6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
12 require_once("../globals.php");
13 require_once("../../library/acl.inc");
14 require_once("$srcdir/calendar.inc");
15 require_once("$srcdir/options.inc.php");
16 require_once("$srcdir/erx_javascript.inc.php");
18 use OpenEMR\Menu\MainMenuRole
;
19 use OpenEMR\Services\FacilityService
;
21 $facilityService = new FacilityService();
23 if (!$_GET["id"] ||
!acl_check('admin', 'users')) {
27 $res = sqlStatement("select * from users where id=?", array($_GET["id"]));
28 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
29 $result[$iter] = $row;
39 <link rel
="stylesheet" href
="<?php echo $css_header; ?>" type
="text/css">
40 <script type
="text/javascript" src
="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script
>
41 <script type
="text/javascript" src
="<?php echo $GLOBALS['assets_static_relative'] ?>/jquery-min-1-9-1/index.js"></script
>
42 <script type
="text/javascript" src
="../../library/js/common.js"></script
>
44 <script src
="checkpwd_validation.js" type
="text/javascript"></script
>
46 <!-- validation library
-->
47 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
48 <?php
$use_validate_js = 1;?
>
49 <?php
require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?
>
51 //Gets validation rules from Page Validation list.
52 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
53 $collectthis = collectValidationPageRules("/interface/usergroup/user_admin.php");
54 if (empty($collectthis)) {
55 $collectthis = "undefined";
57 $collectthis = $collectthis["user_form"]["rules"];
61 <script language
="JavaScript">
64 * validation on the form with new client side validation (using validate.js).
65 * this enable to add new rules for this form in the pageValidation list.
67 var collectvalidation
= <?php
echo($collectthis); ?
>;
69 function checkChange()
71 alert("<?php echo addslashes(xl('If you change e-RX Role for ePrescription, it may affect the ePrescription workflow. If you face any difficulty, contact your ePrescription vendor.'));?>");
73 function submitform() {
75 var valid
= submitme(1, undefined
, 'user_form', collectvalidation
);
80 <?php
if (!$GLOBALS['use_active_directory']) { ?
>
81 if(document
.forms
[0].clearPass
.value
!="")
83 //Checking for the strong password if the 'secure password' feature is enabled
84 if(document
.forms
[0].secure_pwd
.value
== 1)
86 var pwdresult
= passwordvalidate(document
.forms
[0].clearPass
.value
);
89 alert("<?php echo xl('The password must be at least eight characters, and should');
91 echo xl('contain at least three of the four following items:');
95 echo xl('A lowercase letter');
97 echo xl('An uppercase letter');
99 echo xl('A special character');
101 echo xl('not a letter or number');
104 echo xl('For example:');
105 echo ' healthCare@09'; ?>");
110 }//If pwd null ends here
112 //Request to reset the user password if the user was deactived once the password expired.
113 if((document
.forms
[0].pwd_expires
.value
!= 0) && (document
.forms
[0].clearPass
.value
== "")) {
114 if((document
.forms
[0].user_type
.value
!= "Emergency Login") && (document
.forms
[0].pre_active
.value
== 0) && (document
.forms
[0].active
.checked
== 1) && (document
.forms
[0].grace_time
.value
!= "") && (document
.forms
[0].current_date
.value
) > (document
.forms
[0].grace_time
.value
))
117 document
.getElementById('error_message').innerHTML
="<?php xl('Please reset the password.', 'e') ?>";
121 if (document
.forms
[0].access_group_id
) {
122 var sel
= getSelected(document
.forms
[0].access_group_id
.options
);
123 for (var item in sel
) {
124 if (sel
[item
].value
== "Emergency Login") {
125 document
.forms
[0].check_acl
.value
= 1;
130 <?php
if ($GLOBALS['erx_enable']) { ?
>
133 for(i
=0;i
<f
.length
;i++
){
134 if(f
[i
].type
=='text' && f
[i
].value
)
136 if(f
[i
].name
== 'fname' || f
[i
].name
== 'mname' || f
[i
].name
== 'lname')
138 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,35);
139 alertMsg +
= checkUsername(f
[i
].name
,f
[i
].value
);
141 else if(f
[i
].name
== 'taxid')
143 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,10);
144 alertMsg +
= checkFederalEin(f
[i
].name
,f
[i
].value
);
146 else if(f
[i
].name
== 'state_license_number')
148 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,10);
149 alertMsg +
= checkStateLicenseNumber(f
[i
].name
,f
[i
].value
);
151 else if(f
[i
].name
== 'npi')
153 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,10);
154 alertMsg +
= checkTaxNpiDea(f
[i
].name
,f
[i
].value
);
156 else if(f
[i
].name
== 'drugid')
158 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,30);
159 alertMsg +
= checkAlphaNumeric(f
[i
].name
,f
[i
].value
);
170 document
.forms
[0].submit();
171 parent
.$
.fn
.fancybox
.close();
174 //Getting the list of selected item in ACL
175 function getSelected(opt
) {
176 var selected
= new Array();
178 for (var intLoop
= 0; intLoop
< opt
.length
; intLoop++
) {
179 if ((opt
[intLoop
].selected
) ||
180 (opt
[intLoop
].checked
)) {
181 index
= selected
.length
;
182 selected
[index
] = new Object;
183 selected
[index
].value
= opt
[intLoop
].value
;
184 selected
[index
].index
= intLoop
;
190 function authorized_clicked() {
191 var f
= document
.forms
[0];
192 f
.calendar
.disabled
= !f
.authorized
.checked
;
193 f
.calendar
.checked
= f
.authorized
.checked
;
197 <style type
="text/css">
198 .physician_type_class
{
199 width
: 150px
!important
;
203 <body
class="body_top">
205 <span
class="title"><?php
xl('Edit User', 'e'); ?
></span
> 
;
207 <a
class="css_button" name
='form_save' id
='form_save' href
='#' onclick
='return submitform()'> <span
><?php
xl('Save', 'e');?
></span
> </a
>
208 <a
class="css_button" id
='cancel' href
='#'><span
><?php
xl('Cancel', 'e');?
></span
></a
>
212 <FORM NAME
="user_form" id
="user_form" METHOD
="POST" ACTION
="usergroup_admin.php" target
="_parent" onsubmit
='return top.restoreSession()'>
214 <input type
=hidden name
="pwd_expires" value
="<?php echo $GLOBALS['password_expiration_days']; ?>" >
215 <input type
=hidden name
="pre_active" value
="<?php echo $iter["active
"]; ?>" >
216 <input type
=hidden name
="exp_date" value
="<?php echo $iter["pwd_expiration_date
"]; ?>" >
217 <input type
=hidden name
="get_admin_id" value
="<?php echo $GLOBALS['Emergency_Login_email']; ?>" >
218 <input type
=hidden name
="admin_id" value
="<?php echo $GLOBALS['Emergency_Login_email_id']; ?>" >
219 <input type
=hidden name
="check_acl" value
="">
221 //Calculating the grace time
222 $current_date = date("Y-m-d");
223 $password_exp=$iter["pwd_expiration_date"];
224 if ($password_exp != "0000-00-00") {
225 $grace_time1 = date("Y-m-d", strtotime($password_exp . "+".$GLOBALS['password_grace_time'] ."days"));
228 <input type
=hidden name
="current_date" value
="<?php echo strtotime($current_date); ?>" >
229 <input type
=hidden name
="grace_time" value
="<?php echo strtotime($grace_time1); ?>" >
230 <!-- Get the
list ACL
for the user
-->
232 $acl_name=acl_get_group_titles($iter["username"]);
234 $bg_count=count($acl_name);
235 for ($i=0; $i<$bg_count; $i++
) {
236 if ($acl_name[$i] == "Emergency Login") {
237 $bg_name=$acl_name[$i];
241 <input type
=hidden name
="user_type" value
="<?php echo $bg_name; ?>" >
243 <TABLE border
=0 cellpadding
=0 cellspacing
=0>
245 <TD style
="width:180px;"><span
class=text
><?php
xl('Username', 'e'); ?
>: </span
></TD
>
246 <TD style
="width:270px;"><input type
=entry name
=username style
="width:150px;" value
="<?php echo $iter["username
"]; ?>" disabled
></td
>
247 <?php
if (!$GLOBALS['use_active_directory']) { ?
>
248 <TD style
="width:200px;"><span
class=text
><?php
xl('Your Password', 'e'); ?
>: </span
></TD
>
249 <TD
class='text' style
="width:280px;"><input type
='password' name
=adminPass style
="width:150px;" value
="" autocomplete
='off'><font
class="mandatory">*</font
></TD
>
252 <?php
if (!$GLOBALS['use_active_directory']) { ?
>
254 <TD style
="width:180px;"><span
class=text
></span
></TD
>
255 <TD style
="width:270px;"></td
>
256 <TD style
="width:200px;"><span
class=text
><?php
xl('User\'s New Password', 'e'); ?
>: </span
></TD
>
257 <TD
class='text' style
="width:280px;"> <input type
=text name
=clearPass style
="width:150px;" value
=""><font
class="mandatory">*</font
></td
>
261 <TR height
="30" style
="valign:middle;">
262 <td
><span
class="text"> 
;</span
></td
><td
> 
;</td
>
263 <td colspan
="2"><span
class=text
><?php
xl('Provider', 'e'); ?
>:
264 <input type
="checkbox" name
="authorized" onclick
="authorized_clicked()"<?php
265 if ($iter["authorized"]) {
268  
; 
;<span
class='text'><?php
xl('Calendar', 'e'); ?
>:
269 <input type
="checkbox" name
="calendar"<?php
270 if ($iter["calendar"]) {
274 if (!$iter["authorized"]) {
277  
; 
;<span
class='text'><?php
xl('Active', 'e'); ?
>:
278 <input type
="checkbox" name
="active"<?php
if ($iter["active"]) {
285 <TD
><span
class=text
><?php
xl('First Name', 'e'); ?
>: </span
></TD
>
286 <TD
><input type
=entry name
=fname id
=fname style
="width:150px;" value
="<?php echo $iter["fname
"]; ?>"><span
class="mandatory"> 
;*</span
></td
>
287 <td
><span
class=text
><?php
xl('Middle Name', 'e'); ?
>: </span
></TD
><td
><input type
=entry name
=mname style
="width:150px;" value
="<?php echo $iter["mname
"]; ?>"></td
>
291 <td
><span
class=text
><?php
xl('Last Name', 'e'); ?
>: </span
></td
><td
><input type
=entry name
=lname id
=lname style
="width:150px;" value
="<?php echo $iter["lname
"]; ?>"><span
class="mandatory"> 
;*</span
></td
>
292 <td
><span
class=text
><?php
xl('Default Facility', 'e'); ?
>: </span
></td
><td
><select name
=facility_id style
="width:150px;" >
294 $fres = $facilityService->getAllBillingLocations();
296 for ($iter2 = 0; $iter2 < sizeof($fres); $iter2++
) {
297 $result[$iter2] = $fres[$iter2];
300 foreach ($result as $iter2) {
302 <option value
="<?php echo $iter2['id']; ?>" <?php
if ($iter['facility_id'] == $iter2['id']) {
304 } ?
>><?php
echo htmlspecialchars($iter2['name']); ?
></option
>
312 <?php
if ($GLOBALS['restrict_user_facility']) { ?
>
314 <td colspan
=2> 
;</td
>
315 <td
><span
class=text
><?php
xl('Schedule Facilities:', 'e');?
></td
>
317 <select name
="schedule_facility[]" multiple style
="width:150px;" >
319 $userFacilities = getUserFacilities($_GET['id']);
321 foreach ($userFacilities as $uf) {
325 $fres = $facilityService->getAllServiceLocations();
327 foreach ($fres as $frow) :
329 <option
<?php
echo in_array($frow['id'], $ufid) ||
$frow['id'] == $iter['facility_id'] ?
"selected" : null ?
>
330 value
="<?php echo $frow['id'] ?>"><?php
echo htmlspecialchars($frow['name']) ?
></option
>
341 <TD
><span
class=text
><?php
xl('Federal Tax ID', 'e'); ?
>: </span
></TD
><TD
><input type
=text name
=taxid style
="width:150px;" value
="<?php echo $iter["federaltaxid
"]?>"></td
>
342 <TD
><span
class=text
><?php
xl('Federal Drug ID', 'e'); ?
>: </span
></TD
><TD
><input type
=text name
=drugid style
="width:150px;" value
="<?php echo $iter["federaldrugid
"]?>"></td
>
346 <td
><span
class="text"><?php
xl('UPIN', 'e'); ?
>: </span
></td
><td
><input type
="text" name
="upin" style
="width:150px;" value
="<?php echo $iter["upin
"]?>"></td
>
347 <td
class='text'><?php
xl('See Authorizations', 'e'); ?
>: </td
>
348 <td
><select name
="see_auth" style
="width:150px;" >
350 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
351 echo " <option value='$key'";
352 if ($key == $iter['see_auth']) {
356 echo ">$value</option>\n";
363 <td
><span
class="text"><?php
xl('NPI', 'e'); ?
>: </span
></td
><td
><input type
="text" name
="npi" style
="width:150px;" value
="<?php echo $iter["npi
"]?>"></td
>
364 <td
><span
class="text"><?php
xl('Job Description', 'e'); ?
>: </span
></td
><td
><input type
="text" name
="job" style
="width:150px;" value
="<?php echo $iter["specialty
"]?>"></td
>
368 <td
><span
class="text"><?php
xl('Taxonomy', 'e'); ?
>: </span
></td
>
369 <td
><input type
="text" name
="taxonomy" style
="width:150px;" value
="<?php echo $iter["taxonomy
"]?>"></td
>
370 <td
> 
;</td
><td
> 
;</td
></tr
>
373 <td
><span
class="text"><?php
xl('State License Number', 'e'); ?
>: </span
></td
>
374 <td
><input type
="text" name
="state_license_number" style
="width:150px;" value
="<?php echo $iter["state_license_number
"]?>"></td
>
375 <td
class='text'><?php
xl('NewCrop eRX Role', 'e'); ?
>:</td
>
377 <?php
echo generate_select_list("erxrole", "newcrop_erx_role", $iter['newcrop_user_role'], '', xl('Select Role'), '', '', '', array('style'=>'width:150px')); ?
>
381 <td
><span
class="text"><?php
echo xlt('Weno Provider ID'); ?
>: </span
></td
><td
><input type
="text" name
="erxprid" style
="width:150px;" value
="<?php echo attr($iter["weno_prov_id
"]); ?>"></td
>
385 <td
><span
class="text"><?php
xl('Provider Type', 'e'); ?
>: </span
></td
>
386 <td
><?php
echo generate_select_list("physician_type", "physician_type", $iter['physician_type'], '', xl('Select Type'), 'physician_type_class', '', '', ''); ?
></td
>
388 <span
class="text"><?php
echo xlt('Main Menu Role'); ?
>: </span
>
391 <?php
echo MainMenuRole
::displayMainMenuRoleSelector($iter["main_menu_role"]); ?
>
394 <?php
if ($GLOBALS['inhouse_pharmacy']) { ?
>
396 <td
class="text"><?php
xl('Default Warehouse', 'e'); ?
>: </td
>
399 echo generate_select_list(
402 $iter['default_warehouse'],
407 <td
class="text"><?php
xl('Invoice Refno Pool', 'e'); ?
>: </td
>
410 echo generate_select_list(
414 xl('Invoice reference number pool, if used')
422 // Collect the access control group of user
423 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
426 <td
class='text'><?php
xl('Access Control', 'e'); ?
>:</td
>
427 <td
><select id
="access_group_id" name
="access_group[]" multiple style
="width:150px;" >
429 $list_acl_groups = acl_get_group_title_list();
430 $username_acl_groups = acl_get_group_titles($iter["username"]);
431 foreach ($list_acl_groups as $value) {
432 if (($username_acl_groups) && in_array($value, $username_acl_groups)) {
433 // Modified 6-2009 by BM - Translate group name if applicable
434 echo " <option value='$value' selected>" . xl_gacl_group($value) . "</option>\n";
436 // Modified 6-2009 by BM - Translate group name if applicable
437 echo " <option value='$value'>" . xl_gacl_group($value) . "</option>\n";
442 <td
><span
class=text
><?php
xl('Additional Info', 'e'); ?
>:</span
></td
>
443 <td
><textarea style
="width:150px;" name
="comments" wrap
=auto rows
=4 cols
=25><?php
echo $iter["info"];?
></textarea
></td
>
446 <tr height
="20" valign
="bottom">
447 <td colspan
="4" class="text">
448 <font
class="mandatory">*</font
> <?php
xl('You must enter your own password to change user passwords. Leave blank to keep password unchanged.', 'e'); ?
>
450 Display red alert
if entered password matched one of last three passwords
/Display red alert
if user password was expired
and the user was inactivated previously
452 <div
class="redtext" id
="error_message"> 
;</div
>
460 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<?php echo attr($_GET["id
"]); ?>">
461 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
462 <INPUT TYPE
="HIDDEN" NAME
="privatemode" VALUE
="user_admin">
464 <INPUT TYPE
="HIDDEN" NAME
="secure_pwd" VALUE
="<?php echo $GLOBALS['secure_password']; ?>">
466 <script language
="JavaScript">
467 $
(document
).ready(function(){
468 $
("#cancel").click(function() {
469 parent
.$
.fn
.fancybox
.close();
479 // d41d8cd98f00b204e9800998ecf8427e == blank