2 // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
9 //setting the session & other config options
12 //don't require standard openemr authorization in globals.php
15 //SANITIZE ALL ESCAPES
16 $fake_register_globals=false;
18 //STOP FAKE REGISTER GLOBALS
19 $sanitize_all_escapes=true;
22 require_once('../interface/globals.php');
23 require_once("$srcdir/sha1.js");
26 //exit if portal is turned off
27 if ( !(isset($GLOBALS['portal_onsite_enable'])) ||
!($GLOBALS['portal_onsite_enable']) ) {
28 echo htmlspecialchars( xl('Patient Portal is turned off'), ENT_NOQUOTES
);
32 // security measure -- will check on next page.
33 $_SESSION['itsme'] = 1;
37 // Deal with language selection
39 // collect default language id (skip this if this is a password update)
40 if (!(isset($_SESSION['password_update']))) {
41 $res2 = sqlStatement("select * from lang_languages where lang_description = ?", array($GLOBALS['language_default']) );
42 for ($iter = 0;$row = sqlFetchArray($res2);$iter++
) {
43 $result2[$iter] = $row;
45 if (count($result2) == 1) {
46 $defaultLangID = $result2[0]{"lang_id"};
47 $defaultLangName = $result2[0]{"lang_description"};
50 //default to english if any problems
52 $defaultLangName = "English";
54 // set session variable to default so login information appears in default language
55 $_SESSION['language_choice'] = $defaultLangID;
56 // collect languages if showing language menu
57 if ($GLOBALS['language_menu_login']) {
58 // sorting order of language titles depends on language translation options.
59 $mainLangID = empty($_SESSION['language_choice']) ?
'1' : $_SESSION['language_choice'];
60 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
61 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
62 $res3=SqlStatement($sql);
65 // Use and sort by the translated language name.
66 $sql = "SELECT ll.lang_id, " .
67 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " .
68 "ll.lang_description " .
69 "FROM lang_languages AS ll " .
70 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
71 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
73 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
74 $res3=SqlStatement($sql, array($mainLangID) );
76 for ($iter = 0;$row = sqlFetchArray($res3);$iter++
) {
77 $result3[$iter] = $row;
79 if (count($result3) == 1) {
80 //default to english if only return one language
81 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n";
85 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='".htmlspecialchars($defaultLangID,ENT_QUOTES
)."' />\n";
93 <title
><?php
echo htmlspecialchars( xl('Patient Portal Login'), ENT_NOQUOTES
); ?
></title
>
95 <script type
="text/javascript" src
="../library/js/jquery-1.5.js"></script
>
96 <script type
="text/javascript" src
="../library/js/jquery.gritter.min.js"></script
>
98 <link rel
="stylesheet" type
="text/css" href
="css/jquery.gritter.css" />
99 <link rel
="stylesheet" type
="text/css" href
="css/base.css" />
101 <script type
="text/javascript">
105 alert ('<?php echo addslashes( xl('Field(s
) are missing
!') ); ?>');
108 document
.getElementById('code').value
= SHA1(document
.getElementById('pass').value
);
109 document
.getElementById('pass').value
='';
111 function validate() {
113 if (document
.getElementById('uname').value
== "") {
114 document
.getElementById('uname').style
.border
= "1px solid red";
117 if (document
.getElementById('pass').value
== "") {
118 document
.getElementById('pass').style
.border
= "1px solid red";
123 function process_new_pass() {
125 if (!(validate_new_pass())) {
126 alert ('<?php echo addslashes( xl('Field(s
) are missing
!') ); ?>');
129 if (document
.getElementById('pass_new').value
!= document
.getElementById('pass_new_confirm').value
) {
130 alert ('<?php echo addslashes( xl('The
new password fields are not the same
.') ); ?>');
133 if (document
.getElementById('pass').value
== document
.getElementById('pass_new').value
) {
134 alert ('<?php echo addslashes( xl('The
new password can not be the same
as the current password
.') ); ?>');
137 document
.getElementById('code').value
= SHA1(document
.getElementById('pass').value
);
138 document
.getElementById('pass').value
='';
139 document
.getElementById('code_new').value
= SHA1(document
.getElementById('pass_new').value
);
140 document
.getElementById('pass_new').value
='';
141 document
.getElementById('code_new_confirm').value
= SHA1(document
.getElementById('pass_new_confirm').value
);
142 document
.getElementById('pass_new_confirm').value
='';
144 function validate_new_pass() {
146 if (document
.getElementById('uname').value
== "") {
147 document
.getElementById('uname').style
.border
= "1px solid red";
150 if (document
.getElementById('pass').value
== "") {
151 document
.getElementById('pass').style
.border
= "1px solid red";
154 if (document
.getElementById('pass_new').value
== "") {
155 document
.getElementById('pass_new').style
.border
= "1px solid red";
158 if (document
.getElementById('pass_new_confirm').value
== "") {
159 document
.getElementById('pass_new_confirm').style
.border
= "1px solid red";
165 <style type
="text/css">
167 font
-family
: sans
-serif
;
168 background
-color
: #638fd0;
170 background
: -webkit
-radial
-gradient(circle
, white
, #638fd0);
171 background
: -moz
-radial
-gradient(circle
, white
, #638fd0);
182 <?php
if (isset($_SESSION['password_update'])) { ?
>
183 <div id
="wrapper" class="centerwrapper">
184 <h2
class="title"><?php
echo htmlspecialchars( xl('Please Enter a New Password'), ENT_NOQUOTES
); ?
></h2
>
185 <form action
="get_patient_info.php" method
="POST" onsubmit
="return process_new_pass()" >
188 <td
class="algnRight"><?php
echo htmlspecialchars( xl('User Name'), ENT_NOQUOTES
); ?
></td
>
189 <td
><input name
="uname" id
="uname" type
="text" /></td
>
192 <td
class="algnRight"><?php
echo htmlspecialchars( xl('Current Password'), ENT_NOQUOTES
);?
></>
194 <input name
="pass" id
="pass" type
="password" />
195 <input type
="hidden" id
="code" name
="code" type
="hidden" />
199 <td
class="algnRight"><?php
echo htmlspecialchars( xl('New Password'), ENT_NOQUOTES
);?
></>
201 <input name
="pass_new" id
="pass_new" type
="password" />
202 <input type
="hidden" id
="code_new" name
="code_new" type
="hidden" />
206 <td
class="algnRight"><?php
echo htmlspecialchars( xl('Confirm New Password'), ENT_NOQUOTES
);?
></>
208 <input name
="pass_new_confirm" id
="pass_new_confirm" type
="password" />
209 <input type
="hidden" id
="code_new_confirm" name
="code_new_confirm" type
="hidden" />
213 <td colspan
=2><br
><center
><input type
="submit" value
="<?php echo htmlspecialchars( xl('Log In'), ENT_QUOTES);?>" /></center
></td
>
218 <div
class="copyright"><?php
echo htmlspecialchars( xl('Powered by'), ENT_NOQUOTES
);?
> <a href
="../../">OpenEMR
</a
></div
>
221 <div id
="wrapper" class="centerwrapper">
222 <h2
class="title"><?php
echo htmlspecialchars( xl('Patient Portal Login'), ENT_NOQUOTES
); ?
></h2
>
223 <form action
="get_patient_info.php" method
="POST" onsubmit
="return process()" >
226 <td
class="algnRight"><?php
echo htmlspecialchars( xl('User Name'), ENT_NOQUOTES
); ?
></td
>
227 <td
><input name
="uname" id
="uname" type
="text" /></td
>
230 <td
class="algnRight"><?php
echo htmlspecialchars( xl('Password'), ENT_NOQUOTES
);?
></>
232 <input name
="pass" id
="pass" type
="password" />
233 <input type
="hidden" id
="code" name
="code" type
="hidden" />
237 <?php
if ($GLOBALS['language_menu_login']) { ?
>
238 <?php
if (count($result3) != 1) { ?
>
240 <td
><span
class="text"><?php
echo htmlspecialchars( xl('Language'), ENT_NOQUOTES
); ?
></span
></td
>
242 <select name
=languageChoice size
="1">
244 echo "<option selected='selected' value='".htmlspecialchars($defaultLangID,ENT_QUOTES
)."'>" . htmlspecialchars( xl('Default') . " - " . xl($defaultLangName), ENT_NOQUOTES
) . "</option>\n";
245 foreach ($result3 as $iter) {
246 if ($GLOBALS['language_menu_showall']) {
247 if ( !$GLOBALS['allow_debug_language'] && $iter[lang_description
] == 'dummy') continue; // skip the dummy language
248 echo "<option value='".htmlspecialchars($iter[lang_id
],ENT_QUOTES
)."'>".htmlspecialchars($iter[trans_lang_description
],ENT_NOQUOTES
)."</option>\n";
251 if (in_array($iter[lang_description
], $GLOBALS['language_menu_show'])) {
252 if ( !$GLOBALS['allow_debug_language'] && $iter[lang_description
] == 'dummy') continue; // skip the dummy language
253 echo "<option value='".htmlspecialchars($iter[lang_id
],ENT_QUOTES
)."'>".htmlspecialchars($iter[trans_lang_description
],ENT_NOQUOTES
)."</option>\n";
264 <td colspan
=2><br
><center
><input type
="submit" value
="<?php echo htmlspecialchars( xl('Log In'), ENT_QUOTES);?>" /></center
></td
>
267 <?php
if (!(empty($hiddenLanguageField))) echo $hiddenLanguageField; ?
>
270 <div
class="copyright"><?php
echo htmlspecialchars( xl('Powered by'), ENT_NOQUOTES
);?
> <a href
="../../">OpenEMR
</a
></div
>
276 <script type
="text/javascript">
277 $
(document
).ready(function() {
279 <?php
// if something went wrong
280 if (isset($_GET['w'])) { ?
>
281 var unique_id
= $
.gritter
.add({
282 title
: '<span class="red"><?php echo htmlspecialchars( xl('Oops
!'), ENT_QUOTES);?></span>',
283 text
: '<?php echo htmlspecialchars( xl('Something went wrong
. Please
try again
.', ENT_QUOTES)); ?>',
286 class_name
: 'my-nonsticky-class'
290 <?php
// if successfully logged out
291 if (isset($_GET['logout'])) { ?
>
292 var unique_id
= $
.gritter
.add({
293 title
: '<span class="green"><?php echo htmlspecialchars( xl('Success
'), ENT_QUOTES);?></span>',
294 text
: '<?php echo htmlspecialchars( xl('You have been successfully logged out
.'), ENT_QUOTES);?>',
297 class_name
: 'my-nonsticky-class'