search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix: restore url and text for immunizations card (#6991)
[openemr.git] / interface / globals.php
bloba884039537b106d0c15de77f22925cc5832d6e59
1 <?php
2
3 /**
4 * Default values for optional variables that are allowed to be set by callers.
5 *
6 * @package OpenEMR
7 * @link http://www.open-emr.org
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @author Rod Roark <rod@sunsetsystems.com>
10 * @copyright Copyright (c) 2018-2019 Brady Miller <brady.g.miller@gmail.com>
11 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
12 */
13
14 // Checks if the server's PHP version is compatible with OpenEMR:
15 require_once(__DIR__ . "/../src/Common/Compatibility/Checker.php");
16 $response = OpenEMR\Common\Compatibility\Checker::checkPhpVersion();
17 if ($response !== true) {
18 die(htmlspecialchars($response));
19 }
20
21 use Dotenv\Dotenv;
22 use OpenEMR\Core\Kernel;
23 use OpenEMR\Core\ModulesApplication;
24
25 // Throw error if the php openssl module is not installed.
26 if (!(extension_loaded('openssl'))) {
27 error_log("OPENEMR ERROR: OpenEMR is not working since the php openssl module is not installed.", 0);
28 die("OpenEMR Error : OpenEMR is not working since the php openssl module is not installed.");
29 }
30 // Throw error if the openssl aes-256-cbc cipher is not available.
31 if (!(in_array('aes-256-cbc', openssl_get_cipher_methods()))) {
32 error_log("OPENEMR ERROR: OpenEMR is not working since the openssl aes-256-cbc cipher is not available.", 0);
33 die("OpenEMR Error : OpenEMR is not working since the openssl aes-256-cbc cipher is not available.");
34 }
35
36
37 //This is to help debug the ssl mysql connection. This will send messages to php log to show if mysql connections have a cipher set up.
38 $GLOBALS['debug_ssl_mysql_connection'] = false;
39
40 // Unless specified explicitly, apply Auth functions
41 if (!isset($ignoreAuth)) {
42 $ignoreAuth = false;
43 }
44
45 // Same for onsite
46 if (!isset($ignoreAuth_onsite_portal)) {
47 $ignoreAuth_onsite_portal = false;
48 }
49
50 // Is this windows or non-windows? Create a boolean definition.
51 if (!defined('IS_WINDOWS')) {
52 define('IS_WINDOWS', (stripos(PHP_OS, 'WIN') === 0));
53 }
54
55 // The webserver_root and web_root are now automatically collected.
56 // If not working, can set manually below.
57 // Auto collect the full absolute directory path for openemr.
58 $webserver_root = dirname(__FILE__, 2);
59 if (IS_WINDOWS) {
60 //convert windows path separators
61 $webserver_root = str_replace("\\", "/", $webserver_root);
62 }
63
64 // Collect the apache server document root (and convert to windows slashes, if needed)
65 $server_document_root = realpath($_SERVER['DOCUMENT_ROOT']);
66 if (IS_WINDOWS) {
67 //convert windows path separators
68 $server_document_root = str_replace("\\", "/", $server_document_root);
69 }
70
71 // Auto collect the relative html path, i.e. what you would type into the web
72 // browser after the server address to get to OpenEMR.
73 // This removes the leading portion of $webserver_root that it has in common with the web server's document
74 // root and assigns the result to $web_root. In addition to the common case where $webserver_root is
75 // /var/www/openemr and document root is /var/www, this also handles the case where document root is
76 // /var/www/html and there is an Apache "Alias" command that directs /openemr to /var/www/openemr.
77 $web_root = substr($webserver_root, strspn($webserver_root ^ $server_document_root, "\0"));
78 // Ensure web_root starts with a path separator
79 if (preg_match("/^[^\/]/", $web_root)) {
80 $web_root = "/" . $web_root;
81 }
82
83 // The webserver_root and web_root are now automatically collected in
84 // real time per above code. If above is not working, can uncomment and
85 // set manually here:
86 // $webserver_root = "/var/www/openemr";
87 // $web_root = "/openemr";
88
89 $ResolveServerHost = static function () {
90 $scheme = ($_SERVER['REQUEST_SCHEME'] ?? 'https') . "://";
91 $possibleHostSources = array('HTTP_X_FORWARDED_HOST', 'HTTP_HOST', 'SERVER_NAME', 'SERVER_ADDR');
92 $sourceTransformations = array(
93 "HTTP_X_FORWARDED_HOST" => function ($value) {
94 $elements = explode(',', $value);
95 return trim(end($elements));
96 }
97 );
98 $host = '';
99 foreach ($possibleHostSources as $source) {
100 if (!empty($host)) {
101 break;
102 }
103 if (empty($_SERVER[$source])) {
104 continue;
105 }
106 $host = $_SERVER[$source];
107 if (array_key_exists($source, $sourceTransformations)) {
108 $host = $sourceTransformations[$source]($host);
109 }
110 }
111 return rtrim(trim($scheme . $host), "/");
112 };
113
114 // Debug function. Can expand for longer trace or file info.
115 function GetCallingScriptName()
116 {
117 $e = new Exception();
118 return $e->getTrace()[1]['file'];
119 }
120
121 // This is the directory that contains site-specific data. Change this
122 // only if you have some reason to.
123 $GLOBALS['OE_SITES_BASE'] = "$webserver_root/sites";
124
125 /*
126 * If a session does not yet exist, then will start the core OpenEMR session.
127 * If a session already exists, then this means portal or oauth2 or api is being used, which
128 * has already created a portal session/cookie, so will bypass setting of
129 * the core OpenEMR session/cookie.
130 * $sessionAllowWrite = 1 | true | string then normal operation
131 * $sessionAllowWrite = undefined | null | 0 session start for read only then auto
132 * immediate session_write_close.
133 * Unless $sessionAllowWrite is true, ensure no session writes are used within the calling
134 * scope of this globals instance. Goal is to unlock session file as quickly as possible
135 * instead of waiting for calling script to complete before releasing flock.
136 */
137 $read_only = empty($sessionAllowWrite);
138 if (session_status() === PHP_SESSION_NONE) {
139 //error_log("1. LOCK ".GetCallingScriptName()); // debug start lock
140 require_once(__DIR__ . "/../src/Common/Session/SessionUtil.php");
141 OpenEMR\Common\Session\SessionUtil::coreSessionStart($web_root, $read_only);
142 //error_log("2. FREE ".GetCallingScriptName()); // debug unlocked
143 }
144
145 // Set the site ID if required. This must be done before any database
146 // access is attempted.
147 if (empty($_SESSION['site_id']) || !empty($_GET['site'])) {
148 if (!empty($_GET['site'])) {
149 $tmp = $_GET['site'];
150 } else {
151 if (empty($ignoreAuth) && empty($ignoreAuth_onsite_portal)) {
152 // mdsupport - Don't die if logout menu link is called from expired session.
153 // Eliminate this code when close method is available for session management.
154 if ((isset($_GET['auth'])) && ($_GET['auth'] == "logout")) {
155 $GLOBALS['login_screen'] = "login_screen.php";
156 $srcdir = "../library";
157 require_once("$srcdir/auth.inc.php");
158 }
159 die("Site ID is missing from session data!");
160 }
161
162 $tmp = $_SERVER['HTTP_HOST'];
163 if (!is_dir($GLOBALS['OE_SITES_BASE'] . "/$tmp")) {
164 $tmp = "default";
165 }
166 }
167
168 // for both REST API and browser access we can't proceed unless we have a valid site id.
169 // since this is user provided content we need to escape the value but we use htmlspecialchars instead
170 // of text() as our helper functions are loaded in later on in this file.
171 if (empty($tmp) || preg_match('/[^A-Za-z0-9\\-.]/', $tmp)) {
172 echo "Invalid URL";
173 error_log("Request with site id '" . htmlspecialchars($tmp, ENT_QUOTES) . "' contains invalid characters.");
174 die();
175 }
176
177 if (isset($_SESSION['site_id']) && ($_SESSION['site_id'] != $tmp)) {
178 // This is to prevent using session to penetrate other OpenEMR instances within same multisite module
179 session_unset(); // clear session, clean logout
180 if (isset($landingpage) && !empty($landingpage)) {
181 // OpenEMR Patient Portal use
182 header('Location: index.php?site=' . urlencode($tmp));
183 } else {
184 // Main OpenEMR use
185 header('Location: ../login/login.php?site=' . urlencode($tmp)); // Assuming in the interface/main directory
186 }
187
188 exit;
189 }
190
191 if (!isset($_SESSION['site_id']) || $_SESSION['site_id'] != $tmp) {
192 $_SESSION['site_id'] = $tmp;
193 // error_log("Session site ID has been set to '$tmp'"); // debugging
194 }
195 }
196
197 // Set the site-specific directory path.
198 $GLOBALS['OE_SITE_DIR'] = $GLOBALS['OE_SITES_BASE'] . "/" . $_SESSION['site_id'];
199
200 // Set a site-specific uri root path.
201 $GLOBALS['OE_SITE_WEBROOT'] = $web_root . "/sites/" . $_SESSION['site_id'];
202
203
204 // Root directory, relative to the webserver root:
205 $GLOBALS['rootdir'] = "$web_root/interface";
206 $rootdir = $GLOBALS['rootdir'];
207 // Absolute path to the source code include and headers file directory (Full path):
208 $GLOBALS['srcdir'] = "$webserver_root/library";
209 // Absolute path to the location of documentroot directory for use with include statements:
210 $GLOBALS['fileroot'] = "$webserver_root";
211 // Absolute path to the location of interface directory for use with include statements:
212 $include_root = "$webserver_root/interface";
213 // Absolute path to the location of documentroot directory for use with include statements:
214 $GLOBALS['webroot'] = $web_root;
215
216 // Static assets directory, relative to the webserver root.
217 // (it is very likely that this path will be changed in the future))
218 $GLOBALS['assets_static_relative'] = "$web_root/public/assets";
219
220 // Relative themes directory, relative to the webserver root.
221 $GLOBALS['themes_static_relative'] = "$web_root/public/themes";
222
223 // Relative images directory, relative to the webserver root.
224 $GLOBALS['images_static_relative'] = "$web_root/public/images";
225
226 // Static images directory, absolute to the webserver root.
227 $GLOBALS['images_static_absolute'] = "$webserver_root/public/images";
228
229 //Composer vendor directory, absolute to the webserver root.
230 $GLOBALS['vendor_dir'] = "$webserver_root/vendor";
231 $GLOBALS['fonts_dir'] = "{$web_root}/public/fonts";
232 $GLOBALS['template_dir'] = $GLOBALS['fileroot'] . "/templates/";
233 $GLOBALS['incdir'] = $include_root;
234 // Location of the login screen file
235 $GLOBALS['login_screen'] = $GLOBALS['rootdir'] . "/login_screen.php";
236
237 // Variable set for Eligibility Verification [EDI-271] path
238 $GLOBALS['edi_271_file_path'] = $GLOBALS['OE_SITE_DIR'] . "/documents/edi/";
239
240 // Check necessary writable paths (add them if do not exist)
241 if (! is_dir($GLOBALS['OE_SITE_DIR'] . '/documents/smarty/gacl')) {
242 if (!mkdir($concurrentDirectory = $GLOBALS['OE_SITE_DIR'] . '/documents/smarty/gacl', 0755, true) && !is_dir($concurrentDirectory)) {
243 throw new RuntimeException(sprintf('Directory "%s" was not created', $concurrentDirectory));
244 }
245 }
246 if (! is_dir($GLOBALS['OE_SITE_DIR'] . '/documents/smarty/main')) {
247 if (!mkdir($concurrentDirectory = $GLOBALS['OE_SITE_DIR'] . '/documents/smarty/main', 0755, true) && !is_dir($concurrentDirectory)) {
248 throw new RuntimeException(sprintf('Directory "%s" was not created', $concurrentDirectory));
249 }
250 }
251
252 // Set and check that necessary writeable path exist for mPDF tool
253 $GLOBALS['MPDF_WRITE_DIR'] = $GLOBALS['OE_SITE_DIR'] . '/documents/mpdf/pdf_tmp';
254 if (! is_dir($GLOBALS['MPDF_WRITE_DIR'])) {
255 if (!mkdir($concurrentDirectory = $GLOBALS['MPDF_WRITE_DIR'], 0755, true) && !is_dir($concurrentDirectory)) {
256 throw new RuntimeException(sprintf('Directory "%s" was not created', $concurrentDirectory));
257 }
258 }
259
260 // Includes composer autoload
261 // Note this also brings in following library files:
262 // library/htmlspecialchars.inc.php - Include convenience functions with shorter names than "htmlspecialchars" (for security)
263 // library/formdata.inc.php - Include sanitization/checking functions (for security)
264 // library/sanitize.inc.php - Include sanitization/checking functions (for security)
265 // library/formatting.inc.php - Includes functions for date/time internationalization and formatting
266 // library/date_functions.php - Includes functions for date internationalization
267 // library/validation/validate_core.php - Includes functions for page validation
268 // library/translation.inc.php - Includes translation functions
269 require_once $GLOBALS['vendor_dir'] . "/autoload.php";
270
271 /**
272 * @var Dotenv Allow a `.env` file to be read in and applied as $_SERVER variables.
273 *
274 * This allows to define a "development" environment which can then load up
275 * different variables and reporting/debugging functionality. Should be used in
276 * development only, not for production
277 *
278 * @link http://open-emr.org/wiki/index.php/Dotenv_Usage
279 */
280 if (file_exists("{$webserver_root}/.env")) {
281 $dotenv = Dotenv::createImmutable($webserver_root);
282 $dotenv->load();
283 }
284
285 // The logging level for common/logging/logger.php
286 // Value can be TRACE, DEBUG, INFO, WARN, ERROR, or OFF:
287 // - DEBUG/INFO are great for development
288 // - INFO/WARN/ERROR are great for production
289 // - TRACE is useful when debugging hard to spot bugs
290 $GLOBALS["log_level"] = "OFF";
291
292 try {
293 /** @var Kernel */
294 $GLOBALS["kernel"] = new Kernel();
295 } catch (\Exception $e) {
296 error_log(errorLogEscape($e->getMessage()));
297 die();
298 }
299
300 // This will open the openemr mysql connection.
301 require_once(__DIR__ . "/../library/sql.inc.php");
302
303 // Include the version file
304 require_once(__DIR__ . "/../version.php");
305
306 // Collecting the utf8 disable flag from the sqlconf.php file in order
307 // to set the correct html encoding. utf8 vs iso-8859-1. If flag is set
308 // then set to iso-8859-1.
309 if (!$disable_utf8_flag) {
310 ini_set('default_charset', 'utf-8');
311 $HTML_CHARSET = "UTF-8";
312 mb_internal_encoding('UTF-8');
313 } else {
314 ini_set('default_charset', 'iso-8859-1');
315 $HTML_CHARSET = "ISO-8859-1";
316 mb_internal_encoding('ISO-8859-1');
317 }
318
319 // Defaults for specific applications.
320 $GLOBALS['weight_loss_clinic'] = false;
321 $GLOBALS['ippf_specific'] = false;
322
323 // Defaults for drugs and products.
324 $GLOBALS['inhouse_pharmacy'] = false;
325 $GLOBALS['sell_non_drug_products'] = 0;
326
327 $glrow = sqlQueryNoLog("SHOW TABLES LIKE 'globals'");
328 if (!empty($glrow)) {
329 // Collect user specific settings from user_settings table.
330 //
331 $gl_user = array();
332 // Collect the user id first
333 $temp_authuserid = '';
334 if (!empty($_SESSION['authUserID'])) {
335 //Set the user id from the session variable
336 $temp_authuserid = $_SESSION['authUserID'];
337 } else {
338 if (!empty($_POST['authUser'])) {
339 $temp_sql_ret = sqlQueryNoLog("SELECT `id` FROM `users` WHERE BINARY `username` = ?", array($_POST['authUser']));
340 if (!empty($temp_sql_ret['id'])) {
341 //Set the user id from the login variable
342 $temp_authuserid = $temp_sql_ret['id'];
343 }
344 }
345 }
346
347 if (!empty($temp_authuserid)) {
348 $glres_user = sqlStatementNoLog(
349 "SELECT `setting_label`, `setting_value` " .
350 "FROM `user_settings` " .
351 "WHERE `setting_user` = ? " .
352 "AND `setting_label` LIKE 'global:%'",
353 array($temp_authuserid)
354 );
355 for ($iter = 0; $row = sqlFetchArray($glres_user); $iter++) {
356 //remove global_ prefix from label
357 $row['setting_label'] = substr($row['setting_label'], 7);
358 $gl_user[$iter] = $row;
359 }
360 }
361
362 // Set global parameters from the database globals table.
363 // Some parameters require custom handling.
364 //
365 $GLOBALS['language_menu_show'] = array();
366 $glres = sqlStatementNoLog(
367 "SELECT gl_name, gl_index, gl_value FROM globals " .
368 "ORDER BY gl_name, gl_index"
369 );
370 while ($glrow = sqlFetchArray($glres)) {
371 $gl_name = $glrow['gl_name'];
372 $gl_value = $glrow['gl_value'];
373 // Adjust for user specific settings
374 if (!empty($gl_user)) {
375 foreach ($gl_user as $setting) {
376 if ($gl_name == $setting['setting_label']) {
377 $gl_value = $setting['setting_value'];
378 }
379 }
380 }
381
382 if ($gl_name == 'language_menu_other') {
383 $GLOBALS['language_menu_show'][] = $gl_value;
384 } elseif ($gl_name == 'css_header') {
385 //Escape css file name using 'attr' for security (prevent XSS).
386 if (!file_exists($webserver_root . '/public/themes/' . attr($gl_value))) {
387 $gl_value = 'style_light.css';
388 }
389 $GLOBALS[$gl_name] = $web_root . '/public/themes/' . attr($gl_value) . '?v=' . $v_js_includes;
390 $GLOBALS['compact_header'] = $web_root . '/public/themes/compact_' . attr($gl_value) . '?v=' . $v_js_includes;
391 $compact_header = $GLOBALS['compact_header'];
392 $css_header = $GLOBALS[$gl_name];
393 $temp_css_theme_name = $gl_value;
394 } elseif ($gl_name == 'portal_css_header' && $ignoreAuth_onsite_portal) {
395 // does patient have a portal theme selected?
396 $current_theme = sqlQueryNoLog(
397 "SELECT `setting_value` FROM `patient_settings` " .
398 "WHERE setting_patient = ? AND `setting_label` = ?",
399 array($_SESSION['pid'] ?? 0, 'portal_theme')
400 )['setting_value'] ?? null;
401 $gl_value = $current_theme ?? null ?: $gl_value;
402 $GLOBALS[$gl_name] = $web_root . '/public/themes/' . attr($gl_value) . '?v=' . $v_js_includes;
403 $portal_css_header = $GLOBALS[$gl_name];
404 $portal_temp_css_theme_name = $gl_value;
405 } elseif ($gl_name == 'weekend_days') {
406 $GLOBALS[$gl_name] = explode(',', $gl_value);
407 } elseif ($gl_name == 'specific_application') {
408 if ($gl_value == '2') {
409 $GLOBALS['ippf_specific'] = true;
410 } elseif ($gl_value == '3') {
411 $GLOBALS['weight_loss_clinic'] = true;
412 }
413 } elseif ($gl_name == 'inhouse_pharmacy') {
414 if ($gl_value) {
415 $GLOBALS['inhouse_pharmacy'] = true;
416 }
417
418 if ($gl_value == '2') {
419 $GLOBALS['sell_non_drug_products'] = 1;
420 } elseif ($gl_value == '3') {
421 $GLOBALS['sell_non_drug_products'] = 2;
422 }
423 } elseif ($gl_name == 'gbl_time_zone') {
424 // The default PHP time zone is set here if it was specified, and is used
425 // as source data for the MySQL time zone here and in some other places
426 // where MySQL connections are opened.
427 if ($gl_value) {
428 date_default_timezone_set($gl_value);
429 }
430
431 // Synchronize MySQL time zone with PHP time zone.
432 sqlStatementNoLog("SET time_zone = ?", array((new DateTime())->format("P")));
433 } else {
434 $GLOBALS[$gl_name] = $gl_value;
435 }
436 }
437
438 // Language cleanup stuff.
439 $GLOBALS['language_menu_login'] = false;
440 if ((count($GLOBALS['language_menu_show']) > 1) || $GLOBALS['language_menu_showall']) {
441 $GLOBALS['language_menu_login'] = true;
442 }
443
444 // Added this $GLOBALS['concurrent_layout'] set to 3 in order to support legacy forms
445 // that may use this; note this global has been removed from the standard codebase.
446 $GLOBALS['concurrent_layout'] = 3;
447
448 // Additional logic to override theme name.
449 // For RTL languages we substitute the theme name with the name of RTL-adapted CSS file.
450 $rtl_override = false;
451 $rtl_portal_override = false;
452 if (isset($_SESSION['language_direction']) && empty($_SESSION['patient_portal_onsite_two'])) {
453 if (
454 $_SESSION['language_direction'] == 'rtl' &&
455 !strpos($GLOBALS['css_header'], 'rtl')
456 ) {
457 // the $css_header_value is set above
458 $rtl_override = true;
459 }
460 } elseif (isset($_SESSION['language_choice'])) {
461 //this will support the onsite patient portal which will have a language choice but not yet a set language direction
462 $_SESSION['language_direction'] = getLanguageDir($_SESSION['language_choice']);
463 if (
464 $_SESSION['language_direction'] == 'rtl' &&
465 !strpos($GLOBALS['portal_css_header'], 'rtl')
466 ) {
467 // the $css_header_value is set above
468 $rtl_portal_override = true;
469 }
470 } else {
471 //$_SESSION['language_direction'] is not set, so will use the default language
472 $default_lang_id = sqlQueryNoLog('SELECT lang_id FROM lang_languages WHERE lang_description = ?', array($GLOBALS['language_default']));
473
474 if (getLanguageDir($default_lang_id['lang_id']) === 'rtl' && !strpos($GLOBALS['css_header'], 'rtl')) {
475 // @todo eliminate 1 SQL query
476 $rtl_override = true;
477 }
478 }
479
480
481 // change theme name, if the override file exists.
482 if ($rtl_override) {
483 // the $css_header_value is set above
484 $new_theme = 'rtl_' . $temp_css_theme_name;
485
486 // Check file existance
487 if (file_exists($webserver_root . '/public/themes/' . $new_theme)) {
488 //Escape css file name using 'attr' for security (prevent XSS).
489 $GLOBALS['css_header'] = $web_root . '/public/themes/' . attr($new_theme) . '?v=' . $v_js_includes;
490 $css_header = $GLOBALS['css_header'];
491 $GLOBALS['compact_header'] = $web_root . '/public/themes/rtl_compact_' . attr($temp_css_theme_name) . '?v=' . $v_js_includes;
492 $compact_header = $GLOBALS['compact_header'];
493 } else {
494 // throw a warning if rtl'ed file does not exist.
495 error_log("Missing theme file " . errorLogEscape($webserver_root) . '/public/themes/' . errorLogEscape($new_theme));
496 }
497 }
498
499 // change portal theme name, if the override file exists.
500 if ($rtl_portal_override) {
501 // the $css_header_value is set above
502 $new_theme = 'rtl_' . $portal_temp_css_theme_name;
503
504 // Check file existance
505 if (file_exists($webserver_root . '/public/themes/' . $new_theme)) {
506 //Escape css file name using 'attr' for security (prevent XSS).
507 $GLOBALS['portal_css_header'] = $web_root . '/public/themes/' . attr($new_theme) . '?v=' . $v_js_includes;
508 $portal_css_header = $GLOBALS['portal_css_header'];
509 } else {
510 // throw a warning if rtl'ed file does not exist.
511 error_log("Missing theme file " . errorLogEscape($webserver_root) . '/public/themes/' . errorLogEscape($new_theme));
512 }
513 }
514 unset($temp_css_theme_name, $new_theme, $rtl_override, $rtl_portal_override, $portal_temp_css_theme_name);
515 // end of RTL section
516
517 //
518 // End of globals table processing.
519 } else {
520 // Temporary stuff to handle the case where the globals table does not
521 // exist yet. This will happen in sql_upgrade.php on upgrading to the
522 // first release containing this table.
523 $GLOBALS['language_menu_login'] = true;
524 $GLOBALS['language_menu_showall'] = true;
525 $GLOBALS['language_menu_show'] = array('English (Standard)','Swedish');
526 $GLOBALS['language_default'] = "English (Standard)";
527 $GLOBALS['translate_layout'] = true;
528 $GLOBALS['translate_lists'] = true;
529 $GLOBALS['translate_gacl_groups'] = true;
530 $GLOBALS['translate_form_titles'] = true;
531 $GLOBALS['translate_document_categories'] = true;
532 $GLOBALS['translate_appt_categories'] = true;
533 $GLOBALS['timeout'] = 7200;
534 $openemr_name = 'OpenEMR';
535 $css_header = "$web_root/public/themes/style_default.css";
536 $GLOBALS['css_header'] = $css_header;
537 $compact_header = "$web_root/public/themes/style_default.css";
538 $GLOBALS['compact_header'] = $compact_header;
539 $GLOBALS['schedule_start'] = 8;
540 $GLOBALS['schedule_end'] = 17;
541 $GLOBALS['calendar_interval'] = 15;
542 $GLOBALS['phone_country_code'] = '1';
543 $GLOBALS['disable_non_default_groups'] = true;
544 $GLOBALS['ippf_specific'] = false;
545 }
546
547 // Migrated this to populate after the standard globals in order to support globals that require
548 // more security.
549 require_once($GLOBALS['OE_SITE_DIR'] . "/config.php");
550
551 // Resolve server globals (use the manual override if set already in globals)
552 if (empty($GLOBALS['site_addr_oath'])) {
553 $GLOBALS['site_addr_oath'] = $ResolveServerHost();
554 }
555 if (empty($GLOBALS['qualified_site_addr'])) {
556 $GLOBALS['qualified_site_addr'] = rtrim($GLOBALS['site_addr_oath'] . trim($GLOBALS['webroot']), "/");
557 }
558
559 // Need to utilize a session since library/sql.inc.php is established before there are any globals established yet.
560 // This means that the first time, it will be skipped even if the global is turned on. However,
561 // after that it will then be turned on via the session.
562 // Also important to note that changes to this global setting will not take effect during the same
563 // session (ie. user needs to logout) since not worth it to use resources to open session and write to it
564 // for every call to interface/globals.php .
565 $_SESSION["enable_database_connection_pooling"] = $GLOBALS["enable_database_connection_pooling"] ?? null;
566
567 // If >0 this will enforce a separate PHP session for each top-level
568 // browser window. You must log in separately for each. This is not
569 // thoroughly tested yet and some browsers might have trouble with it,
570 // so make it 0 if you must. Alternatively, you can set it to 2 to be
571 // notified when the session ID changes.
572 $GLOBALS['restore_sessions'] = 1; // 0=no, 1=yes, 2=yes+debug
573
574 // Theme definition. All this stuff should be moved to CSS.
575 //
576 $top_bg_line = ' bgcolor="#dddddd" ';
577 $GLOBALS['style']['BGCOLOR2'] = "#dddddd";
578 $logocode = "<img class='img-responsive' src='" . $GLOBALS['OE_SITE_WEBROOT'] . "/images/login_logo.gif' />";
579 // optimal size for the tiny logo is height 43 width 86 px
580 // inside the open emr they will be auto reduced
581 $tinylogocode1 = "<img class='img-responsive d-block mx-auto' src='" . $GLOBALS['OE_SITE_WEBROOT'] . "/images/logo_1.png'>";
582 $tinylogocode2 = "<img class='img-responsive d-block mx-auto' src='" . $GLOBALS['OE_SITE_WEBROOT'] . "/images/logo_2.png'>";
583
584 $GLOBALS['style']['BGCOLOR1'] = "#cccccc";
585 // The height in pixels of the Title bar:
586 $GLOBALS['titleBarHeight'] = 50;
587
588 // The assistant word, MORE printed next to titles that can be clicked:
589 // Note this label gets translated here via the xl function
590 // -if you don't want it translated, then strip the xl function away
591 $tmore = xl('(More)');
592 // The assistant word, BACK printed next to titles that return to previous screens:
593 // Note this label gets translated here via the xl function
594 // -if you don't want it translated, then strip the xl function away
595 $tback = xl('(Back)');
596
597 $srcdir = $GLOBALS['srcdir'];
598 $login_screen = $GLOBALS['login_screen'];
599 $GLOBALS['backpic'] = $backpic ?? '';
600
601 // 1 = send email message to given id for Emergency Login user activation,
602 // else 0.
603 $GLOBALS['Emergency_Login_email'] = empty($GLOBALS['Emergency_Login_email_id']) ? 0 : 1;
604
605 //set include_de_identification to enable De-identification (currently de-identification works fine only with linux machines)
606 //Run de_identification_upgrade.php script to upgrade OpenEMR database to include procedures,
607 //functions, tables for de-identification(Mysql root user and password is required for successful
608 //execution of the de-identification upgrade script)
609 $GLOBALS['include_de_identification'] = 0;
610 // Include the authentication module code here, but the rule is
611 // if the file has the word "login" in the source code file name,
612 // don't include the authentication module - we do this to avoid
613 // include loops.
614
615 // EMAIL SETTINGS
616 $GLOBALS['SMTP_Auth'] = !empty($GLOBALS['SMTP_USER']);
617
618 if (($ignoreAuth_onsite_portal === true) && ($GLOBALS['portal_onsite_two_enable'] == 1)) {
619 $ignoreAuth = true;
620 }
621
622 if (!$ignoreAuth) {
623 require_once("$srcdir/auth.inc.php");
624 }
625
626 // This is the background color to apply to form fields that are searchable.
627 // Currently it is applicable only to the "Search or Add Patient" form.
628 $GLOBALS['layout_search_color'] = '#ff9919';
629
630 // module configurations
631 // upgrade fails for versions prior to 4.2.0 since no modules table
632 // so perform this check to avoid sql error
633 if (!file_exists($webserver_root . "/interface/modules/")) {
634 error_log("The modules directory does not exist thus not loading modules.");
635 } else {
636 $GLOBALS['baseModDir'] = "interface/modules/"; //default path of modules
637 $GLOBALS['customModDir'] = "custom_modules"; //non zend modules
638 $GLOBALS['zendModDir'] = "zend_modules"; //zend modules
639
640 try {
641 // load up the modules system and bootstrap them.
642 // This has to be fast, so any modules that tie into the bootstrap must be kept lightweight
643 // registering event listeners, etc.
644 // TODO: why do we have 3 different directories we need to pass in for the zend dir path. shouldn't zendModDir already have all the paths set up?
645 /** @var ModulesApplication */
646 $GLOBALS['modules_application'] = new ModulesApplication(
647 $GLOBALS["kernel"],
648 $GLOBALS['fileroot'],
649 $GLOBALS['baseModDir'],
650 $GLOBALS['zendModDir']
651 );
652 } catch (\OpenEMR\Common\Acl\AccessDeniedException $accessDeniedException) {
653 // this occurs when the current SCRIPT_PATH is to a module that is not currently allowed to be accessed
654 http_response_code(401);
655 error_log(errorLogEscape($accessDeniedException->getMessage() . $accessDeniedException->getTraceAsString()));
656 } catch (\Exception $ex) {
657 error_log(errorLogEscape($ex->getMessage() . $ex->getTraceAsString()));
658 die();
659 }
660 }
661
662 // Don't change anything below this line. ////////////////////////////
663
664 $encounter = empty($_SESSION['encounter']) ? 0 : $_SESSION['encounter'];
665
666 if (!empty($_GET['pid']) && empty($_SESSION['pid'])) {
667 OpenEMR\Common\Session\SessionUtil::setSession('pid', $_GET['pid']);
668 } elseif (!empty($_POST['pid']) && empty($_SESSION['pid'])) {
669 OpenEMR\Common\Session\SessionUtil::setSession('pid', $_POST['pid']);
670 }
671
672 $pid = empty($_SESSION['pid']) ? 0 : $_SESSION['pid'];
673 $userauthorized = empty($_SESSION['userauthorized']) ? 0 : $_SESSION['userauthorized'];
674 $groupname = empty($_SESSION['authProvider']) ? 0 : $_SESSION['authProvider'];
675
676 //This is crucial for therapy groups and patients mechanisms to work together properly
677 $attendant_type = (empty($pid) && isset($_SESSION['therapy_group'])) ? 'gid' : 'pid';
678 $therapy_group = (empty($pid) && isset($_SESSION['therapy_group'])) ? $_SESSION['therapy_group'] : 0;
679
680 // global interface function to format text length using ellipses
681 function strterm($string, $length)
682 {
683 if (strlen($string) >= ($length - 3)) {
684 return substr($string, 0, $length - 3) . "...";
685 } else {
686 return $string;
687 }
688 }
689
690 // Helper function to generate an image URL that defeats browser/proxy caching when needed.
691 function UrlIfImageExists($filename, $append = true)
692 {
693 global $webserver_root, $web_root;
694 $path = "sites/" . $_SESSION['site_id'] . "/images/$filename";
695 // @ in next line because a missing file is not an error.
696 if ($stat = @stat("$webserver_root/$path")) {
697 if ($append) {
698 return "$web_root/$path?v=" . $stat['mtime'];
699 } else {
700 return "$web_root/$path";
701 }
702 }
703 return '';
704 }
705
706 // Override temporary_files_dir
707 $GLOBALS['temporary_files_dir'] = rtrim(sys_get_temp_dir(), '/');
708
709 error_reporting(error_reporting() & ~E_USER_DEPRECATED & ~E_USER_WARNING);
710 // user debug mode
711 if (!empty($GLOBALS['user_debug']) && ((int) $GLOBALS['user_debug'] > 1)) {
712 error_reporting(error_reporting() & ~E_WARNING & ~E_NOTICE & ~E_USER_WARNING & ~E_USER_DEPRECATED);
713 ini_set('display_errors', 1);
714 }
Mirror of official OpenEMR Sourceforge repository