2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Paul Simon <paul@zhservices.com>
27 // +------------------------------------------------------------------------------+
29 //SANITIZE ALL ESCAPES
30 $sanitize_all_escapes=true;
33 //STOP FAKE REGISTER GLOBALS
34 $fake_register_globals=false;
36 if (!extension_loaded('soap')) {
37 die("PLEASE ENABLE SOAP EXTENSION");
39 require_once("../interface/globals.php");
40 $emr_path = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
41 $emrpatharr = explode("/myportal",$emr_path);
42 $emr_path = (!empty($_SERVER['HTTPS'])) ?
"https://".$emrpatharr[0] : "http://".$emrpatharr[0];
43 $row = sqlQuery("SELECT fname,lname FROM users WHERE id=?",array($_SESSION['authId']));
44 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<'".date("Y-m-d H:m",(strtotime(date("Y-m-d H:m")-7200))).":00')");
45 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<'".date("Y-m-d H:m",(strtotime(date("Y-m-d H:m")-7200))).":00'");
47 function md5_pass($length = 8)
49 $randkey = substr(md5(rand().rand()), 0, $length);
50 $res = sqlStatement("SELECT * FROM audit_master AS am LEFT OUTER JOIN audit_details AS ad ON ad.audit_master_id=am.id WHERE type=5 AND field_value=?",array($randkey));
55 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
56 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=?",array($randkey,$grpID));
60 for($i=1;$i<=5;$i++
){//some times php is continuing without getting the return value from the function md5_pass()
64 $randkey = md5_pass();
73 <?php
require_once($GLOBALS['fileroot'].'/library/sha1.js');?
>
74 <script type
="text/javascript">
75 function getshansubmit(){
76 randkey
= "<?php echo $randkey;?>";
77 pass
= SHA1(document
.portal
.pass
.value+
"<?php echo gmdate('Y-m-d H');?>"+randkey
);
78 document
.portal
.pwd
.value
=pass
;
79 document
.portal
.randkey
.value
=randkey
;
80 document
.forms
[0].submit();
85 <title
><?php
echo xlt('Redirection');?
></title
>
86 <body onload
="getshansubmit()">
87 <form name
="portal" method
="post" action
="<?php echo htmlspecialchars($GLOBALS['portal_offsite_address']."?version
=".$v_offsite_portal,ENT_QUOTES);?>">
88 <input type
="hidden" name
="user" value
="<?php echo htmlspecialchars($GLOBALS['portal_offsite_username'],ENT_QUOTES);?>">
89 <input type
="hidden" name
="emr_path" value
="<?php echo htmlspecialchars($emr_path,ENT_QUOTES);?>">
90 <input type
="hidden" name
="emr_site" value
="<?php echo htmlspecialchars($_SESSION['site_id'],ENT_QUOTES);?>">
91 <input type
="hidden" name
="uname" value
="<?php echo htmlspecialchars($row['fname']." ".$row['lname'],ENT_QUOTES);?>">
92 <input type
="hidden" name
="pass" value
="<?php echo htmlspecialchars($GLOBALS['portal_offsite_password'],ENT_QUOTES);?>">
93 <input type
="hidden" name
="randkey" value
="">
94 <input type
="hidden" name
="pwd" value
="">