search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
consolidate attr_url function (#2143)
[openemr.git] / interface / language / lang_definition.php
blob75f909e3e3e1e5abb610b6477d9cef7b8c85e0fe
1 <?php
2 /**
3 * lang_definition.php
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author bradymiller <bradymiller>
8 * @author sunsetsystems <sunsetsystems>
9 * @author andres_paglayan <andres_paglayan>
10 * @author Wakie87 <scott@npclinics.com.au>
11 * @author Robert Down <robertdown@live.com>
12 * @copyright Copyright (c) 2010-2018 bradymiller <bradymiller>
13 * @copyright Copyright (c) 2008-2009 sunsetsystems <sunsetsystems>
14 * @copyright Copyright (c) 2005 andres_paglayan <andres_paglayan>
15 * @copyright Copyright (c) 2016 Wakie87 <scott@npclinics.com.au>
16 * @copyright Copyright (c) 2017 Robert Down <robertdown@live.com>
17 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
18 */
19
20 // Ensure this script is not called separately
21 if ((empty($_SESSION['lang_module_unique_id'])) ||
22 (empty($unique_id)) ||
23 ($unique_id != $_SESSION['lang_module_unique_id'])) {
24 die(xlt('Authentication Error'));
25 }
26 unset($_SESSION['lang_module_unique_id']);
27
28 // gacl control
29 $thisauth = acl_check('admin', 'language');
30 if (!$thisauth) {
31 echo "<html>\n<body>\n";
32 echo "<p>" . xlt('You are not authorized for this.') . "</p>\n";
33 echo "</body>\n</html>\n";
34 exit();
35 }
36
37 ?>
38
39 <table>
40 <form name='filterform' id='filterform' method='post' action='?m=definition&csrf_token_form=<?php echo attr_url(collectCsrfToken()); ?>' onsubmit="return top.restoreSession()">
41 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
42
43 <tr>
44 <td><?php echo xlt('Filter for Constants'); ?>:</td>
45 <td><input type='text' name='filter_cons' size='8' value='<?php echo attr($_POST['filter_cons']); ?>' />
46 <span class="text"><?php echo xlt('(% matches any string, _ matches any character)'); ?></span></td>
47 </tr>
48 <tr>
49 <td><?php echo xlt('Filter for Definitions'); ?>:</td>
50 <td><input type='text' name='filter_def' size='8' value='<?php echo attr($_POST['filter_def']); ?>' />
51 <span class="text"><?php echo xlt('(% matches any string, _ matches any character)'); ?></span></td>
52 </tr>
53 <tr>
54 <td><?php echo xlt('Select Language').":"; ?></td>
55 <td>
56 <select name='language_select'>
57 <?php
58 // sorting order of language titles depends on language translation options.
59 $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
60 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
61 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
62 $res=SqlStatement($sql);
63 } else {
64 // Use and sort by the translated language name.
65 $sql = "SELECT ll.lang_id, " .
66 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS lang_description " .
67 "FROM lang_languages AS ll " .
68 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
69 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
70 "ld.lang_id=? " .
71 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
72 $res=SqlStatement($sql, array($mainLangID));
73 }
74
75 // collect the default selected language id, and then display list
76 $tempLangID = isset($_POST['language_select']) ? $_POST['language_select'] : $mainLangID;
77 while ($row=SqlFetchArray($res)) {
78 if ($tempLangID == $row['lang_id']) {
79 echo "<option value='" . attr($row['lang_id']) . "' selected>" . text($row['lang_description']) . "</option>";
80 } else {
81 echo "<option value='" . attr($row['lang_id']) . "'>" . text($row['lang_description']) . "</option>";
82 }
83 }
84 ?>
85 </select>
86 </td>
87 </tr>
88 <tr>
89 <td colspan=2><INPUT TYPE="submit" name="edit" value="<?php echo xla('Search'); ?>"></td>
90 </tr>
91 </form>
92 </table>
93 <br>
94 <?php
95
96 // set up the mysql collation string to ensure case is sensitive (or insensitive) in the mysql queries
97 if (!$disable_utf8_flag) {
98 $case_sensitive_collation = "COLLATE utf8_bin";
99 $case_insensitive_collation = "COLLATE utf8_general_ci";
100 } else {
101 $case_sensitive_collation = "COLLATE latin_bin";
102 $case_insensitive_collation = "COLLATE latin1_swedish_ci";
103 }
104
105 if ($_POST['load']) {
106 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
107 csrfNotVerified();
108 }
109
110 // query for entering new definitions it picks the cons_id because is existant.
111 if (!empty($_POST['cons_id'])) {
112 foreach ($_POST['cons_id'] as $key => $value) {
113 $value = trim($value);
114
115 // do not create new blank definitions
116 if ($value == "") {
117 continue;
118 }
119
120 // insert into the main language tables
121 $sql = "INSERT INTO lang_definitions (`cons_id`,`lang_id`,`definition`) VALUES (?,?,?)";
122 SqlStatement($sql, array($key, $_POST['lang_id'], $value));
123
124 // insert each entry into the log table - to allow persistant customizations
125 $sql = "SELECT lang_description, lang_code FROM lang_languages WHERE lang_id=? LIMIT 1";
126 $res = SqlStatement($sql, array($_POST['lang_id']));
127 $row_l = SqlFetchArray($res);
128 $sql = "SELECT constant_name FROM lang_constants WHERE cons_id=? LIMIT 1";
129 $res = SqlStatement($sql, array($key));
130 $row_c = SqlFetchArray($res);
131 insert_language_log($row_l['lang_description'], $row_l['lang_code'], $row_c['constant_name'], $value);
132
133 $go = 'yes';
134 }
135 }
136
137 // query for updating preexistant definitions uses def_id because there is no def yet.
138 // echo ('<pre>'); print_r($_POST['def_id']); echo ('</pre>');
139 if (!empty($_POST['def_id'])) {
140 foreach ($_POST['def_id'] as $key => $value) {
141 $value = trim($value);
142
143 // only continue if the definition is new
144 $sql = "SELECT * FROM lang_definitions WHERE def_id=? AND definition=? ".$case_sensitive_collation;
145 $res_test = SqlStatement($sql, array($key, $value));
146 if (!SqlFetchArray($res_test)) {
147 // insert into the main language tables
148 $sql = "UPDATE `lang_definitions` SET `definition`=? WHERE `def_id`=? LIMIT 1";
149 SqlStatement($sql, array($value, $key));
150
151 // insert each entry into the log table - to allow persistant customizations
152 $sql = "SELECT ll.lang_description, ll.lang_code, lc.constant_name ";
153 $sql .= "FROM lang_definitions AS ld, lang_languages AS ll, lang_constants AS lc ";
154 $sql .= "WHERE ld.def_id=? ";
155 $sql .= "AND ll.lang_id = ld.lang_id AND lc.cons_id = ld.cons_id LIMIT 1";
156 $res = SqlStatement($sql, array($key));
157 $row = SqlFetchArray($res);
158 insert_language_log($row['lang_description'], $row['lang_code'], $row['constant_name'], $value);
159
160 $go = 'yes';
161 }
162 }
163 }
164
165 if ($go=='yes') {
166 echo xlt("New Definition set added");
167 }
168 }
169
170 if ($_POST['edit']) {
171 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
172 csrfNotVerified();
173 }
174
175 if ($_POST['language_select'] == '') {
176 exit(xlt("Please select a language"));
177 }
178
179 $lang_id = isset($_POST['language_select']) ? $_POST['language_select'] : '';
180 $lang_id = (int)$lang_id;
181
182 $lang_filter = isset($_POST['filter_cons']) ? $_POST['filter_cons'] : '';
183 $lang_filter .= '%';
184 $lang_filter_def = isset($_POST['filter_def']) ? $_POST['filter_def'] : '';
185 $lang_filter_def .= '%';
186
187 $bind_sql_array = array();
188 array_push($bind_sql_array, $lang_filter);
189 $sql = "SELECT lc.cons_id, lc.constant_name, ld.def_id, ld.definition, ld.lang_id " .
190 "FROM lang_definitions AS ld " .
191 "RIGHT JOIN ( lang_constants AS lc, lang_languages AS ll ) ON " .
192 "( lc.cons_id = ld.cons_id AND ll.lang_id = ld.lang_id ) " .
193 "WHERE lc.constant_name ".$case_insensitive_collation." LIKE ? AND ( ll.lang_id = 1 ";
194 if ($lang_id != 1) {
195 array_push($bind_sql_array, $lang_id);
196 $sql .= "OR ll.lang_id=? ";
197 $what = "SELECT * from lang_languages where lang_id=? LIMIT 1";
198 $res = SqlStatement($what, array($lang_id));
199 $row = SqlFetchArray($res);
200 $lang_name = $row['lang_description'];
201 }
202
203 $sql .= ") ORDER BY lc.constant_name ".$case_insensitive_collation;
204 $res = SqlStatement($sql, $bind_sql_array);
205
206 $isResults = false; //flag to record whether there are any results
207 echo ('<table><FORM METHOD=POST ACTION="?m=definition&csrf_token_form=' . attr_url(collectCsrfToken()) . '" onsubmit="return top.restoreSession()">');
208 echo ('<input type="hidden" name="csrf_token_form" value="' . attr(collectCsrfToken()) . '" />');
209 // only english definitions
210 if ($lang_id==1) {
211 while ($row=SqlFetchArray($res)) {
212 $isShow = false; //flag if passes the definition filter
213 $stringTemp = '<tr><td>'.text($row['constant_name']).'</td>';
214 // if there is no definition
215 if (empty($row['def_id'])) {
216 $cons_name = "cons_id[" . $row['cons_id'] . "]";
217 if ($lang_filter_def=='%') {
218 $isShow = true;
219 }
220
221 // if there is a previous definition
222 } else {
223 $cons_name = "def_id[" . $row['def_id'] . "]";
224 $sql = "SELECT definition FROM lang_definitions WHERE def_id=? AND definition LIKE ?";
225 $res2 = SqlStatement($sql, array($row['def_id'], $lang_filter_def));
226 if (SqlFetchArray($res2)) {
227 $isShow = true;
228 }
229 }
230
231 $stringTemp .= '<td><INPUT TYPE="text" size="50" NAME="' . attr($cons_name) . '" value="' . attr($row['definition']) . '">';
232 $stringTemp .= '</td><td></td></tr>';
233 if ($isShow) {
234 //definition filter passed, so show
235 echo $stringTemp;
236 $isResults = true;
237 }
238 }
239
240 echo ('<INPUT TYPE="hidden" name="lang_id" value="'.attr($lang_id).'">');
241 // english plus the other
242 } else {
243 while ($row=SqlFetchArray($res)) {
244 if (!empty($row['lang_id']) && $row['lang_id'] != '1') {
245 // This should not happen, if it does that must mean that this
246 // constant has more than one definition for the same language!
247 continue;
248 }
249
250 $isShow = false; //flag if passes the definition filter
251 $stringTemp = '<tr><td>'.text($row['constant_name']).'</td>';
252 if ($row['definition']=='' or $row['definition']=='NULL') {
253 $def=" " ;
254 } else {
255 $def=$row['definition'];
256 }
257
258 $stringTemp .= '<td>'.text($def).'</td>';
259 $row=SqlFetchArray($res); // jump one to get the second language selected
260 if ($row['def_id']=='' or $row['def_id']=='NULL') {
261 $cons_name="cons_id[".$row['cons_id']."]";
262 if ($lang_filter_def=='%') {
263 $isShow = true;
264 }
265
266 // if there is a previous definition
267 } else {
268 $cons_name="def_id[".$row['def_id']."]";
269 ;
270 $sql = "SELECT definition FROM lang_definitions WHERE def_id=? AND definition LIKE ?";
271 $res2 = SqlStatement($sql, array($row['def_id'], $lang_filter_def));
272 if (SqlFetchArray($res2)) {
273 $isShow = true;
274 }
275 }
276
277 $stringTemp .= '<td><INPUT TYPE="text" size="50" NAME="'.attr($cons_name).'" value="'.attr($row['definition']).'">';
278 $stringTemp .='</td></tr>';
279 if ($isShow) {
280 //definition filter passed, so show
281 echo $stringTemp;
282 $isResults = true;
283 }
284 }
285
286 echo ('<INPUT TYPE="hidden" name="lang_id" value="'.attr($lang_id).'">');
287 }
288
289 if ($isResults) {
290 echo ('<tr><td colspan=3><INPUT TYPE="submit" name="load" Value="' . xla('Load Definitions') . '"></td></tr>');
291 ?>
292 <INPUT TYPE="hidden" name="filter_cons" value="<?php echo attr($_POST['filter_cons']); ?>">
293 <INPUT TYPE="hidden" name="filter_def" value="<?php echo attr($_POST['filter_def']); ?>">
294 <INPUT TYPE="hidden" name="language_select" value="<?php echo attr($_POST['language_select']); ?>">
295 <?php
296 } else {
297 echo xlt('No Results Found For Search');
298 }
299
300 echo ('</FORM></table>');
301 }
302
303 ?>
Mirror of official OpenEMR Sourceforge repository