Merge pull request #1354 from bradymiller/smarty-calendar-fix_1
[openemr.git] / myportal / index.php
blob4a0aa556cf0d6f62acbf7b2ccff1e4c678a716fd
1 <?php
2 // +-----------------------------------------------------------------------------+
3 // Copyright (C) 2011 Z&H Consultancy Services Private Limited <sam@zhservices.com>
4 //
5 //
6 // This program is free software; you can redistribute it and/or
7 // modify it under the terms of the GNU General Public License
8 // as published by the Free Software Foundation; either version 2
9 // of the License, or (at your option) any later version.
12 // This program is distributed in the hope that it will be useful,
13 // but WITHOUT ANY WARRANTY; without even the implied warranty of
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 // GNU General Public License for more details.
18 // A copy of the GNU General Public License is included along with this program:
19 // openemr/interface/login/GnuGPL.html
20 // For more information write to the Free Software
21 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 //
23 // Author: Eldho Chacko <eldho@zhservices.com>
24 // Jacob T Paul <jacob@zhservices.com>
25 // Paul Simon <paul@zhservices.com>
27 // +------------------------------------------------------------------------------+
30 if (!extension_loaded('soap')) {
31 die("PLEASE ENABLE SOAP EXTENSION");
34 require_once("../interface/globals.php");
35 $emr_path = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
36 $emrpatharr = explode("/myportal", $emr_path);
37 $emr_path = (!empty($_SERVER['HTTPS'])) ? "https://".$emrpatharr[0] : "http://".$emrpatharr[0];
38 $row = sqlQuery("SELECT fname,lname FROM users WHERE id=?", array($_SESSION['authId']));
39 sqlStatement("DELETE FROM audit_details WHERE audit_master_id IN(SELECT id FROM audit_master WHERE type=5 AND created_time<'".date("Y-m-d H:m", (strtotime(date("Y-m-d H:m")-7200))).":00')");
40 sqlStatement("DELETE FROM audit_master WHERE type=5 AND created_time<'".date("Y-m-d H:m", (strtotime(date("Y-m-d H:m")-7200))).":00'");
42 function md5_pass($length = 8)
44 $randkey = substr(md5(rand().rand()), 0, $length);
45 $res = sqlStatement("SELECT * FROM audit_master AS am LEFT OUTER JOIN audit_details AS ad ON ad.audit_master_id=am.id WHERE type=5 AND field_value=?", array($randkey));
46 if (sqlNumRows($res)) {
47 md5_pass();
48 } else {
49 $grpID = sqlInsert("INSERT INTO audit_master SET type=5");
50 sqlStatement("INSERT INTO audit_details SET field_value=? , audit_master_id=?", array($randkey,$grpID));
51 return $randkey;
54 for ($i=1; $i<=5; $i++) {//some times php is continuing without getting the return value from the function md5_pass()
55 if (!$randkey) {
56 if ($i>1) {
57 sleep(1);
60 $randkey = md5_pass();
61 } else {
62 break;
66 $pass = sha1($GLOBALS['portal_offsite_password'].gmdate('Y-m-d H').$randkey);
68 <html>
69 <head>
70 <script type="text/javascript">
71 function getshansubmit(){
72 document.forms[0].submit();
75 </script>
76 </head>
77 <title><?php echo xlt('Redirection');?></title>
78 <body onload="getshansubmit()">
79 <form name="portal" method="post" action="<?php echo htmlspecialchars($GLOBALS['portal_offsite_address']."?version=".$v_offsite_portal, ENT_QUOTES);?>">
80 <input type="hidden" name="user" value="<?php echo htmlspecialchars($GLOBALS['portal_offsite_username'], ENT_QUOTES);?>">
81 <input type="hidden" name="emr_path" value="<?php echo htmlspecialchars($emr_path, ENT_QUOTES);?>">
82 <input type="hidden" name="emr_site" value="<?php echo htmlspecialchars($_SESSION['site_id'], ENT_QUOTES);?>">
83 <input type="hidden" name="uname" value="<?php echo htmlspecialchars($row['fname']." ".$row['lname'], ENT_QUOTES);?>">
84 <input type="hidden" name="pass" value="<?php echo htmlspecialchars($GLOBALS['portal_offsite_password'], ENT_QUOTES);?>">
85 <input type="hidden" name="randkey" value="<?php echo htmlspecialchars($randkey, ENT_QUOTES);?>">
86 <input type="hidden" name="pwd" value="<?php echo htmlspecialchars($pass, ENT_QUOTES);?>">
87 </form>
88 </body>
89 </html>