search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #1227 from bradymiller/calendar-xss_1
[openemr.git] / interface / usergroup / facility_admin.php
blobb53052dfb189daed71e9be74d6a413ea8c2f75ff
1 <?php
2 require_once("../globals.php");
3 require_once("$srcdir/options.inc.php");
4 require_once("$srcdir/erx_javascript.inc.php");
5
6 use OpenEMR\Services\FacilityService;
7
8 $facilityService = new FacilityService();
9
10 if (isset($_GET["fid"])) {
11 $my_fid = $_GET["fid"];
12 }
13
14 if (isset($_POST["fid"])) {
15 $my_fid = $_POST["fid"];
16 }
17
18 if (isset($_POST["mode"]) && $_POST["mode"] == "facility") {
19 echo '
20 <script type="text/javascript">
21 <!--
22 parent.$.fn.fancybox.close();
23 //-->
24 </script>
25
26 ';
27 }
28 ?>
29 <html>
30 <head>
31
32 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
33 <link rel="stylesheet" type="text/css" href="../../library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" />
34 <script type="text/javascript" src="../../library/dialog.js?v=<?php echo $v_js_includes; ?>"></script>
35 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative'] ?>/jquery-min-1-9-1/index.js"></script>
36 <script type="text/javascript" src="../../library/js/common.js"></script>
37 <script type="text/javascript" src="../../library/js/fancybox/jquery.fancybox-1.2.6.js"></script>
38 <script type="text/javascript" src="../main/calendar/modules/PostCalendar/pnincludes/AnchorPosition.js"></script>
39 <script type="text/javascript" src="../main/calendar/modules/PostCalendar/pnincludes/PopupWindow.js"></script>
40 <script type="text/javascript" src="../main/calendar/modules/PostCalendar/pnincludes/ColorPicker2.js"></script>
41
42 <!-- validation library -->
43 <!--//Not lbf forms use the new validation, please make sure you have the corresponding values in the list Page validation-->
44 <?php $use_validate_js = 1;?>
45 <?php require_once($GLOBALS['srcdir'] . "/validation/validation_script.js.php"); ?>
46 <?php
47 //Gets validation rules from Page Validation list.
48 //Note that for technical reasons, we are bypassing the standard validateUsingPageRules() call.
49 $collectthis = collectValidationPageRules("/interface/usergroup/facility_admin.php");
50 if (empty($collectthis)) {
51 $collectthis = "undefined";
52 } else {
53 $collectthis = $collectthis["facility-form"]["rules"];
54 }
55 ?>
56
57 <script type="text/javascript">
58
59 /*
60 * validation on the form with new client side validation (using validate.js).
61 * this enable to add new rules for this form in the pageValidation list.
62 * */
63 var collectvalidation = <?php echo($collectthis); ?>;
64
65 function submitform() {
66
67 var valid = submitme(1, undefined, 'facility-form', collectvalidation);
68 if (!valid) return;
69
70 <?php if ($GLOBALS['erx_enable']) { ?>
71 alertMsg='';
72 f=document.forms[0];
73 for(i=0;i<f.length;i++){
74 if(f[i].type=='text' && f[i].value)
75 {
76 if(f[i].name == 'facility' || f[i].name == 'Washington')
77 {
78 alertMsg += checkLength(f[i].name,f[i].value,35);
79 alertMsg += checkFacilityName(f[i].name,f[i].value);
80 }
81 else if(f[i].name == 'street')
82 {
83 alertMsg += checkLength(f[i].name,f[i].value,35);
84 alertMsg += checkAlphaNumeric(f[i].name,f[i].value);
85 }
86 else if(f[i].name == 'phone' || f[i].name == 'fax')
87 {
88 alertMsg += checkPhone(f[i].name,f[i].value);
89 }
90 else if(f[i].name == 'federal_ein')
91 {
92 alertMsg += checkLength(f[i].name,f[i].value,10);
93 alertMsg += checkFederalEin(f[i].name,f[i].value);
94 }
95 }
96 }
97 if(alertMsg)
98 {
99 alert(alertMsg);
100 return false;
101 }
102 <?php } ?>
103
104 top.restoreSession();
105 document.forms[0].submit();
106 }
107
108 $(document).ready(function(){
109 $("#cancel").click(function() {
110 parent.$.fn.fancybox.close();
111 });
112
113 /**
114 * add required/star sign to required form fields
115 */
116 for (var prop in collectvalidation) {
117 //if (collectvalidation[prop].requiredSign)
118 if (collectvalidation[prop].presence)
119 jQuery("input[name='" + prop + "']").after('*');
120 }
121 });
122 var cp = new ColorPicker('window');
123 // Runs when a color is clicked
124 function pickColor(color) {
125 document.getElementById('ncolor').value = color;
126 }
127 var field;
128 function pick(anchorname,target) {
129 var cp = new ColorPicker('window');
130 field=target;
131 cp.show(anchorname);
132 }
133 function displayAlert()
134 {
135 if(document.getElementById('primary_business_entity').checked==false)
136 alert("<?php echo addslashes(xl('Primary Business Entity tax id is used as account id for NewCrop ePrescription. Changing the facility will affect the working in NewCrop.'));?>");
137 else if(document.getElementById('primary_business_entity').checked==true)
138 alert("<?php echo addslashes(xl('Once the Primary Business Facility is set, it should not be changed. Changing the facility will affect the working in NewCrop ePrescription.'));?>");
139 }
140 </script>
141
142 </head>
143 <body class="body_top" style="width:600px;height:330px !important;">
144
145 <table>
146 <tr>
147 <td>
148 <span class="title"><?php xl('Edit Facility', 'e'); ?></span>&nbsp;&nbsp;&nbsp;</td><td>
149 <a class="css_button large_button" name='form_save' id='form_save' onclick='submitform()' href='#' >
150 <span class='css_button_span large_button_span'><?php xl('Save', 'e');?></span>
151 </a>
152 <a class="css_button large_button" id='cancel' href='#'>
153 <span class='css_button_span large_button_span'><?php xl('Cancel', 'e');?></span>
154 </a>
155 </td>
156 </tr>
157 </table>
158
159 <form name='facility-form' id="facility-form" method='post' action="facilities.php" target="_parent">
160 <input type=hidden name=mode value="facility">
161 <input type=hidden name=newmode value="admin_facility"> <!-- Diffrentiate Admin and add post backs -->
162 <input type=hidden name=fid value="<?php echo $my_fid;?>">
163 <?php $facility = $facilityService->getById($my_fid); ?>
164
165 <table border=0 cellpadding=0 cellspacing=1 style="width:630px;">
166 <tr>
167 <td width='150px'><span class='text'><?php xl('Name', 'e'); ?>: </span></td>
168 <td width='220px'><input type='entry' name='facility' size='20' value='<?php echo htmlspecialchars($facility['name'], ENT_QUOTES) ?>'></td>
169 <td width='200px'><span class='text'><?php xl('Phone', 'e'); ?> <?php xl('as', 'e'); ?> (000) 000-0000:</span></td>
170 <td width='220px'><input type='entry' name='phone' size='20' value='<?php echo htmlspecialchars($facility['phone'], ENT_QUOTES) ?>'></td>
171 </tr>
172 <tr>
173 <td><span class=text><?php xl('Address', 'e'); ?>: </span></td><td><input type=entry size=20 name=street value="<?php echo htmlspecialchars($facility["street"], ENT_QUOTES) ?>"></td>
174 <td><span class='text'><?php xl('Fax', 'e'); ?> <?php xl('as', 'e'); ?> (000) 000-0000:</span></td>
175 <td><input type='entry' name='fax' size='20' value='<?php echo htmlspecialchars($facility['fax'], ENT_QUOTES) ?>'></td>
176 </tr>
177 <tr>
178
179 <td><span class=text><?php xl('City', 'e'); ?>: </span></td>
180 <td><input type=entry size=20 name=city value="<?php echo htmlspecialchars($facility["city"], ENT_QUOTES) ?>"></td>
181 <td><span class=text><?php xl('Zip Code', 'e'); ?>: </span></td><td><input type=entry size=20 name=postal_code value="<?php echo htmlspecialchars($facility["postal_code"], ENT_QUOTES) ?>"></td>
182 </tr>
183 <?php
184 $ssn='';
185 $ein='';
186 if ($facility['tax_id_type']=='SY') {
187 $ssn='selected';
188 } else {
189 $ein='selected';
190 }
191 ?>
192 <tr>
193 <td><span class=text><?php xl('State', 'e'); ?>: </span></td><td><input type=entry size=20 name=state value="<?php echo htmlspecialchars($facility["state"], ENT_QUOTES) ?>"></td>
194 <td><span class=text><?php xl('Tax ID', 'e'); ?>: </span></td><td><select name=tax_id_type><option value="EI" <?php echo $ein;?>><?php xl('EIN', 'e'); ?></option><option value="SY" <?php echo $ssn;?>><?php xl('SSN', 'e'); ?></option></select><input type=entry size=11 name=federal_ein value="<?php echo htmlspecialchars($facility["federal_ein"], ENT_QUOTES) ?>"></td>
195 </tr>
196 <tr>
197 <td><span class=text><?php xl('Country', 'e'); ?>: </span></td><td><input type=entry size=20 name=country_code value="<?php echo htmlspecialchars($facility["country_code"], ENT_QUOTES) ?>"></td>
198 <td width="21"><span class=text><?php ($GLOBALS['simplified_demographics'] ? xl('Facility Code', 'e') : xl('Facility NPI', 'e')); ?>:
199 </span></td><td><input type=entry size=20 name=facility_npi value="<?php echo htmlspecialchars($facility["facility_npi"], ENT_QUOTES) ?>"></td>
200 </tr>
201 <tr>
202 <td><span class=text><?php xl('Website', 'e'); ?>: </span></td><td><input type=entry size=20 name=website value="<?php echo htmlspecialchars($facility["website"], ENT_QUOTES) ?>"></td>
203 <td><span class=text><?php xl('Email', 'e'); ?>: </span></td><td><input type=entry size=20 name=email value="<?php echo htmlspecialchars($facility["email"], ENT_QUOTES) ?>"></td>
204 </tr>
205
206 <tr>
207 <td><span class='text'><?php xl('Billing Location', 'e'); ?>: </span></td>
208 <td><input type='checkbox' name='billing_location' value='1' <?php if ($facility['billing_location'] != 0) {
209 echo 'checked';
210 } ?>></td>
211 <td rowspan='2'><span class='text'><?php xl('Accepts Assignment', 'e'); ?><br>(<?php xl('only if billing location', 'e'); ?>): </span></td>
212 <td><input type='checkbox' name='accepts_assignment' value='1' <?php if ($facility['accepts_assignment'] == 1) {
213 echo 'checked';
214 } ?>></td>
215 </tr>
216 <tr>
217 <td><span class='text'><?php xl('Service Location', 'e'); ?>: </span></td>
218 <td><input type='checkbox' name='service_location' value='1' <?php if ($facility['service_location'] == 1) {
219 echo 'checked';
220 } ?>></td>
221 <td>&nbsp;</td>
222 </tr>
223 <?php
224 $disabled='';
225 $resPBE = $facilityService->getPrimaryBusinessEntity(array("excludedId" => $my_fid));
226 if (sizeof($resPBE)>0) {
227 $disabled='disabled';
228 }
229 ?>
230 <tr>
231 <td><span class='text'><?php xl('Primary Business Entity', 'e'); ?>: </span></td>
232 <td><input type='checkbox' name='primary_business_entity' id='primary_business_entity' value='1' <?php if ($facility['primary_business_entity'] == 1) {
233 echo 'checked';
234 } ?> <?php if ($GLOBALS['erx_enable']) {
235 ?> onchange='return displayAlert()' <?php
236 } ?> <?php echo $disabled;?>></td>
237 <td>&nbsp;</td>
238 </tr>
239 <tr>
240 <td><span class='text'><?php echo htmlspecialchars(xl('Color'), ENT_QUOTES); ?>: </span></td> <td><input type=entry name=ncolor id=ncolor size=20 value="<?php echo htmlspecialchars($facility["color"], ENT_QUOTES) ?>"></td>
241 <td>[<a href="javascript:void(0);" onClick="pick('pick','newcolor');return false;" NAME="pick" ID="pick"><?php echo htmlspecialchars(xl('Pick'), ENT_QUOTES); ?></a>]</td><td>&nbsp;</td>
242
243 <tr>
244 <td><span class=text><?php xl('POS Code', 'e'); ?>: </span></td>
245 <td colspan="6">
246 <select name="pos_code">
247 <?php
248 $pc = new POSRef();
249
250 foreach ($pc->get_pos_ref() as $pos) {
251 echo "<option value=\"" . $pos["code"] . "\" ";
252 if ($facility['pos_code'] == $pos['code']) {
253 echo "selected";
254 }
255
256 echo ">" . $pos['code'] . ": ". text($pos['title']);
257 echo "</option>\n";
258 }
259
260 ?>
261 </select>
262 </td>
263 </tr>
264 <tr>
265 <td><span class="text"><?php xl('Billing Attn', 'e'); ?>:</span></td>
266 <td colspan="4"><input type="text" name="attn" size="45" value="<?php echo htmlspecialchars($facility['attn'], ENT_QUOTES) ?>"></td>
267 </tr>
268 <tr>
269 <td><span class="text"><?php xl('CLIA Number', 'e'); ?>:</span></td>
270 <td colspan="4"><input type="text" name="domain_identifier" size="45" value="<?php echo htmlspecialchars($facility['domain_identifier'], ENT_QUOTES) ?>"></td>
271 </tr>
272 <tr>
273 <td><span class="text"><?php xl('Facility ID', 'e'); ?>:</span></td>
274 <td colspan="4"><input type="text" name="facility_id" size="45" value="<?php echo htmlspecialchars($facility['facility_code'], ENT_QUOTES) ?>"></td>
275 </tr>
276 <tr height="20" valign="bottom">
277 <td colspan=2><span class="text"><font class="mandatory">*</font> <?php echo xl('Required', 'e');?></span></td>
278 </tr>
279
280 </table>
281 </form>
282
283 </body>
284 </html>
Mirror of official OpenEMR Sourceforge repository