search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fixed bug in setting pid
[openemr.git] / interface / usergroup / usergroup_admin.php
blob818537a6fcadabd28802e60b9845e9fb6294785d
1 <?
2 include_once("../globals.php");
3
4
5 include_once("$srcdir/md5.js");
6 include_once("$srcdir/sql.inc");
7 require_once(dirname(__FILE__) . "/../../library/classes/WSProvider.class.php");
8
9 if (isset($_POST["mode"])) {
10 if ($_POST["mode"] == "facility")
11 {
12 sqlStatement("insert into facility set
13 name='{$_POST['facility']}',
14 phone='{$_POST['phone']}',
15 street='{$_POST['street']}',
16 city='{$_POST['city']}',
17 state='{$_POST['state']}',
18 postal_code='{$_POST['postal_code']}',
19 country_code='{$_POST['country_code']}',
20 federal_ein='{$_POST['federal_ein']}'");
21 }elseif ($_POST["mode"] == "new_user") {
22 if ($_POST["authorized"] != "1") {
23 $_POST["authorized"] = 0;
24 }
25 $_POST["info"] = addslashes($_POST["info"]);
26
27 $res = sqlStatement("select distinct username from users");
28 $doit = true;
29 while ($row = mysql_fetch_array($res)) {
30 if ($doit == true && $row['username'] == $_POST["username"]) {
31 $doit = false;
32 }
33 }
34
35 if ($doit == true) {
36 $prov_id = idSqlStatement("insert into users set username='".$_POST["username"]."',password='".$_POST["newauthPass"]."',fname='".$_POST["fname"]."',mname='".$_POST["mname"]."',lname='".$_POST["lname"]."',federaltaxid='".$_POST["federaltaxid"]."',authorized='".$_POST["authorized"]."',info='".$_POST["info"]."',federaldrugid='".$_POST["federaldrugid"]."',facility='".$_POST["facility"]."'");
37 sqlStatement("insert into groups set name='".$_POST["groupname"]."',user='".$_POST["username"]."'");
38 $ws = new WSProvider($prov_id);
39 }
40 }
41 elseif ($_POST["mode"] == "new_group") {
42
43 $res = sqlStatement("select distinct name,user from groups");
44 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
45 $result[$iter] = $row;
46 $doit = 1;
47 foreach ($result as $iter) {
48 if ($doit == 1 && $iter{"name"} == $_POST["groupname"] && $iter{"user"} == $_POST["username"])
49 $doit--;
50 }
51 if ($doit == 1)
52 sqlStatement("insert into groups set name='".$_POST["groupname"]."',user='".$_POST["username"]."'");
53 }
54
55 }
56
57 if (isset($_GET["mode"])) {
58 if ($_GET["mode"] == "delete") {
59 $res = sqlStatement("select distinct username,id from users where id={$_GET["id"]}");
60 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
61 $result[$iter] = $row;
62 foreach($result as $iter) {
63 sqlStatement("delete from groups where user='".$iter{"username"}."'");
64 }
65 sqlStatement("delete from users where id='".$_GET["id"]."'");
66 } elseif ($_GET["mode"] == "delete_group") {
67
68 $res = sqlStatement("select distinct user from groups where id={$_GET["id"]}");
69 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
70 $result[$iter] = $row;
71 foreach($result as $iter)
72 $un = $iter{"user"};
73
74 $res = sqlStatement("select name,user from groups where user='".$iter{"user"}."' and id!={$_GET["id"]}\n");
75 if (sqlFetchArray($res) != FALSE)
76 sqlStatement("delete from groups where id='".$_GET["id"]."'");
77 }
78 }
79
80
81 ?>
82
83
84 <html>
85 <head>
86
87
88 <link rel=stylesheet href="<?echo $css_header;?>" type="text/css">
89
90 </head>
91 <body <?echo $top_bg_line;?> topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0>
92
93
94
95 <span class="title">User & Group Administration</span>
96
97 <br><br>
98
99 <table width=100%>
100 <tr>
101
102 <td valign=top>
103
104 <form name='facility' method='post' action="usergroup_admin.php">
105 <input type=hidden name=mode value="facility">
106 <span class=bold>New Facility Information: </span>
107 </td><td>
108
109 <table border=0 cellpadding=0 cellspacing=0>
110 <tr>
111 <td><span class=text>Name: </span></td><td><input type=entry name=facility size=20 value=""></td>
112 <td><span class=text>Phone: </span></td><td><input type=entry name=phone size=20 value=""></td>
113 </tr>
114 <tr>
115 <td><span class=text>Address: </span></td><td><input type=entry size=20 name=street value=""></td>
116 <td><span class=text>City: </span></td><td><input type=entry size=20 name=city value=""></td>
117 </tr>
118 <tr>
119 <td><span class=text>State: </span></td><td><input type=entry size=20 name=state value=""></td>
120 <td><span class=text>Zip Code: </span></td><td><input type=entry size=20 name=postal_code value=""></td>
121 </tr>
122 <tr>
123 <td><span class=text>Country: </span></td><td><input type=entry size=20 name=country_code value=""></td>
124 <td><span class=text>Federal EIN: </span></td><td><input type=entry size=20 name=federal_ein value=""></td>
125 </tr>
126 <tr>
127 <td>&nbsp;</td><td>&nbsp;</td>
128 <td>&nbsp;</td><td><input type="submit" value="Add Facility"></td>
129 </tr>
130 </table>
131 </form>
132 <br><br>
133 </tr>
134 <tr>
135 <td valign=top>
136
137 <form name='facility' method='post' action="usergroup_admin.php">
138 <input type=hidden name=mode value="facility">
139 <span class=bold>Edit Facilities: </span>
140 </td><td valign=top>
141 <?
142 $fres = 0;
143 $fres = sqlStatement("select * from facility order by name");
144 if ($fres) {
145 $result2 = array();
146 for ($iter3 = 0;$frow = sqlFetchArray($fres);$iter3++)
147 $result2[$iter3] = $frow;
148 foreach($result2 as $iter3) {
149 ?>
150 <span class=text><?echo $iter3{name};?></span><a href="facility_admin.php?fid=<?echo $iter3{id};?>" class=link_submit>(Edit)</a><br>
151
152
153 <?
154 }
155 }
156 ?>
157
158 </td>
159 </tr>
160 <tr><td valign=top>
161 <form name='new_user' method='post' action="usergroup_admin.php">
162 <input type=hidden name=mode value=new_user>
163 <span class=bold>New User:</span>
164 </td><td>
165 <table border=0 cellpadding=0 cellspacing=0>
166 <tr>
167 <td><span class=text>Username: </span></td><td><input type=entry name=username size=20></td>
168 <td><span class=text>Password: </span></td><td><input type="password" size=20 name=clearPass></td>
169 </tr>
170 <tr>
171 <td><span class=text>Groupname: </span></td><td>
172 <select name=groupname>
173 <?
174 $res = sqlStatement("select distinct name from groups");
175 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
176 $result2[$iter] = $row;
177 foreach ($result2 as $iter) {
178 print "<option value='".$iter{"name"}."'>" . $iter{"name"} . "</option>\n";
179 }
180 ?>
181 </select></td>
182 <td><span class=text>Authorized: </span></td><td><input type=checkbox name='authorized' value="1"></td>
183 </tr>
184 <tr>
185 <td><span class=text>First Name: </span></td><td><input type=entry name='fname' size=20></td>
186 <td><span class=text>Middle Name: </span></td><td><input type=entry name='mname' size=20></td>
187 </tr>
188 <tr>
189 <td><span class=text>Last Name: </span></td><td><input type=entry name='lname' size=20></td>
190 <td><span class=text>Default Facility: </span></td><td><select name=facility>
191 <?
192 $fres = sqlStatement("select * from facility order by name");
193 if ($fres) {
194 for ($iter = 0;$frow = sqlFetchArray($fres);$iter++)
195 $result[$iter] = $frow;
196 foreach($result as $iter) {
197 ?>
198 <option value="<?echo $iter{name};?>"><?echo $iter{name};?></option>
199 <?
200 }
201 }
202 ?>
203 </select></td>
204 </tr>
205 <tr>
206 <td><span class=text>Federal Tax ID: </span></td><td><input type=entry name='federaltaxid' size=20></td>
207 <td><span class=text>Federal Drug ID: </span></td><td><input type=entry name='federaldrugid' size=20></td>
208 </tr>
209 </table>
210 <span class=text>Additional Info: </span><br>
211 <textarea name=info cols=40 rows=4 wrap=auto></textarea>
212 <br><input type="hidden" name="newauthPass">
213 <input type="submit" onClick="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';" value="Add User">
214 </form>
215 </td>
216
217 </tr><tr>
218
219 <td valign=top>
220 <form name=new_group method=post action="usergroup_admin.php">
221 <input type=hidden name=mode value=new_group>
222 <span class=bold>New Group:</span>
223 </td><td>
224 <span class=text>Groupname: </span><input type=entry name=groupname size=10>
225 &nbsp;&nbsp;&nbsp;
226 <span class=text>Initial User: </span>
227 <select name=username>
228 <?
229 $res = sqlStatement("select distinct username from users");
230 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
231 $result[$iter] = $row;
232 foreach ($result as $iter) {
233 print "<option value='".$iter{"username"}."'>" . $iter{"username"} . "</option>\n";
234 }
235 ?>
236 </select>
237 &nbsp;&nbsp;&nbsp;
238 <input type="submit" value="Add Group">
239 </form>
240 </td>
241
242 </tr><tr>
243
244 <td valign=top>
245 <form name=new_group method=post action="usergroup_admin.php">
246 <input type=hidden name=mode value=new_group>
247 <span class=bold>Add User To Group:</span>
248 </td><td>
249 <span class=text>User: </span>
250 <select name=username>
251 <?
252 $res = sqlStatement("select distinct username from users");
253 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
254 $result3[$iter] = $row;
255 foreach ($result3 as $iter) {
256 print "<option value='".$iter{"username"}."'>" . $iter{"username"} . "</option>\n";
257 }
258 ?>
259 </select>
260 &nbsp;&nbsp;&nbsp;
261 <span class=text>Groupname: </span>
262 <select name=groupname>
263 <?
264 $res = sqlStatement("select distinct name from groups");
265 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
266 $result2[$iter] = $row;
267 foreach ($result2 as $iter) {
268 print "<option value='".$iter{"name"}."'>" . $iter{"name"} . "</option>\n";
269 }
270 ?>
271 </select>
272 &nbsp;&nbsp;&nbsp;
273 <input type="submit" value="Add User To Group">
274 </form>
275 </td>
276
277
278
279
280
281 </tr>
282 </table>
283
284 <hr>
285
286
287
288 <table border=0 cellpadding=1 cellspacing=2>
289 <tr><td><span class=bold>Username</span></td><td><span class=bold>Real Name</span></td><td><span class=bold>Info</span></td><td><span class=bold>Authorized?</span></td></tr>
290 <?
291 $res = sqlStatement("select * from users order by username");
292 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
293 $result4[$iter] = $row;
294 foreach ($result4 as $iter) {
295 if ($iter{"authorized"}) {
296 $iter{"authorized"} = "yes";
297 } else {
298 $iter{"authorized"} = "";
299 }
300
301 print "<tr><td><span class=text>".$iter{"username"}."</span><a href='user_admin.php?id=".$iter{"id"}."' class=link_submit>(Edit)</a></td><td><span class=text>".$iter{"fname"}.' '.$iter{"lname"}."</span></td><td><span class=text>".$iter{"info"}."</span></td><td align='center'><span class=text>".$iter{"authorized"}."</span></td>";
302 print "<td><!--<a href='usergroup_admin.php?mode=delete&id=".$iter{"id"}."' class=link_submit>[Delete]</a>--></td>";
303 print "</tr>\n";
304 }
305
306
307
308 ?>
309
310 </table>
311
312
313 <hr>
314
315
316 <?
317 $res = sqlStatement("select * from groups order by name");
318 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
319 $result5[$iter] = $row;
320
321 foreach ($result5 as $iter) {
322 $grouplist{$iter{"name"}} .= $iter{"user"} . "(<a class=link_submit href='usergroup_admin.php?mode=delete_group&id=".$iter{"id"}."'>Remove</a>), ";
323
324
325 }
326
327 foreach ($grouplist as $groupname => $list) {
328 print "<span class=bold>" . $groupname . "</span><br>\n<span class=text>" . substr($list,0,strlen($list)-2) . "</span><br>\n";
329 }
330
331
332 ?>
333
334
335
336
337 </body>
338 </html>
Mirror of official OpenEMR Sourceforge repository