interface/language/lang_language.php

   1 <?php
   2 /**
   3  * lang_language.php script
   4  *
   5  * @package   OpenEMR
   6  * @link      http://www.open-emr.org
   7  * @author    Brady Miller <brady.g.miller@gmail.com>
   8  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
   9  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  10  */
  11
  12
  13 // Ensure this script is not called separately
  14 if ((empty($_SESSION['lang_module_unique_id'])) ||
  15     (empty($unique_id)) ||
  16     ($unique_id != $_SESSION['lang_module_unique_id'])) {
  17     die(xlt('Authentication Error'));
  18 }
  19 unset($_SESSION['lang_module_unique_id']);
  20
  21 // gacl control
  22 $thisauth = acl_check('admin', 'language');
  23 if (!$thisauth) {
  24     echo "<html>\n<body>\n";
  25     echo "<p>" . xlt('You are not authorized for this.') . "</p>\n";
  26     echo "</body>\n</html>\n";
  27     exit();
  28 }
  29
  30 if ($_POST['add']) {
  31     if (!verifyCsrfToken($_POST["csrf_token_form"])) {
  32         csrfNotVerified();
  33     }
  34
  35     //validate
  36     $pat="^[a-z]{2}\$";
  37     if (!check_pattern($_POST['lang_code'], $pat)) {
  38         echo xlt("Code must be two letter lowercase").'<br>';
  39         $err='y';
  40     }
  41
  42     $sql="SELECT * FROM lang_languages WHERE lang_code LIKE ? or lang_description LIKE ? limit 1" ;
  43     $res=SqlQuery($sql, array("%".$_POST['lang_code']."%","%".$_POST['lang_name']));
  44     if ($res) {
  45         echo xlt("Data Alike is already in database, please change code and/or description").'<br>';
  46         $err='y';
  47     }
  48
  49     if ($err=='y') {
  50         $val_lang_code=$_POST['lang_code'];
  51         $val_lang_name=$_POST['lang_name'];
  52     } else {
  53             //insert into the main table
  54         $sql="INSERT INTO lang_languages SET lang_code=?, lang_description=?";
  55         SqlStatement($sql, array($_POST['lang_code'],$_POST['lang_name']));
  56
  57         //insert into the log table - to allow persistant customizations
  58         insert_language_log($_POST['lang_name'], $_POST['lang_code'], '', '');
  59
  60             echo xlt('Language definition added').'<br>';
  61     }
  62 }
  63
  64 ?>
  65
  66 <TABLE>
  67 <FORM name="lang_form" METHOD=POST ACTION="?m=language&csrf_token_form=<?php echo attr_url(collectCsrfToken()); ?>" onsubmit="return top.restoreSession()">
  68 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
  69 <TR>
  70     <TD><?php  echo xlt('Language Code'); ?>:</TD>
  71     <TD><INPUT TYPE="text" NAME="lang_code" size="2" maxlength="2" value="<?php echo attr($val_lang_code); ?>"></TD>
  72 </TR>
  73 <TR>
  74     <TD><?php  echo xlt('Language Name'); ?>:</TD>
  75     <TD><INPUT TYPE="text" NAME="lang_name" size="24" value="<?php echo attr($val_lang_name); ?>"></TD>
  76 </TR>
  77 <TR>
  78     <TD></TD>
  79     <TD><INPUT TYPE="submit" name="add" value="<?php echo xla('Add'); ?>"></TD>
  80 </TR>
  81 </FORM>
  82 </TABLE>