search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
feat: expose suffix and valedictory in user admin and esign (#6814)
[openemr.git] / interface / usergroup / user_admin.php
blob23425c318de6c98ac3593d8f638328af18682104
1 <?php
2
3 /**
4 * Edit user.
5 *
6 * @package OpenEMR
7 * @link http://www.open-emr.org
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @author Rod Roark <rod@sunsetsystems.com>
10 * @author Daniel Pflieger <daniel@mi-squared.com> <daniel@growlingflea.com>
11 * @author Ken Chapple <ken@mi-squared.com>
12 * @copyright Copyright (c) 2018-2019 Brady Miller <brady.g.miller@gmail.com>
13 * @copyright Copyright (c) 2021 Daniel Pflieger <daniel@mi-squared.com> <daniel@growlingflea.com>
14 * @copyright Copyright (c) 2021 Ken Chapple <ken@mi-squared.com>
15 * @copyright Copyright (c) 2021 Rod Roark <rod@sunsetsystems.com>
16 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
17 */
18
19 require_once("../globals.php");
20 require_once("$srcdir/calendar.inc.php");
21 require_once("$srcdir/options.inc.php");
22
23 use OpenEMR\Common\Acl\AclExtended;
24 use OpenEMR\Common\Acl\AclMain;
25 use OpenEMR\Common\Csrf\CsrfUtils;
26 use OpenEMR\Common\Twig\TwigContainer;
27 use OpenEMR\Core\Header;
28 use OpenEMR\Menu\MainMenuRole;
29 use OpenEMR\Menu\PatientMenuRole;
30 use OpenEMR\Services\FacilityService;
31 use OpenEMR\Services\UserService;
32 use OpenEMR\Events\User\UserEditRenderEvent;
33
34 if (!empty($_GET)) {
35 if (!CsrfUtils::verifyCsrfToken($_GET["csrf_token_form"])) {
36 CsrfUtils::csrfNotVerified();
37 }
38 }
39
40 $facilityService = new FacilityService();
41
42 if (!AclMain::aclCheckCore('admin', 'users')) {
43 echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Edit User")]);
44 exit;
45 }
46
47 if (!$_GET["id"]) {
48 exit();
49 }
50
51 $res = sqlStatement("select * from users where id=?", array($_GET["id"]));
52 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
53 $result[$iter] = $row;
54 }
55
56 $iter = $result[0];
57 ?>
58
59 <html>
60 <head>
61
62 <?php Header::setupHeader(['common','opener', 'erx']); ?>
63
64 <script src="checkpwd_validation.js"></script>
65
66 <!-- validation library -->
67 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
68 <?php $use_validate_js = 1;?>
69 <?php require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?>
70 <?php
71 //Gets validation rules from Page Validation list.
72 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
73 $collectthis = collectValidationPageRules("/interface/usergroup/user_admin.php");
74 if (empty($collectthis)) {
75 $collectthis = "undefined";
76 } else {
77 $collectthis = json_sanitize($collectthis["user_form"]["rules"]);
78 }
79 ?>
80
81 <script>
82
83 /*
84 * validation on the form with new client side validation (using validate.js).
85 * this enable to add new rules for this form in the pageValidation list.
86 * */
87 var collectvalidation = <?php echo $collectthis; ?>;
88
89 function checkChange()
90 {
91 alert(<?php echo xlj('If you change e-RX Role for ePrescription, it may affect the ePrescription workflow. If you face any difficulty, contact your ePrescription vendor.'); ?>);
92 }
93 function submitform() {
94
95 var valid = submitme(1, undefined, 'user_form', collectvalidation);
96 if (!valid) return;
97
98 top.restoreSession();
99 var flag=0;
100 <?php if (empty($GLOBALS['gbl_ldap_enabled']) || empty($GLOBALS['gbl_ldap_exclusions'])) { ?>
101 if(document.forms[0].clearPass.value!="")
102 {
103 //Checking for the strong password if the 'secure password' feature is enabled
104 if(document.forms[0].secure_pwd.value === 1)
105 {
106 var pwdresult = passwordvalidate(document.forms[0].clearPass.value);
107 if(pwdresult == 0) {
108 flag=1;
109 alert(<?php echo xlj('The password must be at least eight characters, and should'); ?> +
110 '\n' +
111 <?php echo xlj('contain at least three of the four following items:'); ?> +
112 '\n' +
113 <?php echo xlj('A number'); ?> +
114 '\n' +
115 <?php echo xlj('A lowercase letter'); ?> +
116 '\n' +
117 <?php echo xlj('An uppercase letter'); ?> +
118 '\n' +
119 <?php echo xlj('A special character'); ?> +
120 '\n' +
121 '(' +
122 <?php echo xlj('not a letter or number'); ?> +
123 ').' +
124 '\n' +
125 <?php echo xlj('For example:'); ?> +
126 ' healthCare@09');
127 return false;
128 }
129 }
130
131 }//If pwd null ends here
132 <?php } ?>
133 if (document.forms[0].access_group_id) {
134 var sel = getSelected(document.forms[0].access_group_id.options);
135 for (var item in sel) {
136 if (sel[item].value == "Emergency Login") {
137 document.forms[0].check_acl.value = 1;
138 }
139 }
140 }
141
142 <?php if ($GLOBALS['erx_enable']) { ?>
143 alertMsg='';
144 f=document.forms[0];
145 for(i=0;i<f.length;i++){
146 if(f[i].type=='text' && f[i].value)
147 {
148 if(f[i].name == 'fname' || f[i].name == 'mname' || f[i].name == 'lname')
149 {
150 alertMsg += checkLength(f[i].name,f[i].value,35);
151 alertMsg += checkUsername(f[i].name,f[i].value);
152 }
153 else if(f[i].name == 'taxid')
154 {
155 alertMsg += checkLength(f[i].name,f[i].value,10);
156 alertMsg += checkFederalEin(f[i].name,f[i].value);
157 }
158 else if(f[i].name == 'state_license_number')
159 {
160 alertMsg += checkLength(f[i].name,f[i].value,10);
161 alertMsg += checkStateLicenseNumber(f[i].name,f[i].value);
162 }
163 else if(f[i].name == 'npi')
164 {
165 alertMsg += checkLength(f[i].name,f[i].value,10);
166 alertMsg += checkTaxNpiDea(f[i].name,f[i].value);
167 }
168 else if(f[i].name == 'drugid')
169 {
170 alertMsg += checkLength(f[i].name,f[i].value,30);
171 alertMsg += checkAlphaNumeric(f[i].name,f[i].value);
172 }
173 }
174 }
175 if(alertMsg)
176 {
177 alert(alertMsg);
178 return false;
179 }
180 <?php } ?>
181
182 if (flag === 0) {
183 let post_url = $("#user_form").attr("action");
184 let request_method = $("#user_form").attr("method");
185 let form_data = $("#user_form").serialize();
186 // submit form
187 $.ajax({
188 url: post_url,
189 type: request_method,
190 data: form_data
191 }).done(function (r) {
192 if (r) {
193 alert(r);
194 } else {
195 dlgclose('reload', false);
196 }
197 });
198 return false;
199 }
200 }
201 //Getting the list of selected item in ACL
202 function getSelected(opt) {
203 var selected = new Array();
204 var index = 0;
205 for (var intLoop = 0; intLoop < opt.length; intLoop++) {
206 if ((opt[intLoop].selected) ||
207 (opt[intLoop].checked)) {
208 index = selected.length;
209 selected[index] = new Object;
210 selected[index].value = opt[intLoop].value;
211 selected[index].index = intLoop;
212 }
213 }
214 return selected;
215 }
216
217 function authorized_clicked() {
218 var f = document.forms[0];
219 f.calendar.disabled = !f.authorized.checked;
220 f.calendar.checked = f.authorized.checked;
221 }
222
223 function toggle_password() {
224 var x = document.getElementById("clearPass");
225 if (x.type === "password") {
226 x.type = "text";
227 } else {
228 x.type = "password";
229 }
230 }
231 </script>
232 <style>
233 .physician_type_class{
234 width: 150px !important;
235 }
236 #main_menu_role {
237 width: 120px !important;
238 }
239 </style>
240 </head>
241 <body class="body_top">
242
243 <div class="container">
244 <?php
245 /* Get the list ACL for the user */
246 $is_super_user = AclMain::aclCheckCore('admin', 'super');
247 $acl_name = AclExtended::aclGetGroupTitles($iter["username"]);
248 $bg_name = '';
249 if (is_countable($acl_name)) {
250 $bg_count = count($acl_name);
251 $selected_user_is_superuser = false;
252 for ($i = 0; $i < $bg_count; $i++) {
253 if ($acl_name[$i] == "Emergency Login") {
254 $bg_name = $acl_name[$i];
255 }
256 //check if user member on group with superuser rule
257 if (AclExtended::isGroupIncludeSuperuser($acl_name[$i])) {
258 $selected_user_is_superuser = true;
259 }
260 }
261 }
262 $disabled_save = !$is_super_user && $selected_user_is_superuser ? 'disabled' : '';
263 ?>
264 <table><tr><td>
265 <span class="title"><?php echo xlt('Edit User'); ?></span>&nbsp;
266 </td><td>
267 <a class="btn btn-secondary btn-save" name='form_save' id='form_save' href='#' onclick='return submitform()' <?php echo $disabled_save; ?>> <span><?php echo xlt('Save');?></span> </a>
268 <a class="btn btn-link btn-cancel" id='cancel' href='#'><span><?php echo xlt('Cancel');?></span></a>
269 </td></tr>
270 </table>
271 <br />
272 <FORM NAME="user_form" id="user_form" METHOD="POST" ACTION="usergroup_admin.php">
273 <input type="hidden" name="csrf_token_form" value="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
274
275 <input type=hidden name="pre_active" value="<?php echo attr($iter["active"]); ?>" >
276 <input type=hidden name="get_admin_id" value="<?php echo attr($GLOBALS['Emergency_Login_email']); ?>" >
277 <input type=hidden name="admin_id" value="<?php echo attr($GLOBALS['Emergency_Login_email_id']); ?>" >
278 <input type=hidden name="check_acl" value="">
279 <input type=hidden name="user_type" value="<?php echo attr($bg_name); ?>" >
280
281 <TABLE border=0 cellpadding=0 cellspacing=0>
282 <tr>
283 <td colspan="4">
284 <?php
285 // TODO: we eventually want to move to a responsive layout and not use tables here. So we are going to give
286 // module writers the ability to inject divs, tables, or whatever inside the cell instead of having them
287 // generate additional rows / table columns which locks us into that format.
288 $preRenderEvent = new UserEditRenderEvent('user_admin.php', $_GET['id']);
289 $GLOBALS['kernel']->getEventDispatcher()->dispatch($preRenderEvent, UserEditRenderEvent::EVENT_USER_EDIT_RENDER_BEFORE);
290 ?>
291 </td>
292 </tr>
293 <TR>
294 <TD style="width:180px;"><span class=text><?php echo xlt('Username'); ?>: </span></TD>
295 <TD style="width:270px;"><input type="text" name=username style="width:150px;" class="form-control" value="<?php echo attr($iter["username"]); ?>" disabled></td>
296 <?php if (empty($GLOBALS['gbl_ldap_enabled']) || empty($GLOBALS['gbl_ldap_exclusions'])) { ?>
297 <TD style="width:200px;"><span class=text>*<?php echo xlt('Your Password'); ?>*: </span></TD>
298 <TD class='text' style="width:280px;"><input type='password' name=adminPass style="width:150px;" class="form-control" value="" autocomplete='off'><font class="mandatory"></font></TD>
299 <?php } ?>
300 </TR>
301 <?php if (empty($GLOBALS['gbl_ldap_enabled']) || empty($GLOBALS['gbl_ldap_exclusions'])) { ?>
302 <TR>
303 <TD style="width:180px;"><span class=text></span></TD>
304 <TD style="width:270px;"></td>
305 <TD style="width:200px;"><span class=text><?php echo xlt('User\'s New Password'); ?>: </span></TD>
306 <TD class='text' style="width:280px;">
307 <input type='password' id=clearPass name=clearPass style="width:150px;" class="form-control" value="">
308 <input type="checkbox" id="togglePass" name="togglePass" onclick="toggle_password()" style="margin: .5rem 0 1rem;">
309 <label for="togglePass"><?php echo xlt('Show Password'); ?></label>
310 <font class="mandatory"></font>
311 </td>
312 </TR>
313 <?php } ?>
314
315 <TR height="30" style="valign:middle;">
316 <td class='text'>
317 <?php echo xlt('Clear 2FA'); ?>:
318 </td>
319 <td title='<?php echo xla('Remove multi-factor authentications for this person.'); ?>'>
320 <input type="checkbox" name="clear_2fa" value='1' />
321 </td>
322 <td colspan="2"><span class=text><?php echo xlt('Provider'); ?>:
323 <input type="checkbox" name="authorized" onclick="authorized_clicked()"<?php
324 if ($iter["authorized"]) {
325 echo " checked";
326 } ?> /></span>
327 <span class='text'><?php echo xlt('Calendar'); ?>:
328 <input type="checkbox" name="calendar"<?php
329 if ($iter["calendar"]) {
330 echo " checked";
331 }
332 if (!$iter["authorized"]) {
333 echo " disabled";
334 } ?> /></span>
335 <span class=text><?php echo xlt('Portal'); ?>:
336 <input type="checkbox" name="portal_user" <?php
337 if ($iter["portal_user"]) {
338 echo " checked";
339 } ?> /></span>
340 <span class='text'><?php echo xlt('Active'); ?>:
341 <input type="checkbox" name="active"<?php echo ($iter["active"]) ? " checked" : ""; ?>/></span>
342 </TD>
343 </TR>
344
345 <TR>
346 <TD><span class=text><?php echo xlt('First Name'); ?>: </span></TD>
347 <TD><input type="text" name=fname id=fname style="width:150px;" class="form-control" value="<?php echo attr($iter["fname"]); ?>"><span class="mandatory"></span></td>
348 <td><span class=text><?php echo xlt('Middle Name'); ?>: </span></TD><td><input type="text" name=mname style="width:150px;" value="<?php echo attr($iter["mname"]); ?>"></td>
349 </TR>
350
351 <TR>
352 <td><span class=text><?php echo xlt('Last Name'); ?>: </span></td><td><input type="text" name=lname id=lname style="width:150px;" class="form-control" value="<?php echo attr($iter["lname"]); ?>"><span class="mandatory"></span></td>
353 <td><span class=text><?php echo xlt('Suffix'); ?>: </span></td><td><input type="text" name=suffix id=suffix style="width:150px;" class="form-control" value="<?php echo attr($iter["suffix"]); ?>"></td>
354 </tr>
355 <tr>
356 <td><span class=text><?php echo xlt('Valedictory'); ?>: </span></td><td><input type="text" name=valedictory id=valedictory style="width:150px;" class="form-control" value="<?php echo attr($iter["valedictory"]); ?>"></td>
357 <td><span class=text><?php echo xlt('Default Facility'); ?>: </span></td><td><select name=facility_id style="width:150px;" class="form-control">
358 <?php
359 $fres = $facilityService->getAllServiceLocations();
360 if ($fres) {
361 for ($iter2 = 0; $iter2 < sizeof($fres); $iter2++) {
362 $result[$iter2] = $fres[$iter2];
363 }
364
365 foreach ($result as $iter2) {
366 ?>
367 <option value="<?php echo attr($iter2['id']); ?>" <?php if ($iter['facility_id'] == $iter2['id']) {
368 echo "selected";
369 } ?>><?php echo text($iter2['name']); ?></option>
370 <?php
371 }
372 }
373 ?>
374 </select></td>
375
376 </tr>
377
378 <?php if ($GLOBALS['restrict_user_facility']) { ?>
379 <tr>
380 <td colspan=2>&nbsp;</td>
381 <td><span class=text><?php echo xlt('Schedule Facilities:');?></td>
382 <td>
383 <select name="schedule_facility[]" multiple style="width:150px;" class="form-control">
384 <?php
385 $userFacilities = getUserFacilities($_GET['id']);
386 $ufid = array();
387 foreach ($userFacilities as $uf) {
388 $ufid[] = $uf['id'];
389 }
390
391 $fres = $facilityService->getAllServiceLocations();
392 if ($fres) {
393 foreach ($fres as $frow) :
394 ?>
395 <option <?php echo in_array($frow['id'], $ufid) || $frow['id'] == $iter['facility_id'] ? "selected" : null ?>
396 class="form-control" value="<?php echo attr($frow['id']); ?>"><?php echo text($frow['name']) ?></option>
397 <?php
398 endforeach;
399 }
400 ?>
401 </select>
402 </td>
403 </tr>
404 <?php } ?>
405
406 <TR>
407 <TD><span class=text><?php echo xlt('Federal Tax ID'); ?>: </span></TD><TD><input type=text name=taxid style="width:150px;" class="form-control" value="<?php echo attr($iter["federaltaxid"]); ?>"></td>
408 <TD><span class=text><?php echo xlt('DEA Number'); ?>: </span></TD><TD><input type=text name=drugid style="width:150px;" class="form-control" value="<?php echo attr($iter["federaldrugid"]); ?>"></td>
409 </TR>
410
411 <tr>
412 <td><span class="text"><?php echo xlt('UPIN'); ?>: </span></td><td><input type="text" name="upin" style="width:150px;" class="form-control" value="<?php echo attr($iter["upin"]); ?>"></td>
413 <td class='text'><?php echo xlt('See Authorizations'); ?>: </td>
414 <td><select name="see_auth" style="width:150px;" class="form-control" >
415 <?php
416 foreach (array(1 => xl('None{{Authorization}}'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
417 echo " <option value='" . attr($key) . "'";
418 if ($key == $iter['see_auth']) {
419 echo " selected";
420 }
421
422 echo ">" . text($value) . "</option>\n";
423 }
424 ?>
425 </select></td>
426 </tr>
427
428 <tr>
429 <td><span class="text"><?php echo xlt('NPI'); ?>: </span></td><td><input type="text" name="npi" style="width:150px;" class="form-control" value="<?php echo attr($iter["npi"]); ?>"></td>
430 <td><span class="text"><?php echo xlt('Job Description'); ?>: </span></td><td><input type="text" name="job" style="width:150px;" class="form-control" value="<?php echo attr($iter["specialty"]); ?>"></td>
431 </tr>
432
433 <tr>
434 <td><span class="text"><?php echo xlt('Taxonomy'); ?>: </span></td>
435 <td><input type="text" name="taxonomy" style="width:150px;" class="form-control" value="<?php echo attr($iter["taxonomy"]); ?>"></td>
436 <td><span class="text"><?php echo xlt('Supervisor'); ?>: </span></td>
437 <td>
438 <select name="supervisor_id" style="width:150px;" class="form-control">
439 <option value=""><?php echo xlt("Select Supervisor") ?></option>
440 <?php
441 $userService = new UserService();
442 $users = $userService->getActiveUsers();
443 foreach ($users as $activeUser) {
444 $p_id = (int)$activeUser['id'];
445 if ($activeUser['authorized'] != 1) {
446 continue;
447 }
448 echo "<option value='" . attr($p_id) . "'";
449 if ((int)$iter["supervisor_id"] === $p_id) {
450 echo " selected";
451 }
452 echo ">" . text($activeUser['lname']) . ' ' .
453 text($activeUser['fname']) . ' ' . text($activeUser['mname']) . "</option>\n";
454 }
455 ?>
456 </select>
457 </td>
458 </tr>
459
460 <tr>
461 <td><span class="text"><?php echo xlt('State License Number'); ?>: </span></td>
462 <td><input type="text" name="state_license_number" style="width:150px;" class="form-control" value="<?php echo attr($iter["state_license_number"]); ?>"></td>
463 <td class='text'><?php echo xlt('NewCrop eRX Role'); ?>:</td>
464 <td>
465 <?php echo generate_select_list("erxrole", "newcrop_erx_role", $iter['newcrop_user_role'], '', xl('Select Role'), '', '', '', array('style' => 'width:150px')); ?>
466 </td>
467 </tr>
468 <tr>
469 <td><span class="text"><?php echo xlt('Weno Provider ID'); ?>: </span></td><td><input type="text" name="erxprid" style="width:150px;" class="form-control" value="<?php echo attr($iter["weno_prov_id"]); ?>"></td>
470 <td><span class="text"><?php echo xlt('Google Email for Login'); ?>: </span></td><td><input type="text" name="google_signin_email" style="width:150px;" class="form-control" value="<?php echo attr($iter["google_signin_email"]); ?>"></td>
471 </tr>
472
473 <tr>
474 <td><span class="text"><?php echo xlt('Provider Type'); ?>: </span></td>
475 <td><?php echo generate_select_list("physician_type", "physician_type", $iter['physician_type'], '', xl('Select Type'), 'physician_type_class', '', '', ''); ?></td>
476 </tr>
477 <tr>
478 <td>
479 <span class="text"><?php echo xlt('Main Menu Role'); ?>: </span>
480 </td>
481 <td>
482 <?php
483 $menuMain = new MainMenuRole($GLOBALS['kernel']->getEventDispatcher());
484 echo $menuMain->displayMenuRoleSelector($iter["main_menu_role"]);
485 ?>
486 </td>
487 <td>
488 <span class="text"><?php echo xlt('Patient Menu Role'); ?>: </span>
489 </td>
490 <td>
491 <?php
492 $menuPatient = new PatientMenuRole();
493 echo $menuPatient->displayMenuRoleSelector($iter["patient_menu_role"]);
494 ?>
495 </td>
496
497 </tr>
498 <?php if (!empty($GLOBALS['inhouse_pharmacy'])) { ?>
499 <tr>
500 <td class="text"><?php echo xlt('Default Warehouse'); ?>: </td>
501 <td class='text'>
502 <?php
503 echo generate_select_list(
504 'default_warehouse',
505 'warehouse',
506 $iter['default_warehouse'],
507 ''
508 );
509 ?>
510 </td>
511
512 <?php if (!empty($GLOBALS['inhouse_pharmacy'])) { ?>
513 <td class="text"><?php echo xlt('Invoice Refno Pool'); ?>: </td>
514 <td class='text'>
515 <?php
516 echo generate_select_list(
517 'irnpool',
518 'irnpool',
519 $iter['irnpool'],
520 xl('Invoice reference number pool, if used')
521 );
522 ?>
523 </td>
524 <?php } else { ?>
525 <td class="text" colspan="2">&nbsp;</td>
526 <?php } ?>
527
528 </tr>
529 <?php } ?>
530
531 <!-- facility and warehouse restrictions, optional -->
532 <?php if (!empty($GLOBALS['gbl_fac_warehouse_restrictions']) || !empty($GLOBALS['restrict_user_facility'])) { ?>
533 <tr title="<?php echo xla('If nothing is selected here then all are permitted.'); ?>">
534 <td class="text"><?php echo !empty($GLOBALS['gbl_fac_warehouse_restrictions']) ?
535 xlt('Facility and warehouse permissions') : xlt('Facility permissions'); ?>:</td>
536 <td colspan="3">
537 <select name="schedule_facility[]" multiple style="width:490px;">
538 <?php
539 $userFacilities = getUserFacilities($_GET['id'], 'id', $GLOBALS['gbl_fac_warehouse_restrictions']);
540 $ufid = array();
541 foreach ($userFacilities as $uf) {
542 $ufid[] = $uf['id'];
543 }
544 $fres = sqlStatement("select * from facility order by name");
545 if ($fres) {
546 while ($frow = sqlFetchArray($fres)) {
547 // Get the warehouses that are linked to this user and facility.
548 $whids = getUserFacWH($_GET['id'], $frow['id']); // from calendar.inc.php
549 // Generate an option for just the facility with no warehouse restriction.
550 echo " <option";
551 if (empty($whids) && in_array($frow['id'], $ufid)) {
552 echo ' selected';
553 }
554 echo " value='" . attr($frow['id']) . "'>" . text($frow['name']) . "</option>\n";
555 // Then generate an option for each of the facility's warehouses.
556 // Does not apply if the site does not use warehouse restrictions.
557 if (!empty($GLOBALS['gbl_fac_warehouse_restrictions'])) {
558 $lres = sqlStatement(
559 "SELECT option_id, title FROM list_options WHERE " .
560 "list_id = ? AND option_value = ? ORDER BY seq, title",
561 array('warehouse', $frow['id'])
562 );
563 while ($lrow = sqlFetchArray($lres)) {
564 echo " <option";
565 if (in_array($lrow['option_id'], $whids)) {
566 echo ' selected';
567 }
568 echo " value='" . attr($frow['id']) . "/" . attr($lrow['option_id']) . "'>&nbsp;&nbsp;&nbsp;" .
569 text(xl_list_label($lrow['title'])) . "</option>\n";
570 }
571 }
572 }
573 }
574 ?>
575 </select>
576 </td>
577 </tr>
578 <?php } ?>
579
580 <tr>
581 <td class='text'><?php echo xlt('Access Control'); ?>:</td>
582 <td><select id="access_group_id" name="access_group[]" multiple style="width:150px;" class="form-control">
583 <?php
584 // Collect the access control group of user
585 $list_acl_groups = AclExtended::aclGetGroupTitleList($is_super_user || $selected_user_is_superuser);
586 $username_acl_groups = AclExtended::aclGetGroupTitles($iter["username"]);
587 foreach ($list_acl_groups as $value) {
588 // Disable groups that have any permissions that the logged-in user does not have.
589 $tmp = AclExtended::iHaveGroupPermissions($value) ? '' : 'disabled ';
590 if ($username_acl_groups && in_array($value, $username_acl_groups)) {
591 $tmp .= 'selected ';
592 }
593 echo " <option value='" . attr($value) . "' $tmp>" . text(xl_gacl_group($value)) . "</option>\n";
594 }
595 ?>
596 </select></td>
597 <td><span class=text><?php echo xlt('Additional Info'); ?>:</span></td>
598 <td><textarea style="width:150px;" name="comments" wrap=auto rows=4 cols=25 class="form-control"><?php echo text($iter["info"]); ?></textarea></td>
599
600 </tr>
601 <tr>
602 <td><span class=text><?php echo xlt('Default Billing Facility'); ?>: </span></td><td><select name="billing_facility_id" style="width:150px;" class="form-control">
603 <?php
604 $fres = $facilityService->getAllBillingLocations();
605 if ($fres) {
606 $billResults = [];
607 for ($iter2 = 0; $iter2 < sizeof($fres); $iter2++) {
608 $billResults[$iter2] = $fres[$iter2];
609 }
610
611 foreach ($billResults as $iter2) {
612 ?>
613 <option value="<?php echo attr($iter2['id']); ?>" <?php if ($iter['billing_facility_id'] == $iter2['id']) {
614 echo "selected";
615 } ?>><?php echo text($iter2['name']); ?></option>
616 <?php
617 }
618 }
619 ?>
620 </select></td>
621 <td>
622
623 </td>
624 </tr>
625 <tr>
626 <td colspan="4">
627 <?php
628 // TODO: we eventually want to move to a responsive layout and not use tables here. So we are going to give
629 // module writers the ability to inject divs, tables, or whatever inside the cell instead of having them
630 // generate additional rows / table columns which locks us into that format.
631 $postRenderEvent = new UserEditRenderEvent('user_admin.php', $_GET['id']);
632 $GLOBALS['kernel']->getEventDispatcher()->dispatch($postRenderEvent, UserEditRenderEvent::EVENT_USER_EDIT_RENDER_AFTER);
633 ?>
634 </td>
635 </tr>
636
637 <tr height="20" valign="bottom">
638 <td colspan="4" class="text">
639 <p>*<?php echo xlt('You must enter your own password to change user passwords. Leave blank to keep password unchanged.'); ?></p>
640 <?php
641 if (!$is_super_user && $selected_user_is_superuser) {
642 echo '<p class="redtext">*' . xlt('View mode - only administrator can edit another administrator user') . '.</p>';
643 }
644 ?>
645 <!--
646 Display red alert if entered password matched one of last three passwords/Display red alert if user password is expired
647 -->
648 <div class="redtext" id="error_message">&nbsp;</div>
649 </td>
650 </tr>
651
652 </table>
653
654 <INPUT TYPE="HIDDEN" NAME="id" VALUE="<?php echo attr($_GET["id"]); ?>">
655 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="update">
656 <INPUT TYPE="HIDDEN" NAME="privatemode" VALUE="user_admin">
657
658 <INPUT TYPE="HIDDEN" NAME="secure_pwd" VALUE="<?php echo attr($GLOBALS['secure_password']); ?>">
659 </FORM>
660 <script>
661 $(function () {
662 $("#cancel").click(function() {
663 dlgclose();
664 });
665
666 });
667 </script>
668
669 <div class="container">
670
671 </BODY>
672
673 </HTML>
Mirror of official OpenEMR Sourceforge repository