2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
7 require_once("../globals.php");
8 require_once("../../library/acl.inc");
9 require_once("$srcdir/md5.js");
10 require_once("$srcdir/sql.inc");
11 require_once(dirname(__FILE__
) . "/../../library/classes/WSProvider.class.php");
17 <link rel
="stylesheet" href
="<?php echo $css_header; ?>" type
="text/css">
20 <body
class="body_top">
22 <a href
="usergroup_admin.php"><span
class="title"><?php
xl('User Administration','e'); ?
></span
></a
>
26 if (!$_GET["id"] ||
!acl_check('admin', 'users'))
29 if ($_GET["mode"] == "update") {
30 if ($_GET["username"]) {
31 $tqvar = addslashes($_GET["username"]);
32 $user_data = mysql_fetch_array(sqlStatement("select * from users where id={$_GET["id
"]}"));
33 sqlStatement("update users set username='$tqvar' where id={$_GET["id
"]}");
34 sqlStatement("update groups set user='$tqvar' where user='". $user_data["username"] ."'");
35 //echo "query was: " ."update groups set user='$tqvar' where user='". $user_data["username"] ."'" ;
38 $tqvar = addslashes($_GET["taxid"]);
39 sqlStatement("update users set federaltaxid='$tqvar' where id={$_GET["id
"]}");
41 if ($_GET["drugid"]) {
42 $tqvar = addslashes($_GET["drugid"]);
43 sqlStatement("update users set federaldrugid='$tqvar' where id={$_GET["id
"]}");
46 $tqvar = addslashes($_GET["upin"]);
47 sqlStatement("update users set upin='$tqvar' where id={$_GET["id
"]}");
50 $tqvar = addslashes($_GET["npi"]);
51 sqlStatement("update users set npi='$tqvar' where id={$_GET["id
"]}");
53 if ($_GET["taxonomy"]) {
54 $tqvar = addslashes($_GET["taxonomy"]);
55 sqlStatement("update users set taxonomy = '$tqvar' where id= {$_GET["id
"]}");
58 $tqvar = addslashes($_GET["lname"]);
59 sqlStatement("update users set lname='$tqvar' where id={$_GET["id
"]}");
62 $tqvar = addslashes($_GET["job"]);
63 sqlStatement("update users set specialty='$tqvar' where id={$_GET["id
"]}");
66 $tqvar = addslashes($_GET["mname"]);
67 sqlStatement("update users set mname='$tqvar' where id={$_GET["id
"]}");
69 if ($_GET["facility_id"]) {
70 $tqvar = addslashes($_GET["facility_id"]);
71 sqlStatement("update users set facility_id = '$tqvar' where id = {$_GET["id
"]}");
72 //(CHEMED) Update facility name when changing the id
73 sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '$tqvar' AND users.id = {$_GET["id
"]}");
77 $tqvar = addslashes($_GET["fname"]);
78 sqlStatement("update users set fname='$tqvar' where id={$_GET["id
"]}");
81 //(CHEMED) Calendar UI preference
82 if ($_GET["cal_ui"]) {
83 $tqvar = addslashes($_GET["cal_ui"]);
84 sqlStatement("update users set cal_ui = '$tqvar' where id = {$_GET["id
"]}");
86 //END (CHEMED) Calendar UI preference
88 if ($_GET["newauthPass"] && $_GET["newauthPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
89 $tqvar = addslashes($_GET["newauthPass"]);
90 sqlStatement("update users set password='$tqvar' where id={$_GET["id
"]}");
93 // for relay health single sign-on
94 if ($_GET["ssi_relayhealth"]) {
95 $tqvar = addslashes($_GET["ssi_relayhealth"]);
96 sqlStatement("update users set ssi_relayhealth = '$tqvar' where id = {$_GET["id
"]}");
99 $tqvar = $_GET["authorized"] ?
1 : 0;
100 $actvar = $_GET["active"] ?
1 : 0;
102 sqlStatement("UPDATE users SET authorized = $tqvar, active = $actvar, " .
103 "see_auth = '" . $_GET['see_auth'] . "' WHERE " .
104 "id = {$_GET["id
"]}");
106 if ($_GET["comments"]) {
107 $tqvar = addslashes($_GET["comments"]);
108 sqlStatement("update users set info = '$tqvar' where id = {$_GET["id
"]}");
111 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
112 // Set the access control group of user
113 $user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id
"]}"));
114 set_user_aro($_GET["access_group"], $user_data["username"], $_GET["fname"], $_GET["mname"], $_GET["lname"]);
117 // ===========================
119 if ( $_GET["beroep"] ) {
120 $tqvar = (int)($_GET["beroep"]);
121 sqlStatement("INSERT INTO cl_user_beroep SET cl_beroep_sysid='$tqvar', cl_beroep_userid={$_GET['id']}
122 ON DUPLICATE KEY UPDATE cl_beroep_sysid='$tqvar'");
125 // ===========================
127 $ws = new WSProvider($_GET['id']);
130 $res = sqlStatement("select * from users where id={$_GET["id
"]}");
131 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
132 $result[$iter] = $row;
135 // ===========================
137 if ($GLOBALS['dutchpc']) {
138 $beroep = sqlStatement("SELECT * FROM cl_user_beroep WHERE cl_beroep_userid={$_GET["id
"]}");
139 $rowberoep = sqlFetchArray($beroep);
142 // ===========================
145 <FORM NAME
="user_form" METHOD
="GET" ACTION
="user_admin.php">
146 <TABLE border
=0 cellpadding
=0 cellspacing
=0>
148 <TD
><span
class=text
><?php
xl('Username','e'); ?
>: </span
></TD
><TD
><input type
=entry name
=username size
=20 value
="<?php echo $iter["username
"]; ?>" disabled
>  
;</td
>
149 <TD
><span
class=text
><?php
xl('Password','e'); ?
>: </span
></TD
><TD
class='text'><input type
=password name
=clearPass size
=20 value
=""> * <?php
xl('Leave blank to keep password unchanged.','e'); ?
></td
>
153 <td
><span
class="text"> 
;</span
></td
><td
> 
;</td
>
154 <TD
><span
class=text
><?php
xl('Authorized','e'); ?
>: </TD
>
156 <input type
="checkbox" name
="authorized"<?php
if ($iter["authorized"]) echo " checked"; ?
> />
157  
; 
;<span
class='text'><?php
xl('Active','e'); ?
>:
158 <input type
="checkbox" name
="active"<?php
if ($iter["active"]) echo " checked"; ?
> />
163 <TD
><span
class=text
><?php
xl('First Name','e'); ?
>: </span
></TD
>
164 <TD
><input type
=entry name
=fname size
=20 value
="<?php echo $iter["fname
"]; ?>"></td
>
165 <td
><span
class=text
><?php
xl('Middle Name','e'); ?
>: </span
></TD
><td
><input type
=entry name
=mname size
=20 value
="<?php echo $iter["mname
"]; ?>"></td
>
169 <td
><span
class=text
><?php
xl('Last Name','e'); ?
>: </span
></td
><td
><input type
=entry name
=lname size
=20 value
="<?php echo $iter["lname
"]; ?>"></td
>
170 <td
><span
class=text
><?php
xl('Default Facility','e'); ?
>: </span
></td
><td
><select name
=facility_id
>
172 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
174 for ($iter2 = 0; $frow = sqlFetchArray($fres); $iter2++
)
175 $result[$iter2] = $frow;
176 foreach($result as $iter2) {
178 <option value
="<?php echo $iter2['id']; ?>" <?php
if ($iter['facility_id'] == $iter2['id']) echo "selected"; ?
>><?php
echo $iter2['name']; ?
></option
>
187 <TD
><span
class=text
><?php
xl('Federal Tax ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=taxid size
=20 value
="<?php echo $iter["federaltaxid
"]?>"></td
>
188 <TD
><span
class=text
><?php
xl('Federal Drug ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=drugid size
=20 value
="<?php echo $iter["federaldrugid
"]?>"></td
>
192 <td
><span
class="text"><?php
xl('UPIN','e'); ?
>: </span
></td
><td
><input type
="text" name
="upin" size
="20" value
="<?php echo $iter["upin
"]?>"></td
>
193 <td
class='text'><?php
xl('See Authorizations','e'); ?
>: </td
>
194 <td
><select name
="see_auth">
196 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
198 echo " <option value='$key'";
199 if ($key == $iter['see_auth']) echo " selected";
200 echo ">$value</option>\n";
206 <td
><span
class="text"><?php
xl('NPI','e'); ?
>: </span
></td
><td
><input type
="text" name
="npi" size
="20" value
="<?php echo $iter["npi
"]?>"></td
>
209 // ===========================
211 // if DBC don't show Job Description; show instead Beroep Box
212 if ( !$GLOBALS['dutchpc']) { ?
>
213 <td
><span
class="text"><?php
xl('Job Description','e'); ?
>: </span
></td
><td
><input type
="text" name
="job" size
="20" value
="<?php echo $iter["specialty
"]?>"></td
>
215 <td
><span
class="text">Beroep
</span
></td
>
216 <td
><?php
beroep_dropdown($rowberoep['cl_beroep_sysid']) ?
></td
>
218 // ===========================
223 <?php
if (!empty($GLOBALS['ssi']['rh'])) { ?
>
225 <td
><span
class="text"><?php
xl('Relay Health ID', 'e'); ?
>: </span
></td
>
226 <td
><input type
="password" name
="ssi_relayhealth" size
="20" value
="<?php echo $iter["ssi_relayhealth
"]; ?>"></td
>
230 <!-- (CHEMED
) Calendar UI preference
-->
232 <td
><span
class="text"><?php
xl('Taxonomy','e'); ?
>: </span
></td
>
233 <td
><input type
="text" name
="taxonomy" size
="20" value
="<?php echo $iter["taxonomy
"]?>"></td
>
234 <td
><span
class="text"><?php
xl('Calendar UI','e'); ?
>: </span
></td
><td
><select name
="cal_ui">
236 foreach (array(1 => xl('Default'), 2 => xl('Fancy'), 3 => xl('Outlook')) as $key => $value)
238 echo " <option value='$key'";
239 if ($key == $iter['cal_ui']) echo " selected";
240 echo ">$value</option>\n";
245 <!-- END (CHEMED
) Calendar UI preference
-->
248 // Collect the access control group of user
249 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
252 <td
class='text'><?php
xl('Access Control','e'); ?
>:</td
>
253 <td
><select name
="access_group[]" multiple
>
255 $list_acl_groups = acl_get_group_title_list();
256 $username_acl_groups = acl_get_group_titles($iter["username"]);
257 foreach ($list_acl_groups as $value) {
258 if (($username_acl_groups) && in_array($value,$username_acl_groups)) {
259 echo " <option selected>$value</option>\n";
262 echo " <option>$value</option>\n";
274 <span
class=text
><?php
xl('Additional Info','e'); ?
>:</span
><br
>
275 <textarea name
="comments" wrap
=auto rows
=4 cols
=30><?php
echo $iter["info"];?
></textarea
>
277 <br
> 
; 
; 
;
278 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<?php echo $_GET["id
"]; ?>">
279 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
280 <INPUT TYPE
="HIDDEN" NAME
="newauthPass" VALUE
="">
281 <INPUT TYPE
="Submit" VALUE
=<?php
xl('Save Changes','e'); ?
> onClick
="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';">
283 <a href
="usergroup_admin.php" class=link_submit
>[<?php
xl('Back','e'); ?
>]</font
></a
>
291 // d41d8cd98f00b204e9800998ecf8427e == blank