library/ajax/user_settings.php

   1 <?php
   2
   3 /**
   4  * This file contains functions that manage custom user
   5  * settings
   6  *
   7  * @package   OpenEMR
   8  * @link      https://www.open-emr.org
   9  * @author    Brady Miller <brady.g.miller@gmail.com>
  10  * @copyright Copyright (c) 2010-2018 Brady Miller <brady.g.miller@gmail.com>
  11  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  12  */
  13
  14 require_once(dirname(__FILE__) . "/../../interface/globals.php");
  15 require_once(dirname(__FILE__) . "/../user.inc");
  16
  17 use OpenEMR\Common\Csrf\CsrfUtils;
  18 use Symfony\Component\HttpFoundation\Response;
  19
  20 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  21     CsrfUtils::csrfNotVerified();
  22 }
  23
  24 //If 'mode' is either a 1 or 0 and 'target' ends with _expand
  25 //  Then will update the appropriate user _expand flag
  26 if ((isset($_POST['mode']) && ( $_POST['mode'] == 1 || $_POST['mode'] == 0 )) && ( substr($_POST['target'], -7, 7) == "_expand" )) {
  27   //set the user setting
  28     setUserSetting($_POST['target'], $_POST['mode']);
  29 }
  30
  31 //mdsupport : Generic user setting
  32 if ((isset($_POST['lab'])) && (isset($_POST['val']))) {
  33     setUserSetting($_POST['lab'], $_POST['val']);
  34 }
  35
  36 // even more generic
  37 if ((isset($_POST['target'])) && (isset($_POST['setting']))) {
  38     setUserSetting($_POST['target'], $_POST['setting']);
  39 }
  40
  41 // @todo This is crude, but if we make it here thre should be a proper response, so for now send a 200 but really we need better Response handling
  42 $res = new Response();
  43 $res->send();