interface/patient_file/summary/create_portallogin.php

   1 <?php
   2
   3 /**
   4  * create_portallogin.php
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Eldho Chacko <eldho@zhservices.com>
   9  * @author    Jacob T Paul <jacob@zhservices.com>
  10  * @author    Paul Simon <paul@zhservices.com>
  11  * @author    Brady Miller <brady.g.miller@gmail.com>
  12  * @author    Tyler Wrenn <tyler@tylerwrenn.com>
  13  * @author    Stephen Nielson <snielson@discoverandchange.com>
  14  * @author    Stephen Waite <stephen.waite@open-emr.org
  15  * @author    Jerry Padgett <sjpadgett@gmail.com>
  16  * @copyright Copyright (c) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
  17  * @copyright Copyright (c) 2018-2019 Brady Miller <brady.g.miller@gmail.com>
  18  * @copyright Copyright (c) 2020 Tyler Wrenn <tyler@tylerwrenn.com>
  19  * @copyright Copyright (c) 2022 Discover and Change, Inc <snielson@discoverandchange.com>
  20  * @copyright Copyright (c) 2022 Stephen Waite <stephen.waite@open-emr.org
  21  * @copyright Copyright (c) 2017-2023 Jerry Padgett <sjpadgett@gmail.com>
  22  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  23  */
  24
  25 require_once("../../globals.php");
  26 require_once('../../../library/amc.php');
  27
  28 use OpenEMR\Common\{Csrf\CsrfUtils,};
  29 use OpenEMR\Services\PatientAccessOnsiteService;
  30
  31 function displayLogin($patient_id, $message, $emailFlag)
  32 {
  33     $patientData = sqlQuery("SELECT * FROM `patient_data` WHERE `pid`=?", array($patient_id));
  34     if ($emailFlag) {
  35         $message = xlt("Email was sent to following address") . ": " .
  36             text($patientData['email']) . "\n\n" .
  37             $message;
  38     } else {
  39         $message = "<div class='text-danger'>" . xlt("Email was not sent to the following address") . ": " .
  40             text($patientData['email']) . "</div>" . "\n\n" .
  41             $message;
  42     }
  43
  44     return $message;
  45 }
  46
  47 $patientAccessOnSiteService = new PatientAccessOnsiteService();
  48 $credentials = $patientAccessOnSiteService->getOnsiteCredentialsForPid($pid);
  49
  50 $option = $GLOBALS['portal_force_credential_reset'] ?? '0';
  51 if ($option == '2') {
  52     $forced_reset_disable = PatientAccessOnsiteService::fetchUserSetting('portal_login.credential_reset_disable');
  53 } elseif ($option == '0') {
  54     $forced_reset_disable = 0; // sets database to force reset on login
  55 } else {
  56     $forced_reset_disable = 1; // sets database to ignore force reset on login
  57 }
  58
  59 $credMessage = '';
  60 if (isset($_POST['form_save']) && $_POST['form_save'] == 'submit') {
  61     if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  62         CsrfUtils::csrfNotVerified();
  63     }
  64     if ($option == '2') {
  65         $forced_reset_disable = $_POST['forced_reset_disable'] ?? 0;
  66     } else {
  67         $forced_reset_disable = $option;
  68     }
  69     // TODO: @adunsulag do we clear the pwd variables here?? Hard to break it out into separate functions when we do that...
  70     $result = $patientAccessOnSiteService->saveCredentials($pid, $_POST['pwd'], $_POST['uname'], $_POST['login_uname'], $forced_reset_disable);
  71     if (!empty($result)) {
  72         $emailResult = $patientAccessOnSiteService->sendCredentialsEmail($pid, $result['pwd'], $result['uname'], $result['login_uname'], $result['email_direct']);
  73         if ($emailResult['success']) {
  74             $credMessage = nl2br(displayLogin($pid, $emailResult['plainMessage'], true));
  75         } else {
  76             $credMessage = nl2br(displayLogin($pid, $emailResult['plainMessage'], false));
  77         }
  78     }
  79 }
  80 $trustedUserName = $patientAccessOnSiteService->getUniqueTrustedUsernameForPid($pid);
  81 $trustedEmail = $patientAccessOnSiteService->getTrustedEmailForPid($pid);
  82
  83 echo $patientAccessOnSiteService->filterTwigTemplateData($pid, 'patient/portal_login/print.html.twig', [
  84     'credMessage' => $credMessage
  85     , 'csrfToken' => CsrfUtils::collectCsrfToken()
  86     , 'fname' => $credentials['fname']
  87     , 'portal_username' => $credentials['portal_username']
  88     , 'id' => $credentials['id']
  89     , 'uname' => $credentials['portal_username'] ?: $credentials['fname'] . $credentials['id']
  90     , 'login_uname' => $credentials['portal_login_username'] ?? $trustedUserName
  91     , 'pwd' => $patientAccessOnSiteService->getRandomPortalPassword()
  92     , 'enforce_signin_email' => $GLOBALS['enforce_signin_email']
  93     , 'email_direct' => trim($trustedEmail['email_direct'])
  94     , 'forced_reset_disable' => $forced_reset_disable
  95     , 'forced_reset_option' => $option
  96     // if someone wants to add additional data fields they can add this in as a
  97     // key => [...] property where the key is the template filename
  98     // which must exist inside a twig directory path of 'patient/partials/' and end with the '.html.twig' extension
  99     // the mapped value is the data array that will be passed to the twig template.
 100     , 'extensionsFormFields' => []
 101     , 'extensionsJavascript' => []
 102 ]);