4 * The address book entry editor.
5 * Available from Administration->Addr Book in the concurrent layout.
8 * @link http://www.open-emr.org
9 * @author Rod Roark <rod@sunsetsystems.com>
10 * @author tony@mi-squared.com
11 * @author Jerry Padgett <sjpadgett@gmail.com>
12 * @author Brady Miller <brady.g.miller@gmail.com>
13 * @copyright Copyright (c) 2006-2010, 2016 Rod Roark <rod@sunsetsystems.com>
14 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
15 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
18 require_once("../globals.php");
19 require_once("$srcdir/options.inc.php");
21 use OpenEMR\Common\Acl\AclMain
;
22 use OpenEMR\Common\Csrf\CsrfUtils
;
23 use OpenEMR\Common\Twig\TwigContainer
;
24 use OpenEMR\Core\Header
;
26 if (!AclMain
::aclCheckCore('admin', 'practice')) {
27 echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Address Book")]);
32 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
33 CsrfUtils
::csrfNotVerified();
37 $popup = empty($_GET['popup']) ?
0 : 1;
39 if ((!empty($_GET['popup']) && $_GET['popup'] == 2) ||
(!empty($_POST['popup']) && $_POST['popup'] == 2)) {
43 $form_fname = trim($_POST['form_fname'] ??
'');
44 $form_lname = trim($_POST['form_lname'] ??
'');
45 $form_specialty = trim($_POST['form_specialty'] ??
'');
46 $form_organization = trim($_POST['form_organization'] ??
'');
47 $form_npi = trim($_POST['form_npi'] ??
'');
48 $form_abook_type = trim($_REQUEST['form_abook_type'] ??
'');
49 $form_external = !empty($_POST['form_external']) ?
1 : 0;
51 $sqlBindArray = array();
52 $query = "SELECT u.*, lo.option_id AS ab_name, lo.option_value as ab_option FROM users AS u " .
53 "LEFT JOIN list_options AS lo ON " .
54 "list_id = 'abook_type' AND option_id = u.abook_type AND activity = 1 " .
55 "WHERE u.active = 1 AND ( u.authorized = 1 OR ( u.username = '' OR u.username IS NULL )) ";
56 if ($form_organization) {
57 $query .= "AND u.organization LIKE ? ";
58 array_push($sqlBindArray, $form_organization . "%");
62 $query .= "AND u.lname LIKE ? ";
63 array_push($sqlBindArray, $form_lname . "%");
67 $query .= "AND u.fname LIKE ? ";
68 array_push($sqlBindArray, $form_fname . "%");
71 if ($form_specialty) {
72 $query .= "AND u.specialty LIKE ? ";
73 array_push($sqlBindArray, "%" . $form_specialty . "%");
77 $query .= "AND u.npi LIKE ? ";
78 array_push($sqlBindArray, "%" . $form_npi . "%");
81 if ($form_abook_type) {
82 $query .= "AND u.abook_type LIKE ? ";
83 array_push($sqlBindArray, $form_abook_type);
87 $query .= "AND u.abook_type = 'external_provider' ";
91 $query .= "ORDER BY u.lname, u.fname, u.mname";
92 } elseif ($form_organization) {
93 $query .= "ORDER BY u.organization";
95 $query .= "ORDER BY u.organization, u.lname, u.fname";
98 $query .= " LIMIT 500";
99 $res = sqlStatement($query, $sqlBindArray);
107 <?php Header
::setupHeader(['common']); ?
>
109 <title
><?php
echo xlt('Address Book'); ?
></title
>
111 <!-- style tag moved into proper CSS file
-->
115 <body
class="body_top">
117 <div
class="container-fluid">
118 <div
class="nav navbar-fixed-top body_title">
119 <div
class="col-md-12">
120 <h3
><?php
echo xlt('Address Book'); ?
></h3
>
122 <form
class='navbar-form' method
='post' action
='addrbook_list.php' onsubmit
='return top.restoreSession()'>
123 <input type
="hidden" name
="csrf_token_form" value
="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
124 <input type
="hidden" name
="popup" value
="<?php echo attr($rtn_selection); ?>" />
126 <div
class="form-group">
128 <div
class="col-sm-2">
129 <label
for="form_organization"><?php
echo xlt('Organization') ?
>:</label
>
130 <input type
='text' class="form-control inputtext" name
='form_organization' size
='10' value
='<?php echo attr($form_organization); ?>' title
='<?php echo xla("All or part of the organization") ?>'/> 
;
132 <div
class="col-sm-2">
133 <label
for="form_fname"><?php
echo xlt('First Name') ?
>:</label
>
134 <input type
='text' class="form-control inputtext" name
='form_fname' size
='10' value
='<?php echo attr($form_fname); ?>' title
='<?php echo xla("All or part of the first name") ?>'/> 
;
136 <div
class="col-sm-2">
137 <label
for="form_lname"><?php
echo xlt('Last Name') ?
>:</label
>
138 <input type
='text' class="form-control inputtext" name
='form_lname' size
='10' value
='<?php echo attr($form_lname); ?>' title
='<?php echo xla("All or part of the last name") ?>'/> 
;
140 <div
class="col-sm-2">
141 <label
for="form_specialty"><?php
echo xlt('Specialty') ?
>:</label
>
142 <input type
='text' class="form-control inputtext" name
='form_specialty' size
='10' value
='<?php echo attr($form_specialty); ?>' title
='<?php echo xla("Any part of the desired specialty") ?>'/> 
;
144 <div
class="col-sm-2">
145 <label
for="form_npi"><?php
echo xlt('Specialty') ?
>:</label
>
146 <input type
='text' class="form-control inputtext" name
='form_npi' size
='10' value
='<?php echo attr($form_npi); ?>' title
='<?php echo xla("Any part of the desired NPI") ?>'/> 
;
148 <div
class="col-sm-2">
150 echo '<label>' . xlt('Type') . ": " . '</label>';
151 // Generates a select list named form_abook_type:
152 echo generate_select_list("form_abook_type", "abook_type", $form_abook_type, '', 'All');
156 <input type
='checkbox' id
="formExternal" name
='form_external' value
='1'<?php
echo ($form_external) ?
' checked ' : ''; ?
> title
='<?php echo xla("Omit internal users?") ?>' />
157 <label
for="formExternal"><?php
echo xlt('External Only') ?
></label
>
158 <input type
='button' class='btn btn-primary' value
='<?php echo xla("Add New"); ?>' onclick
='doedclick_add(document.forms[0].form_abook_type.value)' /> 
; 
;
159 <input type
='submit' title
='<?php echo xla("Use % alone in a field to just sort on that column") ?>' class='btn btn-primary btn-search' name
='form_search' value
='<?php echo xla("Search") ?>'/>
164 <div style
="margin-top: 110px;" class="table-responsive">
165 <table
class="table table-sm table-bordered table-striped table-hover">
167 <th title
='<?php echo xla('Click to view
or edit
'); ?>'><?php
echo xlt('Organization'); ?
></th
>
168 <th
><?php
echo xlt('Name'); ?
></th
>
169 <th
><?php
echo xlt('Local'); ?
></th
><!-- empty for external
-->
170 <th
><?php
echo xlt('Type'); ?
></th
>
171 <th
><?php
echo xlt('Specialty'); ?
></th
>
172 <th
><?php
echo xlt('NPI'); ?
></th
>
173 <th
><?php
echo xlt('Phone(W)'); ?
></th
>
174 <th
><?php
echo xlt('Mobile'); ?
></th
>
175 <th
><?php
echo xlt('Fax'); ?
></th
>
176 <th
><?php
echo xlt('Email'); ?
></th
>
177 <th
><?php
echo xlt('Street'); ?
></th
>
178 <th
><?php
echo xlt('City'); ?
></th
>
179 <th
><?php
echo xlt('State'); ?
></th
>
180 <th
><?php
echo xlt('Postal'); ?
></th
>
184 while ($row = sqlFetchArray($res)) {
186 $username = $row['username'];
187 if (! $row['active']) {
191 $displayName = $row['fname'] . ' ' . $row['mname'] . ' ' . $row['lname']; // Person Name
192 if ($row['suffix'] > '') {
193 $displayName .= ", " . $row['suffix'];
196 if (AclMain
::aclCheckCore('admin', 'practice') ||
(empty($username) && empty($row['ab_name']))) {
197 // Allow edit, since have access or (no item type and not a local user)
198 $trTitle = xl('Edit') . ' ' . $displayName;
199 echo " <tr class='address_names detail' style='cursor:pointer' " .
200 "onclick='doedclick_edit(" . attr_js($row['id']) . ")' title='" . attr($trTitle) . "'>\n";
202 // Do not allow edit, since no access and (item is a type or is a local user)
203 $trTitle = $displayName . " (" . xl("Not Allowed to Edit") . ")";
204 echo " <tr class='address_names detail' title='" . attr($trTitle) . "'>\n";
207 echo " <td>" . text($row['organization']) . "</td>\n";
208 echo " <td>" . text($displayName) . "</td>\n";
209 echo " <td>" . ($username ?
'*' : '') . "</td>\n";
210 echo " <td>" . generate_display_field(array('data_type' => '1','list_id' => 'abook_type'), $row['ab_name']) . "</td>\n";
211 echo " <td>" . text($row['specialty']) . "</td>\n";
212 echo " <td>" . text($row['npi']) . "</td>\n";
213 echo " <td>" . text($row['phonew1']) . "</td>\n";
214 echo " <td>" . text($row['phonecell']) . "</td>\n";
215 echo " <td>" . text($row['fax']) . "</td>\n";
216 echo " <td>" . text($row['email']) . "</td>\n";
217 echo " <td>" . text($row['street']) . "</td>\n";
218 echo " <td>" . text($row['city']) . "</td>\n";
219 echo " <td>" . text($row['state']) . "</td>\n";
220 echo " <td>" . text($row['zip']) . "</td>\n";
227 <?php
if ($popup) { ?
>
228 <?php Header
::setupAssets('topdialog'); ?
>
233 require($GLOBALS['srcdir'] . "/restoreSession.php");
236 // Callback from popups to refresh this display.
237 function refreshme() {
238 // location.reload();
239 document
.forms
[0].submit();
242 // Process click to pop up the add window.
243 function doedclick_add(type
) {
244 top
.restoreSession();
245 let url
= 'addrbook_edit.php?type=' +
encodeURIComponent(type
);
246 const urlParams
= new URLSearchParams(window
.location
.search
);
247 if (urlParams
.has("popup")) {
248 url +
= "&popup=" + urlParams
.get("popup");
250 dlgopen(url
, '_blank', 650, (screen
.availHeight
* 75/100));
253 // Process click to pop up the edit window.
254 function doedclick_edit(userid
) {
255 let rtn_selection
= <?php
echo js_escape($rtn_selection); ?
>;
257 dlgclose('contactCallBack', userid
);
259 top
.restoreSession();
260 dlgopen('addrbook_edit.php?userid=' +
encodeURIComponent(userid
), '_blank', 650, (screen
.availHeight
* 75/100));