Merge pull request #627 from MatthewVita/message_broken_link_fix
[openemr.git] / patients / index.php
blobe9cffb535171c50a07e4335b3915143d250ce3ad
1 <?php
2 // Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
9 //setting the session & other config options
10 session_start();
12 //don't require standard openemr authorization in globals.php
13 $ignoreAuth = 1;
15 //SANITIZE ALL ESCAPES
16 $fake_register_globals=false;
18 //STOP FAKE REGISTER GLOBALS
19 $sanitize_all_escapes=true;
21 //For redirect if the site on session does not match
22 $landingpage = "index.php?site=".$_GET['site'];
24 //includes
25 require_once('../interface/globals.php');
27 ini_set("error_log",E_ERROR || ~E_NOTICE);
28 //exit if portal is turned off
29 if ( !(isset($GLOBALS['portal_onsite_enable'])) || !($GLOBALS['portal_onsite_enable']) ) {
30 echo htmlspecialchars( xl('Patient Portal is turned off'), ENT_NOQUOTES);
31 exit;
34 // security measure -- will check on next page.
35 $_SESSION['itsme'] = 1;
39 // Deal with language selection
41 // collect default language id (skip this if this is a password update)
42 if (!(isset($_SESSION['password_update']))) {
43 $res2 = sqlStatement("select * from lang_languages where lang_description = ?", array($GLOBALS['language_default']) );
44 for ($iter = 0;$row = sqlFetchArray($res2);$iter++) {
45 $result2[$iter] = $row;
47 if (count($result2) == 1) {
48 $defaultLangID = $result2[0]{"lang_id"};
49 $defaultLangName = $result2[0]{"lang_description"};
51 else {
52 //default to english if any problems
53 $defaultLangID = 1;
54 $defaultLangName = "English";
56 // set session variable to default so login information appears in default language
57 $_SESSION['language_choice'] = $defaultLangID;
58 // collect languages if showing language menu
59 if ($GLOBALS['language_menu_login']) {
60 // sorting order of language titles depends on language translation options.
61 $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
62 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
63 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
64 $res3=SqlStatement($sql);
66 else {
67 // Use and sort by the translated language name.
68 $sql = "SELECT ll.lang_id, " .
69 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " .
70 "ll.lang_description " .
71 "FROM lang_languages AS ll " .
72 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
73 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
74 "ld.lang_id = ? " .
75 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
76 $res3=SqlStatement($sql, array($mainLangID) );
78 for ($iter = 0;$row = sqlFetchArray($res3);$iter++) {
79 $result3[$iter] = $row;
81 if (count($result3) == 1) {
82 //default to english if only return one language
83 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n";
86 else {
87 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='".htmlspecialchars($defaultLangID,ENT_QUOTES)."' />\n";
93 <html>
94 <head>
95 <title><?php echo xlt('Patient Portal Login'); ?></title>
97 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery-min-1-9-1/index.js"></script>
98 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery.gritter-1-7-4/js/jquery.gritter.min.js"></script>
100 <link rel="stylesheet" type="text/css" href="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery.gritter-1-7-4/css/jquery.gritter.css" />
101 <link rel="stylesheet" type="text/css" href="css/base.css" />
103 <script type="text/javascript">
104 function process() {
106 if (!(validate())) {
107 alert ('<?php echo addslashes( xl('Field(s) are missing!') ); ?>');
108 return false;
111 function validate() {
112 var pass=true;
113 if (document.getElementById('uname').value == "") {
114 document.getElementById('uname').style.border = "1px solid red";
115 pass=false;
117 if (document.getElementById('pass').value == "") {
118 document.getElementById('pass').style.border = "1px solid red";
119 pass=false;
121 return pass;
123 function process_new_pass() {
125 if (!(validate_new_pass())) {
126 alert ('<?php echo addslashes( xl('Field(s) are missing!') ); ?>');
127 return false;
129 if (document.getElementById('pass_new').value != document.getElementById('pass_new_confirm').value) {
130 alert ('<?php echo addslashes( xl('The new password fields are not the same.') ); ?>');
131 return false;
133 if (document.getElementById('pass').value == document.getElementById('pass_new').value) {
134 alert ('<?php echo addslashes( xl('The new password can not be the same as the current password.') ); ?>');
135 return false;
139 function validate_new_pass() {
140 var pass=true;
141 if (document.getElementById('uname').value == "") {
142 document.getElementById('uname').style.border = "1px solid red";
143 pass=false;
145 if (document.getElementById('pass').value == "") {
146 document.getElementById('pass').style.border = "1px solid red";
147 pass=false;
149 if (document.getElementById('pass_new').value == "") {
150 document.getElementById('pass_new').style.border = "1px solid red";
151 pass=false;
153 if (document.getElementById('pass_new_confirm').value == "") {
154 document.getElementById('pass_new_confirm').style.border = "1px solid red";
155 pass=false;
157 return pass;
159 </script>
160 <style type="text/css">
161 body {
162 font-family: sans-serif;
163 background-color: #638fd0;
165 background: -webkit-radial-gradient(circle, white, #638fd0);
166 background: -moz-radial-gradient(circle, white, #638fd0);
169 </style>
172 </head>
173 <body>
174 <br><br>
175 <center>
177 <?php if (isset($_SESSION['password_update'])||isset($_GET['password_update'])) {
178 $_SESSION['password_update']=1;
180 <div id="wrapper" class="centerwrapper">
181 <h2 class="title"><?php echo htmlspecialchars( xl('Please Enter a New Password'), ENT_NOQUOTES); ?></h2>
182 <form action="get_patient_info.php" method="POST" onsubmit="return process_new_pass()" >
183 <table>
184 <tr>
185 <td class="algnRight"><?php echo htmlspecialchars( xl('User Name'), ENT_NOQUOTES); ?></td>
186 <td><input name="uname" id="uname" type="text" autocomplete="off" value="<?php echo attr($_SESSION['portal_username']); ?>"/></td>
187 </tr>
188 <tr>
189 <td class="algnRight"><?php echo htmlspecialchars( xl('Current Password'), ENT_NOQUOTES);?></>
190 <td>
191 <input name="pass" id="pass" type="password" autocomplete="off" />
192 </td>
193 </tr>
194 <tr>
195 <td class="algnRight"><?php echo htmlspecialchars( xl('New Password'), ENT_NOQUOTES);?></>
196 <td>
197 <input name="pass_new" id="pass_new" type="password" />
198 </td>
199 </tr>
200 <tr>
201 <td class="algnRight"><?php echo htmlspecialchars( xl('Confirm New Password'), ENT_NOQUOTES);?></>
202 <td>
203 <input name="pass_new_confirm" id="pass_new_confirm" type="password" />
204 </td>
205 </tr>
206 <tr>
207 <td colspan=2><br><center><input type="submit" value="<?php echo htmlspecialchars( xl('Log In'), ENT_QUOTES);?>" /></center></td>
208 </tr>
209 </table>
210 </form>
212 <div class="copyright"><?php echo htmlspecialchars( xl('Powered by'), ENT_NOQUOTES);?> OpenEMR</div>
213 </div>
214 <?php } else { ?>
215 <div id="wrapper" class="centerwrapper">
216 <h2 class="title"><?php echo htmlspecialchars( xl('Patient Portal Login'), ENT_NOQUOTES); ?></h2>
217 <form action="get_patient_info.php" method="POST" onsubmit="return process()" >
218 <table>
219 <tr>
220 <td class="algnRight"><?php echo htmlspecialchars( xl('User Name'), ENT_NOQUOTES); ?></td>
221 <td><input name="uname" id="uname" type="text" autocomplete="off" /></td>
222 </tr>
223 <tr>
224 <td class="algnRight"><?php echo htmlspecialchars( xl('Password'), ENT_NOQUOTES);?></>
225 <td>
226 <input name="pass" id="pass" type="password" autocomplete="off" />
227 </td>
228 </tr>
230 <?php if ($GLOBALS['language_menu_login']) { ?>
231 <?php if (count($result3) != 1) { ?>
232 <tr>
233 <td><span class="text"><?php echo htmlspecialchars( xl('Language'), ENT_NOQUOTES); ?></span></td>
234 <td>
235 <select name=languageChoice size="1">
236 <?php
237 echo "<option selected='selected' value='".htmlspecialchars($defaultLangID,ENT_QUOTES)."'>" . htmlspecialchars( xl('Default') . " - " . xl($defaultLangName), ENT_NOQUOTES) . "</option>\n";
238 foreach ($result3 as $iter) {
239 if ($GLOBALS['language_menu_showall']) {
240 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
241 echo "<option value='".htmlspecialchars($iter['lang_id'],ENT_QUOTES)."'>".htmlspecialchars($iter['trans_lang_description'],ENT_NOQUOTES)."</option>\n";
243 else {
244 if (in_array($iter['lang_description'], $GLOBALS['language_menu_show'])) {
245 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
246 echo "<option value='".htmlspecialchars($iter['lang_id'],ENT_QUOTES)."'>".htmlspecialchars($iter['trans_lang_description'],ENT_NOQUOTES)."</option>\n";
251 </select>
252 </td>
253 </tr>
254 <?php }} ?>
256 <tr>
257 <td colspan=2><br><center><input type="submit" value="<?php echo htmlspecialchars( xl('Log In'), ENT_QUOTES);?>" /></center></td>
258 </tr>
259 </table>
260 <?php if (!(empty($hiddenLanguageField))) echo $hiddenLanguageField; ?>
261 </form>
263 <div class="copyright"><?php echo htmlspecialchars( xl('Powered by'), ENT_NOQUOTES);?> OpenEMR</div>
264 </div>
265 <?php } ?>
267 </center>
269 <script type="text/javascript">
270 $(document).ready(function() {
272 <?php // if something went wrong
273 if (isset($_GET['w'])) { ?>
274 var unique_id = $.gritter.add({
275 title: '<span class="red"><?php echo htmlspecialchars( xl('Oops!'), ENT_QUOTES);?></span>',
276 text: '<?php echo htmlspecialchars( xl('Something went wrong. Please try again.', ENT_QUOTES)); ?>',
277 sticky: false,
278 time: '5000',
279 class_name: 'my-nonsticky-class'
280 });
281 <?php } ?>
283 <?php // if successfully logged out
284 if (isset($_GET['logout'])) { ?>
285 var unique_id = $.gritter.add({
286 title: '<span class="green"><?php echo htmlspecialchars( xl('Success'), ENT_QUOTES);?></span>',
287 text: '<?php echo htmlspecialchars( xl('You have been successfully logged out.'), ENT_QUOTES);?>',
288 sticky: false,
289 time: '5000',
290 class_name: 'my-nonsticky-class'
291 });
292 <?php } ?>
293 return false;
296 </script>
298 </body>
299 </html>