2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
7 require_once("../globals.php");
8 require_once("../../library/acl.inc");
9 require_once("$srcdir/md5.js");
10 require_once("$srcdir/sql.inc");
11 require_once("$srcdir/calendar.inc");
12 require_once("$srcdir/formdata.inc.php");
13 require_once(dirname(__FILE__
) . "/../../library/classes/WSProvider.class.php");
15 if (!$_GET["id"] ||
!acl_check('admin', 'users'))
18 if ($_GET["mode"] == "update") {
19 if ($_GET["username"]) {
20 // $tqvar = addslashes(trim($_GET["username"]));
21 $tqvar = trim(formData('username','G'));
22 $user_data = mysql_fetch_array(sqlStatement("select * from users where id={$_GET["id
"]}"));
23 sqlStatement("update users set username='$tqvar' where id={$_GET["id
"]}");
24 sqlStatement("update groups set user='$tqvar' where user='". $user_data["username"] ."'");
25 //echo "query was: " ."update groups set user='$tqvar' where user='". $user_data["username"] ."'" ;
28 $tqvar = formData('taxid','G');
29 sqlStatement("update users set federaltaxid='$tqvar' where id={$_GET["id
"]}");
31 if ($_GET["drugid"]) {
32 $tqvar = formData('drugid','G');
33 sqlStatement("update users set federaldrugid='$tqvar' where id={$_GET["id
"]}");
36 $tqvar = formData('upin','G');
37 sqlStatement("update users set upin='$tqvar' where id={$_GET["id
"]}");
40 $tqvar = formData('npi','G');
41 sqlStatement("update users set npi='$tqvar' where id={$_GET["id
"]}");
43 if ($_GET["taxonomy"]) {
44 $tqvar = formData('taxonomy','G');
45 sqlStatement("update users set taxonomy = '$tqvar' where id= {$_GET["id
"]}");
48 $tqvar = formData('lname','G');
49 sqlStatement("update users set lname='$tqvar' where id={$_GET["id
"]}");
52 $tqvar = formData('job','G');
53 sqlStatement("update users set specialty='$tqvar' where id={$_GET["id
"]}");
56 $tqvar = formData('mname','G');
57 sqlStatement("update users set mname='$tqvar' where id={$_GET["id
"]}");
59 if ($_GET["facility_id"]) {
60 $tqvar = formData('facility_id','G');
61 sqlStatement("update users set facility_id = '$tqvar' where id = {$_GET["id
"]}");
62 //(CHEMED) Update facility name when changing the id
63 sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '$tqvar' AND users.id = {$_GET["id
"]}");
66 if ($_GET["schedule_facility"]) {
67 sqlStatement("delete from users_facility
68 where tablename='users'
69 and table_id={$_GET["id
"]}
70 and facility_id not in (" . implode(",", $_GET['schedule_facility']) . ")");
71 foreach($_GET["schedule_facility"] as $tqvar) {
72 sqlStatement("replace into users_facility set
73 facility_id = '$tqvar',
75 table_id = {$_GET["id
"]}");
79 $tqvar = formData('fname','G');
80 sqlStatement("update users set fname='$tqvar' where id={$_GET["id
"]}");
83 //(CHEMED) Calendar UI preference
84 if ($_GET["cal_ui"]) {
85 $tqvar = formData('cal_ui','G');
86 sqlStatement("update users set cal_ui = '$tqvar' where id = {$_GET["id
"]}");
88 //END (CHEMED) Calendar UI preference
90 if ($_GET["newauthPass"] && $_GET["newauthPass"] != "d41d8cd98f00b204e9800998ecf8427e") { // account for empty
91 $tqvar = formData('newauthPass','G');
92 sqlStatement("update users set password='$tqvar' where id={$_GET["id
"]}");
95 // for relay health single sign-on
96 if ($_GET["ssi_relayhealth"]) {
97 $tqvar = formData('ssi_relayhealth','G');
98 sqlStatement("update users set ssi_relayhealth = '$tqvar' where id = {$_GET["id
"]}");
101 $tqvar = $_GET["authorized"] ?
1 : 0;
102 $actvar = $_GET["active"] ?
1 : 0;
104 sqlStatement("UPDATE users SET authorized = $tqvar, active = $actvar, " .
105 "see_auth = '" . $_GET['see_auth'] . "' WHERE " .
106 "id = {$_GET["id
"]}");
108 if ($_GET["comments"]) {
109 $tqvar = formData('comments','G');
110 sqlStatement("update users set info = '$tqvar' where id = {$_GET["id
"]}");
113 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
114 // Set the access control group of user
115 $user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id
"]}"));
116 set_user_aro($_GET['access_group'], $user_data["username"],
117 formData('fname','G'), formData('mname','G'), formData('lname','G'));
120 $ws = new WSProvider($_GET['id']);
122 // On a successful update, return to the users list.
123 include("usergroup_admin.php");
127 $res = sqlStatement("select * from users where id={$_GET["id
"]}");
128 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
129 $result[$iter] = $row;
135 <link rel
="stylesheet" href
="<?php echo $css_header; ?>" type
="text/css">
138 <body
class="body_top">
140 <a href
="usergroup_admin.php"><span
class="title"><?php
xl('User Administration','e'); ?
></span
></a
>
143 <FORM NAME
="user_form" METHOD
="GET" ACTION
="user_admin.php">
144 <TABLE border
=0 cellpadding
=0 cellspacing
=0>
146 <TD
><span
class=text
><?php
xl('Username','e'); ?
>: </span
></TD
><TD
><input type
=entry name
=username size
=20 value
="<?php echo $iter["username
"]; ?>" disabled
>  
;</td
>
147 <TD
><span
class=text
><?php
xl('Password','e'); ?
>: </span
></TD
><TD
class='text'><input type
=entry name
=clearPass size
=20 value
=""> * <?php
xl('Leave blank to keep password unchanged.','e'); ?
></td
>
151 <td
><span
class="text"> 
;</span
></td
><td
> 
;</td
>
152 <TD
><span
class=text
><?php
xl('Authorized','e'); ?
>: </TD
>
154 <input type
="checkbox" name
="authorized"<?php
if ($iter["authorized"]) echo " checked"; ?
> />
155  
; 
;<span
class='text'><?php
xl('Active','e'); ?
>:
156 <input type
="checkbox" name
="active"<?php
if ($iter["active"]) echo " checked"; ?
> />
161 <TD
><span
class=text
><?php
xl('First Name','e'); ?
>: </span
></TD
>
162 <TD
><input type
=entry name
=fname size
=20 value
="<?php echo $iter["fname
"]; ?>"></td
>
163 <td
><span
class=text
><?php
xl('Middle Name','e'); ?
>: </span
></TD
><td
><input type
=entry name
=mname size
=20 value
="<?php echo $iter["mname
"]; ?>"></td
>
167 <td
><span
class=text
><?php
xl('Last Name','e'); ?
>: </span
></td
><td
><input type
=entry name
=lname size
=20 value
="<?php echo $iter["lname
"]; ?>"></td
>
168 <td
><span
class=text
><?php
xl('Default Facility','e'); ?
>: </span
></td
><td
><select name
=facility_id
>
170 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
172 for ($iter2 = 0; $frow = sqlFetchArray($fres); $iter2++
)
173 $result[$iter2] = $frow;
174 foreach($result as $iter2) {
176 <option value
="<?php echo $iter2['id']; ?>" <?php
if ($iter['facility_id'] == $iter2['id']) echo "selected"; ?
>><?php
echo $iter2['name']; ?
></option
>
185 <td colspan
=2> 
;</td
>
186 <td
><span
class=text
><?php
xl('Schedule Facilities:', 'e');?
></td
>
188 <select name
="schedule_facility[]" multiple
>
190 $userFacilities = getUserFacilities($_GET['id']);
192 foreach($userFacilities as $uf)
194 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
196 while($frow = sqlFetchArray($fres)):
198 <option
<?php
echo in_array($frow['id'], $ufid) ||
$frow['id'] == $iter['facility_id'] ?
"selected" : null ?
>
199 value
="<?php echo $frow['id'] ?>"><?php
echo $frow['name'] ?
></option
>
209 <TD
><span
class=text
><?php
xl('Federal Tax ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=taxid size
=20 value
="<?php echo $iter["federaltaxid
"]?>"></td
>
210 <TD
><span
class=text
><?php
xl('Federal Drug ID','e'); ?
>: </span
></TD
><TD
><input type
=text name
=drugid size
=20 value
="<?php echo $iter["federaldrugid
"]?>"></td
>
214 <td
><span
class="text"><?php
xl('UPIN','e'); ?
>: </span
></td
><td
><input type
="text" name
="upin" size
="20" value
="<?php echo $iter["upin
"]?>"></td
>
215 <td
class='text'><?php
xl('See Authorizations','e'); ?
>: </td
>
216 <td
><select name
="see_auth">
218 foreach (array(1 => xl('None'), 2 => xl('Only Mine'), 3 => xl('All')) as $key => $value)
220 echo " <option value='$key'";
221 if ($key == $iter['see_auth']) echo " selected";
222 echo ">$value</option>\n";
229 <td
><span
class="text"><?php
xl('NPI','e'); ?
>: </span
></td
><td
><input type
="text" name
="npi" size
="20" value
="<?php echo $iter["npi
"]?>"></td
>
230 <td
><span
class="text"><?php
xl('Job Description','e'); ?
>: </span
></td
><td
><input type
="text" name
="job" size
="20" value
="<?php echo $iter["specialty
"]?>"></td
>
233 <?php
if (!empty($GLOBALS['ssi']['rh'])) { ?
>
235 <td
><span
class="text"><?php
xl('Relay Health ID', 'e'); ?
>: </span
></td
>
236 <td
><input type
="password" name
="ssi_relayhealth" size
="20" value
="<?php echo $iter["ssi_relayhealth
"]; ?>"></td
>
240 <!-- (CHEMED
) Calendar UI preference
-->
242 <td
><span
class="text"><?php
xl('Taxonomy','e'); ?
>: </span
></td
>
243 <td
><input type
="text" name
="taxonomy" size
="20" value
="<?php echo $iter["taxonomy
"]?>"></td
>
244 <td
><span
class="text"><?php
xl('Calendar UI','e'); ?
>: </span
></td
><td
><select name
="cal_ui">
246 foreach (array(1 => xl('Default'), 2 => xl('Fancy'), 3 => xl('Outlook')) as $key => $value)
248 echo " <option value='$key'";
249 if ($key == $iter['cal_ui']) echo " selected";
250 echo ">$value</option>\n";
255 <!-- END (CHEMED
) Calendar UI preference
-->
258 // Collect the access control group of user
259 if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
262 <td
class='text'><?php
xl('Access Control','e'); ?
>:</td
>
263 <td
><select name
="access_group[]" multiple
>
265 $list_acl_groups = acl_get_group_title_list();
266 $username_acl_groups = acl_get_group_titles($iter["username"]);
267 foreach ($list_acl_groups as $value) {
268 if (($username_acl_groups) && in_array($value,$username_acl_groups)) {
269 // Modified 6-2009 by BM - Translate group name if applicable
270 echo " <option value='$value' selected>" . xl_gacl_group($value) . "</option>\n";
273 // Modified 6-2009 by BM - Translate group name if applicable
274 echo " <option value='$value'>" . xl_gacl_group($value) . "</option>\n";
286 <span
class=text
><?php
xl('Additional Info','e'); ?
>:</span
><br
>
287 <textarea name
="comments" wrap
=auto rows
=4 cols
=30><?php
echo $iter["info"];?
></textarea
>
289 <br
> 
; 
; 
;
290 <INPUT TYPE
="HIDDEN" NAME
="id" VALUE
="<?php echo $_GET["id
"]; ?>">
291 <INPUT TYPE
="HIDDEN" NAME
="mode" VALUE
="update">
292 <INPUT TYPE
="HIDDEN" NAME
="newauthPass" VALUE
="">
293 <INPUT TYPE
="Submit" VALUE
=<?php
xl('Save Changes','e'); ?
> onClick
="javascript:this.form.newauthPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';">
295 <a href
="usergroup_admin.php" class=link_submit
>[<?php
xl('Back','e'); ?
>]</font
></a
>
303 // d41d8cd98f00b204e9800998ecf8427e == blank