3 * Script for the globals editor.
5 * Copyright (C) 2010 Rod Roark <rod@sunsetsystems.com>
6 * Copyright (C) 2016 Brady Miller <brady@sparmy.com>
8 * LICENSE: This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
20 * @author Rod Roark <rod@sunsetsystems.com>
21 * @author Brady Miller <brady@sparmy.com>
22 * @link http://www.open-emr.org
25 $fake_register_globals=false;
26 $sanitize_all_escapes=true;
28 require_once("../globals.php");
29 require_once("../../custom/code_types.inc.php");
30 require_once("$srcdir/acl.inc");
31 require_once("$srcdir/formdata.inc.php");
32 require_once("$srcdir/globals.inc.php");
33 require_once("$srcdir/user.inc");
34 require_once("$srcdir/classes/CouchDB.class.php");
35 require_once(dirname(__FILE__
)."/../../myportal/soap_service/portal_connectivity.php");
37 if ($_GET['mode'] != "user") {
38 // Check authorization.
39 $thisauth = acl_check('admin', 'super');
40 if (!$thisauth) die(xlt('Not authorized'));
43 function checkCreateCDB(){
44 $globalsres = sqlStatement("SELECT gl_name, gl_index, gl_value FROM globals WHERE gl_name IN
45 ('couchdb_host','couchdb_user','couchdb_pass','couchdb_port','couchdb_dbase','document_storage_method')");
47 while($globalsrow = sqlFetchArray($globalsres)){
48 $GLOBALS[$globalsrow['gl_name']] = $globalsrow['gl_value'];
50 $directory_created = false;
51 if($GLOBALS['document_storage_method'] != 0){
52 // /documents/temp/ folder is required for CouchDB
53 if(!is_dir($GLOBALS['OE_SITE_DIR'] . '/documents/temp/')){
54 $directory_created = mkdir($GLOBALS['OE_SITE_DIR'] . '/documents/temp/',0777,true);
55 if(!$directory_created){
56 echo htmlspecialchars( xl("Failed to create temporary folder. CouchDB will not work."),ENT_NOQUOTES
);
59 $couch = new CouchDB();
60 if(!$couch->check_connection()) {
61 echo "<script type='text/javascript'>alert('".addslashes(xl("CouchDB Connection Failed."))."');</script>";
64 if($GLOBALS['couchdb_host'] ||
$GLOBALS['couchdb_port'] ||
$GLOBALS['couchdb_dbase']){
65 $couch->createDB($GLOBALS['couchdb_dbase']);
66 $couch->createView($GLOBALS['couchdb_dbase']);
73 * Update background_services table for a specific service following globals save.
76 function updateBackgroundService($name,$active,$interval) {
77 //order important here: next_run change dependent on _old_ value of execute_interval so it comes first
78 $sql = 'UPDATE background_services SET active=?, '
79 . 'next_run = next_run + INTERVAL (? - execute_interval) MINUTE, execute_interval=? WHERE name=?';
80 return sqlStatement($sql,array($active,$interval,$interval,$name));
84 * Make any necessary changes to background_services table when globals are saved.
85 * To prevent an unexpected service call during startup or shutdown, follow these rules:
86 * 1. Any "startup" operations should occur _before_ the updateBackgroundService() call.
87 * 2. Any "shutdown" operations should occur _after_ the updateBackgroundService() call. If these operations
88 * would cause errors in a running service call, it would be best to make the shutdown function itself
89 * a background service that is activated here, does nothing if active=1 or running=1 for the
90 * parent service, then deactivates itself by setting active=0 when it is done shutting the parent service
91 * down. This will prevent nonresponsiveness to the user by waiting for a service to finish.
92 * 3. If any "previous" values for globals are required for startup/shutdown logic, they need to be
93 * copied to a temp variable before the while($globalsrow...) loop.
96 function checkBackgroundServices(){
97 //load up any necessary globals
98 $bgservices = sqlStatement("SELECT gl_name, gl_index, gl_value FROM globals WHERE gl_name IN
99 ('phimail_enable','phimail_interval')");
100 while($globalsrow = sqlFetchArray($bgservices)){
101 $GLOBALS[$globalsrow['gl_name']] = $globalsrow['gl_value'];
104 //Set up phimail service
105 $phimail_active = $GLOBALS['phimail_enable'] ?
'1' : '0';
106 $phimail_interval = max(0,(int)$GLOBALS['phimail_interval']);
107 updateBackgroundService('phimail',$phimail_active,$phimail_interval);
118 // If we are saving user_specific globals.
120 if ($_POST['form_save'] && $_GET['mode'] == "user") {
122 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
123 if (in_array($grpname, $USER_SPECIFIC_TABS)) {
124 foreach ($grparr as $fldid => $fldarr) {
125 if (in_array($fldid, $USER_SPECIFIC_GLOBALS)) {
126 list($fldname, $fldtype, $flddef, $flddesc) = $fldarr;
127 $label = "global:".$fldid;
128 $fldvalue = trim($_POST["form_$i"]);
129 setUserSetting($label,$fldvalue,$_SESSION['authId'],FALSE);
130 if ( $_POST["toggle_$i"] == "YES" ) {
131 removeUserSetting($label);
138 echo "<script type='text/javascript'>";
139 echo "parent.left_nav.location.reload();";
140 echo "parent.Title.location.reload();";
141 echo "if(self.name=='RTop'){";
142 echo "parent.RBot.location.reload();";
144 echo "parent.RTop.location.reload();";
146 echo "self.location.href='edit_globals.php?mode=user&unique=yes';";
150 if ($_POST['form_download']) {
151 $client = portal_connection();
153 $response = $client->getPortalConnectionFiles($credentials);
156 error_log('SoapFault Error');
157 error_log(var_dump(get_object_vars($e)));
160 error_log('Exception Error');
161 error_log(var_dump(get_object_vars($e)));
163 if($response['status'] == "1") {//WEBSERVICE RETURNED VALUE SUCCESSFULLY
164 $tmpfilename = realpath(sys_get_temp_dir())."/".date('YmdHis').".zip";
165 $fp = fopen($tmpfilename,"wb");
166 fwrite($fp,base64_decode($response['value']));
168 $practice_filename = $response['file_name'];//practicename.zip
171 header("Cache-Control: public");
172 header("Content-Description: File Transfer");
173 header("Content-Disposition: attachment; filename=".$practice_filename);
174 header("Content-Type: application/zip");
175 header("Content-Transfer-Encoding: binary");
176 // Read the file from disk
177 readfile($tmpfilename);
178 unlink($tmpfilename);
181 else{//WEBSERVICE CALL FAILED AND RETURNED AN ERROR MESSAGE
184 <script type
="text/javascript">
185 alert('<?php echo xls('Offsite Portal web Service Failed
').":\\n".text($response['value
']);?>');
195 // If we are saving main globals.
197 if ($_POST['form_save'] && $_GET['mode'] != "user") {
198 $force_off_enable_auditlog_encryption = true;
199 // Need to force enable_auditlog_encryption off if the php mycrypt module
201 if (extension_loaded('mcrypt')) {
202 $force_off_enable_auditlog_encryption = false;
205 // Aug 22, 2014: Ensoftek: For Auditable events and tamper-resistance (MU2)
206 // Check the current status of Audit Logging
207 $auditLogStatusFieldOld = $GLOBALS['enable_auditlog'];
210 * Compare form values with old database values.
211 * Only save if values differ. Improves speed.
214 // Get all the globals from DB
215 $old_globals = sqlGetAssoc( 'SELECT gl_name, gl_index, gl_value FROM `globals` ORDER BY gl_name, gl_index',false,true );
218 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
219 foreach ($grparr as $fldid => $fldarr) {
220 list($fldname, $fldtype, $flddef, $flddesc) = $fldarr;
221 if($fldtype == 'pwd'){
222 $pass = sqlQuery("SELECT gl_value FROM globals WHERE gl_name = ?", array($fldid) );
223 $fldvalueold = $pass['gl_value'];
226 /* Multiple choice fields - do not compare , overwrite */
227 if (!is_array($fldtype) && substr($fldtype, 0, 2) == 'm_') {
228 if (isset($_POST["form_$i"])) {
231 sqlStatement("DELETE FROM globals WHERE gl_name = ?", array( $fldid ) );
233 foreach ($_POST["form_$i"] as $fldvalue) {
234 $fldvalue = trim($fldvalue);
235 sqlStatement('INSERT INTO `globals` ( gl_name, gl_index, gl_value ) VALUES ( ?,?,?)', array( $fldid, $fldindex, $fldvalue ) );
241 /* check value of single field. Don't update if the database holds the same value */
242 if (isset($_POST["form_$i"])) {
243 $fldvalue = trim($_POST["form_$i"]);
248 if($fldtype=='pwd') $fldvalue = $fldvalue ?
SHA1($fldvalue) : $fldvalueold; // TODO: salted passwords?
250 // We rely on the fact that set of keys in globals.inc === set of keys in `globals` table!
253 !isset( $old_globals[$fldid]) // if the key not found in database - update database
255 ( isset($old_globals[$fldid]) && $old_globals[ $fldid ]['gl_value'] !== $fldvalue ) // if the value in database is different
257 // Need to force enable_auditlog_encryption off if the php mcrypt module
259 if ( $force_off_enable_auditlog_encryption && ($fldid == "enable_auditlog_encryption") ) {
260 error_log("OPENEMR ERROR: UNABLE to support auditlog encryption since the php mcrypt module is not installed",0);
263 // special treatment for some vars
265 case 'first_day_week':
266 // update PostCalendar config as well
267 sqlStatement("UPDATE openemr_module_vars SET pn_value = ? WHERE pn_name = 'pcFirstDayOfWeek'", array($fldvalue));
270 // Replace old values
271 sqlStatement( 'DELETE FROM `globals` WHERE gl_name = ?', array( $fldid ) );
272 sqlStatement( 'INSERT INTO `globals` ( gl_name, gl_index, gl_value ) VALUES ( ?, ?, ? )', array( $fldid, 0, $fldvalue ) );
274 //error_log("No need to update $fldid");
281 checkBackgroundServices();
283 // July 1, 2014: Ensoftek: For Auditable events and tamper-resistance (MU2)
284 // If Audit Logging status has changed, log it.
285 $auditLogStatusNew = sqlQuery("SELECT gl_value FROM globals WHERE gl_name = 'enable_auditlog'");
286 $auditLogStatusFieldNew = $auditLogStatusNew['gl_value'];
287 if ( $auditLogStatusFieldOld != $auditLogStatusFieldNew )
289 auditSQLAuditTamper($auditLogStatusFieldNew);
291 echo "<script type='text/javascript'>";
292 echo "parent.left_nav.location.reload();";
293 echo "parent.Title.location.reload();";
294 echo "if(self.name=='RTop'){";
295 echo "parent.RBot.location.reload();";
297 echo "parent.RTop.location.reload();";
299 echo "self.location.href='edit_globals.php?unique=yes';";
304 <!-- supporting javascript code
-->
305 <script type
="text/javascript" src
="../../library/dialog.js"></script
>
306 <script type
="text/javascript" src
="../../library/js/jquery.1.3.2.js"></script
>
307 <script type
="text/javascript" src
="../../library/js/common.js"></script
>
308 <script type
="text/javascript" src
="../../library/js/fancybox/jquery.fancybox-1.2.6.js"></script
>
309 <script type
="text/javascript" src
="<?php echo $GLOBALS['assets_static_relative']; ?>/jscolor-1-4-5/jscolor.js"></script
>
310 <link rel
="stylesheet" type
="text/css" href
="../../library/js/fancybox/jquery.fancybox-1.2.6.css" media
="screen" />
312 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
313 <?php
if ($_GET['mode'] == "user") { ?
>
314 <title
><?php
echo xlt('User Settings'); ?
></title
>
316 <title
><?php
echo xlt('Global Settings'); ?
></title
>
320 tr
.head
{ font
-size
:10pt
; background
-color
:#cccccc; text-align:center; }
321 tr
.detail
{ font
-size
:10pt
; }
322 td
{ font
-size
:10pt
; }
323 input
{ font
-size
:10pt
; }
325 <script type
="text/javascript">
326 function validate_file(){
329 url
: "<?php echo $GLOBALS['webroot']?>/library/ajax/offsite_portal_ajax.php",
331 action
: 'check_file',
334 success
: function( message
)
337 document
.getElementById('form_download').value
= 1;
338 document
.getElementById('file_error_message').innerHTML
= '';
339 document
.forms
[0].submit();
342 document
.getElementById('form_download').value
= 0;
343 document
.getElementById('file_error_message').innerHTML
= message
;
352 <body
class="body_top">
354 <?php
if ($_GET['mode'] == "user") { ?
>
355 <form method
='post' name
='theform' id
='theform' action
='edit_globals.php?mode=user' onsubmit
='return top.restoreSession()'>
357 <form method
='post' name
='theform' id
='theform' action
='edit_globals.php' onsubmit
='return top.restoreSession()'>
360 <?php
if ($_GET['mode'] == "user") { ?
>
361 <p
><b
><?php
echo xlt('Edit User Settings'); ?
></b
>
363 <p
><b
><?php
echo xlt('Edit Global Settings'); ?
></b
>
369 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
370 if ( $_GET['mode'] != "user" ||
($_GET['mode'] == "user" && in_array($grpname, $USER_SPECIFIC_TABS)) ) {
371 echo " <li" . ($i ?
"" : " class='current'") .
373 xlt($grpname) . "</a></li>\n";
380 <div
class="tabContainer">
383 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
384 if ( $_GET['mode'] != "user" ||
($_GET['mode'] == "user" && in_array($grpname, $USER_SPECIFIC_TABS)) ) {
385 echo " <div class='tab" . ($i ?
"" : " current") .
386 "' style='height:auto;width:97%;'>\n";
390 if ($_GET['mode'] == "user") {
392 echo "<th> </th>";
393 echo "<th>" . htmlspecialchars( xl('User Specific Setting'), ENT_NOQUOTES
) . "</th>";
394 echo "<th>" . htmlspecialchars( xl('Default Setting'), ENT_NOQUOTES
) . "</th>";
395 echo "<th> </th>";
396 echo "<th>" . htmlspecialchars( xl('Set to Default'), ENT_NOQUOTES
) . "</th>";
400 foreach ($grparr as $fldid => $fldarr) {
401 if ( $_GET['mode'] != "user" ||
($_GET['mode'] == "user" && in_array($fldid, $USER_SPECIFIC_GLOBALS)) ) {
402 list($fldname, $fldtype, $flddef, $flddesc) = $fldarr;
404 // Most parameters will have a single value, but some will be arrays.
405 // Here we cater to both possibilities.
406 $glres = sqlStatement("SELECT gl_index, gl_value FROM globals WHERE " .
407 "gl_name = ? ORDER BY gl_index", array($fldid));
409 while ($glrow = sqlFetchArray($glres)) $glarr[] = $glrow;
411 // $fldvalue is meaningful only for the single-value cases.
412 $fldvalue = count($glarr) ?
$glarr[0]['gl_value'] : $flddef;
414 // Collect user specific setting if mode set to user
416 $settingDefault = "checked='checked'";
417 if ($_GET['mode'] == "user") {
418 $userSettingArray = sqlQuery("SELECT * FROM user_settings WHERE setting_user=? AND setting_label=?",array($_SESSION['authId'],"global:".$fldid));
419 $userSetting = $userSettingArray['setting_value'];
420 $globalValue = $fldvalue;
421 if (!empty($userSettingArray)) {
422 $fldvalue = $userSetting;
423 $settingDefault = "";
427 echo " <tr title='" . attr($flddesc) . "'><td valign='top'><b>" . text($fldname) . "</b></td><td valign='top'>\n";
429 if (is_array($fldtype)) {
430 echo " <select name='form_$i' id='form_$i'>\n";
431 foreach ($fldtype as $key => $value) {
432 if ($_GET['mode'] == "user") {
433 if ($globalValue == $key) $globalTitle = $value;
435 echo " <option value='" . attr($key) . "'";
437 //Casting value to string so the comparison will be always the same type and the only thing that will check is the value
438 //Tried to use === but it will fail in already existing variables
439 if ((string)$key == (string)$fldvalue) echo " selected";
447 else if ($fldtype == 'bool') {
448 if ($_GET['mode'] == "user") {
449 if ($globalValue == 1) {
450 $globalTitle = htmlspecialchars( xl('Checked'), ENT_NOQUOTES
);
453 $globalTitle = htmlspecialchars( xl('Not Checked'), ENT_NOQUOTES
);
456 echo " <input type='checkbox' name='form_$i' id='form_$i' value='1'";
457 if ($fldvalue) echo " checked";
461 else if ($fldtype == 'num') {
462 if ($_GET['mode'] == "user") {
463 $globalTitle = $globalValue;
465 echo " <input type='text' name='form_$i' id='form_$i' " .
466 "size='6' maxlength='15' value='" . attr($fldvalue) . "' />\n";
469 else if ($fldtype == 'text') {
470 if ($_GET['mode'] == "user") {
471 $globalTitle = $globalValue;
473 echo " <input type='text' name='form_$i' id='form_$i' " .
474 "size='50' maxlength='255' value='" . attr($fldvalue) . "' />\n";
476 else if ($fldtype == 'pwd') {
477 if ($_GET['mode'] == "user") {
478 $globalTitle = $globalValue;
480 echo " <input type='password' name='form_$i' " .
481 "size='50' maxlength='255' value='' />\n";
484 else if ($fldtype == 'pass') {
485 if ($_GET['mode'] == "user") {
486 $globalTitle = $globalValue;
488 echo " <input type='password' name='form_$i' " .
489 "size='50' maxlength='255' value='" . attr($fldvalue) . "' />\n";
492 else if ($fldtype == 'lang') {
493 $res = sqlStatement("SELECT * FROM lang_languages ORDER BY lang_description");
494 echo " <select name='form_$i' id='form_$i'>\n";
495 while ($row = sqlFetchArray($res)) {
496 echo " <option value='" . attr($row['lang_description']) . "'";
497 if ($row['lang_description'] == $fldvalue) echo " selected";
499 echo xlt($row['lang_description']);
505 else if ($fldtype == 'all_code_types') {
507 echo " <select name='form_$i' id='form_$i'>\n";
508 foreach (array_keys($code_types) as $code_key ) {
509 echo " <option value='" . attr($code_key) . "'";
510 if ($code_key == $fldvalue) echo " selected";
512 echo xlt($code_types[$code_key]['label']);
518 else if ($fldtype == 'm_lang') {
519 $res = sqlStatement("SELECT * FROM lang_languages ORDER BY lang_description");
520 echo " <select multiple name='form_{$i}[]' id='form_{$i}[]' size='3'>\n";
521 while ($row = sqlFetchArray($res)) {
522 echo " <option value='" . attr($row['lang_description']) . "'";
523 foreach ($glarr as $glrow) {
524 if ($glrow['gl_value'] == $row['lang_description']) {
530 echo xlt($row['lang_description']);
536 else if ($fldtype == 'color_code') {
537 if ($_GET['mode'] == "user") {
538 $globalTitle = $globalValue;
540 echo " <input type='text' class='color {hash:true}' name='form_$i' id='form_$i' " .
541 "size='6' maxlength='15' value='" . attr($fldvalue) . "' />" .
542 "<input type='button' value='Default' onclick=\"document.forms[0].form_$i.color.fromString('" . attr($flddef) . "')\">\n";
545 else if ($fldtype == 'css') {
546 if ($_GET['mode'] == "user") {
547 $globalTitle = $globalValue;
549 $themedir = "$webserver_root/interface/themes";
550 $dh = opendir($themedir);
552 echo " <select name='form_$i' id='form_$i'>\n";
553 while (false !== ($tfname = readdir($dh))) {
554 // Only show files that contain style_ as options
555 // Skip style_blue.css since this is used for
556 // lone scripts such as setup.php
557 // Also skip style_pdf.css which is for PDFs and not screen output
558 if (!preg_match("/^style_.*\.css$/", $tfname) ||
559 $tfname == 'style_blue.css' ||
$tfname == 'style_pdf.css')
561 echo "<option value='" . attr($tfname) . "'";
562 // Drop the "style_" part and any replace any underscores with spaces
563 $styleDisplayName = str_replace("_", " ", substr($tfname, 6));
564 // Strip the ".css" and uppercase the first character
565 $styleDisplayName = ucfirst(str_replace(".css", "", $styleDisplayName));
566 if ($tfname == $fldvalue) echo " selected";
568 echo text($styleDisplayName);
576 else if ($fldtype == 'hour') {
577 if ($_GET['mode'] == "user") {
578 $globalTitle = $globalValue;
580 echo " <select name='form_$i' id='form_$i'>\n";
581 for ($h = 0; $h < 24; ++
$h) {
582 echo "<option value='$h'";
583 if ($h == $fldvalue) echo " selected";
585 if ($h == 0) echo "12 AM";
586 else if ($h < 12) echo "$h AM";
587 else if ($h == 12) echo "12 PM";
588 else echo ($h - 12) . " PM";
593 if ($_GET['mode'] == "user") {
595 echo "<td align='center' style='color:red;'>" . attr($globalTitle) . "</td>\n";
596 echo "<td> </td>";
597 echo "<td align='center'><input type='checkbox' value='YES' name='toggle_" . $i . "' id='toggle_" . $i . "' " . attr($settingDefault) . "/></td>\n";
598 echo "<input type='hidden' id='globaldefault_" . $i . "' value='" . attr($globalValue) . "'>\n";
602 echo " </td></tr>\n";
606 if(trim(strtolower($fldid)) == 'portal_offsite_address_patient_link' && $GLOBALS['portal_offsite_enable'] && $GLOBALS['portal_offsite_providerid']){
607 echo "<input type='hidden' name='form_download' id='form_download'>";
608 echo "<tr><td><input onclick=\"return validate_file()\" type='button' value='".xla('Download Offsite Portal Connection Files')."' /></td><td id='file_error_message' style='color:red'></td></tr>";
619 <input type
='submit' name
='form_save' value
='<?php echo xla('Save
'); ?>' />
627 <script language
="JavaScript">
629 $
(document
).ready(function(){
633 // Use the counter ($i) to make the form user friendly for user-specific globals use
634 <?php
if ($_GET['mode'] == "user") { ?
>
635 <?php
for ($j = 0; $j <= $i; $j++
) { ?
>
636 $
("#form_<?php echo $j ?>").change(function() {
637 $
("#toggle_<?php echo $j ?>").attr('checked',false);
639 $
("#toggle_<?php echo $j ?>").change(function() {
640 if ($
('#toggle_<?php echo $j ?>').attr('checked')) {
641 var defaultGlobal
= $
("#globaldefault_<?php echo $j ?>").val();
642 $
("#form_<?php echo $j ?>").val(defaultGlobal
);