portal/verify_session.php

   1 <?php
   2
   3 /**
   4  * portal/verify_session.php
   5  *
   6  * Note you can define $landingpage to be the page you would like the user to be redirected to if the session is unverified
   7  * This allows you to do things such as setup the portal's redirect URL parameter for you to redirect the user upon the
   8  * portal login
   9  *
  10  * The other option is the $skipLandingPageError variable.  If this is set to boolean true it will skip the &w parameter
  11  * in the redirect showing the user that there was an error since you may actually be requiring the user login and there
  12  * is no error in doing that.
  13  *
  14  * @package   OpenEMR
  15  * @link      http://www.open-emr.org
  16  * @author    Cassian LUP <cassi.lup@gmail.com>
  17  * @author    Kevin Yeh <kevin.y@integralemr.com>
  18  * @author    Jerry Padgett <sjpadgett@gmail.com>
  19  * @author    Brady Miller <brady.g.miller@gmail.com>
  20  * @copyright Copyright (c) 2011 Cassian LUP <cassi.lup@gmail.com>
  21  * @copyright Copyright (c) 2013 Kevin Yeh <kevin.y@integralemr.com>
  22  * @copyright Copyright (c) 2016-2023 Jerry Padgett <sjpadgett@gmail.com>
  23  * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
  24  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  25  */
  26
  27 // All of the common initialization steps for the get_* patient portal functions are now in this single include.
  28
  29 //continue session
  30 // Will start the (patient) portal OpenEMR session/cookie.
  31 require_once(__DIR__ . "/../src/Common/Session/SessionUtil.php");
  32 OpenEMR\Common\Session\SessionUtil::portalSessionStart();
  33
  34 // Landing page definition -- where to go if something goes wrong
  35 // if this script is included somewhere else we want to support them changing up the landingpage url such as adding
  36 // parameters, or even setting what the landing page should be for the portal verify session.
  37 if (!isset($landingpage)) {
  38     $landingpage = "index.php?site=" . urlencode($_SESSION['site_id'] ?? null);
  39 }
  40
  41 if (!isset($skipLandingPageError)) {
  42     $skipLandingPageError = false;
  43 }
  44 //
  45
  46 // kick out if patient not authenticated
  47 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
  48     $pid = $_SESSION['pid'];
  49 } else {
  50     OpenEMR\Common\Session\SessionUtil::portalSessionCookieDestroy();
  51     if ($skipLandingPageError === true) {
  52         header('Location: ' . $landingpage);
  53     } else {
  54         header('Location: ' . $landingpage . '&w');
  55     }
  56     exit;
  57 }
  58
  59 $ignoreAuth_onsite_portal = true; // ignore the standard authentication for a regular OpenEMR user
  60 require_once(dirname(__file__) . './../interface/globals.php');