3 * The address book entry editor.
4 * Available from Administration->Addr Book in the concurrent layout.
6 * Copyright (C) 2006-2010, 2016 Rod Roark <rod@sunsetsystems.com>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * Improved slightly by tony@mi-squared.com 2011, added organization to view
17 * @author Rod Roark <rod@sunsetsystems.com>
18 * @link http://open-emr.org
21 //SANITIZE ALL ESCAPES
22 $sanitize_all_escapes=true;
25 //STOP FAKE REGISTER GLOBALS
26 $fake_register_globals=false;
29 require_once("../globals.php");
30 require_once("$srcdir/acl.inc");
31 require_once("$srcdir/options.inc.php");
33 $popup = empty($_GET['popup']) ?
0 : 1;
35 $form_fname = trim($_POST['form_fname']);
36 $form_lname = trim($_POST['form_lname']);
37 $form_specialty = trim($_POST['form_specialty']);
38 $form_organization = trim($_POST['form_organization']);
39 $form_abook_type = trim($_REQUEST['form_abook_type']);
40 $form_external = $_POST['form_external'] ?
1 : 0;
42 $sqlBindArray = array();
43 $query = "SELECT u.*, lo.option_id AS ab_name, lo.option_value as ab_option FROM users AS u " .
44 "LEFT JOIN list_options AS lo ON " .
45 "list_id = 'abook_type' AND option_id = u.abook_type AND activity = 1 " .
46 "WHERE u.active = 1 AND ( u.authorized = 1 OR u.username = '' ) ";
47 if ($form_organization) {
48 $query .= "AND u.organization LIKE ? ";
49 array_push($sqlBindArray,$form_organization."%");
52 $query .= "AND u.lname LIKE ? ";
53 array_push($sqlBindArray,$form_lname."%");
56 $query .= "AND u.fname LIKE ? ";
57 array_push($sqlBindArray,$form_fname."%");
59 if ($form_specialty) {
60 $query .= "AND u.specialty LIKE ? ";
61 array_push($sqlBindArray,"%".$form_specialty."%");
63 if ($form_abook_type) {
64 $query .= "AND u.abook_type LIKE ? ";
65 array_push($sqlBindArray,$form_abook_type);
68 $query .= "AND u.username = '' ";
71 $query .= "ORDER BY u.lname, u.fname, u.mname";
72 } else if ($form_organization) {
73 $query .= "ORDER BY u.organization";
75 $query .= "ORDER BY u.organization, u.lname, u.fname";
77 $query .= " LIMIT 500";
78 $res = sqlStatement($query,$sqlBindArray);
84 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
85 <title
><?php
echo xlt('Address Book'); ?
></title
>
87 <!-- style tag moved into proper CSS file
-->
91 <body
class="body_top">
93 <div id
="addressbook_list">
94 <form method
='post' action
='addrbook_list.php' onsubmit
='return top.restoreSession()'>
97 <tr
class='search'> <!-- bgcolor
='#ddddff' -->
99 <?php
echo xlt('Organization')?
>:
100 <input type
='text' name
='form_organization' size
='10' value
='<?php echo attr($_POST['form_organization
']); ?>'
101 class='inputtext' title
='<?php echo xla("All or part of the organization") ?>' /> 
;
102 <?php
echo xlt('First Name')?
>:
103 <input type
='text' name
='form_fname' size
='10' value
='<?php echo attr($_POST['form_fname
']); ?>'
104 class='inputtext' title
='<?php echo xla("All or part of the first name") ?>' /> 
;
105 <?php
echo xlt('Last Name')?
>:
106 <input type
='text' name
='form_lname' size
='10' value
='<?php echo attr($_POST['form_lname
']); ?>'
107 class='inputtext' title
='<?php echo xla("All or part of the last name") ?>' /> 
;
108 <?php
echo xlt('Specialty')?
>:
109 <input type
='text' name
='form_specialty' size
='10' value
='<?php echo attr($_POST['form_specialty
']); ?>'
110 class='inputtext' title
='<?php echo xla("Any part of the desired specialty") ?>' /> 
;
112 echo xlt('Type') . ": ";
113 // Generates a select list named form_abook_type:
114 echo generate_select_list("form_abook_type", "abook_type", $_REQUEST['form_abook_type'], '', 'All');
116 <input type
='checkbox' name
='form_external' value
='1'<?php
if ($form_external) echo ' checked'; ?
>
117 title
='<?php echo xla("Omit internal users?") ?>' />
118 <?php
echo xlt('External Only')?
> 
; 
;
119 <input type
='submit' title
='<?php echo xla("Use % alone in a field to just sort on that column") ?>' class='button' name
='form_search' value
='<?php echo xla("Search")?>' />
120 <input type
='button' class='button' value
='<?php echo xla("Add New"); ?>' onclick
='doedclick_add(document.forms[0].form_abook_type.value)' />
127 <td title
='<?php echo xla('Click to view
or edit
'); ?>'><?php
echo xlt('Organization'); ?
></td
>
128 <td
><?php
echo xlt('Name'); ?
></td
>
129 <td
><?php
echo xlt('Local'); ?
></td
><!-- empty for external
-->
130 <td
><?php
echo xlt('Type'); ?
></td
>
131 <td
><?php
echo xlt('Specialty'); ?
></td
>
132 <td
><?php
echo xlt('Phone'); ?
></td
>
133 <td
><?php
echo xlt('Mobile'); ?
></td
>
134 <td
><?php
echo xlt('Fax'); ?
></td
>
135 <td
><?php
echo xlt('Email'); ?
></td
>
136 <td
><?php
echo xlt('Street'); ?
></td
>
137 <td
><?php
echo xlt('City'); ?
></td
>
138 <td
><?php
echo xlt('State'); ?
></td
>
139 <td
><?php
echo xlt('Postal'); ?
></td
>
144 while ($row = sqlFetchArray($res)) {
146 //$bgcolor = "#" . (($encount & 1) ? "ddddff" : "ffdddd");
147 $bgclass = (($encount & 1) ?
"evenrow" : "oddrow");
148 $username = $row['username'];
149 if (! $row['active']) $username = '--';
151 $displayName = $row['fname'] . ' ' . $row['mname'] . ' ' . $row['lname']; // Person Name
152 if ($row['suffix'] >'') $displayName .=", ".$row['suffix'];
153 if ( acl_check('admin', 'practice' ) ||
(empty($username) && empty($row['ab_name'])) ) {
154 // Allow edit, since have access or (no item type and not a local user)
155 $trTitle = xl('Edit'). ' ' . $displayName;
156 echo " <tr class='detail $bgclass' style='cursor:pointer' " .
157 "onclick='doedclick_edit(" . $row['id'] . ")' title='".attr($trTitle)."'>\n";
160 // Do not allow edit, since no access and (item is a type or is a local user)
161 $trTitle = $displayName . " (" . xl("Not Allowed to Edit") . ")";
162 echo " <tr class='detail $bgclass' title='".attr($trTitle)."'>\n";
164 echo " <td>" . text($row['organization']) . "</td>\n";
165 echo " <td>" . text($displayName) . "</td>\n";
166 echo " <td>" . ($username ?
'*' : '') . "</td>\n";
167 echo " <td>" . generate_display_field(array('data_type'=>'1','list_id'=>'abook_type'),$row['ab_name']) . "</td>\n";
168 echo " <td>" . text($row['specialty']) . "</td>\n";
169 echo " <td>" . text($row['phonew1']) . "</td>\n";
170 echo " <td>" . text($row['phonecell']) . "</td>\n";
171 echo " <td>" . text($row['fax']) . "</td>\n";
172 echo " <td>" . text($row['email']) . "</td>\n";
173 echo " <td>" . text($row['street']) . "</td>\n";
174 echo " <td>" . text($row['city']) . "</td>\n";
175 echo " <td>" . text($row['state']) . "</td>\n";
176 echo " <td>" . text($row['zip']) . "</td>\n";
181 <div style
="display: none;">
182 <a
class="iframe addrbookedit_modal"></a
>
185 <?php
if ($popup) { ?
>
186 <script type
="text/javascript" src
="../../library/topdialog.js"></script
>
188 <script type
="text/javascript" src
="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script
>
190 <script language
="JavaScript">
192 <?php
if ($popup) require($GLOBALS['srcdir'] . "/restoreSession.php"); ?
>
194 // Callback from popups to refresh this display.
195 function refreshme() {
196 // location.reload();
197 document
.forms
[0].submit();
200 // Process click to pop up the add window.
201 function doedclick_add(type
) {
202 top
.restoreSession();
203 dlgopen('addrbook_edit.php?type=' + type
, '_blank', 700, 550);
206 // Process click to pop up the edit window.
207 function doedclick_edit(userid
) {
208 top
.restoreSession();
209 dlgopen('addrbook_edit.php?userid=' + userid
, '_blank', 700, 550);
212 $
(document
).ready(function(){
213 // initialise fancy box
217 $
(".addrbookedit_modal").fancybox( {
218 'overlayOpacity' : 0.0,
219 'showCloseButton' : true,