search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix: Update patient_tracker.php (#6595)
[openemr.git] / library / classes / Installer.class.php
blobf0354db06dc9cf13d92e9e883905a63adc5e70aa
1 <?php
2
3 /**
4 *
5 * Installer class.
6 *
7 * @package OpenEMR
8 * @link https://www.open-emr.org
9 * @author Andrew Moore <amoore@cpan.org>
10 * @author Ranganath Pathak <pathak@scrs1.org>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @copyright Copyright (c) 2010 Andrew Moore <amoore@cpan.org>
13 * @copyright Copyright (c) 2019 Ranganath Pathak <pathak@scrs1.org>
14 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
15 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
16 */
17
18 use OpenEMR\Gacl\GaclApi;
19
20 class Installer
21 {
22 public $iuser;
23 public $iuserpass;
24 public $iuname;
25 public $iufname;
26 public $igroup;
27 public $i2faEnable;
28 public $i2faSecret;
29 public $server;
30 public $loginhost;
31 public $port;
32 public $root;
33 public $rootpass;
34 public $login;
35 public $pass;
36 public $dbname;
37 public $collate;
38 public $site;
39 public $source_site_id;
40 public $clone_database;
41 public $no_root_db_access;
42 public $development_translations;
43 public $new_theme;
44 public $ippf_specific;
45 public $conffile;
46 public $main_sql;
47 public $translation_sql;
48 public $devel_translation_sql;
49 public $ippf_sql;
50 public $icd9;
51 public $cvx;
52 public $additional_users;
53 public $dumpfiles;
54 public $error_message;
55 public $debug_message;
56 public $dbh;
57
58 public function __construct($cgi_variables)
59 {
60 // Installation variables
61 // For a good explanation of these variables, see documentation in
62 // the contrib/util/installScripts/InstallerAuto.php file.
63 $this->iuser = isset($cgi_variables['iuser']) ? ($cgi_variables['iuser']) : '';
64 $this->iuserpass = isset($cgi_variables['iuserpass']) ? ($cgi_variables['iuserpass']) : '';
65 $this->iuname = isset($cgi_variables['iuname']) ? ($cgi_variables['iuname']) : '';
66 $this->iufname = isset($cgi_variables['iufname']) ? ($cgi_variables['iufname']) : '';
67 $this->igroup = isset($cgi_variables['igroup']) ? ($cgi_variables['igroup']) : '';
68 $this->i2faEnable = isset($cgi_variables['i2faenable']) ? ($cgi_variables['i2faenable']) : '';
69 $this->i2faSecret = isset($cgi_variables['i2fasecret']) ? ($cgi_variables['i2fasecret']) : '';
70 $this->server = isset($cgi_variables['server']) ? ($cgi_variables['server']) : ''; // mysql server (usually localhost)
71 $this->loginhost = isset($cgi_variables['loginhost']) ? ($cgi_variables['loginhost']) : ''; // php/apache server (usually localhost)
72 $this->port = isset($cgi_variables['port']) ? ($cgi_variables['port']) : '';
73 $this->root = isset($cgi_variables['root']) ? ($cgi_variables['root']) : '';
74 $this->rootpass = isset($cgi_variables['rootpass']) ? ($cgi_variables['rootpass']) : '';
75 $this->login = isset($cgi_variables['login']) ? ($cgi_variables['login']) : '';
76 $this->pass = isset($cgi_variables['pass']) ? ($cgi_variables['pass']) : '';
77 $this->dbname = isset($cgi_variables['dbname']) ? ($cgi_variables['dbname']) : '';
78 $this->collate = isset($cgi_variables['collate']) ? ($cgi_variables['collate']) : '';
79 $this->site = isset($cgi_variables['site']) ? ($cgi_variables['site']) : 'default'; // set to default if not set in order for install script to work correctly
80 $this->source_site_id = isset($cgi_variables['source_site_id']) ? ($cgi_variables['source_site_id']) : '';
81 $this->clone_database = isset($cgi_variables['clone_database']) ? ($cgi_variables['clone_database']) : '';
82 $this->no_root_db_access = isset($cgi_variables['no_root_db_access']) ? ($cgi_variables['no_root_db_access']) : ''; // no root access to database. user/privileges pre-configured
83 $this->development_translations = isset($cgi_variables['development_translations']) ? ($cgi_variables['development_translations']) : '';
84 $this->new_theme = isset($cgi_variables['new_theme']) ? ($cgi_variables['new_theme']) : '';
85 // Make this true for IPPF.
86 $this->ippf_specific = false;
87
88 // Record name of sql access file
89 $GLOBALS['OE_SITES_BASE'] = dirname(__FILE__) . '/../../sites';
90 $GLOBALS['OE_SITE_DIR'] = $GLOBALS['OE_SITES_BASE'] . '/' . $this->site;
91 $this->conffile = $GLOBALS['OE_SITE_DIR'] . '/sqlconf.php';
92
93 // Record names of sql table files
94 $this->main_sql = dirname(__FILE__) . '/../../sql/database.sql';
95 $this->translation_sql = dirname(__FILE__) . '/../../contrib/util/language_translations/currentLanguage_utf8.sql';
96 $this->devel_translation_sql = "http://translations.openemr.io/languageTranslations_utf8.sql";
97 $this->ippf_sql = dirname(__FILE__) . "/../../sql/ippf_layout.sql";
98 $this->icd9 = dirname(__FILE__) . "/../../sql/icd9.sql";
99 $this->cvx = dirname(__FILE__) . "/../../sql/cvx_codes.sql";
100 $this->additional_users = dirname(__FILE__) . "/../../sql/official_additional_users.sql";
101
102 // Prepare the dumpfile list
103 $this->initialize_dumpfile_list();
104
105 // Entities to hold error and debug messages
106 $this->error_message = '';
107 $this->debug_message = '';
108
109 // Entity to hold sql connection
110 $this->dbh = false;
111 }
112
113 public function login_is_valid()
114 {
115 if (($this->login == '') || (! isset($this->login))) {
116 $this->error_message = "login is invalid: '$this->login'";
117 return false;
118 }
119
120 return true;
121 }
122
123 public function char_is_valid($input_text)
124 {
125 // to prevent php injection
126 trim($input_text);
127 if ($input_text == '') {
128 return false;
129 }
130
131 if (preg_match('@[\\\\;()<>/\'"]@', $input_text)) {
132 return false;
133 }
134
135 return true;
136 }
137
138 public function databaseNameIsValid($name)
139 {
140 if (preg_match('/[^A-Za-z0-9_-]/', $name)) {
141 return false;
142 }
143 return true;
144 }
145
146 public function collateNameIsValid($name)
147 {
148 if (preg_match('/[^A-Za-z0-9_-]/', $name)) {
149 return false;
150 }
151 return true;
152 }
153
154 public function iuser_is_valid()
155 {
156 if (strpos($this->iuser, " ")) {
157 $this->error_message = "Initial user is invalid: '$this->iuser'";
158 return false;
159 }
160
161 return true;
162 }
163
164 public function iuname_is_valid()
165 {
166 if ($this->iuname == "" || !isset($this->iuname)) {
167 $this->error_message = "Initial user last name is invalid: '$this->iuname'";
168 return false;
169 }
170
171 return true;
172 }
173
174 public function password_is_valid()
175 {
176 if ($this->pass == "" || !isset($this->pass)) {
177 $this->error_message = "The password for the new database account is invalid: '$this->pass'";
178 return false;
179 }
180
181 return true;
182 }
183
184 public function user_password_is_valid()
185 {
186 if ($this->iuserpass == "" || !isset($this->iuserpass)) {
187 $this->error_message = "The password for the user is invalid: '$this->iuserpass'";
188 return false;
189 }
190
191 return true;
192 }
193
194
195
196 public function root_database_connection()
197 {
198 $this->dbh = $this->connect_to_database($this->server, $this->root, $this->rootpass, $this->port);
199 if ($this->dbh) {
200 if (!$this->set_sql_strict()) {
201 $this->error_message = 'unable to set strict sql setting';
202 return false;
203 }
204
205 return true;
206 } else {
207 $this->error_message = 'unable to connect to database as root';
208 return false;
209 }
210 }
211
212 public function user_database_connection()
213 {
214 $this->dbh = $this->connect_to_database($this->server, $this->login, $this->pass, $this->port, $this->dbname);
215 if (! $this->dbh) {
216 $this->error_message = "unable to connect to database as user: '$this->login'";
217 return false;
218 }
219
220 if (! $this->set_sql_strict()) {
221 $this->error_message = 'unable to set strict sql setting';
222 return false;
223 }
224
225 if (! $this->set_collation()) {
226 $this->error_message = 'unable to set sql collation';
227 return false;
228 }
229
230 if (! mysqli_select_db($this->dbh, $this->dbname)) {
231 $this->error_message = "unable to select database: '$this->dbname'";
232 return false;
233 }
234
235 return true;
236 }
237
238 public function create_database()
239 {
240 $sql = "create database " . $this->escapeDatabaseName($this->dbname);
241 if (empty($this->collate) || ($this->collate == 'utf8_general_ci')) {
242 $this->collate = 'utf8mb4_general_ci';
243 }
244 $sql .= " character set utf8mb4 collate " . $this->escapeCollateName($this->collate);
245 $this->set_collation();
246
247 return $this->execute_sql($sql);
248 }
249
250 public function drop_database()
251 {
252 $sql = "drop database if exists " . $this->escapeDatabaseName($this->dbname);
253 return $this->execute_sql($sql);
254 }
255
256 public function create_database_user()
257 {
258 // First, check for database user in the mysql.user table (this works for all except mariadb 10.4+)
259 $checkUser = $this->execute_sql("SELECT user FROM mysql.user WHERE user = '" . $this->escapeSql($this->login) . "' AND host = '" . $this->escapeSql($this->loginhost) . "'", false);
260 if ($checkUser === false) {
261 // Above caused error, so is MariaDB 10.4+, and need to do below query instead in the mysql.global_priv table
262 $checkUser = $this->execute_sql("SELECT user FROM mysql.global_priv WHERE user = '" . $this->escapeSql($this->login) . "' AND host = '" . $this->escapeSql($this->loginhost) . "'");
263 }
264
265 if ($checkUser === false) {
266 // there was an error in the check database user query, so return false
267 return false;
268 } elseif ($checkUser->num_rows > 0) {
269 // the mysql user already exists, so do not need to create the user, but need to set the password
270 // Note need to try two different methods, first is for newer mysql versions and second is for older mysql versions (if the first method fails)
271 $returnSql = $this->execute_sql("ALTER USER '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "' IDENTIFIED BY '" . $this->escapeSql($this->pass) . "'", false);
272 if ($returnSql === false) {
273 error_log("Using older mysql version method to set password for the mysql user");
274 $returnSql = $this->execute_sql("SET PASSWORD FOR '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "' = PASSWORD('" . $this->escapeSql($this->pass) . "')");
275 }
276 return $returnSql;
277 } else {
278 // the mysql user does not yet exist, so create the user
279 if (getenv('FORCE_DATABASE_X509_CONNECT', true) == 1) {
280 // this use case is to allow enforcement of x509 database connection use in applicable docker and kubernetes auto installations
281 return $this->execute_sql("CREATE USER '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "' IDENTIFIED BY '" . $this->escapeSql($this->pass) . "' REQUIRE X509");
282 } elseif (getenv('FORCE_DATABASE_SSL_CONNECT', true) == 1) {
283 // this use case is to allow enforcement of ssl database connection use in applicable docker and kubernetes auto installations
284 return $this->execute_sql("CREATE USER '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "' IDENTIFIED BY '" . $this->escapeSql($this->pass) . "' REQUIRE SSL");
285 } else {
286 return $this->execute_sql("CREATE USER '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "' IDENTIFIED BY '" . $this->escapeSql($this->pass) . "'");
287 }
288 }
289 }
290
291 public function grant_privileges()
292 {
293 return $this->execute_sql("GRANT ALL PRIVILEGES ON " . $this->escapeDatabaseName($this->dbname) . ".* TO '" . $this->escapeSql($this->login) . "'@'" . $this->escapeSql($this->loginhost) . "'");
294 }
295
296 public function disconnect()
297 {
298 return mysqli_close($this->dbh);
299 }
300
301 /**
302 * This method creates any dumpfiles necessary.
303 * This is actually only done if we're cloning an existing site
304 * and we need to dump their database into a file.
305 * @return bool indicating success
306 */
307 public function create_dumpfiles()
308 {
309 return $this->dumpSourceDatabase();
310 }
311
312 public function load_dumpfiles()
313 {
314 $sql_results = ''; // information string which is returned
315 foreach ($this->dumpfiles as $filename => $title) {
316 $sql_results_temp = '';
317 $sql_results_temp = $this->load_file($filename, $title);
318 if ($sql_results_temp == false) {
319 return false;
320 }
321
322 $sql_results .= $sql_results_temp;
323 }
324
325 return $sql_results;
326 }
327
328 public function load_file($filename, $title)
329 {
330 $sql_results = ''; // information string which is returned
331 $sql_results .= "Creating $title tables...\n";
332 $fd = fopen($filename, 'r');
333 if ($fd == false) {
334 $this->error_message = "ERROR. Could not open dumpfile '$filename'.\n";
335 return false;
336 }
337
338 $query = "";
339 $line = "";
340
341 // Settings to drastically speed up installation with InnoDB
342 if (! $this->execute_sql("SET autocommit=0;")) {
343 return false;
344 }
345
346 if (! $this->execute_sql("START TRANSACTION;")) {
347 return false;
348 }
349
350 while (!feof($fd)) {
351 $line = fgets($fd, 1024);
352 $line = rtrim($line);
353 if (substr($line, 0, 2) == "--") { // Kill comments
354 continue;
355 }
356
357 if (substr($line, 0, 1) == "#") { // Kill comments
358 continue;
359 }
360
361 if ($line == "") {
362 continue;
363 }
364
365 $query = $query . $line; // Check for full query
366 $chr = substr($query, strlen($query) - 1, 1);
367 if ($chr == ";") { // valid query, execute
368 $query = rtrim($query, ";");
369 if (! $this->execute_sql($query)) {
370 return false;
371 }
372
373 $query = "";
374 }
375 }
376
377 // Settings to drastically speed up installation with InnoDB
378 if (! $this->execute_sql("COMMIT;")) {
379 return false;
380 }
381
382 if (! $this->execute_sql("SET autocommit=1;")) {
383 return false;
384 }
385
386 $sql_results .= "<span class='text-success'><b>OK</b></span>.<br>\n";
387 fclose($fd);
388 return $sql_results;
389 }
390
391 public function add_version_info()
392 {
393 include dirname(__FILE__) . "/../../version.php";
394 if ($this->execute_sql("UPDATE version SET v_major = '" . $this->escapeSql($v_major) . "', v_minor = '" . $this->escapeSql($v_minor) . "', v_patch = '" . $this->escapeSql($v_patch) . "', v_realpatch = '" . $this->escapeSql($v_realpatch) . "', v_tag = '" . $this->escapeSql($v_tag) . "', v_database = '" . $this->escapeSql($v_database) . "', v_acl = '" . $this->escapeSql($v_acl) . "'") == false) {
395 $this->error_message = "ERROR. Unable insert version information into database\n" .
396 "<p>" . mysqli_error($this->dbh) . " (#" . mysqli_errno($this->dbh) . ")\n";
397 return false;
398 }
399
400 return true;
401 }
402
403 public function add_initial_user()
404 {
405 if ($this->execute_sql("INSERT INTO `groups` (id, name, user) VALUES (1,'" . $this->escapeSql($this->igroup) . "','" . $this->escapeSql($this->iuser) . "')") == false) {
406 $this->error_message = "ERROR. Unable to add initial user group\n" .
407 "<p>" . mysqli_error($this->dbh) . " (#" . mysqli_errno($this->dbh) . ")\n";
408 return false;
409 }
410
411 if ($this->execute_sql("INSERT INTO users (id, username, password, authorized, lname, fname, facility_id, calendar, cal_ui) VALUES (1,'" . $this->escapeSql($this->iuser) . "','NoLongerUsed',1,'" . $this->escapeSql($this->iuname) . "','" . $this->escapeSql($this->iufname) . "',3,1,3)") == false) {
412 $this->error_message = "ERROR. Unable to add initial user\n" .
413 "<p>" . mysqli_error($this->dbh) . " (#" . mysqli_errno($this->dbh) . ")\n";
414 return false;
415 }
416
417 $hash = password_hash($this->iuserpass, PASSWORD_DEFAULT);
418 if (empty($hash)) {
419 // Something is seriously wrong
420 error_log('OpenEMR Error : OpenEMR is not working because unable to create a hash.');
421 die("OpenEMR Error : OpenEMR is not working because unable to create a hash.");
422 }
423 if ($this->execute_sql("INSERT INTO users_secure (id, username, password, last_update_password) VALUES (1,'" . $this->escapeSql($this->iuser) . "','" . $this->escapeSql($hash) . "',NOW())") == false) {
424 $this->error_message = "ERROR. Unable to add initial user login credentials\n" .
425 "<p>" . mysqli_error($this->dbh) . " (#" . mysqli_errno($this->dbh) . ")\n";
426 return false;
427 }
428
429 // Create new 2fa if enabled
430 if (($this->i2faEnable) && (!empty($this->i2faSecret)) && (class_exists('Totp')) && (class_exists('OpenEMR\Common\Crypto\CryptoGen'))) {
431 // Encrypt the new secret with the hashed password
432 $cryptoGen = new OpenEMR\Common\Crypto\CryptoGen();
433 $secret = $cryptoGen->encryptStandard($this->i2faSecret, $hash);
434 if ($this->execute_sql("INSERT INTO login_mfa_registrations (user_id, name, method, var1, var2) VALUES (1, 'App Based 2FA', 'TOTP', '" . $this->escapeSql($secret) . "', '')") == false) {
435 $this->error_message = "ERROR. Unable to add initial user's 2FA credentials\n" .
436 "<p>" . mysqli_error($this->dbh) . " (#" . mysqli_errno($this->dbh) . ")\n";
437 return false;
438 }
439 }
440
441 return true;
442 }
443
444 /**
445 * Handle the additional users now that our gacl's have finished installing.
446 * @return bool
447 */
448 public function install_additional_users()
449 {
450 // Add the official openemr users (services)
451 if ($this->load_file($this->additional_users, "Additional Official Users") == false) {
452 return false;
453 }
454 return true;
455 }
456
457 public function on_care_coordination()
458 {
459 $resource = $this->execute_sql("SELECT `mod_id` FROM `modules` WHERE `mod_name` = 'Carecoordination' LIMIT 1");
460 $resource_array = mysqli_fetch_array($resource, MYSQLI_ASSOC);
461 $modId = $resource_array['mod_id'];
462 if (empty($modId)) {
463 $this->error_message = "ERROR configuring Care Coordination module. Unable to get mod_id for Carecoordination module\n";
464 return false;
465 }
466
467 $resource = $this->execute_sql("SELECT `section_id` FROM `module_acl_sections` WHERE `section_identifier` = 'carecoordination' LIMIT 1");
468 $resource_array = mysqli_fetch_array($resource, MYSQLI_ASSOC);
469 $sectionId = $resource_array['section_id'];
470 if (empty($sectionId)) {
471 $this->error_message = "ERROR configuring Care Coordination module. Unable to get section_id for carecoordination module section\n";
472 return false;
473 }
474
475 $resource = $this->execute_sql("SELECT `id` FROM `gacl_aro_groups` WHERE `value` = 'admin' LIMIT 1");
476 $resource_array = mysqli_fetch_array($resource, MYSQLI_ASSOC);
477 $groupId = $resource_array['id'];
478 if (empty($groupId)) {
479 $this->error_message = "ERROR configuring Care Coordination module. Unable to get id for gacl_aro_groups admin section\n";
480 return false;
481 }
482
483 if ($this->execute_sql("INSERT INTO `module_acl_group_settings` (`module_id`, `group_id`, `section_id`, `allowed`) VALUES ('" . $this->escapeSql($modId) . "', '" . $this->escapeSql($groupId) . "', '" . $this->escapeSql($sectionId) . "', 1)") == false) {
484 $this->error_message = "ERROR configuring Care Coordination module. Unable to add the module_acl_group_settings acl entry\n";
485 return false;
486 }
487
488 return true;
489 }
490
491 /**
492 * Generates the initial user's 2FA QR Code
493 * @return bool|string|void
494 */
495 public function get_initial_user_2fa_qr()
496 {
497 if (($this->i2faEnable) && (!empty($this->i2faSecret)) && (class_exists('Totp'))) {
498 $adminTotp = new Totp($this->i2faSecret, $this->iuser);
499 $qr = $adminTotp->generateQrCode();
500 return $qr;
501 }
502 return false;
503 }
504
505 /**
506 * Create site directory if it is missing.
507 * @global string $GLOBALS['OE_SITE_DIR'] contains the name of the site directory to create
508 * @return name of the site directory or False
509 */
510 public function create_site_directory()
511 {
512 if (!file_exists($GLOBALS['OE_SITE_DIR'])) {
513 $source_directory = $GLOBALS['OE_SITES_BASE'] . "/" . $this->source_site_id;
514 $destination_directory = $GLOBALS['OE_SITE_DIR'];
515 if (! $this->recurse_copy($source_directory, $destination_directory)) {
516 $this->error_message = "unable to copy directory: '$source_directory' to '$destination_directory'. " . $this->error_message;
517 return false;
518 }
519 // the new site will create it's own keys so okay to delete these copied from the source site
520 if (!$this->clone_database) {
521 array_map('unlink', glob($destination_directory . "/documents/logs_and_misc/methods/*"));
522 }
523 }
524
525 return true;
526 }
527
528 public function write_configuration_file()
529 {
530 if (!file_exists($GLOBALS['OE_SITE_DIR'])) {
531 $this->create_site_directory();
532 }
533 @touch($this->conffile); // php bug
534 $fd = @fopen($this->conffile, 'w');
535 if (! $fd) {
536 $this->error_message = 'unable to open configuration file for writing: ' . $this->conffile;
537 return false;
538 }
539
540 $string = '<?php
541 // OpenEMR
542 // MySQL Config
543
544 ';
545
546 $it_died = 0; //fmg: variable keeps running track of any errors
547
548 fwrite($fd, $string) or $it_died++;
549 fwrite($fd, "global \$disable_utf8_flag;\n") or $it_died++;
550 fwrite($fd, "\$disable_utf8_flag = false;\n\n") or $it_died++;
551 fwrite($fd, "\$host\t= '$this->server';\n") or $it_died++;
552 fwrite($fd, "\$port\t= '$this->port';\n") or $it_died++;
553 fwrite($fd, "\$login\t= '$this->login';\n") or $it_died++;
554 fwrite($fd, "\$pass\t= '$this->pass';\n") or $it_died++;
555 fwrite($fd, "\$dbase\t= '$this->dbname';\n") or $it_died++;
556 fwrite($fd, "\$db_encoding\t= 'utf8mb4';\n") or $it_died++;
557
558 $string = '
559 $sqlconf = array();
560 global $sqlconf;
561 $sqlconf["host"]= $host;
562 $sqlconf["port"] = $port;
563 $sqlconf["login"] = $login;
564 $sqlconf["pass"] = $pass;
565 $sqlconf["dbase"] = $dbase;
566 $sqlconf["db_encoding"] = $db_encoding;
567
568 //////////////////////////
569 //////////////////////////
570 //////////////////////////
571 //////DO NOT TOUCH THIS///
572 $config = 1; /////////////
573 //////////////////////////
574 //////////////////////////
575 //////////////////////////
576 ?>
577 ';
578
579 fwrite($fd, $string) or $it_died++;
580 fclose($fd) or $it_died++;
581
582 //it's rather irresponsible to not report errors when writing this file.
583 if ($it_died != 0) {
584 $this->error_message = "ERROR. Couldn't write $it_died lines to config file '$this->conffile'.\n";
585 return false;
586 }
587
588 // Tell PHP that its cached bytecode version of sqlconf.php is no longer usable.
589 if (function_exists('opcache_invalidate')) {
590 opcache_invalidate($this->conffile, true);
591 }
592
593 return true;
594 }
595
596 public function insert_globals()
597 {
598 if (!(function_exists('xl'))) {
599 function xl($s)
600 {
601 return $s;
602 }
603 } else {
604 $GLOBALS['temp_skip_translations'] = true;
605 }
606 $skipGlobalEvent = true; //use in globals.inc.php script to skip event stuff
607 require(dirname(__FILE__) . '/../globals.inc.php');
608 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
609 foreach ($grparr as $fldid => $fldarr) {
610 list($fldname, $fldtype, $flddef, $flddesc) = $fldarr;
611 if (is_array($fldtype) || substr($fldtype, 0, 2) !== 'm_') {
612 $res = $this->execute_sql("SELECT count(*) AS count FROM globals WHERE gl_name = '" . $this->escapeSql($fldid) . "'");
613 $row = mysqli_fetch_array($res, MYSQLI_ASSOC);
614 if (empty($row['count'])) {
615 $this->execute_sql("INSERT INTO globals ( gl_name, gl_index, gl_value ) " .
616 "VALUES ( '" . $this->escapeSql($fldid) . "', '0', '" . $this->escapeSql($flddef) . "' )");
617 }
618 }
619 }
620 }
621
622 return true;
623 }
624
625 public function install_gacl()
626 {
627
628 $gacl = new GaclApi();
629
630 // Create the ACO sections. Every ACO must have a section.
631 //
632 if ($gacl->add_object_section('Accounting', 'acct', 10, 0, 'ACO') === false) {
633 $this->error_message = "ERROR, Unable to create the access controls for OpenEMR.";
634 return false;
635 }
636 // xl('Accounting')
637 $gacl->add_object_section('Administration', 'admin', 10, 0, 'ACO');
638 // xl('Administration')
639 $gacl->add_object_section('Encounters', 'encounters', 10, 0, 'ACO');
640 // xl('Encounters')
641 $gacl->add_object_section('Lists', 'lists', 10, 0, 'ACO');
642 // xl('Lists')
643 $gacl->add_object_section('Patients', 'patients', 10, 0, 'ACO');
644 // xl('Patients')
645 $gacl->add_object_section('Squads', 'squads', 10, 0, 'ACO');
646 // xl('Squads')
647 $gacl->add_object_section('Sensitivities', 'sensitivities', 10, 0, 'ACO');
648 // xl('Sensitivities')
649 $gacl->add_object_section('Placeholder', 'placeholder', 10, 0, 'ACO');
650 // xl('Placeholder')
651 $gacl->add_object_section('Nation Notes', 'nationnotes', 10, 0, 'ACO');
652 // xl('Nation Notes')
653 $gacl->add_object_section('Patient Portal', 'patientportal', 10, 0, 'ACO');
654 // xl('Patient Portal')
655 $gacl->add_object_section('Menus', 'menus', 10, 0, 'ACO');
656 // xl('Menus')
657 $gacl->add_object_section('Groups', 'groups', 10, 0, 'ACO');
658 // xl('Groups')
659 $gacl->add_object_section('Inventory', 'inventory', 10, 0, 'ACO');
660 // xl('Inventory')
661
662 // Create Accounting ACOs.
663 //
664 $gacl->add_object('acct', 'Billing (write optional)', 'bill', 10, 0, 'ACO');
665 // xl('Billing (write optional)')
666 $gacl->add_object('acct', 'Price Discounting', 'disc', 10, 0, 'ACO');
667 // xl('Price Discounting')
668 $gacl->add_object('acct', 'EOB Data Entry', 'eob', 10, 0, 'ACO');
669 // xl('EOB Data Entry')
670 $gacl->add_object('acct', 'Financial Reporting - my encounters', 'rep', 10, 0, 'ACO');
671 // xl('Financial Reporting - my encounters')
672 $gacl->add_object('acct', 'Financial Reporting - anything', 'rep_a', 10, 0, 'ACO');
673 // xl('Financial Reporting - anything')
674
675 // Create Administration ACOs.
676 //
677 $gacl->add_object('admin', 'Superuser', 'super', 10, 0, 'ACO');
678 // xl('Superuser')
679 $gacl->add_object('admin', 'Calendar Settings', 'calendar', 10, 0, 'ACO');
680 // xl('Calendar Settings')
681 $gacl->add_object('admin', 'Database Reporting', 'database', 10, 0, 'ACO');
682 // xl('Database Reporting')
683 $gacl->add_object('admin', 'Forms Administration', 'forms', 10, 0, 'ACO');
684 // xl('Forms Administration')
685 $gacl->add_object('admin', 'Practice Settings', 'practice', 10, 0, 'ACO');
686 // xl('Practice Settings')
687 $gacl->add_object('admin', 'Superbill Codes Administration', 'superbill', 10, 0, 'ACO');
688 // xl('Superbill Codes Administration')
689 $gacl->add_object('admin', 'Users/Groups/Logs Administration', 'users', 10, 0, 'ACO');
690 // xl('Users/Groups/Logs Administration')
691 $gacl->add_object('admin', 'Batch Communication Tool', 'batchcom', 10, 0, 'ACO');
692 // xl('Batch Communication Tool')
693 $gacl->add_object('admin', 'Language Interface Tool', 'language', 10, 0, 'ACO');
694 // xl('Language Interface Tool')
695 $gacl->add_object('admin', 'Inventory Administration', 'drugs', 10, 0, 'ACO');
696 // xl('Inventory Administration')
697 $gacl->add_object('admin', 'ACL Administration', 'acl', 10, 0, 'ACO');
698 // xl('ACL Administration')
699 $gacl->add_object('admin', 'Multipledb', 'multipledb', 10, 0, 'ACO');
700 // xl('Multipledb')
701 $gacl->add_object('admin', 'Menu', 'menu', 10, 0, 'ACO');
702 // xl('Menu')
703 $gacl->add_object('admin', 'Manage modules', 'manage_modules', 10, 0, 'ACO');
704 // xl('Manage modules')
705
706
707 // Create ACOs for encounters.
708 //
709 $gacl->add_object('encounters', 'Authorize - my encounters', 'auth', 10, 0, 'ACO');
710 // xl('Authorize - my encounters')
711 $gacl->add_object('encounters', 'Authorize - any encounters', 'auth_a', 10, 0, 'ACO');
712 // xl('Authorize - any encounters')
713 $gacl->add_object('encounters', 'Coding - my encounters (write,wsome optional)', 'coding', 10, 0, 'ACO');
714 // xl('Coding - my encounters (write,wsome optional)')
715 $gacl->add_object('encounters', 'Coding - any encounters (write,wsome optional)', 'coding_a', 10, 0, 'ACO');
716 // xl('Coding - any encounters (write,wsome optional)')
717 $gacl->add_object('encounters', 'Notes - my encounters (write,addonly optional)', 'notes', 10, 0, 'ACO');
718 // xl('Notes - my encounters (write,addonly optional)')
719 $gacl->add_object('encounters', 'Notes - any encounters (write,addonly optional)', 'notes_a', 10, 0, 'ACO');
720 // xl('Notes - any encounters (write,addonly optional)')
721 $gacl->add_object('encounters', 'Fix encounter dates - any encounters', 'date_a', 10, 0, 'ACO');
722 // xl('Fix encounter dates - any encounters')
723 $gacl->add_object('encounters', 'Less-private information (write,addonly optional)', 'relaxed', 10, 0, 'ACO');
724 // xl('Less-private information (write,addonly optional)')
725
726 // Create ACOs for lists.
727 //
728 $gacl->add_object('lists', 'Default List (write,addonly optional)', 'default', 10, 0, 'ACO');
729 // xl('Default List (write,addonly optional)')
730 $gacl->add_object('lists', 'State List (write,addonly optional)', 'state', 10, 0, 'ACO');
731 // xl('State List (write,addonly optional)')
732 $gacl->add_object('lists', 'Country List (write,addonly optional)', 'country', 10, 0, 'ACO');
733 // xl('Country List (write,addonly optional)')
734 $gacl->add_object('lists', 'Language List (write,addonly optional)', 'language', 10, 0, 'ACO');
735 // xl('Language List (write,addonly optional)')
736 $gacl->add_object('lists', 'Ethnicity-Race List (write,addonly optional)', 'ethrace', 10, 0, 'ACO');
737 // xl('Ethnicity-Race List (write,addonly optional)')
738
739 // Create ACOs for patientportal.
740 //
741 $gacl->add_object('patientportal', 'Patient Portal', 'portal', 10, 0, 'ACO');
742 // xl('Patient Portal')
743
744 // Create ACOs for modules.
745 //
746 $gacl->add_object('menus', 'Modules', 'modle', 10, 0, 'ACO');
747 // xl('Modules')
748
749 // Create ACOs for patients.
750 //
751 $gacl->add_object('patients', 'Appointments (write,wsome optional)', 'appt', 10, 0, 'ACO');
752 // xl('Appointments (write,wsome optional)')
753 $gacl->add_object('patients', 'Demographics (write,addonly optional)', 'demo', 10, 0, 'ACO');
754 // xl('Demographics (write,addonly optional)')
755 $gacl->add_object('patients', 'Medical/History (write,addonly optional)', 'med', 10, 0, 'ACO');
756 // xl('Medical/History (write,addonly optional)')
757 $gacl->add_object('patients', 'Transactions (write optional)', 'trans', 10, 0, 'ACO');
758 // xl('Transactions (write optional)')
759 $gacl->add_object('patients', 'Documents (write,addonly optional)', 'docs', 10, 0, 'ACO');
760 // xl('Documents (write,addonly optional)')
761 $gacl->add_object('patients', 'Documents Delete', 'docs_rm', 10, 0, 'ACO');
762 // xl('Documents Delete')
763 $gacl->add_object('patients', 'Patient Notes (write,addonly optional)', 'notes', 10, 0, 'ACO');
764 // xl('Patient Notes (write,addonly optional)')
765 $gacl->add_object('patients', 'Sign Lab Results (write,addonly optional)', 'sign', 10, 0, 'ACO');
766 // xl('Sign Lab Results (write,addonly optional)')
767 $gacl->add_object('patients', 'Patient Reminders (write,addonly optional)', 'reminder', 10, 0, 'ACO');
768 // xl('Patient Reminders (write,addonly optional)')
769 $gacl->add_object('patients', 'Clinical Reminders/Alerts (write,addonly optional)', 'alert', 10, 0, 'ACO');
770 // xl('Clinical Reminders/Alerts (write,addonly optional)')
771 $gacl->add_object('patients', 'Disclosures (write,addonly optional)', 'disclosure', 10, 0, 'ACO');
772 // xl('Disclosures (write,addonly optional)')
773 $gacl->add_object('patients', 'Prescriptions (write,addonly optional)', 'rx', 10, 0, 'ACO');
774 // xl('Prescriptions (write,addonly optional)')
775 $gacl->add_object('patients', 'Amendments (write,addonly optional)', 'amendment', 10, 0, 'ACO');
776 // xl('Amendments (write,addonly optional)')
777 $gacl->add_object('patients', 'Lab Results (write,addonly optional)', 'lab', 10, 0, 'ACO');
778 // xl('Lab Results (write,addonly optional)')
779 $gacl->add_object('patients', 'Patient Report', 'pat_rep', 10, 0, 'ACO');
780 // xl('Patient Report')
781
782
783 $gacl->add_object('groups', 'View/Add/Update groups', 'gadd', 10, 0, 'ACO');
784 // xl('View/Add/Update groups')
785 $gacl->add_object('groups', 'View/Create/Update groups appointment in calendar', 'gcalendar', 10, 0, 'ACO');
786 // xl('View/Create/Update groups appointment in calendar')
787 $gacl->add_object('groups', 'Group encounter log', 'glog', 10, 0, 'ACO');
788 // xl('Group encounter log')
789 $gacl->add_object('groups', 'Group detailed log of appointment in patient record', 'gdlog', 10, 0, 'ACO');
790 // xl('Group detailed log of appointment in patient record')
791 $gacl->add_object('groups', 'Send message from the permanent group therapist to the personal therapist', 'gm', 10, 0, 'ACO');
792 // xl('Send message from the permanent group therapist to the personal therapist')
793
794 // Create ACOs for sensitivities.
795 //
796 $gacl->add_object('sensitivities', 'Normal', 'normal', 10, 0, 'ACO');
797 // xl('Normal')
798 $gacl->add_object('sensitivities', 'High', 'high', 20, 0, 'ACO');
799 // xl('High')
800
801 // Create ACO for placeholder.
802 //
803 $gacl->add_object('placeholder', 'Placeholder (Maintains empty ACLs)', 'filler', 10, 0, 'ACO');
804 // xl('Placeholder (Maintains empty ACLs)')
805
806 // Create ACO for nationnotes.
807 //
808 $gacl->add_object('nationnotes', 'Nation Notes Configure', 'nn_configure', 10, 0, 'ACO');
809 // xl('Nation Notes Configure')
810
811 // Create ACOs for Inventory.
812 //
813 $gacl->add_object('inventory', 'Lots', 'lots', 10, 0, 'ACO');
814 // xl('Lots')
815 $gacl->add_object('inventory', 'Sales', 'sales', 20, 0, 'ACO');
816 // xl('Sales')
817 $gacl->add_object('inventory', 'Purchases', 'purchases', 30, 0, 'ACO');
818 // xl('Purchases')
819 $gacl->add_object('inventory', 'Transfers', 'transfers', 40, 0, 'ACO');
820 // xl('Transfers')
821 $gacl->add_object('inventory', 'Adjustments', 'adjustments', 50, 0, 'ACO');
822 // xl('Adjustments')
823 $gacl->add_object('inventory', 'Consumption', 'consumption', 60, 0, 'ACO');
824 // xl('Consumption')
825 $gacl->add_object('inventory', 'Destruction', 'destruction', 70, 0, 'ACO');
826 // xl('Destruction')
827 $gacl->add_object('inventory', 'Reporting', 'reporting', 80, 0, 'ACO');
828 // xl('Reporting')
829
830 // Create ARO groups.
831 //
832 $users = $gacl->add_group('users', 'OpenEMR Users', 0, 'ARO');
833 // xl('OpenEMR Users')
834 $admin = $gacl->add_group('admin', 'Administrators', $users, 'ARO');
835 // xl('Administrators')
836 $clin = $gacl->add_group('clin', 'Clinicians', $users, 'ARO');
837 // xl('Clinicians')
838 $doc = $gacl->add_group('doc', 'Physicians', $users, 'ARO');
839 // xl('Physicians')
840 $front = $gacl->add_group('front', 'Front Office', $users, 'ARO');
841 // xl('Front Office')
842 $back = $gacl->add_group('back', 'Accounting', $users, 'ARO');
843 // xl('Accounting')
844 $breakglass = $gacl->add_group('breakglass', 'Emergency Login', $users, 'ARO');
845 // xl('Emergency Login')
846
847
848 // Create a Users section for the AROs (humans).
849 //
850 $gacl->add_object_section('Users', 'users', 10, 0, 'ARO');
851 // xl('Users')
852
853 // Create the Administrator in the above-created "users" section
854 // and add him/her to the above-created "admin" group.
855 // If this script is being used by OpenEMR's setup, then will
856 // incorporate the installation values. Otherwise will
857 // hardcode the 'admin' user.
858 if (isset($this) && isset($this->iuser)) {
859 $gacl->add_object('users', $this->iuname, $this->iuser, 10, 0, 'ARO');
860 $gacl->add_group_object($admin, 'users', $this->iuser, 'ARO');
861 } else {
862 $gacl->add_object('users', 'Administrator', 'admin', 10, 0, 'ARO');
863 $gacl->add_group_object($admin, 'users', 'admin', 'ARO');
864 }
865
866 // Declare return terms for language translations
867 // xl('write') xl('wsome') xl('addonly') xl('view')
868
869 // Set permissions for administrators.
870 //
871 $gacl->add_acl(
872 array(
873 'acct' => array('bill', 'disc', 'eob', 'rep', 'rep_a'),
874 'admin' => array('calendar', 'database', 'forms', 'practice', 'superbill', 'users', 'batchcom', 'language', 'super', 'drugs', 'acl','multipledb','menu','manage_modules'),
875 'encounters' => array('auth_a', 'auth', 'coding_a', 'coding', 'notes_a', 'notes', 'date_a', 'relaxed'),
876 'inventory' => array('lots', 'sales', 'purchases', 'transfers', 'adjustments', 'consumption', 'destruction', 'reporting'),
877 'lists' => array('default','state','country','language','ethrace'),
878 'patients' => array('appt', 'demo', 'med', 'trans', 'docs', 'notes', 'sign', 'reminder', 'alert', 'disclosure', 'rx', 'amendment', 'lab', 'docs_rm','pat_rep'),
879 'sensitivities' => array('normal', 'high'),
880 'nationnotes' => array('nn_configure'),
881 'patientportal' => array('portal'),
882 'menus' => array('modle'),
883 'groups' => array('gadd','gcalendar','glog','gdlog','gm')
884 ),
885 null,
886 array($admin),
887 null,
888 null,
889 1,
890 1,
891 'write',
892 'Administrators can do anything'
893 );
894 // xl('Administrators can do anything')
895
896 // Set permissions for physicians.
897 //
898 $gacl->add_acl(
899 array(
900 'patients' => array('pat_rep')
901 ),
902 null,
903 array($doc),
904 null,
905 null,
906 1,
907 1,
908 'view',
909 'Things that physicians can only read'
910 );
911 // xl('Things that physicians can only read')
912 $gacl->add_acl(
913 array(
914 'placeholder' => array('filler')
915 ),
916 null,
917 array($doc),
918 null,
919 null,
920 1,
921 1,
922 'addonly',
923 'Things that physicians can read and enter but not modify'
924 );
925 // xl('Things that physicians can read and enter but not modify')
926 $gacl->add_acl(
927 array(
928 'placeholder' => array('filler')
929 ),
930 null,
931 array($doc),
932 null,
933 null,
934 1,
935 1,
936 'wsome',
937 'Things that physicians can read and partly modify'
938 );
939 // xl('Things that physicians can read and partly modify')
940 $gacl->add_acl(
941 array(
942 'acct' => array('disc', 'rep'),
943 'admin' => array('drugs'),
944 'encounters' => array('auth_a', 'auth', 'coding_a', 'coding', 'notes_a', 'notes', 'date_a', 'relaxed'),
945 'patients' => array('appt', 'demo', 'med', 'trans', 'docs', 'notes', 'sign', 'reminder', 'alert',
946 'disclosure', 'rx', 'amendment', 'lab'),
947 'sensitivities' => array('normal', 'high'),
948 'groups' => array('gcalendar','glog')
949 ),
950 null,
951 array($doc),
952 null,
953 null,
954 1,
955 1,
956 'write',
957 'Things that physicians can read and modify'
958 );
959 // xl('Things that physicians can read and modify')
960
961 // Set permissions for clinicians.
962 //
963 $gacl->add_acl(
964 array(
965 'patients' => array('pat_rep')
966 ),
967 null,
968 array($clin),
969 null,
970 null,
971 1,
972 1,
973 'view',
974 'Things that clinicians can only read'
975 );
976 // xl('Things that clinicians can only read')
977 $gacl->add_acl(
978 array(
979 'encounters' => array('notes', 'relaxed'),
980 'patients' => array('demo', 'med', 'docs', 'notes','trans', 'reminder', 'alert', 'disclosure', 'rx', 'amendment', 'lab'),
981 'sensitivities' => array('normal')
982 ),
983 null,
984 array($clin),
985 null,
986 null,
987 1,
988 1,
989 'addonly',
990 'Things that clinicians can read and enter but not modify'
991 );
992 // xl('Things that clinicians can read and enter but not modify')
993 $gacl->add_acl(
994 array(
995 'placeholder' => array('filler')
996 ),
997 null,
998 array($clin),
999 null,
1000 null,
1001 1,
1002 1,
1003 'wsome',
1004 'Things that clinicians can read and partly modify'
1005 );
1006 // xl('Things that clinicians can read and partly modify')
1007 $gacl->add_acl(
1008 array(
1009 'admin' => array('drugs'),
1010 'encounters' => array('auth', 'coding', 'notes'),
1011 'patients' => array('appt'),
1012 'groups' => array('gcalendar', 'glog')
1013 ),
1014 null,
1015 array($clin),
1016 null,
1017 null,
1018 1,
1019 1,
1020 'write',
1021 'Things that clinicians can read and modify'
1022 );
1023 // xl('Things that clinicians can read and modify')
1024
1025 // Set permissions for front office staff.
1026 //
1027 $gacl->add_acl(
1028 array(
1029 'patients' => array('alert')
1030 ),
1031 null,
1032 array($front),
1033 null,
1034 null,
1035 1,
1036 1,
1037 'view',
1038 'Things that front office can only read'
1039 );
1040 // xl('Things that front office can only read')
1041 $gacl->add_acl(
1042 array(
1043 'placeholder' => array('filler')
1044 ),
1045 null,
1046 array($front),
1047 null,
1048 null,
1049 1,
1050 1,
1051 'addonly',
1052 'Things that front office can read and enter but not modify'
1053 );
1054 // xl('Things that front office can read and enter but not modify')
1055 $gacl->add_acl(
1056 array(
1057 'placeholder' => array('filler')
1058 ),
1059 null,
1060 array($front),
1061 null,
1062 null,
1063 1,
1064 1,
1065 'wsome',
1066 'Things that front office can read and partly modify'
1067 );
1068 // xl('Things that front office can read and partly modify')
1069 $gacl->add_acl(
1070 array(
1071 'patients' => array('appt', 'demo'),
1072 'groups' => array('gcalendar')
1073 ),
1074 null,
1075 array($front),
1076 null,
1077 null,
1078 1,
1079 1,
1080 'write',
1081 'Things that front office can read and modify'
1082 );
1083 // xl('Things that front office can read and modify')
1084
1085 // Set permissions for back office staff.
1086 //
1087 $gacl->add_acl(
1088 array(
1089 'patients' => array('alert')
1090 ),
1091 null,
1092 array($back),
1093 null,
1094 null,
1095 1,
1096 1,
1097 'view',
1098 'Things that back office can only read'
1099 );
1100 // xl('Things that back office can only read')
1101 $gacl->add_acl(
1102 array(
1103 'placeholder' => array('filler')
1104 ),
1105 null,
1106 array($back),
1107 null,
1108 null,
1109 1,
1110 1,
1111 'addonly',
1112 'Things that back office can read and enter but not modify'
1113 );
1114 // xl('Things that back office can read and enter but not modify')
1115 $gacl->add_acl(
1116 array(
1117 'placeholder' => array('filler')
1118 ),
1119 null,
1120 array($back),
1121 null,
1122 null,
1123 1,
1124 1,
1125 'wsome',
1126 'Things that back office can read and partly modify'
1127 );
1128 // xl('Things that back office can read and partly modify')
1129 $gacl->add_acl(
1130 array(
1131 'acct' => array('bill', 'disc', 'eob', 'rep', 'rep_a'),
1132 'admin' => array('practice', 'superbill'),
1133 'encounters' => array('auth_a', 'coding_a', 'date_a'),
1134 'patients' => array('appt', 'demo')
1135 ),
1136 null,
1137 array($back),
1138 null,
1139 null,
1140 1,
1141 1,
1142 'write',
1143 'Things that back office can read and modify'
1144 );
1145 // xl('Things that back office can read and modify')
1146
1147 // Set permissions for Emergency Login.
1148 //
1149 $gacl->add_acl(
1150 array(
1151 'acct' => array('bill', 'disc', 'eob', 'rep', 'rep_a'),
1152 'admin' => array('calendar', 'database', 'forms', 'practice', 'superbill', 'users', 'batchcom', 'language', 'super', 'drugs', 'acl','multipledb','menu','manage_modules'),
1153 'encounters' => array('auth_a', 'auth', 'coding_a', 'coding', 'notes_a', 'notes', 'date_a', 'relaxed'),
1154 'inventory' => array('lots', 'sales', 'purchases', 'transfers', 'adjustments', 'consumption', 'destruction', 'reporting'),
1155 'lists' => array('default','state','country','language','ethrace'),
1156 'patients' => array('appt', 'demo', 'med', 'trans', 'docs', 'notes', 'sign', 'reminder', 'alert', 'disclosure', 'rx', 'amendment', 'lab', 'docs_rm','pat_rep'),
1157 'sensitivities' => array('normal', 'high'),
1158 'nationnotes' => array('nn_configure'),
1159 'patientportal' => array('portal'),
1160 'menus' => array('modle'),
1161 'groups' => array('gadd','gcalendar','glog','gdlog','gm')
1162 ),
1163 null,
1164 array($breakglass),
1165 null,
1166 null,
1167 1,
1168 1,
1169 'write',
1170 'Emergency Login user can do anything'
1171 );
1172 // xl('Emergency Login user can do anything')
1173
1174 return true;
1175 }
1176
1177 public function quick_install()
1178 {
1179 // Validation of OpenEMR user settings
1180 // (applicable if not cloning from another database)
1181 if (empty($this->clone_database)) {
1182 if (! $this->login_is_valid()) {
1183 return false;
1184 }
1185
1186 if (! $this->iuser_is_valid()) {
1187 return false;
1188 }
1189
1190 if (! $this->user_password_is_valid()) {
1191 return false;
1192 }
1193 }
1194
1195 // Validation of mysql database password
1196 if (! $this->password_is_valid()) {
1197 return false;
1198 }
1199
1200 if (! $this->no_root_db_access) {
1201 // Connect to mysql via root user
1202 if (! $this->root_database_connection()) {
1203 return false;
1204 }
1205
1206 // Create the dumpfile
1207 // (applicable if cloning from another database)
1208 if (! empty($this->clone_database)) {
1209 if (! $this->create_dumpfiles()) {
1210 return false;
1211 }
1212 }
1213
1214 // Create the site directory
1215 // (applicable if mirroring another local site)
1216 if (! empty($this->source_site_id)) {
1217 if (! $this->create_site_directory()) {
1218 return false;
1219 }
1220 }
1221
1222 $this->disconnect();
1223 // Using @ in below call to hide the php warning in cases where the
1224 // below connection does not work, which is expected behavior.
1225 // Using try in below call to catch the mysqli exception when the
1226 // below connection does not work, which is expected behavior (needed to
1227 // add this try/catch clause for PHP 8.1).
1228 try {
1229 $checkUserDatabaseConnection = @$this->user_database_connection();
1230 } catch (Exception $e) {
1231 $checkUserDatabaseConnection = false;
1232 }
1233 if (! $checkUserDatabaseConnection) {
1234 // Re-connect to mysql via root user
1235 if (! $this->root_database_connection()) {
1236 return false;
1237 }
1238
1239 // Create the mysql database
1240 if (! $this->create_database()) {
1241 return false;
1242 }
1243
1244 // Create the mysql user
1245 if (! $this->create_database_user()) {
1246 return false;
1247 }
1248
1249 // Grant user privileges to the mysql database
1250 if (! $this->grant_privileges()) {
1251 return false;
1252 }
1253 }
1254
1255 $this->disconnect();
1256 }
1257
1258 // Connect to mysql via created user
1259 if (! $this->user_database_connection()) {
1260 return false;
1261 }
1262
1263 // Build the database
1264 if (! $this->load_dumpfiles()) {
1265 return false;
1266 }
1267
1268 // Write the sql configuration file
1269 if (! $this->write_configuration_file()) {
1270 return false;
1271 }
1272
1273 // Load the version information, globals settings,
1274 // initial user, and set up gacl access controls.
1275 // (applicable if not cloning from another database)
1276 if (empty($this->clone_database)) {
1277 if (! $this->add_version_info()) {
1278 return false;
1279 }
1280
1281 if (! $this->insert_globals()) {
1282 return false;
1283 }
1284
1285 if (! $this->add_initial_user()) {
1286 return false;
1287 }
1288
1289 if (! $this->install_gacl()) {
1290 return false;
1291 }
1292
1293 if (! $this->install_additional_users()) {
1294 return false;
1295 }
1296
1297 if (! $this->on_care_coordination()) {
1298 return false;
1299 }
1300 }
1301
1302 return true;
1303 }
1304
1305 private function escapeSql($sql)
1306 {
1307 return mysqli_real_escape_string($this->dbh, $sql);
1308 }
1309
1310 private function escapeDatabaseName($name)
1311 {
1312 if (preg_match('/[^A-Za-z0-9_-]/', $name)) {
1313 error_log("Illegal character(s) in database name");
1314 die("Illegal character(s) in database name");
1315 }
1316 return $name;
1317 }
1318
1319 private function escapeCollateName($name)
1320 {
1321 if (preg_match('/[^A-Za-z0-9_-]/', $name)) {
1322 error_log("Illegal character(s) in collation name");
1323 die("Illegal character(s) in collation name");
1324 }
1325 return $name;
1326 }
1327
1328 private function execute_sql($sql, $showError = true)
1329 {
1330 $this->error_message = '';
1331 if (! $this->dbh) {
1332 $this->user_database_connection();
1333 }
1334
1335 $results = mysqli_query($this->dbh, $sql);
1336 if ($results) {
1337 return $results;
1338 } else {
1339 if ($showError) {
1340 $error_mes = mysqli_error($this->dbh);
1341 $this->error_message = "unable to execute SQL: '$sql' due to: " . $error_mes;
1342 error_log("ERROR IN OPENEMR INSTALL: Unable to execute SQL: " . htmlspecialchars($sql, ENT_QUOTES) . " due to: " . htmlspecialchars($error_mes, ENT_QUOTES));
1343 }
1344 return false;
1345 }
1346 }
1347
1348 private function connect_to_database($server, $user, $password, $port, $dbname = '')
1349 {
1350 $pathToCerts = __DIR__ . "/../../sites/" . $this->site . "/documents/certificates/";
1351 $mysqlSsl = false;
1352 $mysqli = mysqli_init();
1353 if (defined('MYSQLI_CLIENT_SSL') && file_exists($pathToCerts . "mysql-ca")) {
1354 $mysqlSsl = true;
1355 if (
1356 file_exists($pathToCerts . "mysql-key") &&
1357 file_exists($pathToCerts . "mysql-cert")
1358 ) {
1359 // with client side certificate/key
1360 mysqli_ssl_set(
1361 $mysqli,
1362 $pathToCerts . "mysql-key",
1363 $pathToCerts . "mysql-cert",
1364 $pathToCerts . "mysql-ca",
1365 null,
1366 null
1367 );
1368 } else {
1369 // without client side certificate/key
1370 mysqli_ssl_set(
1371 $mysqli,
1372 null,
1373 null,
1374 $pathToCerts . "mysql-ca",
1375 null,
1376 null
1377 );
1378 }
1379 }
1380 try {
1381 if ($mysqlSsl) {
1382 $ok = mysqli_real_connect($mysqli, $server, $user, $password, $dbname, (int)$port != 0 ? (int)$port : 3306, '', MYSQLI_CLIENT_SSL);
1383 } else {
1384 $ok = mysqli_real_connect($mysqli, $server, $user, $password, $dbname, (int)$port != 0 ? (int)$port : 3306);
1385 }
1386 } catch (mysqli_sql_exception $e) {
1387 $this->error_message = "unable to connect to sql server because of mysql error: " . $e->getMessage();
1388 return false;
1389 }
1390 if (!$ok) {
1391 $this->error_message = 'unable to connect to sql server because of: (' . mysqli_connect_errno() . ') ' . mysqli_connect_error();
1392 return false;
1393 }
1394 return $mysqli;
1395 }
1396
1397 private function set_sql_strict()
1398 {
1399 // Turn off STRICT SQL
1400 return $this->execute_sql("SET sql_mode = ''");
1401 }
1402
1403 private function set_collation()
1404 {
1405 return $this->execute_sql("SET NAMES 'utf8mb4'");
1406 }
1407
1408 /**
1409 * innitialize $this->dumpfiles, an array of the dumpfiles that will
1410 * be loaded into the database, including the correct translation
1411 * dumpfile.
1412 * The keys are the paths of the dumpfiles, and the values are the titles
1413 * @return array
1414 */
1415 private function initialize_dumpfile_list()
1416 {
1417 if ($this->clone_database) {
1418 $this->dumpfiles = array( $this->get_backup_filename() => 'clone database' );
1419 } else {
1420 $dumpfiles = array( $this->main_sql => 'Main' );
1421 if (! empty($this->development_translations)) {
1422 // Use the online development translation set
1423 $dumpfiles[ $this->devel_translation_sql ] = "Online Development Language Translations (utf8)";
1424 } else {
1425 // Use the local translation set
1426 $dumpfiles[ $this->translation_sql ] = "Language Translation (utf8)";
1427 }
1428
1429 if ($this->ippf_specific) {
1430 $dumpfiles[ $this->ippf_sql ] = "IPPF Layout";
1431 }
1432
1433 // Load ICD-9 codes if present.
1434 if (file_exists($this->icd9)) {
1435 $dumpfiles[ $this->icd9 ] = "ICD-9";
1436 }
1437
1438 // Load CVX codes if present
1439 if (file_exists($this->cvx)) {
1440 $dumpfiles[ $this->cvx ] = "CVX Immunization Codes";
1441 }
1442
1443 $this->dumpfiles = $dumpfiles;
1444 }
1445
1446 return $this->dumpfiles;
1447 }
1448
1449 /**
1450 *
1451 * Directory copy logic borrowed from a user comment at
1452 * http://www.php.net/manual/en/function.copy.php
1453 * @param string $src name of the directory to copy
1454 * @param string $dst name of the destination to copy to
1455 * @return bool indicating success
1456 */
1457 private function recurse_copy($src, $dst)
1458 {
1459 $dir = opendir($src);
1460 if (! @mkdir($dst)) {
1461 $this->error_message = "unable to create directory: '$dst'";
1462 return false;
1463 }
1464
1465 while (false !== ($file = readdir($dir))) {
1466 if ($file != '.' && $file != '..') {
1467 if (is_dir($src . '/' . $file)) {
1468 $this->recurse_copy($src . '/' . $file, $dst . '/' . $file);
1469 } else {
1470 copy($src . '/' . $file, $dst . '/' . $file);
1471 }
1472 }
1473 }
1474
1475 closedir($dir);
1476 return true;
1477 }
1478
1479 /**
1480 *
1481 * dump a site's database to a temporary file.
1482 * @param string $source_site_id the site_id of the site to dump
1483 * @return filename of the backup
1484 */
1485 private function dumpSourceDatabase()
1486 {
1487 global $OE_SITES_BASE;
1488 $source_site_id = $this->source_site_id;
1489
1490 include("$OE_SITES_BASE/$source_site_id/sqlconf.php");
1491
1492 if (empty($config)) {
1493 die("Source site $source_site_id has not been set up!");
1494 }
1495
1496 $backup_file = $this->get_backup_filename();
1497 $cmd = "mysqldump -u " . escapeshellarg($login) .
1498 " -h " . $host .
1499 " -p" . escapeshellarg($pass) .
1500 " --ignore-table=" . escapeshellarg($dbase . ".onsite_activity_view") . " --hex-blob --opt --skip-extended-insert --quote-names -r $backup_file " .
1501 escapeshellarg($dbase);
1502
1503 $tmp1 = [];
1504 $tmp0 = exec($cmd, $tmp1, $tmp2);
1505 if ($tmp2) {
1506 die("Error $tmp2 running \"$cmd\": $tmp0 " . implode(' ', $tmp1));
1507 }
1508
1509 return $backup_file;
1510 }
1511
1512 /**
1513 * @return filename of the source backup database for cloning
1514 */
1515 private function get_backup_filename()
1516 {
1517 if (stristr(PHP_OS, 'WIN')) {
1518 $backup_file = 'C:/windows/temp/setup_dump.sql';
1519 } else {
1520 $backup_file = '/tmp/setup_dump.sql';
1521 }
1522
1523 return $backup_file;
1524 }
1525 //RP_ADDED
1526 public function getCurrentTheme()
1527 {
1528 $current_theme = $this->execute_sql("SELECT gl_value FROM globals WHERE gl_name LIKE '%css_header%'");
1529 $current_theme = mysqli_fetch_array($current_theme);
1530 return $current_theme[0];
1531 }
1532
1533 public function setCurrentTheme()
1534 {
1535 $current_theme = $this->getCurrentTheme();
1536 // for cloned sites since they're not asked about a new theme
1537 if (!$this->new_theme) {
1538 $this->new_theme = $current_theme;
1539 }
1540 return $this->execute_sql("UPDATE globals SET gl_value='" . $this->escapeSql($this->new_theme) . "' WHERE gl_name LIKE '%css_header%'");
1541 }
1542
1543 public function listThemes()
1544 {
1545 $themes_img_dir = "public/images/stylesheets/";
1546 $arr_themes_img = array_values(array_filter(scandir($themes_img_dir), function ($item) {
1547 return $item[0] !== '.';
1548 }));
1549 return $arr_themes_img;
1550 }
1551
1552 private function extractFileName($theme_file_name = '')
1553 {
1554 $this->theme_file_name = $theme_file_name;
1555 $under_score = strpos($theme_file_name, '_') + 1;
1556 $dot = strpos($theme_file_name, '.');
1557 $theme_value = substr($theme_file_name, $under_score, ($dot - $under_score));
1558 $theme_title = ucwords(str_replace("_", " ", $theme_value));
1559 return array('theme_value' => $theme_value, 'theme_title' => $theme_title);
1560 }
1561
1562 public function displayThemesDivs()
1563 {
1564 $themes_number = count($this->listThemes());
1565 for ($i = 0; $i < $themes_number; $i++) {
1566 $id = $i + 1;
1567 $arr_theme_name = $this->listThemes();
1568 $theme_file_name = $arr_theme_name[$i];
1569 $arr_extracted_file_name = $this->extractFileName($theme_file_name);
1570 $theme_value = $arr_extracted_file_name['theme_value'];
1571 $theme_title = $arr_extracted_file_name['theme_title'];
1572 $img_path = "public/images/stylesheets/";
1573 $theme_file_path = $img_path . $theme_file_name;
1574 $div_start = " <div class='row'>";
1575 $div_end = " </div>";
1576 $img_div = " <div class='col-sm-2 checkboxgroup'>
1577 <label for='my_radio_button_id" . attr($id) . "'><img height='160px' src='" . attr($theme_file_path) . "' width='100%'></label>
1578 <p class='m-0'>" . text($theme_title) . "</p><input id='my_radio_button_id" . attr($id) . "' name='stylesheet' type='radio' value='" . attr($theme_value) . "'>
1579 </div>";
1580 $theme_img_number = $i % 6; //to ensure that last file in array will always generate 5 and will end the row
1581 switch ($theme_img_number) {
1582 case 0: //start row
1583 echo $div_start . "\r\n";
1584 echo $img_div . "\r\n";
1585 break;
1586
1587 case 1:
1588 case 2:
1589 case 3:
1590 case 4:
1591 echo $img_div . "\r\n";
1592 break;
1593
1594 case 5://end row
1595 echo $img_div . "\r\n";
1596 echo $div_end . "\r\n";
1597 echo "<br />" . "\r\n";
1598 break;
1599
1600 default:
1601 echo $div_start . "\r\n";
1602 echo "<h5>Sorry no stylesheet images in directory</h5>";
1603 echo $div_end . "\r\n";
1604 break;
1605 }
1606 }
1607 return;
1608 }
1609
1610 public function displaySelectedThemeDiv()
1611 {
1612 $theme_file_name = $this->getCurrentTheme();
1613 $arr_extracted_file_name = $this->extractFileName($theme_file_name);
1614 $theme_value = $arr_extracted_file_name['theme_value'];
1615 $theme_title = $arr_extracted_file_name['theme_title'];
1616 $img_path = "public/images/stylesheets/";
1617 $theme_file_path = $img_path . "style_" . $theme_value . ".png";
1618
1619 $display_selected_theme_div = <<<DSTD
1620 <div class="row">
1621 <div class="col-sm-12">
1622 <h4>Current Theme:</h4>
1623 <div class="col-sm-4 offset-sm-4 checkboxgroup">
1624 <label for="nothing"><img id="current_theme" src="{$theme_file_path}" width="100%"></label>
1625 <p id="current_theme_title"style="margin:0">{$theme_title}</p>
1626 </div>
1627 </div>
1628 </div>
1629 <br />
1630 DSTD;
1631 echo $display_selected_theme_div . "\r\n";
1632 return;
1633 }
1634
1635 public function displayNewThemeDiv()
1636 {
1637 // cloned sites don't get a chance to set a new theme
1638 if (!$this->new_theme) {
1639 $this->new_theme = $this->getCurrentTheme();
1640 }
1641 $theme_file_name = $this->new_theme;
1642 $arr_extracted_file_name = $this->extractFileName($theme_file_name);
1643 $theme_value = $arr_extracted_file_name['theme_value'];
1644 $theme_title = $arr_extracted_file_name['theme_title'];
1645 $img_path = "public/images/stylesheets/";
1646 $theme_file_path = $img_path . "style_" . $theme_value . ".png";
1647
1648 $display_selected_theme_div = <<<DSTD
1649 <div class="row">
1650 <div class="col-sm-12">
1651 <div class="col-sm-4 offset-sm-4 checkboxgroup">
1652 <label for="nothing"><img id="current_theme" src="{$theme_file_path}" width="75%"></label>
1653 <p id="current_theme_title"style="margin:0">{$theme_title}</p>
1654 </div>
1655 </div>
1656 </div>
1657 <br />
1658 DSTD;
1659 echo $display_selected_theme_div . "\r\n";
1660 return;
1661 }
1662
1663 public function setupHelpModal()
1664 {
1665 $setup_help_modal = <<<SETHLP
1666 <div class="row">
1667 <div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
1668 <div class="modal-dialog modal-lg">
1669 <div class="modal-content oe-modal-content" style="height:700px">
1670 <div class="modal-header clearfix">
1671 <button type="button" class="close" data-dismiss="modal" aria-label=Close>
1672 <span aria-hidden="true" style="color:var(--black); font-size:1.5em;">×</span></button>
1673 </div>
1674 <div class="modal-body" style="height:80%;">
1675 <iframe src="" id="targetiframe" style="height:100%; width:100%; overflow-x: hidden; border:none"
1676 allowtransparency="true"></iframe>
1677 </div>
1678 <div class="modal-footer" style="margin-top:0px;">
1679 <button class="btn btn-link btn-cancel oe-pull-away" data-dismiss="modal" type="button">Close</button>
1680 <!--<button class="btn btn-secondary btn-print oe-pull-away" data-dismiss="modal" id="print-help-href" type="button">Print</button>-->
1681 </div>
1682 </div>
1683 </div>
1684 </div>
1685 </div>
1686 <script>
1687 $(function () {
1688 $('#help-href').click (function(){
1689 document.getElementById('targetiframe').src = "Documentation/help_files/openemr_installation_help.php";
1690 })
1691 });
1692 $(function () {
1693 $('#print-help-href').click (function(){
1694 $("#targetiframe").get(0).contentWindow.print();
1695 })
1696 });
1697 // Jquery draggable
1698 $(".modal-dialog").addClass('drag-action');
1699 $(".modal-content").addClass('resize-action');
1700 </script>
1701 SETHLP;
1702 echo $setup_help_modal . "\r\n";
1703 return;
1704 }
1705 }
Mirror of official OpenEMR Sourceforge repository