4 * Facility user-specific settings.
7 * @link http://www.open-emr.org
8 * @author Scott Wakefield <scott@npclinics.com.au>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) 2012 NP Clinics <info@npclinics.com.au>
11 * @copyright Copyright (c) 2017-2018 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 require_once("../globals.php");
16 require_once("$srcdir/options.inc.php");
18 use OpenEMR\Common\Acl\AclMain
;
19 use OpenEMR\Common\Csrf\CsrfUtils
;
20 use OpenEMR\Common\Twig\TwigContainer
;
21 use OpenEMR\Core\Header
;
24 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
25 CsrfUtils
::csrfNotVerified();
30 if (!AclMain
::aclCheckCore('admin', 'users')) {
31 echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Facility Specific User Information")]);
37 if (isset($_POST["mode"]) && $_POST["mode"] == "facility_user_id" && isset($_POST["user_id"]) && isset($_POST["fac_id"])) {
38 // Inserting/Updating new facility specific user information
39 $fres = sqlStatement("SELECT * FROM `layout_options` " .
40 "WHERE `form_id` = 'FACUSR' AND `uor` > 0 AND `field_id` != '' " .
41 "ORDER BY `group_id`, `seq`");
42 while ($frow = sqlFetchArray($fres)) {
43 $value = get_layout_form_value($frow);
44 $entry_id = sqlQuery("SELECT `id` FROM `facility_user_ids` WHERE `uid` = ? AND `facility_id` = ? AND `field_id` =?", array($_POST["user_id"], $_POST["fac_id"], $frow['field_id']));
45 if (empty($entry_id)) {
47 sqlStatement("INSERT INTO `facility_user_ids` (`uid`, `facility_id`, `field_id`, `field_value`) VALUES (?,?,?,?)", array($_POST["user_id"], $_POST["fac_id"], $frow['field_id'], $value));
49 // Update existing entry
50 sqlStatement("UPDATE `facility_user_ids` SET `field_value` = ? WHERE `id` = ?", array($value, $entry_id['id']));
60 <title
><?php
echo xlt("Facility Specific User Information"); ?
></title
>
62 <?php Header
::setupHeader(['common']); ?
>
65 function refreshme() {
67 document
.location
.reload();
71 $
(".small_modal").on('click', function(e
) {
72 e
.preventDefault();e
.stopPropagation();
73 dlgopen('', '', 550, 550, '', '', {
74 //onClosed: 'refreshme',
80 url
: $
(this
).attr('href')
90 $u_res = sqlStatement("select * from `users` WHERE `username` != '' AND `active` = 1 order by `username`");
92 // Collect all facilities and store them in an array
93 $f_res = sqlStatement("select * from `facility` order by `name`");
95 for ($i = 0; $row = sqlFetchArray($f_res); $i++
) {
99 // Collect layout information and store them in an array
100 $l_res = sqlStatement("SELECT * FROM layout_options " .
101 "WHERE form_id = 'FACUSR' AND uor > 0 AND field_id != '' " .
102 "ORDER BY group_id, seq");
104 for ($i = 0; $row = sqlFetchArray($l_res); $i++
) {
109 <div
class="container">
112 <div
class="page-title">
113 <h2
><?php
echo xlt('Facility Specific User Information'); ?
></h2
>
119 <div
class="btn-group">
120 <a href
="usergroup_admin.php" class="btn btn-secondary btn-back" onclick
="top.restoreSession()"><?php
echo xlt('Back to Users'); ?
></a
>
125 <div
class="table-responsive">
126 <table
class="table table-striped">
129 <th
><b
><?php
echo xlt('Username'); ?
></b
></th
>
130 <th
><b
><?php
echo xlt('Full Name'); ?
></b
></th
>
131 <th
><b
><span
class="bold"><?php
echo xlt('Facility'); ?
></span
></b
></th
>
133 foreach ($l_arr as $layout_entry) {
134 echo "<th>" . text(xl_layout_label($layout_entry['title'])) . " </th>";
141 while ($user = sqlFetchArray($u_res)) {
142 foreach ($f_arr as $facility) { ?
>
144 <td
><a href
="facility_user_admin.php?user_id=<?php echo attr_url($user['id']); ?>&fac_id=<?php echo attr_url($facility['id']); ?>" class="small_modal" onclick
="top.restoreSession()"><b
><?php
echo text($user['username']); ?
></b
></a
> 
;</td
>
145 <td
><?php
echo text($user['fname'] . " " . $user['lname']); ?
></td
>
146 <td
><?php
echo text($facility['name']); ?
> 
;</td
>
148 foreach ($l_arr as $layout_entry) {
149 $entry_data = sqlQuery("SELECT `field_value` FROM `facility_user_ids` " .
150 "WHERE `uid` = ? AND `facility_id` = ? AND `field_id` = ?", array($user['id'],$facility['id'],$layout_entry['field_id']));
151 echo "<td>" . generate_display_field($layout_entry, ($entry_data['field_value'] ??
'')) . " </td>";