search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bug fix march continued (#1921)
[openemr.git] / interface / usergroup / usergroup_admin_add.php
blob29ba35b4b96775848c3ce5e42ea8d4d726ac3d45
1 <?php
2 /**
3 * Add new user.
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Brady Miller <brady.g.miller@gmail.com>
8 * @copyright Copyright (c) 2017 Brady Miller <brady.g.miller@gmail.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
10 */
11
12 require_once("../globals.php");
13 require_once("../../library/acl.inc");
14 require_once("$srcdir/options.inc.php");
15 require_once("$srcdir/erx_javascript.inc.php");
16
17 use OpenEMR\Core\Header;
18 use OpenEMR\Menu\MainMenuRole;
19 use OpenEMR\Menu\PatientMenuRole;
20 use OpenEMR\Services\FacilityService;
21
22 $facilityService = new FacilityService();
23
24 if (!acl_check('admin', 'users')) {
25 exit();
26 }
27
28 $alertmsg = '';
29
30 ?>
31 <html>
32 <head>
33
34 <?php Header::setupHeader(['common','opener']); ?>
35
36 <script src="checkpwd_validation.js" type="text/javascript"></script>
37
38 <!-- validation library -->
39 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
40 <?php $use_validate_js = 1;?>
41 <?php require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?>
42 <?php
43 //Gets validation rules from Page Validation list.
44 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
45 $collectthis = collectValidationPageRules("/interface/usergroup/usergroup_admin_add.php");
46 if (empty($collectthis)) {
47 $collectthis = "undefined";
48 } else {
49 $collectthis = $collectthis["new_user"]["rules"];
50 }
51 ?>
52 <script language="JavaScript">
53
54 /*
55 * validation on the form with new client side validation (using validate.js).
56 * this enable to add new rules for this form in the pageValidation list.
57 * */
58 var collectvalidation = <?php echo($collectthis); ?>;
59
60 function trimAll(sString)
61 {
62 while (sString.substring(0,1) == ' ')
63 {
64 sString = sString.substring(1, sString.length);
65 }
66 while (sString.substring(sString.length-1, sString.length) == ' ')
67 {
68 sString = sString.substring(0,sString.length-1);
69 }
70 return sString;
71 }
72
73 function submitform() {
74
75 var valid = submitme(1, undefined, 'new_user', collectvalidation);
76 if (!valid) return;
77
78 top.restoreSession();
79
80 //Checking if secure password is enabled or disabled.
81 //If it is enabled and entered password is a weak password, alert the user to enter strong password.
82 if(document.new_user.secure_pwd.value == 1){
83 var password = trim(document.new_user.stiltskin.value);
84 if(password != "") {
85 var pwdresult = passwordvalidate(password);
86 if(pwdresult === 0){
87 alert("<?php echo xls('The password must be at least eight characters, and should');
88 echo '\n';
89 echo xls('contain at least three of the four following items:');
90 echo '\n';
91 echo xls('A number');
92 echo '\n';
93 echo xls('A lowercase letter');
94 echo '\n';
95 echo xls('An uppercase letter');
96 echo '\n';
97 echo xls('A special character');
98 echo '(';
99 echo xls('not a letter or number');
100 echo ').';
101 echo '\n';
102 echo xls('For example:');
103 echo ' healthCare@09'; ?>");
104 return false;
105 }
106 }
107 } //secure_pwd if ends here
108
109 <?php if ($GLOBALS['erx_enable']) { ?>
110 alertMsg='';
111 f=document.forms[0];
112 for(i=0;i<f.length;i++){
113 if(f[i].type=='text' && f[i].value)
114 {
115 if(f[i].name == 'rumple')
116 {
117 alertMsg += checkLength(f[i].name,f[i].value,35);
118 alertMsg += checkUsername(f[i].name,f[i].value);
119 }
120 else if(f[i].name == 'fname' || f[i].name == 'mname' || f[i].name == 'lname')
121 {
122 alertMsg += checkLength(f[i].name,f[i].value,35);
123 alertMsg += checkUsername(f[i].name,f[i].value);
124 }
125 else if(f[i].name == 'federaltaxid')
126 {
127 alertMsg += checkLength(f[i].name,f[i].value,10);
128 alertMsg += checkFederalEin(f[i].name,f[i].value);
129 }
130 else if(f[i].name == 'state_license_number')
131 {
132 alertMsg += checkLength(f[i].name,f[i].value,10);
133 alertMsg += checkStateLicenseNumber(f[i].name,f[i].value);
134 }
135 else if(f[i].name == 'npi')
136 {
137 alertMsg += checkLength(f[i].name,f[i].value,35);
138 alertMsg += checkTaxNpiDea(f[i].name,f[i].value);
139 }
140 else if(f[i].name == 'federaldrugid')
141 {
142 alertMsg += checkLength(f[i].name,f[i].value,30);
143 alertMsg += checkAlphaNumeric(f[i].name,f[i].value);
144 }
145 }
146 }
147 if(alertMsg)
148 {
149 alert(alertMsg);
150 return false;
151 }
152 <?php } // End erx_enable only include block?>
153
154 let post_url = $("#new_user").attr("action");
155 let request_method = $("#new_user").attr("method");
156 let form_data = $("#new_user").serialize();
157
158 $.ajax({
159 url: post_url,
160 type: request_method,
161 data: form_data
162 }).done(function (r) {
163 if (r) {
164 alert(r);
165 } else {
166 dlgclose('reload', false);
167 }
168 });
169
170 return false;
171 }
172 function authorized_clicked() {
173 var f = document.forms[0];
174 f.calendar.disabled = !f.authorized.checked;
175 f.calendar.checked = f.authorized.checked;
176 }
177
178 </script>
179 <style type="text/css">
180 .physician_type_class{
181 width: 120px !important;
182 }
183 #main_menu_role {
184 width: 120px !important;
185 }
186 </style>
187 </head>
188 <body class="body_top">
189
190 <div class="container">
191
192 <table><tr><td>
193 <span class="title"><?php echo xlt('Add User'); ?></span>&nbsp;</td>
194 <td>
195 <a class="btn btn-default btn-save" name='form_save' id='form_save' href='#' onclick="return submitform()">
196 <span><?php echo xlt('Save'); ?></span></a>
197 <a class="btn btn-link btn-cancel" id='cancel' href='#'>
198 <span><?php echo xlt('Cancel');?></span>
199 </a>
200 </td></tr></table>
201 <br><br>
202
203 <table border=0>
204
205 <tr><td valign=top>
206 <form name='new_user' id="new_user" method='post' action="usergroup_admin.php">
207 <input type='hidden' name='mode' value='new_user'>
208 <input type='hidden' name='secure_pwd' value="<?php echo attr($GLOBALS['secure_password']); ?>">
209
210 <span class="bold">&nbsp;</span>
211 <table border=0 cellpadding=0 cellspacing=0 style="width:600px;">
212 <tr>
213 <td style="width:150px;"><span class="text"><?php echo xlt('Username'); ?>: </span></td><td style="width:220px;"><input type=entry name="rumple" style="width:120px;" class="form-control"><span class="mandatory"></span></td>
214 <?php if (!$GLOBALS['use_active_directory']) { ?>
215 <td style="width:150px;"><span class="text"><?php echo xlt('Password'); ?>: </span></td><td style="width:250px;"><input type="password" style="width:120px;" name="stiltskin" class="form-control"><span class="mandatory"></span></td>
216 <?php } else { ?>
217 <td> <input type="hidden" value="124" name="stiltskin" /></td>
218 <?php } ?>
219 </tr>
220 <tr>
221 <td style="width:150px;"></td><td style="width:220px;"></span></td>
222 <TD style="width:200px;"><span class=text><?php echo xlt('Your Password'); ?>: </span></TD>
223 <TD class='text' style="width:280px;"><input type='password' name=adminPass style="width:120px;" value="" autocomplete='off' class="form-control"><font class="mandatory"></font></TD>
224
225 </tr>
226 <tr>
227 <td><span class="text"<?php echo ($GLOBALS['disable_non_default_groups']) ? " style='display:none'" : ""; ?>><?php echo xlt('Groupname'); ?>: </span></td>
228 <td>
229 <select name="groupname" class="form-control"<?php echo ($GLOBALS['disable_non_default_groups']) ? " style='display:none'" : ""; ?>>
230 <?php
231 $res = sqlStatement("select distinct name from `groups`");
232 $result2 = array();
233 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
234 $result2[$iter] = $row;
235 }
236
237 foreach ($result2 as $iter) {
238 print "<option value='" . attr($iter{"name"}). "'>" . text($iter{"name"}) . "</option>\n";
239 }
240 ?>
241 </select></td>
242 <td><span class="text"><?php echo xlt('Provider'); ?>: </span></td><td>
243 <input type='checkbox' name='authorized' value='1' onclick='authorized_clicked()' />
244 &nbsp;&nbsp;<span class='text'><?php echo xlt('Calendar'); ?>:
245 <input type='checkbox' name='calendar' disabled />
246 </td>
247 </tr>
248 <tr>
249 <td><span class="text"><?php echo xlt('First Name'); ?>: </span></td><td><input type=entry name='fname' id='fname' style="width:120px;" class="form-control"><span class="mandatory"></span></td>
250 <td><span class="text"><?php echo xlt('Middle Name'); ?>: </span></td><td><input type=entry name='mname' style="width:120px;" class="form-control"></td>
251 </tr>
252 <tr>
253 <td><span class="text"><?php echo xlt('Last Name'); ?>: </span></td><td><input type=entry name='lname' id='lname' style="width:120px;" class="form-control"><span class="mandatory"></span></td>
254 <td><span class="text"><?php echo xlt('Default Facility'); ?>: </span></td><td><select style="width:120px;" name=facility_id class="form-control">
255 <?php
256 $fres = $facilityService->getAllServiceLocations();
257 if ($fres) {
258 for ($iter = 0; $iter < sizeof($fres); $iter++) {
259 $result[$iter] = $fres[$iter];
260 }
261
262 foreach ($result as $iter) {
263 ?>
264 <option value="<?php echo attr($iter{'id'}); ?>"><?php echo text($iter{'name'}); ?></option>
265 <?php
266 }
267 }
268 ?>
269 </select></td>
270 </tr>
271 <tr>
272 <td><span class="text"><?php echo xlt('Federal Tax ID'); ?>: </span></td><td><input type=entry name='federaltaxid' style="width:120px;" class="form-control"></td>
273 <td><span class="text"><?php echo xlt('Federal Drug ID'); ?>: </span></td><td><input type=entry name='federaldrugid' style="width:120px;" class="form-control"></td>
274 </tr>
275 <tr>
276 <td><span class="text"><?php echo xlt('UPIN'); ?>: </span></td><td><input type="entry" name="upin" style="width:120px;" class="form-control"></td>
277 <td class='text'><?php echo xlt('See Authorizations'); ?>: </td>
278 <td><select name="see_auth" style="width:120px;" class="form-control">
279 <?php
280 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value) {
281 echo " <option value='" . attr($key) . "'";
282 echo ">" . text($value) . "</option>\n";
283 }
284 ?>
285 </select></td>
286
287 <tr>
288 <td><span class="text"><?php echo xlt('NPI'); ?>: </span></td><td><input type="entry" name="npi" style="width:120px;" class="form-control"></td>
289 <td><span class="text"><?php echo xlt('Job Description'); ?>: </span></td><td><input type="entry" name="specialty" style="width:120px;" class="form-control"></td>
290 </tr>
291
292 <tr>
293 <td>
294 <span class="text"><?php echo xlt('Provider Type'); ?>: </span>
295 </td>
296 <td>
297 <?php echo generate_select_list("physician_type", "physician_type", '', '', xl('Select Type'), 'physician_type_class', '', '', ''); ?>
298 </td>
299 </tr>
300 <tr>
301 <td>
302 <span class="text"><?php echo xlt('Main Menu Role'); ?>: </span>
303 </td>
304 <td>
305 <?php
306 $menuMain = new MainMenuRole();
307 echo $menuMain->displayMenuRoleSelector();
308 ?>
309 </td>
310 <td>
311 <span class="text"><?php echo xlt('Patient Menu Role'); ?>: </span>
312 </td>
313 <td>
314 <?php
315 $menuPatient = new PatientMenuRole();
316 echo $menuPatient->displayMenuRoleSelector();
317 ?>
318 </td>
319 </tr>
320
321 <tr>
322 <td><span class="text"><?php echo xlt('Taxonomy'); ?>: </span></td>
323 <td><input type="entry" name="taxonomy" style="width:120px;" class="form-control" value="207Q00000X"></td>
324 <td>&nbsp;</td><td>&nbsp;</td></tr>
325
326 <tr>
327 <td><span class="text"><?php echo xlt('State License Number'); ?>: </span></td>
328 <td><input type="text" name="state_license_number" style="width:120px;" class="form-control"></td>
329 <td class='text'><?php echo xlt('NewCrop eRX Role'); ?>:</td>
330 <td>
331 <?php echo generate_select_list("erxrole", "newcrop_erx_role", '', '', '--Select Role--', '', '', '', array('style'=>'width:120px')); ?>
332 </td>
333 </tr>
334 <tr>
335 <td><span class="text"><?php echo xlt('Weno Provider ID'); ?>: </span></td><td><input type="text" name="erxprid" style="width:120px;" class="form-control" value="<?php echo attr($iter["weno_prov_id"]); ?>"></td>
336 </tr>
337 <?php if ($GLOBALS['inhouse_pharmacy']) { ?>
338 <tr>
339 <td class="text"><?php echo xlt('Default Warehouse'); ?>: </td>
340 <td class='text'>
341 <?php
342 echo generate_select_list(
343 'default_warehouse',
344 'warehouse',
345 '',
346 ''
347 );
348 ?>
349 </td>
350 <td class="text"><?php echo xlt('Invoice Refno Pool'); ?>: </td>
351 <td class='text'>
352 <?php
353 echo generate_select_list(
354 'irnpool',
355 'irnpool',
356 '',
357 xl('Invoice reference number pool, if used')
358 );
359 ?>
360 </td>
361 </tr>
362 <?php } ?>
363
364 <tr>
365 <td class='text'><?php echo xlt('Access Control'); ?>:</td>
366 <td><select name="access_group[]" multiple style="width:120px;" class="form-control">
367 <?php
368 // List the access control groups
369 $list_acl_groups = acl_get_group_title_list();
370 $default_acl_group = 'Administrators';
371 foreach ($list_acl_groups as $value) {
372 if ($default_acl_group == $value) {
373 // Modified 6-2009 by BM - Translate group name if applicable
374 echo " <option value='" . attr($value) . "' selected>" . text(xl_gacl_group($value)) . "</option>\n";
375 } else {
376 // Modified 6-2009 by BM - Translate group name if applicable
377 echo " <option value='" . attr($value) . "'>" . text(xl_gacl_group($value)) . "</option>\n";
378 }
379 }
380 ?>
381 </select></td>
382 <td><span class="text"><?php echo xlt('Additional Info'); ?>: </span></td>
383 <td><textarea name=info style="width:120px;" cols=27 rows=4 wrap=auto class="form-control"></textarea></td>
384
385 </tr>
386 <tr height="25"><td colspan="4">&nbsp;</td></tr>
387
388 </table>
389
390 <br>
391 <input type="hidden" name="newauthPass">
392 </form>
393 </td>
394
395 </tr>
396
397 <tr<?php echo ($GLOBALS['disable_non_default_groups']) ? " style='display:none'" : ""; ?>>
398
399 <td valign=top>
400 <form name='new_group' method='post' action="usergroup_admin.php"
401 onsubmit='return top.restoreSession()'>
402 <br>
403 <input type=hidden name=mode value=new_group>
404 <span class="bold"><?php echo xlt('New Group'); ?>:</span>
405 </td><td>
406 <span class="text"><?php echo xlt('Groupname'); ?>: </span><input type=entry name=groupname size=10>
407 &nbsp;&nbsp;&nbsp;
408 <span class="text"><?php echo xlt('Initial User'); ?>: </span>
409 <select name=rumple>
410 <?php
411 $res = sqlStatement("select distinct username from users where username != ''");
412 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
413 $result[$iter] = $row;
414 }
415
416 foreach ($result as $iter) {
417 print "<option value='" . attr($iter{"username"}) . "'>" . text($iter{"username"}) . "</option>\n";
418 }
419 ?>
420 </select>
421 &nbsp;&nbsp;&nbsp;
422 <input type="submit" value="<?php echo xla('Save'); ?>">
423 </form>
424 </td>
425
426 </tr>
427
428 <tr<?php echo ($GLOBALS['disable_non_default_groups']) ? " style='display:none'" : ""; ?>>
429
430 <td valign=top>
431 <form name='new_group' method='post' action="usergroup_admin.php"
432 onsubmit='return top.restoreSession()'>
433 <input type=hidden name=mode value=new_group>
434 <span class="bold"><?php echo xlt('Add User To Group'); ?>:</span>
435 </td><td>
436 <span class="text">
437 <?php echo xlt('User'); ?>
438 : </span>
439 <select name=rumple>
440 <?php
441 $res = sqlStatement("select distinct username from users where username != ''");
442 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
443 $result3[$iter] = $row;
444 }
445
446 foreach ($result3 as $iter) {
447 print "<option value='" . attr($iter{"username"}) . "'>" . text($iter{"username"}) . "</option>\n";
448 }
449 ?>
450 </select>
451 &nbsp;&nbsp;&nbsp;
452 <span class="text"><?php echo xlt('Groupname'); ?>: </span>
453 <select name=groupname>
454 <?php
455 $res = sqlStatement("select distinct name from `groups`");
456 $result2 = array();
457 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
458 $result2[$iter] = $row;
459 }
460
461 foreach ($result2 as $iter) {
462 print "<option value='" . attr($iter{"name"}) . "'>" . text($iter{"name"}) . "</option>\n";
463 }
464 ?>
465 </select>
466 &nbsp;&nbsp;&nbsp;
467 <input type="submit" value="<?php echo xla('Add User To Group'); ?>">
468 </form>
469 </td>
470 </tr>
471
472 </table>
473
474 <?php
475 if (empty($GLOBALS['disable_non_default_groups'])) {
476 $res = sqlStatement("select * from `groups` order by name");
477 for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
478 $result5[$iter] = $row;
479 }
480
481 foreach ($result5 as $iter) {
482 $grouplist{$iter{"name"}} .= $iter{"user"} .
483 "(<a class='link_submit' href='usergroup_admin.php?mode=delete_group&id=" .
484 attr($iter{"id"}) . "' onclick='top.restoreSession()'>" . xlt("Remove") . "</a>), ";
485 }
486
487 foreach ($grouplist as $groupname => $list) {
488 print "<span class='bold'>" . text($groupname) . "</span><br>\n<span class='text'>" .
489 text(substr($list, 0, strlen($list)-2)) . "</span><br>\n";
490 }
491 }
492 ?>
493
494 <script language="JavaScript">
495 <?php
496 if ($alertmsg = trim($alertmsg)) {
497 echo "alert('$alertmsg');\n";
498 }
499 ?>
500 $(document).ready(function(){
501 $("#cancel").click(function() {
502 dlgclose();
503 });
504
505 });
506 </script>
507 <table>
508
509 </table>
510
511 </div>
512
513 </body>
514 </html>
Mirror of official OpenEMR Sourceforge repository