search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Practices gui - bootstrap light, no pure php in smarty, html escaping in smarty ...
[openemr.git] / portal / index.php
blob10b1a81774cd8d4d255c185eeba214141f781d5c
1 <?php
2 /**
3 *
4 * Copyright (C) 2016-2017 Jerry Padgett <sjpadgett@gmail.com>
5 * Copyright (C) 2011 Cassian LUP <cassi.lup@gmail.com>
6 *
7 * LICENSE: This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
16 *
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 *
20 * @package OpenEMR
21 * @author Jerry Padgett <sjpadgett@gmail.com>
22 * @author Cassian LUP <cassi.lup@gmail.com>
23 * @link http://www.open-emr.org
24 */
25
26 //setting the session & other config options
27 session_start();
28
29 //don't require standard openemr authorization in globals.php
30 $ignoreAuth = 1;
31
32 //For redirect if the site on session does not match
33 $landingpage = "index.php?site=".$_GET['site'];
34
35 //includes
36 require_once('../interface/globals.php');
37
38 ini_set("error_log",E_ERROR || ~E_NOTICE);
39 //exit if portal is turned off
40 if ( !(isset($GLOBALS['portal_onsite_two_enable'])) || !($GLOBALS['portal_onsite_two_enable']) ) {
41 echo htmlspecialchars( xl('Patient Portal is turned off'), ENT_NOQUOTES);
42 exit;
43 }
44
45 // security measure -- will check on next page.
46 $_SESSION['itsme'] = 1;
47 //
48
49 //
50 // Deal with language selection
51 //
52 // collect default language id (skip this if this is a password update)
53 if (!(isset($_SESSION['password_update']))) {
54 $res2 = sqlStatement("select * from lang_languages where lang_description = ?", array($GLOBALS['language_default']) );
55 for ($iter = 0;$row = sqlFetchArray($res2);$iter++) {
56 $result2[$iter] = $row;
57 }
58 if (count($result2) == 1) {
59 $defaultLangID = $result2[0]{"lang_id"};
60 $defaultLangName = $result2[0]{"lang_description"};
61 }
62 else {
63 //default to english if any problems
64 $defaultLangID = 1;
65 $defaultLangName = "English";
66 }
67 // set session variable to default so login information appears in default language
68 $_SESSION['language_choice'] = $defaultLangID;
69 // collect languages if showing language menu
70 if ($GLOBALS['language_menu_login']) {
71 // sorting order of language titles depends on language translation options.
72 $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
73 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation'])) {
74 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
75 $res3=SqlStatement($sql);
76 }
77 else {
78 // Use and sort by the translated language name.
79 $sql = "SELECT ll.lang_id, " .
80 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " .
81 "ll.lang_description " .
82 "FROM lang_languages AS ll " .
83 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
84 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
85 "ld.lang_id = ? " .
86 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
87 $res3=SqlStatement($sql, array($mainLangID) );
88 }
89 for ($iter = 0;$row = sqlFetchArray($res3);$iter++) {
90 $result3[$iter] = $row;
91 }
92 if (count($result3) == 1) {
93 //default to english if only return one language
94 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n";
95 }
96 }
97 else {
98 $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='".htmlspecialchars($defaultLangID,ENT_QUOTES)."' />\n";
99 }
100 }
101
102 ?>
103
104 <html>
105 <head>
106 <title><?php echo xlt('Patient Portal Login'); ?></title>
107
108 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery-min-1-11-3/index.js"></script>
109 <script type="text/javascript" src="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery.gritter-1-7-4/js/jquery.gritter.min.js"></script>
110
111 <link rel="stylesheet" type="text/css" href="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery.gritter-1-7-4/css/jquery.gritter.css" />
112 <link rel="stylesheet" type="text/css" href="assets/css/base.css?v=<?php echo $v_js_includes; ?>" />
113
114 <script type="text/javascript">
115 function process() {
116
117 if (!(validate())) {
118 alert ('<?php echo addslashes( xl('Field(s) are missing!') ); ?>');
119 return false;
120 }
121 }
122 function validate() {
123 var pass=true;
124 if (document.getElementById('uname').value == "") {
125 document.getElementById('uname').style.border = "1px solid red";
126 pass=false;
127 }
128 if (document.getElementById('pass').value == "") {
129 document.getElementById('pass').style.border = "1px solid red";
130 pass=false;
131 }
132 return pass;
133 }
134 function process_new_pass() {
135
136 if (!(validate_new_pass())) {
137 alert ('<?php echo addslashes( xl('Field(s) are missing!') ); ?>');
138 return false;
139 }
140 if (document.getElementById('pass_new').value != document.getElementById('pass_new_confirm').value) {
141 alert ('<?php echo addslashes( xl('The new password fields are not the same.') ); ?>');
142 return false;
143 }
144 if (document.getElementById('pass').value == document.getElementById('pass_new').value) {
145 alert ('<?php echo addslashes( xl('The new password can not be the same as the current password.') ); ?>');
146 return false;
147 }
148 }
149
150 function validate_new_pass() {
151 var pass=true;
152 if (document.getElementById('uname').value == "") {
153 document.getElementById('uname').style.border = "1px solid red";
154 pass=false;
155 }
156 if (document.getElementById('pass').value == "") {
157 document.getElementById('pass').style.border = "1px solid red";
158 pass=false;
159 }
160 if (document.getElementById('pass_new').value == "") {
161 document.getElementById('pass_new').style.border = "1px solid red";
162 pass=false;
163 }
164 if (document.getElementById('pass_new_confirm').value == "") {
165 document.getElementById('pass_new_confirm').style.border = "1px solid red";
166 pass=false;
167 }
168 return pass;
169 }
170 </script>
171 <style type="text/css">
172 body {
173 font-family: sans-serif;
174 background-color: #638fd0;
175
176 background: -webkit-radial-gradient(circle, white, #638fd0);
177 background: -moz-radial-gradient(circle, white, #638fd0);
178 }
179
180 </style>
181
182
183 </head>
184 <body>
185 <br><br>
186 <center>
187
188 <?php if (isset($_SESSION['password_update'])||isset($_GET['password_update'])) {
189 $_SESSION['password_update']=1;
190 ?>
191 <div id="wrapper" class="centerwrapper">
192 <h2 class="title"><?php echo xlt('Please Enter a New Password'); ?></h2>
193 <form action="get_patient_info.php" method="POST" onsubmit="return process_new_pass()" >
194 <table>
195 <tr>
196 <td class="algnRight"><?php echo xlt('User Name'); ?></td>
197 <td><input name="uname" id="uname" type="text" autocomplete="off" value="<?php echo attr($_SESSION['portal_username']); ?>"/></td>
198 </tr>
199 <tr>
200 <td class="algnRight"><?php echo xlt('Current Password');?></>
201 <td>
202 <input name="pass" id="pass" type="password" autocomplete="off" />
203 </td>
204 </tr>
205 <tr>
206 <td class="algnRight"><?php echo xlt('New Password');?></>
207 <td>
208 <input name="pass_new" id="pass_new" type="password" />
209 </td>
210 </tr>
211 <tr>
212 <td class="algnRight"><?php echo xlt('Confirm New Password');?></>
213 <td>
214 <input name="pass_new_confirm" id="pass_new_confirm" type="password" />
215 </td>
216 </tr>
217 <tr>
218 <td colspan=2><br><center><input type="submit" value="<?php echo xlt('Log In');?>" /></center></td>
219 </tr>
220 </table>
221 </form>
222
223 <div class="copyright"><?php echo xlt('Powered by');?> OpenEMR</div>
224
225 </div>
226
227 <?php } else { ?>
228 <div id="wrapper" class="centerwrapper">
229 <h2 class="title"><?php echo xlt('Patient Portal Login'); ?></h2>
230 <form action="get_patient_info.php" method="POST" onsubmit="return process()" >
231 <table>
232 <tr>
233 <td class="algnRight"><?php echo xlt('User Name'); ?></td>
234 <td><input name="uname" id="uname" type="text" autocomplete="on" /></td>
235 </tr>
236 <tr>
237 <td class="algnRight"><?php echo xlt('Password');?></>
238 <td>
239 <input name="pass" id="pass" type="password" required autocomplete="on" /><input name="passaddon" id="passaddon" placeholder="Email" type="email" autocomplete="on" />
240 </td>
241 </tr>
242
243 <?php if ($GLOBALS['language_menu_login']) { ?>
244 <?php if (count($result3) != 1) { ?>
245 <tr>
246 <td><span class="text"><?php echo xlt('Language'); ?></span></td>
247 <td>
248 <select name=languageChoice size="1">
249 <?php
250 echo "<option selected='selected' value='".htmlspecialchars($defaultLangID,ENT_QUOTES)."'>" . htmlspecialchars( xl('Default') . " - " . xl($defaultLangName), ENT_NOQUOTES) . "</option>\n";
251 foreach ($result3 as $iter) {
252 if ($GLOBALS['language_menu_showall']) {
253 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
254 echo "<option value='".htmlspecialchars($iter['lang_id'],ENT_QUOTES)."'>".htmlspecialchars($iter['trans_lang_description'],ENT_NOQUOTES)."</option>\n";
255 }
256 else {
257 if (in_array($iter['lang_description'], $GLOBALS['language_menu_show'])) {
258 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
259 echo "<option value='".htmlspecialchars($iter['lang_id'],ENT_QUOTES)."'>".htmlspecialchars($iter['trans_lang_description'],ENT_NOQUOTES)."</option>\n";
260 }
261 }
262 }
263 ?>
264 </select>
265 </td>
266 </tr>
267 <?php }} ?>
268
269 <tr>
270 <td colspan=2><br><center><input type="submit" value="<?php echo xlt('Log In');?>" /></center></td>
271 </tr>
272 </table>
273 <?php if (!(empty($hiddenLanguageField))) echo $hiddenLanguageField; ?>
274 </form>
275
276 <div class="copyright"><?php echo xlt('Powered by');?> OpenEMR</div>
277 </div><div><img src='<?php echo $GLOBALS['images_static_relative']; ?>/logo-full-con.png'/></div>
278 <?php } ?>
279
280 </center>
281
282 <script type="text/javascript">
283 $(document).ready(function() {
284
285 <?php // if something went wrong
286 if (isset($_GET['w'])) { ?>
287 var unique_id = $.gritter.add({
288 title: '<span class="red"><?php echo xlt('Oops!');?></span>',
289 text: '<?php echo xlt('Something went wrong. Please try again.'); ?>',
290 sticky: false,
291 time: '5000',
292 class_name: 'my-nonsticky-class'
293 });
294 <?php } ?>
295
296 <?php // if successfully logged out
297 if (isset($_GET['logout'])) { ?>
298 var unique_id = $.gritter.add({
299 title: '<span class="green"><?php echo xlt('Success');?></span>',
300 text: '<?php echo xlt('You have been successfully logged out.');?>',
301 sticky: false,
302 time: '5000',
303 class_name: 'my-nonsticky-class'
304 });
305 <?php } ?>
306 return false;
307
308 });
309 </script>
310
311 </body>
312 </html>
Mirror of official OpenEMR Sourceforge repository