2 include_once("../globals.php");
3 include_once("$srcdir/auth.inc");
4 include_once("../../library/acl.inc");
6 include_once("$srcdir/md5.js");
7 include_once("$srcdir/sql.inc");
8 require_once(dirname(__FILE__
) . "/../../library/classes/WSProvider.class.php");
15 <link rel
=stylesheet href
="<?echo $css_header;?>" type
="text/css">
18 <body
<?
echo $top_bg_line;?
> topmargin
=0 rightmargin
=0 leftmargin
=2 bottommargin
=0 marginwidth
=2 marginheight
=0>
21 <a href
="usergroup_admin.php"><span
class="title"><?
xl('User Administration','e'); ?
></span
></a
>
25 if (!$_GET["id"] ||
!acl_check('admin', 'users'))
28 if ($_GET["mode"] == "update") {
29 if ($_GET["username"]) {
30 $tqvar = addslashes($_GET["username"]);
31 $user_data = mysql_fetch_array(sqlStatement("select * from users where id={$_GET["id
"]}"));
32 sqlStatement("update users set username='$tqvar' where id={$_GET["id
"]}");
33 sqlStatement("update groups set user='$tqvar' where user='". $user_data["username"] ."'");
34 //echo "query was: " ."update groups set user='$tqvar' where user='". $user_data["username"] ."'" ;
37 $tqvar = addslashes($_GET["taxid"]);
38 sqlStatement("update users set federaltaxid='$tqvar' where id={$_GET["id
"]}");
40 if ($_GET["drugid"]) {
41 $tqvar = addslashes($_GET["drugid"]);
42 sqlStatement("update users set federaldrugid='$tqvar' where id={$_GET["id
"]}");
45 $tqvar = addslashes($_GET["upin"]);
46 sqlStatement("update users set upin='$tqvar' where id={$_GET["id
"]}");
49 $tqvar = addslashes($_GET["lname"]);
50 sqlStatement("update users set lname='$tqvar' where id={$_GET["id
"]}");
53 $tqvar = addslashes($_GET["mname"]);
54 sqlStatement("update users set mname='$tqvar' where id={$_GET["id
"]}");
56 if ($_GET["facility"]) {
57 $tqvar = addslashes($_GET["facility"]);
58 sqlStatement("update users set facility='$tqvar' where id={$_GET["id
"]}");
61 $tqvar = addslashes($_GET["fname"]);
62 sqlStatement("update users set fname='$tqvar' where id={$_GET["id
"]}");
64 if ($_GET["newauthPass"] && $_GET["newauthPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
65 $tqvar = addslashes($_GET["newauthPass"]);
66 sqlStatement("update users set password='$tqvar' where id={$_GET["id
"]}");
69 if ($_GET["authorized"] == "on")
74 sqlStatement("UPDATE users SET authorized = $tqvar, " .
75 "see_auth = '" . $_GET['see_auth'] . "' WHERE " .
76 "id = {$_GET["id
"]}");
78 if ($_GET["comments"]) {
79 $tqvar = addslashes($_GET["comments"]);
80 sqlStatement("update users set info='$tqvar' where id={$_GET["id
"]}");
82 $ws = new WSProvider($_GET['id']);
85 $res = sqlStatement("select * from users where id={$_GET["id
"]}");
86 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
87 $result[$iter] = $row;
91 <FORM NAME
="user_form" METHOD
="GET" ACTION
="user_admin.php">
92 <TABLE border
=0 cellpadding
=0 cellspacing
=0>
94 <TD
><span
class=text
><?
xl('Username','e'); ?
>: </span
></TD
><TD
><input type
=entry name
=username size
=20 value
="<? echo $iter["username
"]; ?>" disabled
>  
;</td
>
95 <TD
><span
class=text
><?
xl('Password','e'); ?
>: </span
></TD
><TD
class='text'><input type
=password name
=clearPass size
=20 value
=""> * <?
xl('Leave blank to keep password unchanged.','e'); ?
></td
>
99 <td
><span
class="text"> 
;</span
></td
><td
> 
;</td
>
100 <TD
><span
class=text
><?
xl('Authorized','e'); ?
>: </TD
>
101 <TD
><INPUT TYPE
="checkbox" name
="authorized"<?
102 if ($iter["authorized"] == 1)
108 <TD
><span
class=text
><?
xl('First Name','e'); ?
>: </span
></TD
>
109 <TD
><input type
=entry name
=fname size
=20 value
="<? echo $iter["fname
"]; ?>"></td
>
110 <td
><span
class=text
><?
xl('Middle Name','e'); ?
>: </span
></TD
><td
><input type
=entry name
=mname size
=20 value
="<? echo $iter["mname
"]; ?>"></td
>
114 <td
><span
class=text
><?
xl('Last Name','e'); ?
>: </span
></td
><td
><input type
=entry name
=lname size
=20 value
="<? echo $iter["lname
"]; ?>"></td
>
115 <td
><span
class=text
><?
xl('Default Facility','e'); ?
>: </span
></td
><td
><select name
=facility
>
117 $fres = sqlStatement("select * from facility order by name");
119 for ($iter2 = 0;$frow = sqlFetchArray($fres);$iter2++
)
120 $result[$iter2] = $frow;
121 foreach($result as $iter2) {
123 <option value
="<?echo $iter2{name};?>" <?
if ($iter{"facility"} == $iter2{name
}) {echo "selected";};?
>><?
echo $iter2{name
};?
></option
>
132 <TD
><span
class=text
><?
xl('Federal Tax ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=taxid size
=20 value
="<? echo $iter["federaltaxid
"]?>"></td
>
133 <TD
><span
class=text
><?
xl('Federal Drug ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=drugid size
=20 value
="<? echo $iter["federaldrugid
"]?>"></td
>
137 <td
><span
class="text"><?
xl('UPIN','e'); ?
>: </span
></td
><td
><input type
="text" name
="upin" size
="20" value
="<? echo $iter["upin
"]?>"></td
>
138 <td
class='text'><?
xl('See Authorizations','e'); ?
>: </td
>
139 <td
><select name
="see_auth">
141 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
143 echo " <option value='$key'";
144 if ($key == $iter['see_auth']) echo " selected";
145 echo ">$value</option>\n";
152 <span
class=text
><?
xl('Additional Info','e'); ?
>:</span
><br
>
153 <textarea name
="comments" wrap
=auto rows
=4 cols
=30><?
echo $iter["info"];?
></textarea
>
155 <br
> 
; 
; 
;
156 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<? echo $_GET["id
"]; ?>">
157 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
158 <INPUT TYPE
="HIDDEN" NAME
="newauthPass" VALUE
="">
159 <INPUT TYPE
="Submit" VALUE
=<?
xl('Save Changes','e'); ?
> onClick
="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';">
161 <a href
="usergroup_admin.php" class=link_submit
>[<?
xl('Back','e'); ?
>]</font
></a
>
169 // d41d8cd98f00b204e9800998ecf8427e == blank
