6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
12 require_once("../globals.php");
13 require_once("../../library/acl.inc");
14 require_once("$srcdir/options.inc.php");
15 require_once("$srcdir/erx_javascript.inc.php");
17 use OpenEMR\Core\Header
;
18 use OpenEMR\Menu\MainMenuRole
;
19 use OpenEMR\Menu\PatientMenuRole
;
20 use OpenEMR\Services\FacilityService
;
22 $facilityService = new FacilityService();
24 if (!acl_check('admin', 'users')) {
34 <?php Header
::setupHeader(['common','opener']); ?
>
36 <script src
="checkpwd_validation.js" type
="text/javascript"></script
>
38 <!-- validation library
-->
39 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
40 <?php
$use_validate_js = 1;?
>
41 <?php
require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?
>
43 //Gets validation rules from Page Validation list.
44 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
45 $collectthis = collectValidationPageRules("/interface/usergroup/usergroup_admin_add.php");
46 if (empty($collectthis)) {
47 $collectthis = "undefined";
49 $collectthis = $collectthis["new_user"]["rules"];
52 <script language
="JavaScript">
55 * validation on the form with new client side validation (using validate.js).
56 * this enable to add new rules for this form in the pageValidation list.
58 var collectvalidation
= <?php
echo($collectthis); ?
>;
60 function trimAll(sString
)
62 while (sString
.substring(0,1) == ' ')
64 sString
= sString
.substring(1, sString
.length
);
66 while (sString
.substring(sString
.length
-1, sString
.length
) == ' ')
68 sString
= sString
.substring(0,sString
.length
-1);
73 function submitform() {
75 var valid
= submitme(1, undefined
, 'new_user', collectvalidation
);
80 //Checking if secure password is enabled or disabled.
81 //If it is enabled and entered password is a weak password, alert the user to enter strong password.
82 if(document
.new_user
.secure_pwd
.value
== 1){
83 var password
= trim(document
.new_user
.stiltskin
.value
);
85 var pwdresult
= passwordvalidate(password
);
87 alert("<?php echo xls('The password must be at least eight characters, and should');
89 echo xls('contain at least three of the four following items:');
93 echo xls('A lowercase letter');
95 echo xls('An uppercase letter');
97 echo xls('A special character');
99 echo xls('not a letter or number');
102 echo xls('For example:');
103 echo ' healthCare@09'; ?>");
107 } //secure_pwd if ends here
109 <?php
if ($GLOBALS['erx_enable']) { ?
>
112 for(i
=0;i
<f
.length
;i++
){
113 if(f
[i
].type
=='text' && f
[i
].value
)
115 if(f
[i
].name
== 'rumple')
117 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,35);
118 alertMsg +
= checkUsername(f
[i
].name
,f
[i
].value
);
120 else if(f
[i
].name
== 'fname' || f
[i
].name
== 'mname' || f
[i
].name
== 'lname')
122 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,35);
123 alertMsg +
= checkUsername(f
[i
].name
,f
[i
].value
);
125 else if(f
[i
].name
== 'federaltaxid')
127 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,10);
128 alertMsg +
= checkFederalEin(f
[i
].name
,f
[i
].value
);
130 else if(f
[i
].name
== 'state_license_number')
132 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,10);
133 alertMsg +
= checkStateLicenseNumber(f
[i
].name
,f
[i
].value
);
135 else if(f
[i
].name
== 'npi')
137 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,35);
138 alertMsg +
= checkTaxNpiDea(f
[i
].name
,f
[i
].value
);
140 else if(f
[i
].name
== 'federaldrugid')
142 alertMsg +
= checkLength(f
[i
].name
,f
[i
].value
,30);
143 alertMsg +
= checkAlphaNumeric(f
[i
].name
,f
[i
].value
);
152 <?php
} // End erx_enable only include block?>
154 let post_url
= $
("#new_user").attr("action");
155 let request_method
= $
("#new_user").attr("method");
156 let form_data
= $
("#new_user").serialize();
160 type
: request_method
,
162 }).done(function (r
) {
166 dlgclose('reload', false);
172 function authorized_clicked() {
173 var f
= document
.forms
[0];
174 f
.calendar
.disabled
= !f
.authorized
.checked
;
175 f
.calendar
.checked
= f
.authorized
.checked
;
179 <style type
="text/css">
180 .physician_type_class
{
181 width
: 120px
!important
;
184 width
: 120px
!important
;
188 <body
class="body_top">
190 <div
class="container">
193 <span
class="title"><?php
echo xlt('Add User'); ?
></span
> 
;</td
>
195 <a
class="btn btn-default btn-save" name
='form_save' id
='form_save' href
='#' onclick
="return submitform()">
196 <span
><?php
echo xlt('Save'); ?
></span
></a
>
197 <a
class="btn btn-link btn-cancel" id
='cancel' href
='#'>
198 <span
><?php
echo xlt('Cancel');?
></span
>
206 <form name
='new_user' id
="new_user" method
='post' action
="usergroup_admin.php">
207 <input type
='hidden' name
='mode' value
='new_user'>
208 <input type
='hidden' name
='secure_pwd' value
="<?php echo attr($GLOBALS['secure_password']); ?>">
210 <span
class="bold"> 
;</span
>
211 <table border
=0 cellpadding
=0 cellspacing
=0 style
="width:600px;">
213 <td style
="width:150px;"><span
class="text"><?php
echo xlt('Username'); ?
>: </span
></td
><td style
="width:220px;"><input type
=entry name
="rumple" style
="width:120px;" class="form-control"><span
class="mandatory"></span
></td
>
214 <?php
if (!$GLOBALS['use_active_directory']) { ?
>
215 <td style
="width:150px;"><span
class="text"><?php
echo xlt('Password'); ?
>: </span
></td
><td style
="width:250px;"><input type
="password" style
="width:120px;" name
="stiltskin" class="form-control"><span
class="mandatory"></span
></td
>
217 <td
> <input type
="hidden" value
="124" name
="stiltskin" /></td
>
221 <td style
="width:150px;"></td
><td style
="width:220px;"></span
></td
>
222 <TD style
="width:200px;"><span
class=text
><?php
echo xlt('Your Password'); ?
>: </span
></TD
>
223 <TD
class='text' style
="width:280px;"><input type
='password' name
=adminPass style
="width:120px;" value
="" autocomplete
='off' class="form-control"><font
class="mandatory"></font
></TD
>
227 <td
><span
class="text"<?php
echo ($GLOBALS['disable_non_default_groups']) ?
" style='display:none'" : ""; ?
>><?php
echo xlt('Groupname'); ?
>: </span
></td
>
229 <select name
="groupname" class="form-control"<?php
echo ($GLOBALS['disable_non_default_groups']) ?
" style='display:none'" : ""; ?
>>
231 $res = sqlStatement("select distinct name from `groups`");
233 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
234 $result2[$iter] = $row;
237 foreach ($result2 as $iter) {
238 print "<option value='" . attr($iter{"name"}). "'>" . text($iter{"name"}) . "</option>\n";
242 <td
><span
class="text"><?php
echo xlt('Provider'); ?
>: </span
></td
><td
>
243 <input type
='checkbox' name
='authorized' value
='1' onclick
='authorized_clicked()' />
244  
; 
;<span
class='text'><?php
echo xlt('Calendar'); ?
>:
245 <input type
='checkbox' name
='calendar' disabled
/>
249 <td
><span
class="text"><?php
echo xlt('First Name'); ?
>: </span
></td
><td
><input type
=entry name
='fname' id
='fname' style
="width:120px;" class="form-control"><span
class="mandatory"></span
></td
>
250 <td
><span
class="text"><?php
echo xlt('Middle Name'); ?
>: </span
></td
><td
><input type
=entry name
='mname' style
="width:120px;" class="form-control"></td
>
253 <td
><span
class="text"><?php
echo xlt('Last Name'); ?
>: </span
></td
><td
><input type
=entry name
='lname' id
='lname' style
="width:120px;" class="form-control"><span
class="mandatory"></span
></td
>
254 <td
><span
class="text"><?php
echo xlt('Default Facility'); ?
>: </span
></td
><td
><select style
="width:120px;" name
=facility_id
class="form-control">
256 $fres = $facilityService->getAllServiceLocations();
258 for ($iter = 0; $iter < sizeof($fres); $iter++
) {
259 $result[$iter] = $fres[$iter];
262 foreach ($result as $iter) {
264 <option value
="<?php echo attr($iter{'id'}); ?>"><?php
echo text($iter{'name'}); ?
></option
>
272 <td
><span
class="text"><?php
echo xlt('Federal Tax ID'); ?
>: </span
></td
><td
><input type
=entry name
='federaltaxid' style
="width:120px;" class="form-control"></td
>
273 <td
><span
class="text"><?php
echo xlt('Federal Drug ID'); ?
>: </span
></td
><td
><input type
=entry name
='federaldrugid' style
="width:120px;" class="form-control"></td
>
276 <td
><span
class="text"><?php
echo xlt('UPIN'); ?
>: </span
></td
><td
><input type
="entry" name
="upin" style
="width:120px;" class="form-control"></td
>
277 <td
class='text'><?php
echo xlt('See Authorizations'); ?
>: </td
>
278 <td
><select name
="see_auth" style
="width:120px;" class="form-control">
280 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
281 echo " <option value='" . attr($key) . "'";
282 echo ">" . text($value) . "</option>\n";
288 <td
><span
class="text"><?php
echo xlt('NPI'); ?
>: </span
></td
><td
><input type
="entry" name
="npi" style
="width:120px;" class="form-control"></td
>
289 <td
><span
class="text"><?php
echo xlt('Job Description'); ?
>: </span
></td
><td
><input type
="entry" name
="specialty" style
="width:120px;" class="form-control"></td
>
294 <span
class="text"><?php
echo xlt('Provider Type'); ?
>: </span
>
297 <?php
echo generate_select_list("physician_type", "physician_type", '', '', xl('Select Type'), 'physician_type_class', '', '', ''); ?
>
302 <span
class="text"><?php
echo xlt('Main Menu Role'); ?
>: </span
>
306 $menuMain = new MainMenuRole();
307 echo $menuMain->displayMenuRoleSelector();
311 <span
class="text"><?php
echo xlt('Patient Menu Role'); ?
>: </span
>
315 $menuPatient = new PatientMenuRole();
316 echo $menuPatient->displayMenuRoleSelector();
322 <td
><span
class="text"><?php
echo xlt('Taxonomy'); ?
>: </span
></td
>
323 <td
><input type
="entry" name
="taxonomy" style
="width:120px;" class="form-control" value
="207Q00000X"></td
>
324 <td
> 
;</td
><td
> 
;</td
></tr
>
327 <td
><span
class="text"><?php
echo xlt('State License Number'); ?
>: </span
></td
>
328 <td
><input type
="text" name
="state_license_number" style
="width:120px;" class="form-control"></td
>
329 <td
class='text'><?php
echo xlt('NewCrop eRX Role'); ?
>:</td
>
331 <?php
echo generate_select_list("erxrole", "newcrop_erx_role", '', '', '--Select Role--', '', '', '', array('style'=>'width:120px')); ?
>
335 <td
><span
class="text"><?php
echo xlt('Weno Provider ID'); ?
>: </span
></td
><td
><input type
="text" name
="erxprid" style
="width:120px;" class="form-control" value
="<?php echo attr($iter["weno_prov_id
"]); ?>"></td
>
337 <?php
if ($GLOBALS['inhouse_pharmacy']) { ?
>
339 <td
class="text"><?php
echo xlt('Default Warehouse'); ?
>: </td
>
342 echo generate_select_list(
350 <td
class="text"><?php
echo xlt('Invoice Refno Pool'); ?
>: </td
>
353 echo generate_select_list(
357 xl('Invoice reference number pool, if used')
365 <td
class='text'><?php
echo xlt('Access Control'); ?
>:</td
>
366 <td
><select name
="access_group[]" multiple style
="width:120px;" class="form-control">
368 // List the access control groups
369 $list_acl_groups = acl_get_group_title_list();
370 $default_acl_group = 'Administrators';
371 foreach ($list_acl_groups as $value) {
372 if ($default_acl_group == $value) {
373 // Modified 6-2009 by BM - Translate group name if applicable
374 echo " <option value='" . attr($value) . "' selected>" . text(xl_gacl_group($value)) . "</option>\n";
376 // Modified 6-2009 by BM - Translate group name if applicable
377 echo " <option value='" . attr($value) . "'>" . text(xl_gacl_group($value)) . "</option>\n";
382 <td
><span
class="text"><?php
echo xlt('Additional Info'); ?
>: </span
></td
>
383 <td
><textarea name
=info style
="width:120px;" cols
=27 rows
=4 wrap
=auto
class="form-control"></textarea
></td
>
386 <tr height
="25"><td colspan
="4"> 
;</td
></tr
>
391 <input type
="hidden" name
="newauthPass">
397 <tr
<?php
echo ($GLOBALS['disable_non_default_groups']) ?
" style='display:none'" : ""; ?
>>
400 <form name
='new_group' method
='post' action
="usergroup_admin.php"
401 onsubmit
='return top.restoreSession()'>
403 <input type
=hidden name
=mode value
=new_group
>
404 <span
class="bold"><?php
echo xlt('New Group'); ?
>:</span
>
406 <span
class="text"><?php
echo xlt('Groupname'); ?
>: </span
><input type
=entry name
=groupname size
=10>
408 <span
class="text"><?php
echo xlt('Initial User'); ?
>: </span
>
411 $res = sqlStatement("select distinct username from users where username != ''");
412 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
413 $result[$iter] = $row;
416 foreach ($result as $iter) {
417 print "<option value='" . attr($iter{"username"}) . "'>" . text($iter{"username"}) . "</option>\n";
422 <input type
="submit" value
="<?php echo xla('Save'); ?>">
428 <tr
<?php
echo ($GLOBALS['disable_non_default_groups']) ?
" style='display:none'" : ""; ?
>>
431 <form name
='new_group' method
='post' action
="usergroup_admin.php"
432 onsubmit
='return top.restoreSession()'>
433 <input type
=hidden name
=mode value
=new_group
>
434 <span
class="bold"><?php
echo xlt('Add User To Group'); ?
>:</span
>
437 <?php
echo xlt('User'); ?
>
441 $res = sqlStatement("select distinct username from users where username != ''");
442 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
443 $result3[$iter] = $row;
446 foreach ($result3 as $iter) {
447 print "<option value='" . attr($iter{"username"}) . "'>" . text($iter{"username"}) . "</option>\n";
452 <span
class="text"><?php
echo xlt('Groupname'); ?
>: </span
>
453 <select name
=groupname
>
455 $res = sqlStatement("select distinct name from `groups`");
457 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
458 $result2[$iter] = $row;
461 foreach ($result2 as $iter) {
462 print "<option value='" . attr($iter{"name"}) . "'>" . text($iter{"name"}) . "</option>\n";
467 <input type
="submit" value
="<?php echo xla('Add User To Group'); ?>">
475 if (empty($GLOBALS['disable_non_default_groups'])) {
476 $res = sqlStatement("select * from `groups` order by name");
477 for ($iter = 0; $row = sqlFetchArray($res); $iter++
) {
478 $result5[$iter] = $row;
481 foreach ($result5 as $iter) {
482 $grouplist{$iter{"name"}} .= $iter{"user"} .
483 "(<a class='link_submit' href='usergroup_admin.php?mode=delete_group&id=" .
484 attr($iter{"id"}) . "' onclick='top.restoreSession()'>" . xlt("Remove") . "</a>), ";
487 foreach ($grouplist as $groupname => $list) {
488 print "<span class='bold'>" . text($groupname) . "</span><br>\n<span class='text'>" .
489 text(substr($list, 0, strlen($list)-2)) . "</span><br>\n";
494 <script language
="JavaScript">
496 if ($alertmsg = trim($alertmsg)) {
497 echo "alert('$alertmsg');\n";
500 $
(document
).ready(function(){
501 $
("#cancel").click(function() {