search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Highway to PSR2
[openemr.git] / interface / usergroup / user_admin.php
blob6bfcef72b36edde9926b2a1ee7c82043f431f988
1 <?php
2 /**
3 * Edit user.
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
10 */
11
12 require_once("../globals.php");
13 require_once("../../library/acl.inc");
14 require_once("$srcdir/calendar.inc");
15 require_once("$srcdir/options.inc.php");
16 require_once("$srcdir/erx_javascript.inc.php");
17 use OpenEMR\Menu\MainMenuRole;
18
19 $facilityService = new \services\FacilityService();
20
21 if (!$_GET["id"] || !acl_check('admin', 'users')) {
22 exit();
23 }
24
25 $res = sqlStatement("select * from users where id=?", array($_GET["id"]));
26 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
27 $result[$iter] = $row;
28 }
29
30 $iter = $result[0];
31
32 ?>
33
34 <html>
35 <head>
36
37 <link rel="stylesheet" href="<?php echo $css_header; ?>" type="text/css">
38 <script type="text/javascript" src="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script>
39 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative'] ?>/jquery-min-1-9-1/index.js"></script>
40 <script type="text/javascript" src="../../library/js/common.js"></script>
41
42 <script src="checkpwd_validation.js" type="text/javascript"></script>
43
44 <!-- validation library -->
45 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
46 <?php $use_validate_js = 1;?>
47 <?php require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?>
48 <?php
49 //Gets validation rules from Page Validation list.
50 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
51 $collectthis = collectValidationPageRules("/interface/usergroup/user_admin.php");
52 if (empty($collectthis)) {
53 $collectthis = "undefined";
54 } else {
55 $collectthis = $collectthis["user_form"]["rules"];
56 }
57 ?>
58
59 <script language="JavaScript">
60
61 /*
62 * validation on the form with new client side validation (using validate.js).
63 * this enable to add new rules for this form in the pageValidation list.
64 * */
65 var collectvalidation = <?php echo($collectthis); ?>;
66
67 function checkChange()
68 {
69 alert("<?php echo addslashes(xl('If you change e-RX Role for ePrescription, it may affect the ePrescription workflow. If you face any difficulty, contact your ePrescription vendor.'));?>");
70 }
71 function submitform() {
72
73 var valid = submitme(1, undefined, 'user_form', collectvalidation);
74 if (!valid) return;
75
76 top.restoreSession();
77 var flag=0;
78 <?php if (!$GLOBALS['use_active_directory']) { ?>
79 if(document.forms[0].clearPass.value!="")
80 {
81 //Checking for the strong password if the 'secure password' feature is enabled
82 if(document.forms[0].secure_pwd.value == 1)
83 {
84 var pwdresult = passwordvalidate(document.forms[0].clearPass.value);
85 if(pwdresult == 0) {
86 flag=1;
87 alert("<?php echo xl('The password must be at least eight characters, and should');
88 echo '\n';
89 echo xl('contain at least three of the four following items:');
90 echo '\n';
91 echo xl('A number');
92 echo '\n';
93 echo xl('A lowercase letter');
94 echo '\n';
95 echo xl('An uppercase letter');
96 echo '\n';
97 echo xl('A special character');
98 echo '(';
99 echo xl('not a letter or number');
100 echo ').';
101 echo '\n';
102 echo xl('For example:');
103 echo ' healthCare@09'; ?>");
104 return false;
105 }
106 }
107
108 }//If pwd null ends here
109 <?php } ?>
110 //Request to reset the user password if the user was deactived once the password expired.
111 if((document.forms[0].pwd_expires.value != 0) && (document.forms[0].clearPass.value == "")) {
112 if((document.forms[0].user_type.value != "Emergency Login") && (document.forms[0].pre_active.value == 0) && (document.forms[0].active.checked == 1) && (document.forms[0].grace_time.value != "") && (document.forms[0].current_date.value) > (document.forms[0].grace_time.value))
113 {
114 flag=1;
115 document.getElementById('error_message').innerHTML="<?php xl('Please reset the password.', 'e') ?>";
116 }
117 }
118
119 if (document.forms[0].access_group_id) {
120 var sel = getSelected(document.forms[0].access_group_id.options);
121 for (var item in sel) {
122 if (sel[item].value == "Emergency Login") {
123 document.forms[0].check_acl.value = 1;
124 }
125 }
126 }
127
128 <?php if ($GLOBALS['erx_enable']) { ?>
129 alertMsg='';
130 f=document.forms[0];
131 for(i=0;i<f.length;i++){
132 if(f[i].type=='text' && f[i].value)
133 {
134 if(f[i].name == 'fname' || f[i].name == 'mname' || f[i].name == 'lname')
135 {
136 alertMsg += checkLength(f[i].name,f[i].value,35);
137 alertMsg += checkUsername(f[i].name,f[i].value);
138 }
139 else if(f[i].name == 'taxid')
140 {
141 alertMsg += checkLength(f[i].name,f[i].value,10);
142 alertMsg += checkFederalEin(f[i].name,f[i].value);
143 }
144 else if(f[i].name == 'state_license_number')
145 {
146 alertMsg += checkLength(f[i].name,f[i].value,10);
147 alertMsg += checkStateLicenseNumber(f[i].name,f[i].value);
148 }
149 else if(f[i].name == 'npi')
150 {
151 alertMsg += checkLength(f[i].name,f[i].value,10);
152 alertMsg += checkTaxNpiDea(f[i].name,f[i].value);
153 }
154 else if(f[i].name == 'drugid')
155 {
156 alertMsg += checkLength(f[i].name,f[i].value,30);
157 alertMsg += checkAlphaNumeric(f[i].name,f[i].value);
158 }
159 }
160 }
161 if(alertMsg)
162 {
163 alert(alertMsg);
164 return false;
165 }
166 <?php } ?>
167 if(flag == 0){
168 document.forms[0].submit();
169 parent.$.fn.fancybox.close();
170 }
171 }
172 //Getting the list of selected item in ACL
173 function getSelected(opt) {
174 var selected = new Array();
175 var index = 0;
176 for (var intLoop = 0; intLoop < opt.length; intLoop++) {
177 if ((opt[intLoop].selected) ||
178 (opt[intLoop].checked)) {
179 index = selected.length;
180 selected[index] = new Object;
181 selected[index].value = opt[intLoop].value;
182 selected[index].index = intLoop;
183 }
184 }
185 return selected;
186 }
187
188 function authorized_clicked() {
189 var f = document.forms[0];
190 f.calendar.disabled = !f.authorized.checked;
191 f.calendar.checked = f.authorized.checked;
192 }
193
194 </script>
195 <style type="text/css">
196 .physician_type_class{
197 width: 150px !important;
198 }
199 </style>
200 </head>
201 <body class="body_top">
202 <table><tr><td>
203 <span class="title"><?php xl('Edit User', 'e'); ?></span>&nbsp;
204 </td><td>
205 <a class="css_button" name='form_save' id='form_save' href='#' onclick='return submitform()'> <span><?php xl('Save', 'e');?></span> </a>
206 <a class="css_button" id='cancel' href='#'><span><?php xl('Cancel', 'e');?></span></a>
207 </td></tr>
208 </table>
209 <br>
210 <FORM NAME="user_form" id="user_form" METHOD="POST" ACTION="usergroup_admin.php" target="_parent" onsubmit='return top.restoreSession()'>
211
212 <input type=hidden name="pwd_expires" value="<?php echo $GLOBALS['password_expiration_days']; ?>" >
213 <input type=hidden name="pre_active" value="<?php echo $iter["active"]; ?>" >
214 <input type=hidden name="exp_date" value="<?php echo $iter["pwd_expiration_date"]; ?>" >
215 <input type=hidden name="get_admin_id" value="<?php echo $GLOBALS['Emergency_Login_email']; ?>" >
216 <input type=hidden name="admin_id" value="<?php echo $GLOBALS['Emergency_Login_email_id']; ?>" >
217 <input type=hidden name="check_acl" value="">
218 <?php
219 //Calculating the grace time
220 $current_date = date("Y-m-d");
221 $password_exp=$iter["pwd_expiration_date"];
222 if ($password_exp != "0000-00-00") {
223 $grace_time1 = date("Y-m-d", strtotime($password_exp . "+".$GLOBALS['password_grace_time'] ."days"));
224 }
225 ?>
226 <input type=hidden name="current_date" value="<?php echo strtotime($current_date); ?>" >
227 <input type=hidden name="grace_time" value="<?php echo strtotime($grace_time1); ?>" >
228 <!-- Get the list ACL for the user -->
229 <?php
230 $acl_name=acl_get_group_titles($iter["username"]);
231 $bg_name='';
232 $bg_count=count($acl_name);
233 for ($i=0; $i<$bg_count; $i++) {
234 if ($acl_name[$i] == "Emergency Login") {
235 $bg_name=$acl_name[$i];
236 }
237 }
238 ?>
239 <input type=hidden name="user_type" value="<?php echo $bg_name; ?>" >
240
241 <TABLE border=0 cellpadding=0 cellspacing=0>
242 <TR>
243 <TD style="width:180px;"><span class=text><?php xl('Username', 'e'); ?>: </span></TD>
244 <TD style="width:270px;"><input type=entry name=username style="width:150px;" value="<?php echo $iter["username"]; ?>" disabled></td>
245 <?php if (!$GLOBALS['use_active_directory']) { ?>
246 <TD style="width:200px;"><span class=text><?php xl('Your Password', 'e'); ?>: </span></TD>
247 <TD class='text' style="width:280px;"><input type='password' name=adminPass style="width:150px;" value="" autocomplete='off'><font class="mandatory">*</font></TD>
248 <?php } ?>
249 </TR>
250 <?php if (!$GLOBALS['use_active_directory']) { ?>
251 <TR>
252 <TD style="width:180px;"><span class=text></span></TD>
253 <TD style="width:270px;"></td>
254 <TD style="width:200px;"><span class=text><?php xl('User\'s New Password', 'e'); ?>: </span></TD>
255 <TD class='text' style="width:280px;"> <input type=text name=clearPass style="width:150px;" value=""><font class="mandatory">*</font></td>
256 </TR>
257 <?php } ?>
258
259 <TR height="30" style="valign:middle;">
260 <td><span class="text">&nbsp;</span></td><td>&nbsp;</td>
261 <td colspan="2"><span class=text><?php xl('Provider', 'e'); ?>:
262 <input type="checkbox" name="authorized" onclick="authorized_clicked()"<?php
263 if ($iter["authorized"]) {
264 echo " checked";
265 } ?> />
266 &nbsp;&nbsp;<span class='text'><?php xl('Calendar', 'e'); ?>:
267 <input type="checkbox" name="calendar"<?php
268 if ($iter["calendar"]) {
269 echo " checked";
270 }
271
272 if (!$iter["authorized"]) {
273 echo " disabled";
274 } ?> />
275 &nbsp;&nbsp;<span class='text'><?php xl('Active', 'e'); ?>:
276 <input type="checkbox" name="active"<?php if ($iter["active"]) {
277 echo " checked";
278 } ?> />
279 </TD>
280 </TR>
281
282 <TR>
283 <TD><span class=text><?php xl('First Name', 'e'); ?>: </span></TD>
284 <TD><input type=entry name=fname id=fname style="width:150px;" value="<?php echo $iter["fname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
285 <td><span class=text><?php xl('Middle Name', 'e'); ?>: </span></TD><td><input type=entry name=mname style="width:150px;" value="<?php echo $iter["mname"]; ?>"></td>
286 </TR>
287
288 <TR>
289 <td><span class=text><?php xl('Last Name', 'e'); ?>: </span></td><td><input type=entry name=lname id=lname style="width:150px;" value="<?php echo $iter["lname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
290 <td><span class=text><?php xl('Default Facility', 'e'); ?>: </span></td><td><select name=facility_id style="width:150px;" >
291 <?php
292 $fres = $facilityService->getAllBillingLocations();
293 if ($fres) {
294 for ($iter2 = 0; $iter2 < sizeof($fres); $iter2++) {
295 $result[$iter2] = $fres[$iter2];
296 }
297
298 foreach ($result as $iter2) {
299 ?>
300 <option value="<?php echo $iter2['id']; ?>" <?php if ($iter['facility_id'] == $iter2['id']) {
301 echo "selected";
302 } ?>><?php echo htmlspecialchars($iter2['name']); ?></option>
303 <?php
304 }
305 }
306 ?>
307 </select></td>
308 </tr>
309
310 <?php if ($GLOBALS['restrict_user_facility']) { ?>
311 <tr>
312 <td colspan=2>&nbsp;</td>
313 <td><span class=text><?php xl('Schedule Facilities:', 'e');?></td>
314 <td>
315 <select name="schedule_facility[]" multiple style="width:150px;" >
316 <?php
317 $userFacilities = getUserFacilities($_GET['id']);
318 $ufid = array();
319 foreach ($userFacilities as $uf) {
320 $ufid[] = $uf['id'];
321 }
322
323 $fres = $facilityService->getAllServiceLocations();
324 if ($fres) {
325 foreach ($fres as $frow) :
326 ?>
327 <option <?php echo in_array($frow['id'], $ufid) || $frow['id'] == $iter['facility_id'] ? "selected" : null ?>
328 value="<?php echo $frow['id'] ?>"><?php echo htmlspecialchars($frow['name']) ?></option>
329 <?php
330 endforeach;
331 }
332 ?>
333 </select>
334 </td>
335 </tr>
336 <?php } ?>
337
338 <TR>
339 <TD><span class=text><?php xl('Federal Tax ID', 'e'); ?>: </span></TD><TD><input type=text name=taxid style="width:150px;" value="<?php echo $iter["federaltaxid"]?>"></td>
340 <TD><span class=text><?php xl('Federal Drug ID', 'e'); ?>: </span></TD><TD><input type=text name=drugid style="width:150px;" value="<?php echo $iter["federaldrugid"]?>"></td>
341 </TR>
342
343 <tr>
344 <td><span class="text"><?php xl('UPIN', 'e'); ?>: </span></td><td><input type="text" name="upin" style="width:150px;" value="<?php echo $iter["upin"]?>"></td>
345 <td class='text'><?php xl('See Authorizations', 'e'); ?>: </td>
346 <td><select name="see_auth" style="width:150px;" >
347 <?php
348 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
349 echo " <option value='$key'";
350 if ($key == $iter['see_auth']) {
351 echo " selected";
352 }
353
354 echo ">$value</option>\n";
355 }
356 ?>
357 </select></td>
358 </tr>
359
360 <tr>
361 <td><span class="text"><?php xl('NPI', 'e'); ?>: </span></td><td><input type="text" name="npi" style="width:150px;" value="<?php echo $iter["npi"]?>"></td>
362 <td><span class="text"><?php xl('Job Description', 'e'); ?>: </span></td><td><input type="text" name="job" style="width:150px;" value="<?php echo $iter["specialty"]?>"></td>
363 </tr>
364
365 <tr>
366 <td><span class="text"><?php xl('Taxonomy', 'e'); ?>: </span></td>
367 <td><input type="text" name="taxonomy" style="width:150px;" value="<?php echo $iter["taxonomy"]?>"></td>
368 <td>&nbsp;</td><td>&nbsp;</td></tr>
369
370 <tr>
371 <td><span class="text"><?php xl('State License Number', 'e'); ?>: </span></td>
372 <td><input type="text" name="state_license_number" style="width:150px;" value="<?php echo $iter["state_license_number"]?>"></td>
373 <td class='text'><?php xl('NewCrop eRX Role', 'e'); ?>:</td>
374 <td>
375 <?php echo generate_select_list("erxrole", "newcrop_erx_role", $iter['newcrop_user_role'], '', xl('Select Role'), '', '', '', array('style'=>'width:150px')); ?>
376 </td>
377 </tr>
378
379 <tr>
380 <td><span class="text"><?php xl('Provider Type', 'e'); ?>: </span></td>
381 <td><?php echo generate_select_list("physician_type", "physician_type", $iter['physician_type'], '', xl('Select Type'), 'physician_type_class', '', '', ''); ?></td>
382 <td>
383 <span class="text"><?php echo xlt('Main Menu Role'); ?>: </span>
384 </td>
385 <td>
386 <?php echo MainMenuRole::displayMainMenuRoleSelector($iter["main_menu_role"]); ?>
387 </td>
388 </tr>
389 <?php if ($GLOBALS['inhouse_pharmacy']) { ?>
390 <tr>
391 <td class="text"><?php xl('Default Warehouse', 'e'); ?>: </td>
392 <td class='text'>
393 <?php
394 echo generate_select_list(
395 'default_warehouse',
396 'warehouse',
397 $iter['default_warehouse'],
398 ''
399 );
400 ?>
401 </td>
402 <td class="text"><?php xl('Invoice Refno Pool', 'e'); ?>: </td>
403 <td class='text'>
404 <?php
405 echo generate_select_list(
406 'irnpool',
407 'irnpool',
408 $iter['irnpool'],
409 xl('Invoice reference number pool, if used')
410 );
411 ?>
412 </td>
413 </tr>
414 <?php } ?>
415
416 <?php
417 // Collect the access control group of user
418 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
419 ?>
420 <tr>
421 <td class='text'><?php xl('Access Control', 'e'); ?>:</td>
422 <td><select id="access_group_id" name="access_group[]" multiple style="width:150px;" >
423 <?php
424 $list_acl_groups = acl_get_group_title_list();
425 $username_acl_groups = acl_get_group_titles($iter["username"]);
426 foreach ($list_acl_groups as $value) {
427 if (($username_acl_groups) && in_array($value, $username_acl_groups)) {
428 // Modified 6-2009 by BM - Translate group name if applicable
429 echo " <option value='$value' selected>" . xl_gacl_group($value) . "</option>\n";
430 } else {
431 // Modified 6-2009 by BM - Translate group name if applicable
432 echo " <option value='$value'>" . xl_gacl_group($value) . "</option>\n";
433 }
434 }
435 ?>
436 </select></td>
437 <td><span class=text><?php xl('Additional Info', 'e'); ?>:</span></td>
438 <td><textarea style="width:150px;" name="comments" wrap=auto rows=4 cols=25><?php echo $iter["info"];?></textarea></td>
439
440 </tr>
441 <tr height="20" valign="bottom">
442 <td colspan="4" class="text">
443 <font class="mandatory">*</font> <?php xl('You must enter your own password to change user passwords. Leave blank to keep password unchanged.', 'e'); ?>
444 <!--
445 Display red alert if entered password matched one of last three passwords/Display red alert if user password was expired and the user was inactivated previously
446 -->
447 <div class="redtext" id="error_message">&nbsp;</div>
448 </td>
449 </tr>
450 <?php
451 }
452 ?>
453 </table>
454
455 <INPUT TYPE="HIDDEN" NAME="id" VALUE="<?php echo attr($_GET["id"]); ?>">
456 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="update">
457 <INPUT TYPE="HIDDEN" NAME="privatemode" VALUE="user_admin">
458
459 <INPUT TYPE="HIDDEN" NAME="secure_pwd" VALUE="<?php echo $GLOBALS['secure_password']; ?>">
460 </FORM>
461 <script language="JavaScript">
462 $(document).ready(function(){
463 $("#cancel").click(function() {
464 parent.$.fn.fancybox.close();
465 });
466
467 });
468 </script>
469 </BODY>
470
471 </HTML>
472
473 <?php
474 // d41d8cd98f00b204e9800998ecf8427e == blank
475 ?>
Mirror of official OpenEMR Sourceforge repository