2 // Copyright (C) 2006-2010 Rod Roark <rod@sunsetsystems.com>
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
10 $sanitize_all_escapes=true;
13 //STOP FAKE REGISTER GLOBALS
14 $fake_register_globals=false;
17 include_once("../globals.php");
18 include_once("$srcdir/acl.inc");
19 require_once("$srcdir/options.inc.php");
20 require_once("$srcdir/formdata.inc.php");
21 require_once("$srcdir/htmlspecialchars.inc.php");
23 // Collect user id if editing entry
24 $userid = $_REQUEST['userid'];
26 // Collect type if creating a new entry
27 $type = $_REQUEST['type'];
31 function invalue($name) {
32 $fld = add_escape_custom(trim($_POST[$name]));
39 <title
><?php
echo $userid ?
xlt('Edit') : xlt('Add New') ?
> <?php
echo xlt('Person'); ?
></title
>
40 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
41 <script type
="text/javascript" src
="../../library/js/jquery.1.3.2.js"></script
>
44 td
{ font
-size
:10pt
; }
52 font
-family
:sans
-serif
;
58 <script language
="JavaScript">
60 var type_options_js
= Array();
62 // Collect the type options. Possible values are:
63 // 1 = Unassigned (default to person centric)
65 // 3 = Company Centric
66 $sql = sqlStatement("SELECT option_id, option_value FROM list_options WHERE " .
67 "list_id = 'abook_type'");
68 while ($row_query = sqlFetchArray($sql)) {
69 echo "type_options_js"."['" . attr($row_query['option_id']) . "']=" . attr($row_query['option_value']) . ";\n";
73 // Process to customize the form by type
74 function typeSelect(a
) {
75 if (type_options_js
[a
] == 3) {
77 // 1) Hide the person Name entries
78 // 2) Hide the Specialty entry
79 // 3) Show the director Name entries
80 document
.getElementById("nameRow").style
.display
= "none";
81 document
.getElementById("specialtyRow").style
.display
= "none";
82 document
.getElementById("nameDirectorRow").style
.display
= "";
86 // 1) Hide the director Name entries
87 // 2) Show the person Name entries
88 // 3) Show the Specialty entry
89 document
.getElementById("nameDirectorRow").style
.display
= "none";
90 document
.getElementById("nameRow").style
.display
= "";
91 document
.getElementById("specialtyRow").style
.display
= "";
98 <body
class="body_top">
100 // If we are saving, then save and close the window.
102 if ($_POST['form_save']) {
104 // Collect the form_abook_type option value
105 // (ie. patient vs company centric)
106 $type_sql_row = sqlQuery("SELECT `option_value` FROM `list_options` WHERE `list_id` = 'abook_type' AND `option_id` = ?", array(trim($_POST['form_abook_type'])));
107 $option_abook_type = $type_sql_row['option_value'];
108 // Set up any abook_type specific settings
109 if ($option_abook_type == 3) {
111 $form_title = invalue('form_director_title');
112 $form_fname = invalue('form_director_fname');
113 $form_lname = invalue('form_director_lname');
114 $form_mname = invalue('form_director_mname');
118 $form_title = invalue('form_title');
119 $form_fname = invalue('form_fname');
120 $form_lname = invalue('form_lname');
121 $form_mname = invalue('form_mname');
126 $query = "UPDATE users SET " .
127 "abook_type = " . invalue('form_abook_type') . ", " .
128 "title = " . $form_title . ", " .
129 "fname = " . $form_fname . ", " .
130 "lname = " . $form_lname . ", " .
131 "mname = " . $form_mname . ", " .
132 "specialty = " . invalue('form_specialty') . ", " .
133 "organization = " . invalue('form_organization') . ", " .
134 "valedictory = " . invalue('form_valedictory') . ", " .
135 "assistant = " . invalue('form_assistant') . ", " .
136 "federaltaxid = " . invalue('form_federaltaxid') . ", " .
137 "upin = " . invalue('form_upin') . ", " .
138 "npi = " . invalue('form_npi') . ", " .
139 "taxonomy = " . invalue('form_taxonomy') . ", " .
140 "email = " . invalue('form_email') . ", " .
141 "email_direct = " . invalue('form_email_direct') . ", " .
142 "url = " . invalue('form_url') . ", " .
143 "street = " . invalue('form_street') . ", " .
144 "streetb = " . invalue('form_streetb') . ", " .
145 "city = " . invalue('form_city') . ", " .
146 "state = " . invalue('form_state') . ", " .
147 "zip = " . invalue('form_zip') . ", " .
148 "street2 = " . invalue('form_street2') . ", " .
149 "streetb2 = " . invalue('form_streetb2') . ", " .
150 "city2 = " . invalue('form_city2') . ", " .
151 "state2 = " . invalue('form_state2') . ", " .
152 "zip2 = " . invalue('form_zip2') . ", " .
153 "phone = " . invalue('form_phone') . ", " .
154 "phonew1 = " . invalue('form_phonew1') . ", " .
155 "phonew2 = " . invalue('form_phonew2') . ", " .
156 "phonecell = " . invalue('form_phonecell') . ", " .
157 "fax = " . invalue('form_fax') . ", " .
158 "notes = " . invalue('form_notes') . " " .
159 "WHERE id = '" . add_escape_custom($userid) . "'";
160 sqlStatement($query);
164 $userid = sqlInsert("INSERT INTO users ( " .
165 "username, password, authorized, info, source, " .
166 "title, fname, lname, mname, " .
167 "federaltaxid, federaldrugid, upin, facility, see_auth, active, npi, taxonomy, " .
168 "specialty, organization, valedictory, assistant, billname, email, email_direct, url, " .
169 "street, streetb, city, state, zip, " .
170 "street2, streetb2, city2, state2, zip2, " .
171 "phone, phonew1, phonew2, phonecell, fax, notes, abook_type " .
175 "0, " . // authorized
182 invalue('form_federaltaxid') . ", " .
183 "'', " . // federaldrugid
184 invalue('form_upin') . ", " .
188 invalue('form_npi') . ", " .
189 invalue('form_taxonomy') . ", " .
190 invalue('form_specialty') . ", " .
191 invalue('form_organization') . ", " .
192 invalue('form_valedictory') . ", " .
193 invalue('form_assistant') . ", " .
195 invalue('form_email') . ", " .
196 invalue('form_email_direct') . ", " .
197 invalue('form_url') . ", " .
198 invalue('form_street') . ", " .
199 invalue('form_streetb') . ", " .
200 invalue('form_city') . ", " .
201 invalue('form_state') . ", " .
202 invalue('form_zip') . ", " .
203 invalue('form_street2') . ", " .
204 invalue('form_streetb2') . ", " .
205 invalue('form_city2') . ", " .
206 invalue('form_state2') . ", " .
207 invalue('form_zip2') . ", " .
208 invalue('form_phone') . ", " .
209 invalue('form_phonew1') . ", " .
210 invalue('form_phonew2') . ", " .
211 invalue('form_phonecell') . ", " .
212 invalue('form_fax') . ", " .
213 invalue('form_notes') . ", " .
214 invalue('form_abook_type') . " " .
220 else if ($_POST['form_delete']) {
223 // Be careful not to delete internal users.
224 sqlStatement("DELETE FROM users WHERE id = ? AND username = ''", array($userid));
229 if ($_POST['form_save'] ||
$_POST['form_delete']) {
230 // Close this window and redisplay the updated list.
231 echo "<script language='JavaScript'>\n";
232 if ($info_msg) echo " alert('".addslashes($info_msg)."');\n";
233 echo " window.close();\n";
234 echo " if (opener.refreshme) opener.refreshme();\n";
235 echo "</script></body></html>\n";
240 $row = sqlQuery("SELECT * FROM users WHERE id = ?", array($userid));
243 if ($type) { // note this only happens when its new
245 $row['abook_type'] = $type;
250 <script language
="JavaScript">
251 $
(document
).ready(function() {
252 // customize the form via the type options
253 typeSelect("<?php echo attr($row['abook_type']); ?>");
257 <form method
='post' name
='theform' action
='addrbook_edit.php?userid=<?php echo attr($userid) ?>'>
260 <table border
='0' width
='100%'>
262 <?php
if (acl_check('admin', 'practice' )) { // allow choose type option if have admin access ?>
264 <td width
='1%' nowrap
><b
><?php
echo xlt('Type'); ?
>:</b
></td
>
267 echo generate_select_list('form_abook_type', 'abook_type', $row['abook_type'], '', 'Unassigned', '', 'typeSelect(this.value)');
271 <?php
} // end of if has admin access ?>
274 <td width
='1%' nowrap
><b
><?php
echo xlt('Name'); ?
>:</b
></td
>
277 generate_form_field(array('data_type'=>1,'field_id'=>'title','list_id'=>'titles','empty_title'=>' '), $row['title']);
279 <b
><?php
echo xlt('Last'); ?
>:</b
><input type
='text' size
='10' name
='form_lname' class='inputtext'
280 maxlength
='50' value
='<?php echo attr($row['lname
']); ?>'/> 
;
281 <b
><?php
echo xlt('First'); ?
>:</b
> <input type
='text' size
='10' name
='form_fname' class='inputtext'
282 maxlength
='50' value
='<?php echo attr($row['fname
']); ?>' /> 
;
283 <b
><?php
echo xlt('Middle'); ?
>:</b
> <input type
='text' size
='4' name
='form_mname' class='inputtext'
284 maxlength
='50' value
='<?php echo attr($row['mname
']); ?>' />
288 <tr id
="specialtyRow">
289 <td nowrap
><b
><?php
echo xlt('Specialty'); ?
>:</b
></td
>
291 <input type
='text' size
='40' name
='form_specialty' maxlength
='250'
292 value
='<?php echo attr($row['specialty
']); ?>'
293 style
='width:100%' class='inputtext' />
298 <td nowrap
><b
><?php
echo xlt('Organization'); ?
>:</b
></td
>
300 <input type
='text' size
='40' name
='form_organization' maxlength
='250'
301 value
='<?php echo attr($row['organization
']); ?>'
302 style
='width:100%' class='inputtext' />
306 <tr id
="nameDirectorRow">
307 <td width
='1%' nowrap
><b
><?php
echo xlt('Director Name'); ?
>:</b
></td
>
310 generate_form_field(array('data_type'=>1,'field_id'=>'director_title','list_id'=>'titles','empty_title'=>' '), $row['title']);
312 <b
><?php
echo xlt('Last'); ?
>:</b
><input type
='text' size
='10' name
='form_director_lname' class='inputtext'
313 maxlength
='50' value
='<?php echo attr($row['lname
']); ?>'/> 
;
314 <b
><?php
echo xlt('First'); ?
>:</b
> <input type
='text' size
='10' name
='form_director_fname' class='inputtext'
315 maxlength
='50' value
='<?php echo attr($row['fname
']); ?>' /> 
;
316 <b
><?php
echo xlt('Middle'); ?
>:</b
> <input type
='text' size
='4' name
='form_director_mname' class='inputtext'
317 maxlength
='50' value
='<?php echo attr($row['mname
']); ?>' />
322 <td nowrap
><b
><?php
echo xlt('Valedictory'); ?
>:</b
></td
>
324 <input type
='text' size
='40' name
='form_valedictory' maxlength
='250'
325 value
='<?php echo attr($row['valedictory
']); ?>'
326 style
='width:100%' class='inputtext' />
331 <td nowrap
><b
><?php
echo xlt('Home Phone'); ?
>:</b
></td
>
333 <input type
='text' size
='11' name
='form_phone' value
='<?php echo attr($row['phone
']); ?>'
334 maxlength
='30' class='inputtext' /> 
;
335 <b
><?php
echo xlt('Mobile'); ?
>:</b
><input type
='text' size
='11' name
='form_phonecell'
336 maxlength
='30' value
='<?php echo attr($row['phonecell
']); ?>' class='inputtext' />
341 <td nowrap
><b
><?php
echo xlt('Work Phone'); ?
>:</b
></td
>
343 <input type
='text' size
='11' name
='form_phonew1' value
='<?php echo attr($row['phonew1
']); ?>'
344 maxlength
='30' class='inputtext' /> 
;
345 <b
><?php
echo xlt('2nd'); ?
>:</b
><input type
='text' size
='11' name
='form_phonew2' value
='<?php echo attr($row['phonew2
']); ?>'
346 maxlength
='30' class='inputtext' /> 
;
347 <b
><?php
echo xlt('Fax'); ?
>:</b
> <input type
='text' size
='11' name
='form_fax' value
='<?php echo attr($row['fax
']); ?>'
348 maxlength
='30' class='inputtext' />
353 <td nowrap
><b
><?php
echo xlt('Assistant'); ?
>:</b
></td
>
355 <input type
='text' size
='40' name
='form_assistant' maxlength
='250'
356 value
='<?php echo attr($row['assistant
']); ?>'
357 style
='width:100%' class='inputtext' />
362 <td nowrap
><b
><?php
echo xlt('Email'); ?
>:</b
></td
>
364 <input type
='text' size
='40' name
='form_email' maxlength
='250'
365 value
='<?php echo attr($row['email
']); ?>'
366 style
='width:100%' class='inputtext' />
371 <td nowrap
><b
><?php
echo xlt('Trusted Email'); ?
>:</b
></td
>
373 <input type
='text' size
='40' name
='form_email_direct' maxlength
='250'
374 value
='<?php echo attr($row['email_direct
']); ?>'
375 style
='width:100%' class='inputtext' />
380 <td nowrap
><b
><?php
echo xlt('Website'); ?
>:</b
></td
>
382 <input type
='text' size
='40' name
='form_url' maxlength
='250'
383 value
='<?php echo attr($row['url
']); ?>'
384 style
='width:100%' class='inputtext' />
389 <td nowrap
><b
><?php
echo xlt('Main Address'); ?
>:</b
></td
>
391 <input type
='text' size
='40' name
='form_street' maxlength
='60'
392 value
='<?php echo attr($row['street
']); ?>'
393 style
='width:100%' class='inputtext' />
398 <td nowrap
> 
;</td
>
400 <input type
='text' size
='40' name
='form_streetb' maxlength
='60'
401 value
='<?php echo attr($row['streetb
']); ?>'
402 style
='width:100%' class='inputtext' />
407 <td nowrap
><b
><?php
echo xlt('City'); ?
>:</b
></td
>
409 <input type
='text' size
='10' name
='form_city' maxlength
='30'
410 value
='<?php echo attr($row['city
']); ?>' class='inputtext' /> 
;
411 <b
><?php
echo xlt('State')."/".xlt('county'); ?
>:</b
> <input type
='text' size
='10' name
='form_state' maxlength
='30'
412 value
='<?php echo attr($row['state
']); ?>' class='inputtext' /> 
;
413 <b
><?php
echo xlt('Postal code'); ?
>:</b
> <input type
='text' size
='10' name
='form_zip' maxlength
='20'
414 value
='<?php echo attr($row['zip
']); ?>' class='inputtext' />
419 <td nowrap
><b
><?php
echo xlt('Alt Address'); ?
>:</b
></td
>
421 <input type
='text' size
='40' name
='form_street2' maxlength
='60'
422 value
='<?php echo attr($row['street2
']); ?>'
423 style
='width:100%' class='inputtext' />
428 <td nowrap
> 
;</td
>
430 <input type
='text' size
='40' name
='form_streetb2' maxlength
='60'
431 value
='<?php echo attr($row['streetb2
']); ?>'
432 style
='width:100%' class='inputtext' />
437 <td nowrap
><b
><?php
echo xlt('City'); ?
>:</b
></td
>
439 <input type
='text' size
='10' name
='form_city2' maxlength
='30'
440 value
='<?php echo attr($row['city2
']); ?>' class='inputtext' /> 
;
441 <b
><?php
echo xlt('State')."/".xlt('county'); ?
>:</b
> <input type
='text' size
='10' name
='form_state2' maxlength
='30'
442 value
='<?php echo attr($row['state2
']); ?>' class='inputtext' /> 
;
443 <b
><?php
echo xlt('Postal code'); ?
>:</b
> <input type
='text' size
='10' name
='form_zip2' maxlength
='20'
444 value
='<?php echo attr($row['zip2
']); ?>' class='inputtext' />
449 <td nowrap
><b
><?php
echo xlt('UPIN'); ?
>:</b
></td
>
451 <input type
='text' size
='6' name
='form_upin' maxlength
='6'
452 value
='<?php echo attr($row['upin
']); ?>' class='inputtext' /> 
;
453 <b
><?php
echo xlt('NPI'); ?
>:</b
> <input type
='text' size
='10' name
='form_npi' maxlength
='10'
454 value
='<?php echo attr($row['npi
']); ?>' class='inputtext' /> 
;
455 <b
><?php
echo xlt('TIN'); ?
>:</b
> <input type
='text' size
='10' name
='form_federaltaxid' maxlength
='10'
456 value
='<?php echo attr($row['federaltaxid
']); ?>' class='inputtext' /> 
;
457 <b
><?php
echo xlt('Taxonomy'); ?
>:</b
> <input type
='text' size
='10' name
='form_taxonomy' maxlength
='10'
458 value
='<?php echo attr($row['taxonomy
']); ?>' class='inputtext' />
463 <td nowrap
><b
><?php
echo xlt('Notes'); ?
>:</b
></td
>
465 <textarea rows
='3' cols
='40' name
='form_notes' style
='width:100%'
466 wrap
='virtual' class='inputtext' /><?php
echo text($row['notes']) ?
></textarea
>
474 <input type
='submit' name
='form_save' value
='<?php echo xla('Save
'); ?>' />
476 <?php
if ($userid && !$row['username']) { ?
>
478 <input type
='submit' name
='form_delete' value
='<?php echo xla('Delete
'); ?>' style
='color:red' />
482 <input type
='button' value
='<?php echo xla('Cancel
'); ?>' onclick
='window.close()' />