search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Weno eRx feature build, take 5.
[openemr.git] / interface / usergroup / user_admin.php
blob76cc958ef4b64aa1cf09be4b24c352337c152f6f
1 <?php
2 /**
3 * Edit user.
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
10 */
11
12 require_once("../globals.php");
13 require_once("../../library/acl.inc");
14 require_once("$srcdir/calendar.inc");
15 require_once("$srcdir/options.inc.php");
16 require_once("$srcdir/erx_javascript.inc.php");
17
18 use OpenEMR\Menu\MainMenuRole;
19 use OpenEMR\Services\FacilityService;
20
21 $facilityService = new FacilityService();
22
23 if (!$_GET["id"] || !acl_check('admin', 'users')) {
24 exit();
25 }
26
27 $res = sqlStatement("select * from users where id=?", array($_GET["id"]));
28 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
29 $result[$iter] = $row;
30 }
31
32 $iter = $result[0];
33
34 ?>
35
36 <html>
37 <head>
38
39 <link rel="stylesheet" href="<?php echo $css_header; ?>" type="text/css">
40 <script type="text/javascript" src="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script>
41 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative'] ?>/jquery-min-1-9-1/index.js"></script>
42 <script type="text/javascript" src="../../library/js/common.js"></script>
43
44 <script src="checkpwd_validation.js" type="text/javascript"></script>
45
46 <!-- validation library -->
47 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
48 <?php $use_validate_js = 1;?>
49 <?php require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?>
50 <?php
51 //Gets validation rules from Page Validation list.
52 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
53 $collectthis = collectValidationPageRules("/interface/usergroup/user_admin.php");
54 if (empty($collectthis)) {
55 $collectthis = "undefined";
56 } else {
57 $collectthis = $collectthis["user_form"]["rules"];
58 }
59 ?>
60
61 <script language="JavaScript">
62
63 /*
64 * validation on the form with new client side validation (using validate.js).
65 * this enable to add new rules for this form in the pageValidation list.
66 * */
67 var collectvalidation = <?php echo($collectthis); ?>;
68
69 function checkChange()
70 {
71 alert("<?php echo addslashes(xl('If you change e-RX Role for ePrescription, it may affect the ePrescription workflow. If you face any difficulty, contact your ePrescription vendor.'));?>");
72 }
73 function submitform() {
74
75 var valid = submitme(1, undefined, 'user_form', collectvalidation);
76 if (!valid) return;
77
78 top.restoreSession();
79 var flag=0;
80 <?php if (!$GLOBALS['use_active_directory']) { ?>
81 if(document.forms[0].clearPass.value!="")
82 {
83 //Checking for the strong password if the 'secure password' feature is enabled
84 if(document.forms[0].secure_pwd.value == 1)
85 {
86 var pwdresult = passwordvalidate(document.forms[0].clearPass.value);
87 if(pwdresult == 0) {
88 flag=1;
89 alert("<?php echo xl('The password must be at least eight characters, and should');
90 echo '\n';
91 echo xl('contain at least three of the four following items:');
92 echo '\n';
93 echo xl('A number');
94 echo '\n';
95 echo xl('A lowercase letter');
96 echo '\n';
97 echo xl('An uppercase letter');
98 echo '\n';
99 echo xl('A special character');
100 echo '(';
101 echo xl('not a letter or number');
102 echo ').';
103 echo '\n';
104 echo xl('For example:');
105 echo ' healthCare@09'; ?>");
106 return false;
107 }
108 }
109
110 }//If pwd null ends here
111 <?php } ?>
112 //Request to reset the user password if the user was deactived once the password expired.
113 if((document.forms[0].pwd_expires.value != 0) && (document.forms[0].clearPass.value == "")) {
114 if((document.forms[0].user_type.value != "Emergency Login") && (document.forms[0].pre_active.value == 0) && (document.forms[0].active.checked == 1) && (document.forms[0].grace_time.value != "") && (document.forms[0].current_date.value) > (document.forms[0].grace_time.value))
115 {
116 flag=1;
117 document.getElementById('error_message').innerHTML="<?php xl('Please reset the password.', 'e') ?>";
118 }
119 }
120
121 if (document.forms[0].access_group_id) {
122 var sel = getSelected(document.forms[0].access_group_id.options);
123 for (var item in sel) {
124 if (sel[item].value == "Emergency Login") {
125 document.forms[0].check_acl.value = 1;
126 }
127 }
128 }
129
130 <?php if ($GLOBALS['erx_enable']) { ?>
131 alertMsg='';
132 f=document.forms[0];
133 for(i=0;i<f.length;i++){
134 if(f[i].type=='text' && f[i].value)
135 {
136 if(f[i].name == 'fname' || f[i].name == 'mname' || f[i].name == 'lname')
137 {
138 alertMsg += checkLength(f[i].name,f[i].value,35);
139 alertMsg += checkUsername(f[i].name,f[i].value);
140 }
141 else if(f[i].name == 'taxid')
142 {
143 alertMsg += checkLength(f[i].name,f[i].value,10);
144 alertMsg += checkFederalEin(f[i].name,f[i].value);
145 }
146 else if(f[i].name == 'state_license_number')
147 {
148 alertMsg += checkLength(f[i].name,f[i].value,10);
149 alertMsg += checkStateLicenseNumber(f[i].name,f[i].value);
150 }
151 else if(f[i].name == 'npi')
152 {
153 alertMsg += checkLength(f[i].name,f[i].value,10);
154 alertMsg += checkTaxNpiDea(f[i].name,f[i].value);
155 }
156 else if(f[i].name == 'drugid')
157 {
158 alertMsg += checkLength(f[i].name,f[i].value,30);
159 alertMsg += checkAlphaNumeric(f[i].name,f[i].value);
160 }
161 }
162 }
163 if(alertMsg)
164 {
165 alert(alertMsg);
166 return false;
167 }
168 <?php } ?>
169 if(flag == 0){
170 document.forms[0].submit();
171 parent.$.fn.fancybox.close();
172 }
173 }
174 //Getting the list of selected item in ACL
175 function getSelected(opt) {
176 var selected = new Array();
177 var index = 0;
178 for (var intLoop = 0; intLoop < opt.length; intLoop++) {
179 if ((opt[intLoop].selected) ||
180 (opt[intLoop].checked)) {
181 index = selected.length;
182 selected[index] = new Object;
183 selected[index].value = opt[intLoop].value;
184 selected[index].index = intLoop;
185 }
186 }
187 return selected;
188 }
189
190 function authorized_clicked() {
191 var f = document.forms[0];
192 f.calendar.disabled = !f.authorized.checked;
193 f.calendar.checked = f.authorized.checked;
194 }
195
196 </script>
197 <style type="text/css">
198 .physician_type_class{
199 width: 150px !important;
200 }
201 </style>
202 </head>
203 <body class="body_top">
204 <table><tr><td>
205 <span class="title"><?php xl('Edit User', 'e'); ?></span>&nbsp;
206 </td><td>
207 <a class="css_button" name='form_save' id='form_save' href='#' onclick='return submitform()'> <span><?php xl('Save', 'e');?></span> </a>
208 <a class="css_button" id='cancel' href='#'><span><?php xl('Cancel', 'e');?></span></a>
209 </td></tr>
210 </table>
211 <br>
212 <FORM NAME="user_form" id="user_form" METHOD="POST" ACTION="usergroup_admin.php" target="_parent" onsubmit='return top.restoreSession()'>
213
214 <input type=hidden name="pwd_expires" value="<?php echo $GLOBALS['password_expiration_days']; ?>" >
215 <input type=hidden name="pre_active" value="<?php echo $iter["active"]; ?>" >
216 <input type=hidden name="exp_date" value="<?php echo $iter["pwd_expiration_date"]; ?>" >
217 <input type=hidden name="get_admin_id" value="<?php echo $GLOBALS['Emergency_Login_email']; ?>" >
218 <input type=hidden name="admin_id" value="<?php echo $GLOBALS['Emergency_Login_email_id']; ?>" >
219 <input type=hidden name="check_acl" value="">
220 <?php
221 //Calculating the grace time
222 $current_date = date("Y-m-d");
223 $password_exp=$iter["pwd_expiration_date"];
224 if ($password_exp != "0000-00-00") {
225 $grace_time1 = date("Y-m-d", strtotime($password_exp . "+".$GLOBALS['password_grace_time'] ."days"));
226 }
227 ?>
228 <input type=hidden name="current_date" value="<?php echo strtotime($current_date); ?>" >
229 <input type=hidden name="grace_time" value="<?php echo strtotime($grace_time1); ?>" >
230 <!-- Get the list ACL for the user -->
231 <?php
232 $acl_name=acl_get_group_titles($iter["username"]);
233 $bg_name='';
234 $bg_count=count($acl_name);
235 for ($i=0; $i<$bg_count; $i++) {
236 if ($acl_name[$i] == "Emergency Login") {
237 $bg_name=$acl_name[$i];
238 }
239 }
240 ?>
241 <input type=hidden name="user_type" value="<?php echo $bg_name; ?>" >
242
243 <TABLE border=0 cellpadding=0 cellspacing=0>
244 <TR>
245 <TD style="width:180px;"><span class=text><?php xl('Username', 'e'); ?>: </span></TD>
246 <TD style="width:270px;"><input type=entry name=username style="width:150px;" value="<?php echo $iter["username"]; ?>" disabled></td>
247 <?php if (!$GLOBALS['use_active_directory']) { ?>
248 <TD style="width:200px;"><span class=text><?php xl('Your Password', 'e'); ?>: </span></TD>
249 <TD class='text' style="width:280px;"><input type='password' name=adminPass style="width:150px;" value="" autocomplete='off'><font class="mandatory">*</font></TD>
250 <?php } ?>
251 </TR>
252 <?php if (!$GLOBALS['use_active_directory']) { ?>
253 <TR>
254 <TD style="width:180px;"><span class=text></span></TD>
255 <TD style="width:270px;"></td>
256 <TD style="width:200px;"><span class=text><?php xl('User\'s New Password', 'e'); ?>: </span></TD>
257 <TD class='text' style="width:280px;"> <input type=text name=clearPass style="width:150px;" value=""><font class="mandatory">*</font></td>
258 </TR>
259 <?php } ?>
260
261 <TR height="30" style="valign:middle;">
262 <td><span class="text">&nbsp;</span></td><td>&nbsp;</td>
263 <td colspan="2"><span class=text><?php xl('Provider', 'e'); ?>:
264 <input type="checkbox" name="authorized" onclick="authorized_clicked()"<?php
265 if ($iter["authorized"]) {
266 echo " checked";
267 } ?> />
268 &nbsp;&nbsp;<span class='text'><?php xl('Calendar', 'e'); ?>:
269 <input type="checkbox" name="calendar"<?php
270 if ($iter["calendar"]) {
271 echo " checked";
272 }
273
274 if (!$iter["authorized"]) {
275 echo " disabled";
276 } ?> />
277 &nbsp;&nbsp;<span class='text'><?php xl('Active', 'e'); ?>:
278 <input type="checkbox" name="active"<?php if ($iter["active"]) {
279 echo " checked";
280 } ?> />
281 </TD>
282 </TR>
283
284 <TR>
285 <TD><span class=text><?php xl('First Name', 'e'); ?>: </span></TD>
286 <TD><input type=entry name=fname id=fname style="width:150px;" value="<?php echo $iter["fname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
287 <td><span class=text><?php xl('Middle Name', 'e'); ?>: </span></TD><td><input type=entry name=mname style="width:150px;" value="<?php echo $iter["mname"]; ?>"></td>
288 </TR>
289
290 <TR>
291 <td><span class=text><?php xl('Last Name', 'e'); ?>: </span></td><td><input type=entry name=lname id=lname style="width:150px;" value="<?php echo $iter["lname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
292 <td><span class=text><?php xl('Default Facility', 'e'); ?>: </span></td><td><select name=facility_id style="width:150px;" >
293 <?php
294 $fres = $facilityService->getAllBillingLocations();
295 if ($fres) {
296 for ($iter2 = 0; $iter2 < sizeof($fres); $iter2++) {
297 $result[$iter2] = $fres[$iter2];
298 }
299
300 foreach ($result as $iter2) {
301 ?>
302 <option value="<?php echo $iter2['id']; ?>" <?php if ($iter['facility_id'] == $iter2['id']) {
303 echo "selected";
304 } ?>><?php echo htmlspecialchars($iter2['name']); ?></option>
305 <?php
306 }
307 }
308 ?>
309 </select></td>
310 </tr>
311
312 <?php if ($GLOBALS['restrict_user_facility']) { ?>
313 <tr>
314 <td colspan=2>&nbsp;</td>
315 <td><span class=text><?php xl('Schedule Facilities:', 'e');?></td>
316 <td>
317 <select name="schedule_facility[]" multiple style="width:150px;" >
318 <?php
319 $userFacilities = getUserFacilities($_GET['id']);
320 $ufid = array();
321 foreach ($userFacilities as $uf) {
322 $ufid[] = $uf['id'];
323 }
324
325 $fres = $facilityService->getAllServiceLocations();
326 if ($fres) {
327 foreach ($fres as $frow) :
328 ?>
329 <option <?php echo in_array($frow['id'], $ufid) || $frow['id'] == $iter['facility_id'] ? "selected" : null ?>
330 value="<?php echo $frow['id'] ?>"><?php echo htmlspecialchars($frow['name']) ?></option>
331 <?php
332 endforeach;
333 }
334 ?>
335 </select>
336 </td>
337 </tr>
338 <?php } ?>
339
340 <TR>
341 <TD><span class=text><?php xl('Federal Tax ID', 'e'); ?>: </span></TD><TD><input type=text name=taxid style="width:150px;" value="<?php echo $iter["federaltaxid"]?>"></td>
342 <TD><span class=text><?php xl('Federal Drug ID', 'e'); ?>: </span></TD><TD><input type=text name=drugid style="width:150px;" value="<?php echo $iter["federaldrugid"]?>"></td>
343 </TR>
344
345 <tr>
346 <td><span class="text"><?php xl('UPIN', 'e'); ?>: </span></td><td><input type="text" name="upin" style="width:150px;" value="<?php echo $iter["upin"]?>"></td>
347 <td class='text'><?php xl('See Authorizations', 'e'); ?>: </td>
348 <td><select name="see_auth" style="width:150px;" >
349 <?php
350 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
351 echo " <option value='$key'";
352 if ($key == $iter['see_auth']) {
353 echo " selected";
354 }
355
356 echo ">$value</option>\n";
357 }
358 ?>
359 </select></td>
360 </tr>
361
362 <tr>
363 <td><span class="text"><?php xl('NPI', 'e'); ?>: </span></td><td><input type="text" name="npi" style="width:150px;" value="<?php echo $iter["npi"]?>"></td>
364 <td><span class="text"><?php xl('Job Description', 'e'); ?>: </span></td><td><input type="text" name="job" style="width:150px;" value="<?php echo $iter["specialty"]?>"></td>
365 </tr>
366
367 <tr>
368 <td><span class="text"><?php xl('Taxonomy', 'e'); ?>: </span></td>
369 <td><input type="text" name="taxonomy" style="width:150px;" value="<?php echo $iter["taxonomy"]?>"></td>
370 <td>&nbsp;</td><td>&nbsp;</td></tr>
371
372 <tr>
373 <td><span class="text"><?php xl('State License Number', 'e'); ?>: </span></td>
374 <td><input type="text" name="state_license_number" style="width:150px;" value="<?php echo $iter["state_license_number"]?>"></td>
375 <td class='text'><?php xl('NewCrop eRX Role', 'e'); ?>:</td>
376 <td>
377 <?php echo generate_select_list("erxrole", "newcrop_erx_role", $iter['newcrop_user_role'], '', xl('Select Role'), '', '', '', array('style'=>'width:150px')); ?>
378 </td>
379 </tr>
380 <tr>
381 <td><span class="text"><?php echo xlt('Weno Provider ID'); ?>: </span></td><td><input type="text" name="erxprid" style="width:150px;" value="<?php echo attr($iter["weno_prov_id"]); ?>"></td>
382 </tr>
383
384 <tr>
385 <td><span class="text"><?php xl('Provider Type', 'e'); ?>: </span></td>
386 <td><?php echo generate_select_list("physician_type", "physician_type", $iter['physician_type'], '', xl('Select Type'), 'physician_type_class', '', '', ''); ?></td>
387 <td>
388 <span class="text"><?php echo xlt('Main Menu Role'); ?>: </span>
389 </td>
390 <td>
391 <?php echo MainMenuRole::displayMainMenuRoleSelector($iter["main_menu_role"]); ?>
392 </td>
393 </tr>
394 <?php if ($GLOBALS['inhouse_pharmacy']) { ?>
395 <tr>
396 <td class="text"><?php xl('Default Warehouse', 'e'); ?>: </td>
397 <td class='text'>
398 <?php
399 echo generate_select_list(
400 'default_warehouse',
401 'warehouse',
402 $iter['default_warehouse'],
403 ''
404 );
405 ?>
406 </td>
407 <td class="text"><?php xl('Invoice Refno Pool', 'e'); ?>: </td>
408 <td class='text'>
409 <?php
410 echo generate_select_list(
411 'irnpool',
412 'irnpool',
413 $iter['irnpool'],
414 xl('Invoice reference number pool, if used')
415 );
416 ?>
417 </td>
418 </tr>
419 <?php } ?>
420
421 <?php
422 // Collect the access control group of user
423 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
424 ?>
425 <tr>
426 <td class='text'><?php xl('Access Control', 'e'); ?>:</td>
427 <td><select id="access_group_id" name="access_group[]" multiple style="width:150px;" >
428 <?php
429 $list_acl_groups = acl_get_group_title_list();
430 $username_acl_groups = acl_get_group_titles($iter["username"]);
431 foreach ($list_acl_groups as $value) {
432 if (($username_acl_groups) && in_array($value, $username_acl_groups)) {
433 // Modified 6-2009 by BM - Translate group name if applicable
434 echo " <option value='$value' selected>" . xl_gacl_group($value) . "</option>\n";
435 } else {
436 // Modified 6-2009 by BM - Translate group name if applicable
437 echo " <option value='$value'>" . xl_gacl_group($value) . "</option>\n";
438 }
439 }
440 ?>
441 </select></td>
442 <td><span class=text><?php xl('Additional Info', 'e'); ?>:</span></td>
443 <td><textarea style="width:150px;" name="comments" wrap=auto rows=4 cols=25><?php echo $iter["info"];?></textarea></td>
444
445 </tr>
446 <tr height="20" valign="bottom">
447 <td colspan="4" class="text">
448 <font class="mandatory">*</font> <?php xl('You must enter your own password to change user passwords. Leave blank to keep password unchanged.', 'e'); ?>
449 <!--
450 Display red alert if entered password matched one of last three passwords/Display red alert if user password was expired and the user was inactivated previously
451 -->
452 <div class="redtext" id="error_message">&nbsp;</div>
453 </td>
454 </tr>
455 <?php
456 }
457 ?>
458 </table>
459
460 <INPUT TYPE="HIDDEN" NAME="id" VALUE="<?php echo attr($_GET["id"]); ?>">
461 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="update">
462 <INPUT TYPE="HIDDEN" NAME="privatemode" VALUE="user_admin">
463
464 <INPUT TYPE="HIDDEN" NAME="secure_pwd" VALUE="<?php echo $GLOBALS['secure_password']; ?>">
465 </FORM>
466 <script language="JavaScript">
467 $(document).ready(function(){
468 $("#cancel").click(function() {
469 parent.$.fn.fancybox.close();
470 });
471
472 });
473 </script>
474 </BODY>
475
476 </HTML>
477
478 <?php
479 // d41d8cd98f00b204e9800998ecf8427e == blank
480 ?>
Mirror of official OpenEMR Sourceforge repository