy"]) {
54 $tqvar = addslashes($_GET["taxonomy"]);
55 sqlStatement("update users set taxonomy = '$tqvar' where id= {$_GET["id"]}");
56 }
57 if ($_GET["lname"]) {
58 $tqvar = addslashes($_GET["lname"]);
59 sqlStatement("update users set lname='$tqvar' where id={$_GET["id"]}");
60 }
61 if ($_GET["job"]) {
62 $tqvar = addslashes($_GET["job"]);
63 sqlStatement("update users set specialty='$tqvar' where id={$_GET["id"]}");
64 }
65 if ($_GET["mname"]) {
66 $tqvar = addslashes($_GET["mname"]);
67 sqlStatement("update users set mname='$tqvar' where id={$_GET["id"]}");
68 }
69 if ($_GET["facility_id"]) {
70 $tqvar = addslashes($_GET["facility_id"]);
71 sqlStatement("update users set facility_id = '$tqvar' where id = {$_GET["id"]}");
72 //(CHEMED) Update facility name when changing the id
73 sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '$tqvar' AND users.id = {$_GET["id"]}");
74 //END (CHEMED)
75 }
76 if ($_GET["fname"]) {
77 $tqvar = addslashes($_GET["fname"]);
78 sqlStatement("update users set fname='$tqvar' where id={$_GET["id"]}");
79 }
80
81 //(CHEMED) Calendar UI preference
82 if ($_GET["cal_ui"]) {
83 $tqvar = addslashes($_GET["cal_ui"]);
84 sqlStatement("update users set cal_ui = '$tqvar' where id = {$_GET["id"]}");
85 }
86 //END (CHEMED) Calendar UI preference
87
88 if ($_GET["newauthPass"] && $_GET["newauthPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
89 $tqvar = addslashes($_GET["newauthPass"]);
90 sqlStatement("update users set password='$tqvar' where id={$_GET["id"]}");
91 }
92
93 // for relay health single sign-on
94 if ($_GET["ssi_relayhealth"]) {
95 $tqvar = addslashes($_GET["ssi_relayhealth"]);
96 sqlStatement("update users set ssi_relayhealth = '$tqvar' where id = {$_GET["id"]}");
97 }
98
99 $tqvar = $_GET["authorized"] ? 1 : 0;
100 $actvar = $_GET["active"] ? 1 : 0;
101
102 sqlStatement("UPDATE users SET authorized = $tqvar, active = $actvar, " .
103 "see_auth = '" . $_GET['see_auth'] . "' WHERE " .
104 "id = {$_GET["id"]}");
105
106 if ($_GET["comments"]) {
107 $tqvar = addslashes($_GET["comments"]);
108 sqlStatement("update users set info = '$tqvar' where id = {$_GET["id"]}");
109 }
110
111 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
112 // Set the access control group of user
113 $user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id"]}"));
114 set_user_aro($_GET["access_group"], $user_data["username"], $_GET["fname"], $_GET["mname"], $_GET["lname"]);
115 }
116
117 // ===========================
118 // DBC DUTCH SYSTEM
119 if ( $_GET["beroep"] ) {
120 $tqvar = (int)($_GET["beroep"]);
121 sqlStatement("INSERT INTO cl_user_beroep SET cl_beroep_sysid='$tqvar', cl_beroep_userid={$_GET['id']}
122 ON DUPLICATE KEY UPDATE cl_beroep_sysid='$tqvar'");
123 }
124 // EOS
125 // ===========================
126
127 $ws = new WSProvider($_GET['id']);
128 }
129
130 $res = sqlStatement("select * from users where id={$_GET["id"]}");
131 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
132 $result[$iter] = $row;
133 $iter = $result[0];
134
135 // ===========================
136 // DBC DUTCH SYSTEM
137 if ($GLOBALS['dutchpc']) {
138 $beroep = sqlStatement("SELECT * FROM cl_user_beroep WHERE cl_beroep_userid={$_GET["id"]}");
139 $rowberoep = sqlFetchArray($beroep);
140 }
141 // EOS DBC
142 // ===========================
143
144 ?>
145 <FORM NAME="user_form" METHOD="GET" ACTION="user_admin.php">
146 <TABLE border=0 cellpadding=0 cellspacing=0>
147 <TR>
148 <TD><span class=text><?php xl('Username','e'); ?>: </span></TD><TD><input type=entry name=username size=20 value="<?php echo $iter["username"]; ?>" disabled> &nbsp;</td>
149 <TD><span class=text><?php xl('Password','e'); ?>: </span></TD><TD class='text'><input type=password name=clearPass size=20 value=""> * <?php xl('Leave blank to keep password unchanged.','e'); ?></td>
150 </TR>
151
152 <TR>
153 <td><span class="text">&nbsp;</span></td><td>&nbsp;</td>
154 <TD><span class=text><?php xl('Authorized','e'); ?>: </TD>
155 <TD>
156 <input type="checkbox" name="authorized"<?php if ($iter["authorized"]) echo " checked"; ?> />
157 &nbsp;&nbsp;<span class='text'><?php xl('Active','e'); ?>:
158 <input type="checkbox" name="active"<?php if ($iter["active"]) echo " checked"; ?> />
159 </TD>
160 </TR>
161
162 <TR>
163 <TD><span class=text><?php xl('First Name','e'); ?>: </span></TD>
164 <TD><input type=entry name=fname size=20 value="<?php echo $iter["fname"]; ?>"></td>
165 <td><span class=text><?php xl('Middle Name','e'); ?>: </span></TD><td><input type=entry name=mname size=20 value="<?php echo $iter["mname"]; ?>"></td>
166 </TR>
167
168 <TR>
169 <td><span class=text><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name=lname size=20 value="<?php echo $iter["lname"]; ?>"></td>
170 <td><span class=text><?php xl('Default Facility','e'); ?>: </span></td><td><select name=facility_id>
171 <?php
172 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
173 if ($fres) {
174 for ($iter2 = 0; $frow = sqlFetchArray($fres); $iter2++)
175 $result[$iter2] = $frow;
176 foreach($result as $iter2) {
177 ?>
178 <option value="<?php echo $iter2['id']; ?>" <?php if ($iter['facility_id'] == $iter2['id']) echo "selected"; ?>><?php echo $iter2['name']; ?></option>
179 <?php
180 }
181 }
182 ?>
183 </select></td>
184 </tr>
185
186 <TR>
187 <TD><span class=text><?php xl('Federal Tax ID','e'); ?>: </span></TD><TD><input type=text name=taxid size=20 value="<?php echo $iter["federaltaxid"]?>"></td>
188 <TD><span class=text><?php xl('Federal Drug ID','e'); ?>: </span></TD><TD><input type=text name=drugid size=20 value="<?php echo $iter["federaldrugid"]?>"></td>
189 </TR>
190
191 <tr>
192 <td><span class="text"><?php xl('UPIN','e'); ?>: </span></td><td><input type="text" name="upin" size="20" value="<?php echo $iter["upin"]?>"></td>
193 <td class='text'><?php xl('See Authorizations','e'); ?>: </td>
194 <td><select name="see_auth">
195 <?php
196 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
197 {
198 echo " <option value='$key'";
199 if ($key == $iter['see_auth']) echo " selected";
200 echo ">$value</option>\n";
201 }
202 ?>
203 </select></td>
204 </tr>
205 <tr>
206 <td><span class="text"><?php xl('NPI','e'); ?>: </span></td><td><input type="text" name="npi" size="20" value="<?php echo $iter["npi"]?>"></td>
207
208 <?php
209 // ===========================
210 // DBC DUTCH SYSTEM
211 // if DBC don't show Job Description; show instead Beroep Box
212 if ( !$GLOBALS['dutchpc']) { ?>
213 <td><span class="text"><?php xl('Job Description','e'); ?>: </span></td><td><input type="text" name="job" size="20" value="<?php echo $iter["specialty"]?>"></td>
214 <?php } else { ?>
215 <td><span class="text">Beroep</span></td>
216 <td><?php beroep_dropdown($rowberoep['cl_beroep_sysid']) ?></td>
217 <?php }
218 // ===========================
219 ?>
220
221 </tr>
222
223 <?php if (!empty($GLOBALS['ssi']['rh'])) { ?>
224 <tr>
225 <td><span class="text"><?php xl('Relay Health ID', 'e'); ?>: </span></td>
226 <td><input type="password" name="ssi_relayhealth" size="20" value="<?php echo $iter["ssi_relayhealth"]; ?>"></td>
227 </tr>
228 <?php } ?>
229
230 <!-- (CHEMED) Calendar UI preference -->
231 <tr>
232 <td><span class="text"><?php xl('Taxonomy','e'); ?>: </span></td>
233 <td><input type="text" name="taxonomy" size="20" value="<?php echo $iter["taxonomy"]?>"></td>
234 <td><span class="text"><?php xl('Calendar UI','e'); ?>: </span></td><td><select name="cal_ui">
235 <?php
236 foreach (array(1 => xl('Default'), 2 => xl('Fancy'), 3 => xl('Outlook')) as $key => $value)
237 {
238 echo " <option value='$key'";
239 if ($key == $iter['cal_ui']) echo " selected";
240 echo ">$value</option>\n";
241 }
242 ?>
243 </select></td>
244 </tr>
245 <!-- END (CHEMED) Calendar UI preference -->
246
247 <?php
248 // Collect the access control group of user
249 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
250 ?>
251 <tr>
252 <td class='text'><?php xl('Access Control','e'); ?>:</td>
253 <td><select name="access_group[]" multiple>
254 <?php
255 $list_acl_groups = acl_get_group_title_list();
256 $username_acl_groups = acl_get_group_titles($iter["username"]);
257 foreach ($list_acl_groups as $value) {
258 if (($username_acl_groups) && in_array($value,$username_acl_groups)) {
259 echo " <option selected>$value</option>\n";
260 }
261 else {
262 echo " <option>$value</option>\n";
263 }
264 }
265 ?>
266 </select></td></tr>
267 <?php
268 }
269 ?>
270
271 </tr>
272 </table>
273
274 <span class=text><?php xl('Additional Info','e'); ?>:</span><br>
275 <textarea name="comments" wrap=auto rows=4 cols=30><?php echo $iter["info"];?></textarea>
276
277 <br>&nbsp;&nbsp;&nbsp;
278 <INPUT TYPE="HIDDEN" NAME="id" VALUE="<?php echo $_GET["id"]; ?>">
279 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="update">
280 <INPUT TYPE="HIDDEN" NAME="newauthPass" VALUE="">
281 <INPUT TYPE="Submit" VALUE=<?php xl('Save Changes','e'); ?> onClick="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';">
282 &nbsp;&nbsp;&nbsp;
283 <a href="usergroup_admin.php" class=link_submit>[<?php xl('Back','e'); ?>]</font></a>
284 </FORM>
285
286 <br><br>
287 </BODY>
288 </HTML>
289
290 <?php
291 // d41d8cd98f00b204e9800998ecf8427e == blank
292 ?>
Mirror of official OpenEMR Sourceforge repository