3 * Document Template Management Module.
5 * Copyright (C) 2013-2014 Rod Roark <rod@sunsetsystems.com>
7 * LICENSE: This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
19 * @author Rod Roark <rod@sunsetsystems.com>
20 * @link http://www.open-emr.org
23 // Disable magic quotes and fake register globals.
24 $sanitize_all_escapes = true;
25 $fake_register_globals = false;
27 require_once('../globals.php');
28 require_once($GLOBALS['srcdir'].'/acl.inc');
30 if (!acl_check('admin', 'super')) die(htmlspecialchars(xl('Not authorized')));
32 $form_filename = strip_escape_custom($_REQUEST['form_filename']);
34 $templatedir = "$OE_SITE_DIR/documents/doctemplates";
36 // If downloading a file, do the download and nothing else.
37 // Thus the current browser page should remain displayed.
39 if (!empty($_POST['bn_download'])) {
40 $templatepath = "$templatedir/$form_filename";
41 header('Content-Description: File Transfer');
42 header('Content-Transfer-Encoding: binary');
44 header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
45 header('Pragma: public');
46 // attachment, not inline
47 header("Content-Disposition: attachment; filename=\"$form_filename\"");
48 // Note we avoid providing a mime type that suggests opening the file.
49 header("Content-Type: application/octet-stream");
50 header("Content-Length: " . filesize($templatepath));
53 readfile($templatepath);
57 if (!empty($_POST['bn_delete'])) {
58 $templatepath = "$templatedir/$form_filename";
59 if (is_file($templatepath)) unlink($templatepath);
62 if (!empty($_POST['bn_upload'])) {
64 $tmp_name = $_FILES['form_file']['tmp_name'];
65 if (is_uploaded_file($tmp_name) && $_FILES['form_file']['size']) {
66 // Choose the destination path/filename.
67 $form_dest_filename = $_POST['form_dest_filename'];
68 if ($form_dest_filename == '') {
69 $form_dest_filename = $_FILES['form_file']['name'];
71 $form_dest_filename = preg_replace("/[^a-zA-Z0-9_.]/", "_", basename($form_dest_filename));
72 if ($form_dest_filename == '') {
73 die(htmlspecialchars(xl('Cannot determine a destination filename')));
75 $templatepath = "$templatedir/$form_dest_filename";
76 // If the site's template directory does not yet exist, create it.
77 if (!is_dir($templatedir)) {
80 // If the target file already exists, delete it.
81 if (is_file($templatepath)) unlink($templatepath);
82 // Put the new file in its desired location.
83 if (!move_uploaded_file($tmp_name, $templatepath)) {
84 die(htmlspecialchars(xl('Unable to create') . " '$templatepath'"));
93 <title
><?php
echo xlt('Document Template Management'); ?
></title
>
94 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
96 <style type
="text/css">
97 .dehead
{ color
:#000000; font-family:sans-serif; font-size:10pt; font-weight:bold }
98 .detail
{ color
:#000000; font-family:sans-serif; font-size:10pt; font-weight:normal }
103 <body
class="body_top">
104 <form method
='post' action
='manage_document_templates.php' enctype
='multipart/form-data'
105 onsubmit
='return top.restoreSession()'>
109 <h2
><?php
echo xlt('Document Template Management'); ?
></h2
>
112 <table border
='1' width
='95%'>
114 <tr bgcolor
='#dddddd' class='dehead'>
115 <td align
='center'><?php
echo xlt('Upload a Template'); ?
></td
>
119 <td valign
='top' class='detail' style
='padding:10pt;' nowrap
>
120 <?php
echo htmlspecialchars(xl('Source File')); ?
>:
121 <input type
="hidden" name
="MAX_FILE_SIZE" value
="250000000" />
122 <input type
="file" name
="form_file" size
="40" /> 
;
123 <?php
echo htmlspecialchars(xl('Destination Filename')) ?
>:
124 <input type
='text' name
='form_dest_filename' size
='30' />
126 <input type
='submit' name
='bn_upload' value
='<?php echo xlt('Upload
') ?>' />
134 <table border
='1' width
='95%'>
136 <tr bgcolor
='#dddddd' class='dehead'>
137 <td align
='center'><?php
echo xlt('Download or Delete a Template'); ?
></td
>
141 <td valign
='top' class='detail' style
='padding:10pt;' nowrap
>
142 <select name
='form_filename'>
144 // Generate an <option> for each existing file.
145 $dh = opendir($templatedir);
147 $templateslist = array();
148 while (false !== ($sfname = readdir($dh))) {
149 if (substr($sfname, 0, 1) == '.') continue;
150 $templateslist[$sfname] = $sfname;
153 ksort($templateslist);
154 foreach ($templateslist as $sfname) {
155 echo " <option value='" . htmlspecialchars($sfname, ENT_QUOTES
) . "'";
156 echo ">" . htmlspecialchars($sfname) . "</option>\n";
162 <input type
='submit' name
='bn_download' value
='<?php echo xlt('Download
') ?>' />
164 <input type
='submit' name
='bn_delete' value
='<?php echo xlt('Delete
') ?>' />