search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Conversion from MD5 to SHA-1. Passwords stored as SHA-1.
[openemr.git] / interface / usergroup / usergroup_admin_add.php
blob22b593c0bbf0fe2e007f16622fc4837a2122e222
1 <?php
2 require_once("../globals.php");
3 require_once("../../library/acl.inc");
4 require_once("$srcdir/sha1.js");
5 require_once("$srcdir/sql.inc");
6 require_once("$srcdir/formdata.inc.php");
7 require_once("$srcdir/options.inc.php");
8 require_once(dirname(__FILE__) . "/../../library/classes/WSProvider.class.php");
9
10 $alertmsg = '';
11
12 ?>
13 <html>
14 <head>
15
16 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
17 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
18 <link rel="stylesheet" type="text/css" href="<?php echo $GLOBALS['webroot'] ?>/library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" />
19 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/dialog.js"></script>
20 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/jquery.1.3.2.js"></script>
21 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/common.js"></script>
22 <script type="text/javascript" src="<?php echo $GLOBALS['webroot'] ?>/library/js/fancybox/jquery.fancybox-1.2.6.js"></script>
23 <script src="checkpwd_validation.js" type="text/javascript"></script>
24
25 <script language="JavaScript">
26
27 function submitform() {
28 if (document.forms[0].rumple.value.length>0 && document.forms[0].stiltskin.value.length>0) {
29 top.restoreSession();
30
31 //Checking if secure password is enabled or disabled.
32 //If it is enabled and entered password is a weak password, alert the user to enter strong password.
33 if(document.new_user.secure_pwd.value == 1){
34 var password = trim(document.new_user.stiltskin.value);
35 if(password != "") {
36 var pwdresult = passwordvalidate(password);
37 if(pwdresult == 0){
38 alert("<?php echo xl('The password must be at least eight characters, and should'); echo '\n'; echo xl('contain at least three of the four following items:'); echo '\n'; echo xl('A number'); echo '\n'; echo xl('A lowercase letter'); echo '\n'; echo xl('An uppercase letter'); echo '\n'; echo xl('A special character');echo '('; echo xl('not a letter or number'); echo ').'; echo '\n'; echo xl('For example:'); echo ' healthCare@09'; ?>");
39 return false;
40 }
41 }
42 } //secure_pwd if ends here
43 // ViCareplus : As per NIST standard, SHA1 encryption algorithm is used
44 document.forms[0].newauthPass.value=SHA1(document.forms[0].stiltskin.value);
45 document.forms[0].stiltskin.value='';
46 document.forms[0].submit();
47 } else {
48 if (document.forms[0].rumple.value.length<=0)
49 {document.forms[0].rumple.focus();document.forms[0].rumple.style.backgroundColor="red";}
50 if (document.forms[0].stiltskin.value.length<=0)
51 {document.forms[0].stiltskin.focus();document.forms[0].stiltskin.style.backgroundColor="red";}
52 }
53 }
54 function authorized_clicked() {
55 var f = document.forms[0];
56 f.calendar.disabled = !f.authorized.checked;
57 f.calendar.checked = f.authorized.checked;
58 }
59
60 </script>
61
62 </head>
63 <body class="body_top">
64 <table><tr><td>
65 <span class="title"><?php xl('Add User','e'); ?></span>&nbsp;</td>
66 <td>
67 <a class="css_button" name='form_save' id='form_save' href='#' onclick="return submitform()">
68 <span><?php xl('Save','e');?></span></a>
69 <a class="css_button large_button" id='cancel' href='#'>
70 <span class='css_button_span large_button_span'><?php xl('Cancel','e');?></span>
71 </a>
72 </td></tr></table>
73 <br><br>
74
75 <table border=0>
76
77 <tr><td valign=top>
78 <form name='new_user' method='post' target="_parent" action="usergroup_admin.php"
79 onsubmit='return top.restoreSession()'>
80 <input type=hidden name=mode value=new_user>
81 <input type=hidden name=secure_pwd value="<? echo $GLOBALS['secure_password']; ?>">
82 <span class="bold">&nbsp;</span>
83 </td><td>
84 <table border=0 cellpadding=0 cellspacing=0 style="width:600px;">
85 <tr>
86 <td style="width:150px;"><span class="text"><?php xl('Username','e'); ?>: </span></td><td style="width:220px;"><input type=entry name=rumple style="width:120px;"> <span class="mandatory">&nbsp;*</span></td>
87 <td style="width:150px;"><span class="text"><?php xl('Password','e'); ?>: </span></td><td style="width:250px;"><input type="entry" style="width:120px;" name=stiltskin><span class="mandatory">&nbsp;*</span></td>
88 </tr>
89 <tr>
90 <td><span class="text"<?php if ($GLOBALS['disable_non_default_groups']) echo " style='display:none'"; ?>><?php xl('Groupname','e'); ?>: </span></td>
91 <td>
92 <select name=groupname<?php if ($GLOBALS['disable_non_default_groups']) echo " style='display:none'"; ?>>
93 <?php
94 $res = sqlStatement("select distinct name from groups");
95 $result2 = array();
96 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
97 $result2[$iter] = $row;
98 foreach ($result2 as $iter) {
99 print "<option value='".$iter{"name"}."'>" . $iter{"name"} . "</option>\n";
100 }
101 ?>
102 </select></td>
103 <td><span class="text"><?php xl('Provider','e'); ?>: </span></td><td>
104 <input type='checkbox' name='authorized' value='1' onclick='authorized_clicked()' />
105 &nbsp;&nbsp;<span class='text'><?php xl('Calendar','e'); ?>:
106 <input type='checkbox' name='calendar' disabled />
107 </td>
108 </tr>
109 <tr>
110 <td><span class="text"><?php xl('First Name','e'); ?>: </span></td><td><input type=entry name='fname' style="width:120px;"></td>
111 <td><span class="text"><?php xl('Middle Name','e'); ?>: </span></td><td><input type=entry name='mname' style="width:120px;"></td>
112 </tr>
113 <tr>
114 <td><span class="text"><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name='lname' style="width:120px;"></td>
115 <td><span class="text"><?php xl('Default Facility','e'); ?>: </span></td><td><select style="width:120px;" name=facility_id>
116 <?php
117 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
118 if ($fres) {
119 for ($iter = 0;$frow = sqlFetchArray($fres);$iter++)
120 $result[$iter] = $frow;
121 foreach($result as $iter) {
122 ?>
123 <option value="<?php echo $iter{id};?>"><?php echo $iter{name};?></option>
124 <?php
125 }
126 }
127 ?>
128 </select></td>
129 </tr>
130 <tr>
131 <td><span class="text"><?php xl('Federal Tax ID','e'); ?>: </span></td><td><input type=entry name='federaltaxid' style="width:120px;"></td>
132 <td><span class="text"><?php xl('Federal Drug ID','e'); ?>: </span></td><td><input type=entry name='federaldrugid' style="width:120px;"></td>
133 </tr>
134 <tr>
135 <td><span class="text"><?php xl('UPIN','e'); ?>: </span></td><td><input type="entry" name="upin" style="width:120px;"></td>
136 <td class='text'><?php xl('See Authorizations','e'); ?>: </td>
137 <td><select name="see_auth" style="width:120px;">
138 <?php
139 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
140 {
141 echo " <option value='$key'";
142 echo ">$value</option>\n";
143 }
144 ?>
145 </select></td>
146
147 <tr>
148 <td><span class="text"><?php xl('NPI','e'); ?>: </span></td><td><input type="entry" name="npi" style="width:120px;"></td>
149 <td><span class="text"><?php xl('Job Description','e'); ?>: </span></td><td><input type="entry" name="specialty" style="width:120px;"></td>
150 </tr>
151
152 <!-- (CHEMED) Calendar UI preference -->
153 <tr>
154 <td><span class="text"><?php xl('Taxonomy','e'); ?>: </span></td>
155 <td><input type="entry" name="taxonomy" style="width:120px;" value="207Q00000X"></td>
156 <td><span class="text"><?php xl('Calendar UI','e'); ?>: </span></td><td><select name="cal_ui" style="width:120px;">
157 <?php
158 foreach (array(3 => xl('Outlook'), 1 => xl('Original'), 2 => xl('Fancy')) as $key => $value)
159 {
160 echo " <option value='$key'";
161 if ($key == $iter['cal_ui']) echo " selected";
162 echo ">$value</option>\n";
163 }
164 ?>
165 </select></td>
166 </tr>
167 <!-- END (CHEMED) Calendar UI preference -->
168
169 <?php if ($GLOBALS['inhouse_pharmacy']) { ?>
170 <tr>
171 <td class="text"><?php xl('Default Warehouse','e'); ?>: </td>
172 <td class='text'>
173 <?php
174 echo generate_select_list('default_warehouse', 'warehouse',
175 '', '');
176 ?>
177 </td>
178 <td class="text"><?php xl('Invoice Refno Pool','e'); ?>: </td>
179 <td class='text'>
180 <?php
181 echo generate_select_list('irnpool', 'irnpool', '',
182 xl('Invoice reference number pool, if used'));
183 ?>
184 </td>
185 </tr>
186 <?php } ?>
187
188 <?php
189 // List the access control groups if phpgacl installed
190 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
191 ?>
192 <tr>
193 <td class='text'><?php xl('Access Control','e'); ?>:</td>
194 <td><select name="access_group[]" multiple style="width:120px;">
195 <?php
196 $list_acl_groups = acl_get_group_title_list();
197 $default_acl_group = 'Administrators';
198 foreach ($list_acl_groups as $value) {
199 if ($default_acl_group == $value) {
200 // Modified 6-2009 by BM - Translate group name if applicable
201 echo " <option value='$value' selected>" . xl_gacl_group($value) . "</option>\n";
202 }
203 else {
204 // Modified 6-2009 by BM - Translate group name if applicable
205 echo " <option value='$value'>" . xl_gacl_group($value) . "</option>\n";
206 }
207 }
208 ?>
209 </select></td>
210 <td><span class="text"><?php xl('Additional Info','e'); ?>: </span></td>
211 <td><textarea name=info style="width:120px;" cols=27 rows=4 wrap=auto></textarea></td>
212
213 </tr>
214 <tr height="25"><td colspan="4">&nbsp;</td></tr>
215 <?php
216 }
217 ?>
218
219 </table>
220
221 <br>
222 <input type="hidden" name="newauthPass">
223 </form>
224 </td>
225
226 </tr>
227
228 <tr<?php if ($GLOBALS['disable_non_default_groups']) echo " style='display:none'"; ?>>
229
230 <td valign=top>
231 <form name='new_group' method='post' action="usergroup_admin.php"
232 onsubmit='return top.restoreSession()'>
233 <br>
234 <input type=hidden name=mode value=new_group>
235 <span class="bold"><?php xl('New Group','e'); ?>:</span>
236 </td><td>
237 <span class="text"><?php xl('Groupname','e'); ?>: </span><input type=entry name=groupname size=10>
238 &nbsp;&nbsp;&nbsp;
239 <span class="text"><?php xl('Initial User','e'); ?>: </span>
240 <select name=rumple>
241 <?php
242 $res = sqlStatement("select distinct username from users where username != ''");
243 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
244 $result[$iter] = $row;
245 foreach ($result as $iter) {
246 print "<option value='".$iter{"username"}."'>" . $iter{"username"} . "</option>\n";
247 }
248 ?>
249 </select>
250 &nbsp;&nbsp;&nbsp;
251 <input type="submit" value=<?php xl('Save','e'); ?>>
252 </form>
253 </td>
254
255 </tr>
256
257 <tr <?php if ($GLOBALS['disable_non_default_groups']) echo " style='display:none'"; ?>>
258
259 <td valign=top>
260 <form name='new_group' method='post' action="usergroup_admin.php"
261 onsubmit='return top.restoreSession()'>
262 <input type=hidden name=mode value=new_group>
263 <span class="bold"><?php xl('Add User To Group','e'); ?>:</span>
264 </td><td>
265 <span class="text">
266 <?php xl('User','e'); ?>
267 : </span>
268 <select name=rumple>
269 <?php
270 $res = sqlStatement("select distinct username from users where username != ''");
271 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
272 $result3[$iter] = $row;
273 foreach ($result3 as $iter) {
274 print "<option value='".$iter{"username"}."'>" . $iter{"username"} . "</option>\n";
275 }
276 ?>
277 </select>
278 &nbsp;&nbsp;&nbsp;
279 <span class="text"><?php xl('Groupname','e'); ?>: </span>
280 <select name=groupname>
281 <?php
282 $res = sqlStatement("select distinct name from groups");
283 $result2 = array();
284 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
285 $result2[$iter] = $row;
286 foreach ($result2 as $iter) {
287 print "<option value='".$iter{"name"}."'>" . $iter{"name"} . "</option>\n";
288 }
289 ?>
290 </select>
291 &nbsp;&nbsp;&nbsp;
292 <input type="submit" value=<?php xl('Add User To Group','e'); ?>>
293 </form>
294 </td>
295 </tr>
296
297 </table>
298
299 <?php
300 if (empty($GLOBALS['disable_non_default_groups'])) {
301 $res = sqlStatement("select * from groups order by name");
302 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
303 $result5[$iter] = $row;
304
305 foreach ($result5 as $iter) {
306 $grouplist{$iter{"name"}} .= $iter{"user"} .
307 "(<a class='link_submit' href='usergroup_admin.php?mode=delete_group&id=" .
308 $iter{"id"} . "' onclick='top.restoreSession()'>Remove</a>), ";
309 }
310
311 foreach ($grouplist as $groupname => $list) {
312 print "<span class='bold'>" . $groupname . "</span><br>\n<span class='text'>" .
313 substr($list,0,strlen($list)-2) . "</span><br>\n";
314 }
315 }
316 ?>
317
318 <script language="JavaScript">
319 <?php
320 if ($alertmsg = trim($alertmsg)) {
321 echo "alert('$alertmsg');\n";
322 }
323 ?>
324 $(document).ready(function(){
325 $("#cancel").click(function() {
326 parent.$.fn.fancybox.close();
327 });
328
329 });
330 </script>
331 <table>
332
333 </table>
334
335 </body>
336 </html>
Mirror of official OpenEMR Sourceforge repository