portal/verify_session.php

   1 <?php
   2
   3 /**
   4  * portal/verify_session.php
   5  *
   6  * Note you can define $landingpage to be the page you would like the user to be redirected to if the session is unverified
   7  * This allows you to do things such as setup the portal's redirect URL parameter for you to redirect the user upon the
   8  * portal login
   9  *
  10  * The other option is the $skipLandingPageError variable.  If this is set to boolean true it will skip the &w parameter
  11  * in the redirect showing the user that there was an error since you may actually be requiring the user login and there
  12  * is no error in doing that.
  13  *
  14  * @package   OpenEMR
  15  * @link      http://www.open-emr.org
  16  * @author    Cassian LUP <cassi.lup@gmail.com>
  17  * @author    Kevin Yeh <kevin.y@integralemr.com>
  18  * @author    Jerry Padgett <sjpadgett@gmail.com>
  19  * @author    Brady Miller <brady.g.miller@gmail.com>
  20  * @copyright Copyright (c) 2011 Cassian LUP <cassi.lup@gmail.com>
  21  * @copyright Copyright (c) 2013 Kevin Yeh <kevin.y@integralemr.com>
  22  * @copyright Copyright (c) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
  23  * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
  24  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  25  */
  26
  27 // All of the common intialization steps for the get_* patient portal functions are now in this single include.
  28
  29
  30
  31 //continue session
  32 // Will start the (patient) portal OpenEMR session/cookie.
  33 require_once(__DIR__ . "/../src/Common/Session/SessionUtil.php");
  34 OpenEMR\Common\Session\SessionUtil::portalSessionStart();
  35
  36 //landing page definition -- where to go if something goes wrong
  37 // if this script is included somewhere else we want to support them changing up the landingpage url such as adding
  38 // parameters, or even setting what the landing page should be for the portal verify session.
  39 if (!isset($landingpage)) {
  40     $landingpage = "index.php?site=" . urlencode($_SESSION['site_id'] ?? null);
  41 }
  42
  43 if (!isset($skipLandingPageError)) {
  44     $skipLandingPageError = false;
  45 }
  46 //
  47
  48 // kick out if patient not authenticated
  49 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
  50     $pid = $_SESSION['pid'];
  51 } else {
  52     OpenEMR\Common\Session\SessionUtil::portalSessionCookieDestroy();
  53     if ($skipLandingPageError === true) {
  54         header('Location: ' . $landingpage);
  55     } else {
  56         header('Location: ' . $landingpage . '&w');
  57     }
  58     exit;
  59 }
  60
  61 //
  62
  63 $ignoreAuth_onsite_portal = true; // ignore the standard authentication for a regular OpenEMR user
  64 require_once(dirname(__file__) . './../interface/globals.php');