added new datepicker to amendments gui
[openemr.git] / interface / globals.php
blob67316c553456313583919d3119b3e1e312b89bdb
1 <?php
3 // Default values for optional variables that are allowed to be set by callers.
5 // Unless specified explicitly, apply Auth functions
6 if (!isset($ignoreAuth)) $ignoreAuth = false;
7 // Unless specified explicitly, caller is not offsite_portal and Auth is required
8 if (!isset($ignoreAuth_offsite_portal)) $ignoreAuth_offsite_portal = false;
9 // Unless specified explicitly, do not reverse magic quotes
10 if (!isset($sanitize_all_escapes)) $sanitize_all_escapes = false;
11 // Unless specified explicitly, "fake" register_globals.
12 if (!isset($fake_register_globals)) $fake_register_globals = true;
14 // Is this windows or non-windows? Create a boolean definition.
15 if (!defined('IS_WINDOWS'))
16 define('IS_WINDOWS', (stripos(PHP_OS,'WIN') === 0));
18 // Some important php.ini overrides. Defaults for these values are often
19 // too small. You might choose to adjust them further.
21 ini_set('session.gc_maxlifetime', '14400');
23 // This is for sanitization of all escapes.
24 // (ie. reversing magic quotes if it's set)
25 if ($sanitize_all_escapes) {
26 if (get_magic_quotes_gpc()) {
27 function undoMagicQuotes($array, $topLevel=true) {
28 $newArray = array();
29 foreach($array as $key => $value) {
30 if (!$topLevel) {
31 $key = stripslashes($key);
33 if (is_array($value)) {
34 $newArray[$key] = undoMagicQuotes($value, false);
36 else {
37 $newArray[$key] = stripslashes($value);
40 return $newArray;
42 $_GET = undoMagicQuotes($_GET);
43 $_POST = undoMagicQuotes($_POST);
44 $_COOKIE = undoMagicQuotes($_COOKIE);
45 $_REQUEST = undoMagicQuotes($_REQUEST);
50 // The webserver_root and web_root are now automatically collected.
51 // If not working, can set manually below.
52 // Auto collect the full absolute directory path for openemr.
53 $webserver_root = dirname(dirname(__FILE__));
54 if (IS_WINDOWS) {
55 //convert windows path separators
56 $webserver_root = str_replace("\\","/",$webserver_root);
58 // Collect the apache server document root (and convert to windows slashes, if needed)
59 $server_document_root = realpath($_SERVER['DOCUMENT_ROOT']);
60 if (IS_WINDOWS) {
61 //convert windows path separators
62 $server_document_root = str_replace("\\","/",$server_document_root);
64 // Auto collect the relative html path, i.e. what you would type into the web
65 // browser after the server address to get to OpenEMR.
66 // This removes the leading portion of $webserver_root that it has in common with the web server's document
67 // root and assigns the result to $web_root. In addition to the common case where $webserver_root is
68 // /var/www/openemr and document root is /var/www, this also handles the case where document root is
69 // /var/www/html and there is an Apache "Alias" command that directs /openemr to /var/www/openemr.
70 $web_root = substr($webserver_root, strspn($webserver_root ^ $server_document_root, "\0"));
71 // Ensure web_root starts with a path separator
72 if (preg_match("/^[^\/]/",$web_root)) {
73 $web_root = "/".$web_root;
75 // The webserver_root and web_root are now automatically collected in
76 // real time per above code. If above is not working, can uncomment and
77 // set manually here:
78 // $webserver_root = "/var/www/openemr";
79 // $web_root = "/openemr";
82 // This is the directory that contains site-specific data. Change this
83 // only if you have some reason to.
84 $GLOBALS['OE_SITES_BASE'] = "$webserver_root/sites";
86 // The session name names a cookie stored in the browser.
87 // Now that restore_session() is implemented in javaScript, session IDs are
88 // effectively saved in the top level browser window and there is no longer
89 // any need to change the session name for different OpenEMR instances.
90 session_name("OpenEMR");
92 session_start();
94 // Set the site ID if required. This must be done before any database
95 // access is attempted.
96 if (empty($_SESSION['site_id']) || !empty($_GET['site'])) {
97 if (!empty($_GET['site'])) {
98 $tmp = $_GET['site'];
100 else {
101 if (empty($ignoreAuth)) die("Site ID is missing from session data!");
102 $tmp = $_SERVER['HTTP_HOST'];
103 if (!is_dir($GLOBALS['OE_SITES_BASE'] . "/$tmp")) $tmp = "default";
105 if (empty($tmp) || preg_match('/[^A-Za-z0-9\\-.]/', $tmp))
106 die("Site ID '". htmlspecialchars($tmp,ENT_NOQUOTES) . "' contains invalid characters.");
107 if (isset($_SESSION['site_id']) && ($_SESSION['site_id'] != $tmp)) {
108 // This is to prevent using session to penetrate other OpenEMR instances within same multisite module
109 session_unset(); // clear session, clean logout
110 if (isset($landingpage) && !empty($landingpage)) {
111 // OpenEMR Patient Portal use
112 header('Location: index.php?site='.$tmp);
114 else {
115 // Main OpenEMR use
116 header('Location: ../login/login.php?site='.$tmp); // Assuming in the interface/main directory
118 exit;
120 if (!isset($_SESSION['site_id']) || $_SESSION['site_id'] != $tmp) {
121 $_SESSION['site_id'] = $tmp;
122 //error_log("Session site ID has been set to '$tmp'"); // debugging
126 // Set the site-specific directory path.
127 $GLOBALS['OE_SITE_DIR'] = $GLOBALS['OE_SITES_BASE'] . "/" . $_SESSION['site_id'];
129 require_once($GLOBALS['OE_SITE_DIR'] . "/config.php");
131 // Collecting the utf8 disable flag from the sqlconf.php file in order
132 // to set the correct html encoding. utf8 vs iso-8859-1. If flag is set
133 // then set to iso-8859-1.
134 require_once(dirname(__FILE__) . "/../library/sqlconf.php");
135 if (!$disable_utf8_flag) {
136 ini_set('default_charset', 'utf-8');
137 $HTML_CHARSET = "UTF-8";
138 mb_internal_encoding('UTF-8');
140 else {
141 ini_set('default_charset', 'iso-8859-1');
142 $HTML_CHARSET = "ISO-8859-1";
143 mb_internal_encoding('ISO-8859-1');
146 // Root directory, relative to the webserver root:
147 $GLOBALS['rootdir'] = "$web_root/interface";
148 $rootdir = $GLOBALS['rootdir'];
149 // Absolute path to the source code include and headers file directory (Full path):
150 $GLOBALS['srcdir'] = "$webserver_root/library";
151 // Absolute path to the location of documentroot directory for use with include statements:
152 $GLOBALS['fileroot'] = "$webserver_root";
153 // Absolute path to the location of interface directory for use with include statements:
154 $include_root = "$webserver_root/interface";
155 // Absolute path to the location of documentroot directory for use with include statements:
156 $GLOBALS['webroot'] = $web_root;
158 // Static assets directory, relative to the webserver root.
159 // (it is very likely that this path will be changed in the future))
160 $GLOBALS['assets_static_relative'] = "$web_root/public/assets";
162 // Relative images directory, relative to the webserver root.
163 $GLOBALS['images_static_relative'] = "$web_root/public/images";
165 // Static images directory, absolute to the webserver root.
166 $GLOBALS['images_static_absolute'] = "$webserver_root/public/images";
168 //Composer vendor directory, absolute to the webserver root.
169 $GLOBALS['vendor_dir'] = "$webserver_root/vendor";
171 $GLOBALS['template_dir'] = $GLOBALS['fileroot'] . "/templates/";
172 $GLOBALS['incdir'] = $include_root;
173 // Location of the login screen file
174 $GLOBALS['login_screen'] = $GLOBALS['rootdir'] . "/login_screen.php";
176 // Variable set for Eligibility Verification [EDI-271] path
177 $GLOBALS['edi_271_file_path'] = $GLOBALS['OE_SITE_DIR'] . "/edi/";
179 // Includes composer autoload
180 // Note this also brings in following library files:
181 // library/htmlspecialchars.inc.php - Include convenience functions with shorter names than "htmlspecialchars" (for security)
182 // library/formdata.inc.php - Include sanitization/checking functions (for security)
183 // library/sanitize.inc.php - Include sanitization/checking functions (for security)
184 // library/date_functions.php - Includes functions for date internationalization
185 // library/validation/validate_core.php - Includes functions for page validation
186 // library/translation.inc.php - Includes translation functions
187 require_once $GLOBALS['vendor_dir'] ."/autoload.php";
189 // This will open the openemr mysql connection.
190 require_once (dirname(__FILE__) . "/../library/sql.inc");
192 // Include the version file
193 require_once (dirname(__FILE__) . "/../version.php");
195 // The logging level for common/logging/logger.php
196 // Value can be TRACE, DEBUG, INFO, WARN, ERROR, or OFF:
197 // - DEBUG/INFO are great for development
198 // - INFO/WARN/ERROR are great for production
199 // - TRACE is useful when debugging hard to spot bugs
200 $GLOBALS["log_level"] = "OFF";
202 // Should Doctrine make use of connection pooling? Database connection pooling is a method
203 // used to keep database connections open so they can be reused by others. (The only reason
204 // to not use connection pooling is if your server has limited resources.)
205 $GLOBALS["doctrine_connection_pooling"] = true;
207 // Defaults for specific applications.
208 $GLOBALS['weight_loss_clinic'] = false;
209 $GLOBALS['ippf_specific'] = false;
210 $GLOBALS['cene_specific'] = false;
212 // Defaults for drugs and products.
213 $GLOBALS['inhouse_pharmacy'] = false;
214 $GLOBALS['sell_non_drug_products'] = 0;
216 $glrow = sqlQuery("SHOW TABLES LIKE 'globals'");
217 if (!empty($glrow)) {
218 // Collect user specific settings from user_settings table.
220 $gl_user = array();
221 // Collect the user id first
222 $temp_authuserid = '';
223 if (!empty($_SESSION['authUserID'])) {
224 //Set the user id from the session variable
225 $temp_authuserid = $_SESSION['authUserID'];
227 else {
228 if (!empty($_POST['authUser'])) {
229 $temp_sql_ret = sqlQuery("SELECT `id` FROM `users` WHERE `username` = ?", array($_POST['authUser']) );
230 if (!empty($temp_sql_ret['id'])) {
231 //Set the user id from the login variable
232 $temp_authuserid = $temp_sql_ret['id'];
236 if (!empty($temp_authuserid)) {
237 $glres_user = sqlStatement("SELECT `setting_label`, `setting_value` " .
238 "FROM `user_settings` " .
239 "WHERE `setting_user` = ? " .
240 "AND `setting_label` LIKE 'global:%'", array($temp_authuserid) );
241 for($iter=0; $row=sqlFetchArray($glres_user); $iter++) {
242 //remove global_ prefix from label
243 $row['setting_label'] = substr($row['setting_label'],7);
244 $gl_user[$iter]=$row;
247 // Set global parameters from the database globals table.
248 // Some parameters require custom handling.
250 $GLOBALS['language_menu_show'] = array();
251 $glres = sqlStatement("SELECT gl_name, gl_index, gl_value FROM globals " .
252 "ORDER BY gl_name, gl_index");
253 while ($glrow = sqlFetchArray($glres)) {
254 $gl_name = $glrow['gl_name'];
255 $gl_value = $glrow['gl_value'];
256 // Adjust for user specific settings
257 if (!empty($gl_user)) {
258 foreach ($gl_user as $setting) {
259 if ($gl_name == $setting['setting_label']) {
260 $gl_value = $setting['setting_value'];
264 if ($gl_name == 'language_menu_other') {
265 $GLOBALS['language_menu_show'][] = $gl_value;
267 else if ($gl_name == 'css_header') {
268 $GLOBALS[$gl_name] = $rootdir.'/themes/'.$gl_value.'?v='.$v_js_includes;
269 $temp_css_theme_name = $gl_value;
271 else if ($gl_name == 'weekend_days') {
272 $GLOBALS[$gl_name] = explode(',', $gl_value);
274 else if ($gl_name == 'specific_application') {
275 if ($gl_value == '2') $GLOBALS['ippf_specific'] = true;
276 else if ($gl_value == '3') $GLOBALS['weight_loss_clinic'] = true;
278 else if ($gl_name == 'inhouse_pharmacy') {
279 if ($gl_value) $GLOBALS['inhouse_pharmacy'] = true;
280 if ($gl_value == '2') $GLOBALS['sell_non_drug_products'] = 1;
281 else if ($gl_value == '3') $GLOBALS['sell_non_drug_products'] = 2;
283 else {
284 $GLOBALS[$gl_name] = $gl_value;
287 // Language cleanup stuff.
288 $GLOBALS['language_menu_login'] = false;
289 if ((count($GLOBALS['language_menu_show']) >= 1) || $GLOBALS['language_menu_showall']) {
290 $GLOBALS['language_menu_login'] = true;
293 // Added this $GLOBALS['concurrent_layout'] set to 3 in order to support legacy forms
294 // that may use this; note this global has been removed from the standard codebase.
295 $GLOBALS['concurrent_layout'] = 3;
297 // Additional logic to override theme name.
298 // For RTL languages we substitute the theme name with the name of RTL-adapted CSS file.
299 $rtl_override = false;
300 if( isset( $_SESSION['language_direction'] )) {
301 if( $_SESSION['language_direction'] == 'rtl' &&
302 !strpos($GLOBALS['css_header'], 'rtl') ) {
304 // the $css_header_value is set above
305 $rtl_override = true;
308 else if (isset( $_SESSION['language_choice'] )) {
309 //this will support the onsite patient portal which will have a language choice but not yet a set language direction
310 $_SESSION['language_direction'] = getLanguageDir($_SESSION['language_choice']);
311 if ( $_SESSION['language_direction'] == 'rtl' &&
312 !strpos($GLOBALS['css_header'], 'rtl')) {
313 // the $css_header_value is set above
314 $rtl_override = true;
317 else {
318 //$_SESSION['language_direction'] is not set, so will use the default language
319 $default_lang_id = sqlQuery('SELECT lang_id FROM lang_languages WHERE lang_description = ?',array($GLOBALS['language_default']));
321 if ( getLanguageDir( $default_lang_id['lang_id'] ) === 'rtl' && !strpos($GLOBALS['css_header'], 'rtl')) { // @todo eliminate 1 SQL query
322 $rtl_override = true;
327 // change theme name, if the override file exists.
328 if( $rtl_override ) {
329 // the $css_header_value is set above
330 $new_theme = 'rtl_' . $temp_css_theme_name;
332 // Check file existance
333 if( file_exists( $include_root.'/themes/'.$new_theme ) ) {
334 $GLOBALS['css_header'] = $rootdir.'/themes/'.$new_theme.'?v='.$v_js_includes;
335 } else {
336 // throw a warning if rtl'ed file does not exist.
337 error_log("Missing theme file ".text($include_root).'/themes/'.text($new_theme) );
340 unset( $temp_css_theme_name, $new_theme,$rtl_override);
341 // end of RTL section
344 // End of globals table processing.
346 else {
347 // Temporary stuff to handle the case where the globals table does not
348 // exist yet. This will happen in sql_upgrade.php on upgrading to the
349 // first release containing this table.
350 $GLOBALS['language_menu_login'] = true;
351 $GLOBALS['language_menu_showall'] = true;
352 $GLOBALS['language_menu_show'] = array('English (Standard)','Swedish');
353 $GLOBALS['language_default'] = "English (Standard)";
354 $GLOBALS['translate_layout'] = true;
355 $GLOBALS['translate_lists'] = true;
356 $GLOBALS['translate_gacl_groups'] = true;
357 $GLOBALS['translate_form_titles'] = true;
358 $GLOBALS['translate_document_categories'] = true;
359 $GLOBALS['translate_appt_categories'] = true;
360 $timeout = 7200;
361 $openemr_name = 'OpenEMR';
362 $css_header = "$rootdir/themes/style_default.css";
363 $GLOBALS['css_header'] = $css_header;
364 $GLOBALS['schedule_start'] = 8;
365 $GLOBALS['schedule_end'] = 17;
366 $GLOBALS['calendar_interval'] = 15;
367 $GLOBALS['phone_country_code'] = '1';
368 $GLOBALS['disable_non_default_groups'] = true;
369 $GLOBALS['ippf_specific'] = false;
372 // If >0 this will enforce a separate PHP session for each top-level
373 // browser window. You must log in separately for each. This is not
374 // thoroughly tested yet and some browsers might have trouble with it,
375 // so make it 0 if you must. Alternatively, you can set it to 2 to be
376 // notified when the session ID changes.
377 $GLOBALS['restore_sessions'] = 1; // 0=no, 1=yes, 2=yes+debug
379 // Theme definition. All this stuff should be moved to CSS.
381 $top_bg_line = ' bgcolor="#dddddd" ';
382 $GLOBALS['style']['BGCOLOR2'] = "#dddddd";
383 $bottom_bg_line = $top_bg_line;
384 $title_bg_line = ' bgcolor="#bbbbbb" ';
385 $nav_bg_line = ' bgcolor="#94d6e7" ';
386 $login_filler_line = ' bgcolor="#f7f0d5" ';
387 $logocode = "<img class='img-responsive center-block' src='$web_root/sites/" . $_SESSION['site_id'] . "/images/login_logo.gif'>";
388 // optimal size for the tiny logo is height 43 width 86 px
389 // inside the open emr they will be auto reduced
390 $tinylogocode1 = "<img class='tinylogopng' src='$web_root/sites/" . $_SESSION['site_id'] . "/images/logo_1.png'>";
391 $tinylogocode2 = "<img class='tinylogopng' src='$web_root/sites/" . $_SESSION['site_id'] . "/images/logo_2.png'>";
393 $linepic = "$rootdir/pic/repeat_vline9.gif";
394 $table_bg = ' bgcolor="#cccccc" ';
395 $GLOBALS['style']['BGCOLOR1'] = "#cccccc";
396 $GLOBALS['style']['TEXTCOLOR11'] = "#222222";
397 $GLOBALS['style']['HIGHLIGHTCOLOR'] = "#dddddd";
398 $GLOBALS['style']['BOTTOM_BG_LINE'] = $bottom_bg_line;
399 // The height in pixels of the Logo bar at the top of the login page:
400 $GLOBALS['logoBarHeight'] = 110;
401 // The height in pixels of the Navigation bar:
402 $GLOBALS['navBarHeight'] = 22;
403 // The height in pixels of the Title bar:
404 $GLOBALS['titleBarHeight'] = 40;
406 // The assistant word, MORE printed next to titles that can be clicked:
407 // Note this label gets translated here via the xl function
408 // -if you don't want it translated, then strip the xl function away
409 $tmore = xl('(More)');
410 // The assistant word, BACK printed next to titles that return to previous screens:
411 // Note this label gets translated here via the xl function
412 // -if you don't want it translated, then strip the xl function away
413 $tback = xl('(Back)');
415 // This is the idle logout function:
416 // if a page has not been refreshed within this many seconds, the interface
417 // will return to the login page
418 if (!empty($special_timeout)) {
419 $timeout = intval($special_timeout);
422 $versionService = new \services\VersionService();
423 $version = $versionService->fetch();
425 if (!empty($version)) {
426 //Version tag
427 $patch_appending = "";
428 //Collected below function call to a variable, since unable to directly include
429 // function calls within empty() in php versions < 5.5 .
430 $version_getrealpatch = $version->getRealPatch();
431 if ( ($version->getRealPatch() != '0') && (!(empty($version_getrealpatch))) ) {
432 $patch_appending = " (".$version->getRealPatch().")";
435 $openemr_version = $version->getMajor() . "." . $version->getMinor() . "." . $version->getPatch();
436 $openemr_version .= $version->getTag() . $patch_appending;
437 } else {
438 $openemr_version = xl('Unknown version');
441 $srcdir = $GLOBALS['srcdir'];
442 $login_screen = $GLOBALS['login_screen'];
443 $GLOBALS['css_header'] = $css_header;
444 $GLOBALS['backpic'] = $backpic;
446 // 1 = send email message to given id for Emergency Login user activation,
447 // else 0.
448 $GLOBALS['Emergency_Login_email'] = empty($GLOBALS['Emergency_Login_email_id']) ? 0 : 1;
450 //set include_de_identification to enable De-identification (currently de-identification works fine only with linux machines)
451 //Run de_identification_upgrade.php script to upgrade OpenEMR database to include procedures,
452 //functions, tables for de-identification(Mysql root user and password is required for successful
453 //execution of the de-identification upgrade script)
454 $GLOBALS['include_de_identification']=0;
455 // Include the authentication module code here, but the rule is
456 // if the file has the word "login" in the source code file name,
457 // don't include the authentication module - we do this to avoid
458 // include loops.
460 if ( ($ignoreAuth_offsite_portal === true) && ($GLOBALS['portal_offsite_enable'] == 1) ) {
461 $ignoreAuth = true;
463 if (!$ignoreAuth) {
464 include_once("$srcdir/auth.inc");
468 // This is the background color to apply to form fields that are searchable.
469 // Currently it is applicable only to the "Search or Add Patient" form.
470 $GLOBALS['layout_search_color'] = '#ffff55';
472 //EMAIL SETTINGS
473 $SMTP_Auth = !empty($GLOBALS['SMTP_USER']);
476 //module configurations
477 $GLOBALS['baseModDir'] = "interface/modules/"; //default path of modules
478 $GLOBALS['customModDir']= "custom_modules"; //non zend modules
479 $GLOBALS['zendModDir'] = "zend_modules"; //zend modules
481 // Don't change anything below this line. ////////////////////////////
483 $encounter = empty($_SESSION['encounter']) ? 0 : $_SESSION['encounter'];
485 if (!empty($_GET['pid']) && empty($_SESSION['pid'])) {
486 $_SESSION['pid'] = $_GET['pid'];
488 elseif (!empty($_POST['pid']) && empty($_SESSION['pid'])) {
489 $_SESSION['pid'] = $_POST['pid'];
491 $pid = empty($_SESSION['pid']) ? 0 : $_SESSION['pid'];
492 $userauthorized = empty($_SESSION['userauthorized']) ? 0 : $_SESSION['userauthorized'];
493 $groupname = empty($_SESSION['authProvider']) ? 0 : $_SESSION['authProvider'];
495 // global interface function to format text length using ellipses
496 function strterm($string,$length) {
497 if (strlen($string) >= ($length-3)) {
498 return substr($string,0,$length-3) . "...";
499 } else {
500 return $string;
504 // Override temporary_files_dir if PHP >= 5.2.1.
505 if (version_compare(phpversion(), "5.2.1", ">=")) {
506 $GLOBALS['temporary_files_dir'] = rtrim(sys_get_temp_dir(),'/');
509 // turn off PHP compatibility warnings
510 ini_set("session.bug_compat_warn","off");
512 //////////////////////////////////////////////////////////////////
514 /* Pages with "myadmin" in the URL don't need register_globals. */
515 $fake_register_globals =
516 $fake_register_globals && (strpos($_SERVER['REQUEST_URI'],"myadmin") === FALSE);
519 // Emulates register_globals = On. Moved to the bottom of globals.php to prevent
520 // overrides of any variables used during global setup.
521 // EXTR_SKIP flag set to prevent overriding any variables defined earlier
522 if ($fake_register_globals) {
523 extract($_GET,EXTR_SKIP);
524 extract($_POST,EXTR_SKIP);