search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Direct Messaging Module updates for improved reliability, security, and useability
[openemr.git] / library / custom_template / personalize.php
blobf4f532d2922356856b862c7d41caec2cd43c38ae
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
10 //
11 //
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
16 //
17 //
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 //
26 // +------------------------------------------------------------------------------+
27
28 //SANITIZE ALL ESCAPES
29 $sanitize_all_escapes=true;
30 //
31
32 //STOP FAKE REGISTER GLOBALS
33 $fake_register_globals=false;
34 //
35
36 require_once("../../interface/globals.php");
37 $list_id= $_REQUEST['list_id'] ? $_REQUEST['list_id']: $_REQUEST['filter_context'];
38
39 function Delete_Rows($id){
40 sqlStatement("DELETE FROM template_users WHERE tu_template_id=? AND tu_user_id=?",array($id,$_SESSION['authId']));
41 }
42 function Insert_Rows($id,$order=""){
43 sqlStatement("REPLACE INTO template_users (tu_template_id,tu_user_id,tu_template_order) VALUES (?,?,?)",array($id,$_SESSION['authId'],$order));
44 }
45
46 if(isset($_REQUEST['submitform']) && $_REQUEST['submitform']=='save'){
47 $topersonalized = $_REQUEST['topersonalized'];
48 $personalized = $_REQUEST['personalized'];
49 foreach($topersonalized as $key=>$value){
50 $arr=explode("|",$value);
51 $res = sqlStatement("SELECT * FROM template_users WHERE tu_template_id=? AND tu_user_id=?",array($arr[0],$_SESSION['authId']));
52 if(sqlNumRows($res)){
53 Delete_Rows($arr[0]);
54 $qry = sqlStatement("SELECT * FROM customlists WHERE cl_list_id=? AND cl_deleted=0",array($arr[0]));
55 while($row=sqlFetchArray($qry)){
56 Delete_Rows($row['cl_list_slno']);
57 }
58 }
59 }
60
61 //Add new Categories
62 foreach($personalized as $key=>$value){
63 $arr=explode("|",$value);
64 if($arr[1]){
65 $res = sqlStatement("SELECT * FROM template_users WHERE tu_template_id=? AND tu_user_id=?",array($arr[0],$_SESSION['authId']));
66 Insert_Rows($arr[0]);
67 $qry = sqlStatement("SELECT * FROM customlists WHERE cl_list_id=? AND cl_deleted=0",array($arr[0]));
68 while($row=sqlFetchArray($qry)){
69 $qryTU = sqlStatement("SELECT * FROM template_users WHERE tu_template_id=? AND tu_user_id=?",array($row['cl_list_slno'],$arr[1]));
70 while($rowTU=sqlFetchArray($qryTU)){
71 Insert_Rows($rowTU['tu_template_id'],$rowTU['tu_template_order']);
72 }
73 }
74 }
75 else{
76 Insert_Rows($arr[0]);
77 $qry = sqlStatement("SELECT * FROM customlists WHERE cl_list_id=? AND cl_deleted=0",array($arr[0]));
78 while($row=sqlFetchArray($qry)){
79 Insert_Rows($row['cl_list_slno'],$row['cl_order']);
80 }
81 }
82 }
83 }
84 ?>
85 <html>
86 <head>
87 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
88 <link rel="stylesheet" type="text/css" href="<?php echo $GLOBALS['webroot'] ?>/library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" />
89 <script type="text/javascript" src="ckeditor/ckeditor.js"></script>
90 <script src="ckeditor/_samples/sample.js" type="text/javascript"></script>
91 <link href="ckeditor/_samples/sample.css" rel="stylesheet" type="text/css" />
92 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
93 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/dialog.js"></script>
94 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.1.3.2.js"></script>
95 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery-ui-1.7.1.custom.min.js"></script>
96 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/common.js"></script>
97 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/fancybox/jquery.fancybox-1.2.6.js"></script>
98 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery-ui.js"></script>
99 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.easydrag.handler.beta2.js"></script>
100 <script type="text/javascript">
101 $(document).ready(function(){
102
103 // fancy box
104 enable_modals();
105
106 tabbify();
107
108 // special size for
109 $(".iframe_small").fancybox( {
110 'overlayOpacity' : 0.0,
111 'showCloseButton' : true,
112 'frameHeight' : 170,
113 'frameWidth' : 380
114 });
115 $(".iframe_medium").fancybox( {
116 'overlayOpacity' : 0.0,
117 'showCloseButton' : true,
118 'frameHeight' : 250,
119 'frameWidth' : 450
120 });
121 $(".iframe_abvmedium").fancybox( {
122 'overlayOpacity' : 0.0,
123 'showCloseButton' : true,
124 'frameHeight' : 500,
125 'frameWidth' : 700
126 });
127 $(function(){
128 // add drag and drop functionality to fancybox
129 $("#fancy_outer").easydrag();
130 });
131 });
132 function check_user_category(form,selectFrom,selectedList){
133 top.restoreSession();
134 var total_selected= form.elements[selectedList].length -1;
135 var msg='';
136 for (total_selected; total_selected>= 0; total_selected--)
137 {
138 if (form.elements[selectedList].options[total_selected].selected)
139 { if(document.getElementById('filter_users').value){
140 $.ajax({
141 type: "POST",
142 url: "ajax_code.php",
143 dataType: "html",
144 data: {
145 item: form.elements[selectedList].options[total_selected].value,
146 list_id: document.getElementById('filter_users').value,
147 source: "check_item"
148 },
149 async: false,
150 success: function(thedata){
151 if(thedata=='OK'){
152 total_clients= form.elements[selectFrom].length;
153 opt = new Option(form.elements[selectedList].options[total_selected].text, form.elements[selectedList].options[total_selected].value);
154 form.elements[selectFrom].options[total_clients] = opt;
155 form.elements[selectedList].options[total_selected] = null;
156 }
157 else{
158 msg += form.elements[selectedList].options[total_selected].text+"\n";
159 }
160 },
161 error:function(){
162 alert("fail");
163 }
164 });
165 }
166 else{
167 total_clients= form.elements[selectFrom].length;
168 opt = new Option(form.elements[selectedList].options[total_selected].text, form.elements[selectedList].options[total_selected].value);
169 form.elements[selectFrom].options[total_clients] = opt;
170 form.elements[selectedList].options[total_selected] = null;
171 }
172 }
173 }
174 jsub_sortNow(form.elements[selectFrom]);
175 if(msg!=''){
176 if(confirm("<?php echo addslashes(xl('The following categories will be removed from your category List'));?> \n" +msg +"\n <?php echo addslashes(xl('Do you want to continue?'));?>")){
177 remove_selected(form,selectedList);
178 }
179 }
180 return;
181 }
182 function remove_selected(form,selectedList)
183 {
184 top.restoreSession();
185 var total_selected= form.elements[selectedList].length -1;
186 for (total_selected; total_selected>= 0; total_selected--)
187 {
188 if (form.elements[selectedList].options[total_selected].selected)
189 {
190 form.elements[selectedList].options[total_selected] = null;
191 }
192 }
193 jsub_sortNow(form.elements[selectFrom]);
194 return;
195 }
196 function all_selected(selectedList){
197 top.restoreSession();
198 var total_selected= document.getElementById(selectedList).length -1;
199 for (total_selected; total_selected>= 0; total_selected--)
200 {
201 document.getElementById(selectedList).options[total_selected].selected=true;
202 }
203 }
204 function all_deselected(selectedList){
205 top.restoreSession();
206 var total_selected= document.getElementById(selectedList).length -1;
207 for (total_selected; total_selected>= 0; total_selected--)
208 {
209 document.getElementById(selectedList).options[total_selected].selected=false;
210 }
211 }
212 function jsub_selected(form,selectFrom,selectedList)
213 {
214 top.restoreSession();
215 var total_selected= form.elements[selectedList].length -1;
216 for (total_selected; total_selected>= 0; total_selected--)
217 {
218 if (form.elements[selectedList].options[total_selected].selected)
219 {
220 total_clients= form.elements[selectFrom].length;
221 opt = new Option(form.elements[selectedList].options[total_selected].text, form.elements[selectedList].options[total_selected].value);
222 form.elements[selectFrom].options[total_clients] = opt;
223 form.elements[selectedList].options[total_selected] = null;
224 }
225 }
226 jsub_sortNow(form.elements[selectFrom]);
227 return;
228 }
229 function display_category_item(form,selectedList){
230 top.restoreSession();
231 var len=0;
232 var selectedval='';
233 var total_selected= form.elements[selectedList].length -1;
234 for (total_selected; total_selected>= 0; total_selected--)
235 {
236 if(form.elements[selectedList].options[total_selected].selected)
237 {
238 selectedval=form.elements[selectedList].options[total_selected].value;
239 len++;
240 }
241 }
242 if(len>1){
243 document.getElementById('itemdiv').style.display='none';
244 }
245 else if(len==1){
246 document.getElementById('itemdiv').style.display='';
247 $.ajax({
248 type: "POST",
249 url: "ajax_code.php",
250 dataType: "html",
251 data: {
252 list_id: selectedval,
253 source: "item_show"
254 },
255 async: false,
256 success: function(thedata){
257 document.getElementById('itemdiv').innerHTML=thedata;
258 },
259 error:function(){
260 alert("fail");
261 }
262 });
263 return;
264 }
265 }
266 function jsub_sortNow(obj)
267 {
268 top.restoreSession();
269 var len = obj.length-1;
270 var text = new Array();
271 var values = new Array();
272 var sortarr = new Array();
273 for(var i=len; i>=0; i--)
274 {
275 text[i] = obj.options[i].text;
276 values[i]=obj.options[i].value;
277 sortarr[i]=obj.options[i].text;
278 }
279 sortarr.sort();
280 obj.length=0;
281 for(i=0; i<=len; i++)
282 {
283 for(j=0; j<=len; j++)
284 {
285 if(sortarr[i] == text[j])
286 {
287 break;
288 }
289 }
290 opt = new Option(text[j],values[j]);
291 obj.options[i] = opt;
292 }
293 }
294 function personalize_save(){
295 top.restoreSession();
296 document.getElementById('submitform').value='save';
297 all_selected('topersonalized');
298 all_selected('personalized');
299 document.myform.submit();
300 }
301 </script>
302 </head>
303 <body class="body_top">
304 <form name="myform" method="post" onsubmit="top.restoreSession();">
305 <fieldset>
306 <legend><span class="text"><?php echo htmlspecialchars(xl('Filter'),ENT_QUOTES);?></span></legend>
307 <table>
308 <tr class="text">
309 <td><?php echo htmlspecialchars(xl('Context'),ENT_QUOTES);?></td>
310 <td>
311 <select name='filter_context' id='filter_context' onchange='javascript:document.myform.submit();'>
312 <option value=''><?php echo htmlspecialchars(xl('Select a Context'),ENT_QUOTES);?></option>
313 <?php
314 $context_sql="SELECT * FROM customlists WHERE cl_list_type=2 AND cl_deleted=0";
315 $context_res=sqlStatement($context_sql);
316 while($context_row=sqlFetchArray($context_res)){
317 echo "<option value='".htmlspecialchars($context_row['cl_list_slno'],ENT_QUOTES)."' ";
318 echo ($_REQUEST['filter_context']==$context_row['cl_list_slno']) ? 'selected' : '' ;
319 echo ">".htmlspecialchars($context_row['cl_list_item_long'],ENT_QUOTES)."</option>";
320 }
321 ?>
322 </select>
323 </td>
324 <td><?php echo htmlspecialchars(xl('Users'),ENT_QUOTES);?></td>
325 <td>
326 <select name='filter_users' id='filter_users' onchange='javascript:document.myform.submit();'>
327 <option value=''><?php echo htmlspecialchars(xl('Select a User'),ENT_QUOTES);?></option>
328 <?php
329 $user_sql="SELECT DISTINCT(tu.tu_user_id),u.fname,u.lname FROM template_users AS tu LEFT OUTER JOIN users AS u ON tu.tu_user_id=u.id WHERE tu.tu_user_id!=?";
330 $user_res=sqlStatement($user_sql,array($_SESSION['authId']));
331 while($user_row=sqlFetchArray($user_res)){
332 echo "<option value='".htmlspecialchars($user_row['tu_user_id'],ENT_QUOTES)."' ";
333 echo ($_REQUEST['filter_users']==$user_row['tu_user_id']) ? 'selected' : '' ;
334 echo ">".htmlspecialchars($user_row['fname']." ".$user_row['lname'],ENT_QUOTES)."</option>";
335 }
336 ?>
337 </select>
338 </td>
339 </tr>
340 </table>
341 </fieldset>
342 <table align="center" width="100%">
343 <tr class="text">
344 <td colspan="3">
345 <a href=# class="css_button" onclick="top.restoreSession();personalize_save()"><span><?php echo htmlspecialchars(xl('Save'),ENT_QUOTES);?></span></a>
346 <?php
347 if(acl_check('nationnotes', 'nn_configure')){
348 ?>
349 <a href="delete_category.php" id="share_link" class="iframe_medium css_button" onclick="top.restoreSession();"><span><?php echo htmlspecialchars(xl('Delete Category'),ENT_QUOTES);?></span></a>
350 <?php
351 }
352 ?>
353 <?php
354 if(acl_check('nationnotes', 'nn_configure')){
355 ?>
356 <a href="add_template.php?list_id=<?php echo $_REQUEST['list_id'];?>" onclick="top.restoreSession();" class="iframe_small css_button" title="<?php echo htmlspecialchars(xl('Add Category'),ENT_QUOTES);?>"><span><?php echo htmlspecialchars(xl('Add Category'),ENT_QUOTES);?></span></a>
357 <?php
358 }
359 ?>
360 <?php
361 if(acl_check('nationnotes', 'nn_configure')){
362 ?>
363 <a href="add_context.php" class="iframe_medium css_button" onclick="top.restoreSession();" title="<?php echo htmlspecialchars(xl('Add Context'),ENT_QUOTES);?>"><span><?php echo htmlspecialchars(xl('Add Context'),ENT_QUOTES);?></span></a>
364 <?php
365 }
366 ?>
367 <tr class="text">
368 <th><?php echo htmlspecialchars(xl('Available categories'),ENT_QUOTES);?></th>
369 <th>&nbsp;</th>
370 <?php
371 $user = sqlQuery("SELECT * FROM users WHERE id=?",array($_SESSION['authId']));
372 ?>
373 <th><?php echo htmlspecialchars(xl('Categories for')." ".$user['fname']." ".$user['lname'],ENT_QUOTES);?></th>
374 </tr>
375 <tr class="text">
376 <td align=right>
377 <select multiple name="topersonalized[]" id="topersonalized" size="6" style="width:220px" onchange="display_category_item(document.myform,'topersonalized');">
378 <?php
379 $where ='';
380 $join = '';
381 $arval = array($_SESSION['authId']);
382 $arval1 = array($_REQUEST['filter_users'],$_SESSION['authId']);
383 if($_REQUEST['filter_context']){
384 $where .=" AND cl_list_id=?";
385 array_push($arval,$_REQUEST['filter_context']);
386 array_push($arval1,$_REQUEST['filter_context']);
387 }
388 $sql = "SELECT * FROM template_users AS tu LEFT OUTER JOIN customlists AS c ON tu.tu_template_id=c.cl_list_slno
389 WHERE cl_list_type=3 AND cl_deleted=0 AND tu.tu_template_id NOT IN (SELECT tu_template_id FROM template_users AS tuser WHERE
390 tu_user_id=?) ".
391 $where.
392 " ORDER BY cl_list_id,tu_user_id,cl_list_item_long";
393 $resTemplates = sqlStatement($sql,$arval);
394 if($_REQUEST['filter_users']){
395 $sql = " SELECT * FROM template_users AS tu LEFT OUTER JOIN customlists AS c ON tu.tu_template_id=c.cl_list_slno WHERE
396 tu.tu_user_id=? AND c.cl_list_type=3 AND cl_deleted=0 AND tu.tu_template_id NOT IN
397 (SELECT tu_template_id FROM template_users AS tuser WHERE tu_user_id=?)".
398 $where .
399 "ORDER BY cl_list_id,tu_user_id,c.cl_list_item_long";
400 $resTemplates = sqlStatement($sql,$arval1);
401 }
402 while($rowTemplates = sqlFetchArray($resTemplates)){
403 $cntxt='';
404 if(!$_REQUEST['filter_context']){
405 $context=sqlQuery("SELECT * FROM customlists WHERE cl_list_slno=?",array($rowTemplates['cl_list_id']));
406 $cntxt.=$context['cl_list_item_long']."->";
407 }
408 if(!$_REQUEST['filter_users']){
409 $context=sqlQuery("SELECT * FROM users WHERE id=?",array($rowTemplates['tu_user_id']));
410 $cntxt.=$context['username']."->";
411 }
412 echo "<option value='".htmlspecialchars($rowTemplates['cl_list_slno']."|".$rowTemplates['tu_user_id'],ENT_QUOTES)."'>".htmlspecialchars($cntxt.$rowTemplates['cl_list_item_long'],ENT_QUOTES)."</option>";
413 }
414 $sqlorphan = "SELECT * FROM customlists WHERE cl_list_type=3 AND cl_deleted=0 AND cl_list_slno ".
415 " NOT IN (SELECT DISTINCT tu_template_id FROM template_users) ".
416 $where.
417 " ORDER BY cl_list_id,cl_list_item_long";
418 $resorphan = sqlStatement($sqlorphan);
419 while($roworphan = sqlFetchArray($resorphan)){
420 $cntxt='';
421 if(!$_REQUEST['filter_context']){
422 $context=sqlQuery("SELECT * FROM customlists WHERE cl_list_slno=?",array($roworphan['cl_list_id']));
423 $cntxt.=$context['cl_list_item_long']."->";
424 }
425 echo "<option value='".htmlspecialchars($roworphan['cl_list_slno']."|",ENT_QUOTES)."'>".htmlspecialchars($cntxt.$roworphan['cl_list_item_long'],ENT_QUOTES)."</option>";
426 }
427 ?>
428 </select>
429 </td>
430 <td align="center">
431 <input type="button" name="remove" value=&raquo; onclick="jsub_selected(document.myform,'personalized','topersonalized')"></br>
432 <input type="button" name="remove" value=&laquo; onclick="check_user_category(document.myform,'topersonalized','personalized')">
433 </td>
434 <td align=left>
435 <select multiple name="personalized[]" id="personalized" size="6" style="width:220px">
436 <?php
437 $where ='';
438 if($_REQUEST['filter_context']){
439 $where .=" AND cl_list_id='".$_REQUEST['filter_context']."'";
440 }
441 $sql = "SELECT * FROM template_users AS tu LEFT OUTER JOIN customlists AS c ON tu.tu_template_id=c.cl_list_slno WHERE
442 tu.tu_user_id=? AND c.cl_list_type=3 AND cl_deleted=0 ".
443 $where .
444 "ORDER BY c.cl_list_item_long";
445 $resTemplates = sqlStatement($sql,array($_SESSION['authId']));
446 while($rowTemplates = sqlFetchArray($resTemplates)){
447 $cntxt='';
448 if(!$_REQUEST['filter_context']){
449 $context=sqlQuery("SELECT * FROM customlists WHERE cl_list_slno=?",array($rowTemplates['cl_list_id']));
450 $cntxt.=$context['cl_list_item_long']."->";
451 }
452 echo "<option value='".htmlspecialchars($rowTemplates['cl_list_slno']."|".$rowTemplates['tu_user_id'],ENT_QUOTES)."'>".htmlspecialchars($cntxt.$rowTemplates['cl_list_item_long'],ENT_QUOTES)."</option>";
453 }
454 ?>
455 </select>
456 </td>
457 </tr>
458 <tr class="text">
459 <td>&nbsp;</td>
460 <td>&nbsp;</td>
461 <td><input type="hidden" name="submitform" id="submitform" value=""></td>
462 </tr>
463 <tr class="text">
464 <td colspan="3">
465 <div style="width:100%;overflow:auto;height:150px" id="itemdiv"></div>
466 </td>
467 </tr>
468 </table>
469 </form>
470 </body>
471 </html>
Mirror of official OpenEMR Sourceforge repository