6 * @link http://www.open-emr.org
7 * @author Rod Roark <rod@sunsetsystems.com>
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @copyright Copyright (c) 2006-2010 Rod Roark <rod@sunsetsystems.com>
10 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
11 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
14 require_once("../globals.php");
15 require_once("$srcdir/acl.inc");
16 require_once("$srcdir/options.inc.php");
19 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
24 // Collect user id if editing entry
25 $userid = $_REQUEST['userid'];
27 // Collect type if creating a new entry
28 $type = $_REQUEST['type'];
32 function invalue($name)
38 $fld = add_escape_custom(trim($_POST[$name]));
45 <title
><?php
echo $userid ?
xlt('Edit Entry') : xlt('Add New Entry') ?
></title
>
46 <script type
="text/javascript" src
="<?php echo $webroot ?>/interface/main/tabs/js/include_opener.js"></script
>
47 <link rel
="stylesheet" href
='<?php echo $css_header ?>' type
='text/css'>
48 <script type
="text/javascript" src
="<?php echo $GLOBALS['assets_static_relative']; ?>/jquery-1-9-1/jquery.min.js"></script
>
51 td
{ font
-size
:10pt
; }
59 font
-family
:sans
-serif
;
65 <script language
="JavaScript">
67 var type_options_js
= Array();
69 // Collect the type options. Possible values are:
70 // 1 = Unassigned (default to person centric)
72 // 3 = Company Centric
73 $sql = sqlStatement("SELECT option_id, option_value FROM list_options WHERE " .
74 "list_id = 'abook_type' AND activity = 1");
75 while ($row_query = sqlFetchArray($sql)) {
76 echo "type_options_js[" . js_escape($row_query['option_id']) . "]=" . js_escape($row_query['option_value']) . ";\n";
80 // Process to customize the form by type
81 function typeSelect(a
) {
83 $
('#cpoe_span').css('display','inline');
85 $
('#cpoe_span').css('display','none');
86 $
('#form_cpoe').removeAttr('checked');
88 if (type_options_js
[a
] == 3) {
90 // 1) Hide the person Name entries
91 // 2) Hide the Specialty entry
92 // 3) Show the director Name entries
93 document
.getElementById("nameRow").style
.display
= "none";
94 document
.getElementById("specialtyRow").style
.display
= "none";
95 document
.getElementById("nameDirectorRow").style
.display
= "";
99 // 1) Hide the director Name entries
100 // 2) Show the person Name entries
101 // 3) Show the Specialty entry
102 document
.getElementById("nameDirectorRow").style
.display
= "none";
103 document
.getElementById("nameRow").style
.display
= "";
104 document
.getElementById("specialtyRow").style
.display
= "";
111 <body
class="body_top">
113 // If we are saving, then save and close the window.
115 if ($_POST['form_save']) {
116 // Collect the form_abook_type option value
117 // (ie. patient vs company centric)
118 $type_sql_row = sqlQuery("SELECT `option_value` FROM `list_options` WHERE `list_id` = 'abook_type' AND `option_id` = ? AND activity = 1", array(trim($_POST['form_abook_type'])));
119 $option_abook_type = $type_sql_row['option_value'];
120 // Set up any abook_type specific settings
121 if ($option_abook_type == 3) {
123 $form_title = invalue('form_director_title');
124 $form_fname = invalue('form_director_fname');
125 $form_lname = invalue('form_director_lname');
126 $form_mname = invalue('form_director_mname');
127 $form_suffix = invalue('form_director_suffix');
130 $form_title = invalue('form_title');
131 $form_fname = invalue('form_fname');
132 $form_lname = invalue('form_lname');
133 $form_mname = invalue('form_mname');
134 $form_suffix = invalue('form_suffix');
138 $query = "UPDATE users SET " .
139 "abook_type = " . invalue('form_abook_type') . ", " .
140 "title = " . $form_title . ", " .
141 "fname = " . $form_fname . ", " .
142 "lname = " . $form_lname . ", " .
143 "mname = " . $form_mname . ", " .
144 "suffix = " . $form_suffix . ", " .
145 "specialty = " . invalue('form_specialty') . ", " .
146 "organization = " . invalue('form_organization') . ", " .
147 "valedictory = " . invalue('form_valedictory') . ", " .
148 "assistant = " . invalue('form_assistant') . ", " .
149 "federaltaxid = " . invalue('form_federaltaxid') . ", " .
150 "upin = " . invalue('form_upin') . ", " .
151 "npi = " . invalue('form_npi') . ", " .
152 "taxonomy = " . invalue('form_taxonomy') . ", " .
153 "cpoe = " . invalue('form_cpoe') . ", " .
154 "email = " . invalue('form_email') . ", " .
155 "email_direct = " . invalue('form_email_direct') . ", " .
156 "url = " . invalue('form_url') . ", " .
157 "street = " . invalue('form_street') . ", " .
158 "streetb = " . invalue('form_streetb') . ", " .
159 "city = " . invalue('form_city') . ", " .
160 "state = " . invalue('form_state') . ", " .
161 "zip = " . invalue('form_zip') . ", " .
162 "street2 = " . invalue('form_street2') . ", " .
163 "streetb2 = " . invalue('form_streetb2') . ", " .
164 "city2 = " . invalue('form_city2') . ", " .
165 "state2 = " . invalue('form_state2') . ", " .
166 "zip2 = " . invalue('form_zip2') . ", " .
167 "phone = " . invalue('form_phone') . ", " .
168 "phonew1 = " . invalue('form_phonew1') . ", " .
169 "phonew2 = " . invalue('form_phonew2') . ", " .
170 "phonecell = " . invalue('form_phonecell') . ", " .
171 "fax = " . invalue('form_fax') . ", " .
172 "notes = " . invalue('form_notes') . " " .
173 "WHERE id = '" . add_escape_custom($userid) . "'";
174 sqlStatement($query);
176 $userid = sqlInsert("INSERT INTO users ( " .
177 "username, password, authorized, info, source, " .
178 "title, fname, lname, mname, suffix, " .
179 "federaltaxid, federaldrugid, upin, facility, see_auth, active, npi, taxonomy, cpoe, " .
180 "specialty, organization, valedictory, assistant, billname, email, email_direct, url, " .
181 "street, streetb, city, state, zip, " .
182 "street2, streetb2, city2, state2, zip2, " .
183 "phone, phonew1, phonew2, phonecell, fax, notes, abook_type " .
187 "0, " . // authorized
194 $form_suffix . ", " .
195 invalue('form_federaltaxid') . ", " .
196 "'', " . // federaldrugid
197 invalue('form_upin') . ", " .
201 invalue('form_npi') . ", " .
202 invalue('form_taxonomy') . ", " .
203 invalue('form_cpoe') . ", " .
204 invalue('form_specialty') . ", " .
205 invalue('form_organization') . ", " .
206 invalue('form_valedictory') . ", " .
207 invalue('form_assistant') . ", " .
209 invalue('form_email') . ", " .
210 invalue('form_email_direct') . ", " .
211 invalue('form_url') . ", " .
212 invalue('form_street') . ", " .
213 invalue('form_streetb') . ", " .
214 invalue('form_city') . ", " .
215 invalue('form_state') . ", " .
216 invalue('form_zip') . ", " .
217 invalue('form_street2') . ", " .
218 invalue('form_streetb2') . ", " .
219 invalue('form_city2') . ", " .
220 invalue('form_state2') . ", " .
221 invalue('form_zip2') . ", " .
222 invalue('form_phone') . ", " .
223 invalue('form_phonew1') . ", " .
224 invalue('form_phonew2') . ", " .
225 invalue('form_phonecell') . ", " .
226 invalue('form_fax') . ", " .
227 invalue('form_notes') . ", " .
228 invalue('form_abook_type') . " " .
231 } else if ($_POST['form_delete']) {
233 // Be careful not to delete internal users.
234 sqlStatement("DELETE FROM users WHERE id = ? AND username = ''", array($userid));
238 if ($_POST['form_save'] ||
$_POST['form_delete']) {
239 // Close this window and redisplay the updated list.
240 echo "<script language='JavaScript'>\n";
242 echo " alert(".js_escape($info_msg).");\n";
245 echo " window.close();\n";
246 echo " if (opener.refreshme) opener.refreshme();\n";
247 echo "</script></body></html>\n";
252 $row = sqlQuery("SELECT * FROM users WHERE id = ?", array($userid));
255 if ($type) { // note this only happens when its new
257 $row['abook_type'] = $type;
262 <script language
="JavaScript">
264 // customize the form via the type options
265 typeSelect(<?php
echo js_escape($row['abook_type']); ?
>);
266 if(typeof abook_type
!= 'undefined' && abook_type
== 'ord_lab') {
267 $
('#cpoe_span').css('display','inline');
272 <form method
='post' name
='theform' id
="theform" action
='addrbook_edit.php?userid=<?php echo attr_url($userid) ?>'>
273 <input type
="hidden" name
="csrf_token_form" value
="<?php echo attr(collectCsrfToken()); ?>" />
276 <table border
='0' width
='100%'>
278 <?php
if (acl_check('admin', 'practice')) { // allow choose type option if have admin access ?>
280 <td width
='1%' nowrap
><b
><?php
echo xlt('Type'); ?
>:</b
></td
>
283 echo generate_select_list('form_abook_type', 'abook_type', $row['abook_type'], '', 'Unassigned', '', 'typeSelect(this.value)');
287 <?php
} // end of if has admin access ?>
290 <td width
='1%' nowrap
><b
><?php
echo xlt('Name'); ?
>:</b
></td
>
293 generate_form_field(array('data_type'=>1,'field_id'=>'title','list_id'=>'titles','empty_title'=>' '), $row['title']);
295 <div style
="display: inline-block"><b
><?php
echo xlt('Last'); ?
>:</b
><input type
='text' size
='10' name
='form_lname' class='inputtext'
296 maxlength
='50' value
='<?php echo attr($row['lname
']); ?>'/></div
>
297 <div style
="display: inline-block"><b
><?php
echo xlt('First'); ?
>:</b
> <input type
='text' size
='10' name
='form_fname' class='inputtext'
298 maxlength
='50' value
='<?php echo attr($row['fname
']); ?>' /> 
;</div
>
299 <div style
="display: inline-block"><b
><?php
echo xlt('Middle'); ?
>:</b
> <input type
='text' size
='4' name
='form_mname' class='inputtext'
300 maxlength
='50' value
='<?php echo attr($row['mname
']); ?>' /></div
>
301 <div style
="display: inline-block"><b
><?php
echo xlt('Suffix'); ?
>:</b
> <input type
='text' size
='4' name
='form_suffix' class='inputtext'
302 maxlength
='50' value
='<?php echo attr($row['suffix
']); ?>' /></div
>
306 <tr id
="specialtyRow">
307 <td nowrap
><b
><?php
echo xlt('Specialty'); ?
>:</b
></td
>
309 <input type
='text' size
='40' name
='form_specialty' maxlength
='250'
310 value
='<?php echo attr($row['specialty
']); ?>'
311 style
='width:100%' class='inputtext' />
316 <td nowrap
><b
><?php
echo xlt('Organization'); ?
>:</b
></td
>
318 <input type
='text' size
='40' name
='form_organization' maxlength
='250'
319 value
='<?php echo attr($row['organization
']); ?>'
320 style
='width:100%' class='inputtext' />
321 <span id
='cpoe_span' style
="display:none;">
322 <input type
='checkbox' title
="<?php echo xla('CPOE'); ?>" name
='form_cpoe' id
='form_cpoe' value
='1' <?php
echo ($row['cpoe']=='1') ?
"CHECKED" : ""; ?
>/>
323 <label
for='form_cpoe'><b
><?php
echo xlt('CPOE'); ?
></b
></label
>
328 <tr id
="nameDirectorRow">
329 <td width
='1%' nowrap
><b
><?php
echo xlt('Director Name'); ?
>:</b
></td
>
332 generate_form_field(array('data_type'=>1,'field_id'=>'director_title','list_id'=>'titles','empty_title'=>' '), $row['title']);
334 <b
><?php
echo xlt('Last'); ?
>:</b
><input type
='text' size
='10' name
='form_director_lname' class='inputtext'
335 maxlength
='50' value
='<?php echo attr($row['lname
']); ?>'/> 
;
336 <b
><?php
echo xlt('First'); ?
>:</b
> <input type
='text' size
='10' name
='form_director_fname' class='inputtext'
337 maxlength
='50' value
='<?php echo attr($row['fname
']); ?>' /> 
;
338 <b
><?php
echo xlt('Middle'); ?
>:</b
> <input type
='text' size
='4' name
='form_director_mname' class='inputtext'
339 maxlength
='50' value
='<?php echo attr($row['mname
']); ?>' />
340 <b
><?php
echo xlt('Suffix'); ?
>:</b
> <input type
='text' size
='4' name
='form_director_suffix' class='inputtext'
341 maxlength
='50' value
='<?php echo attr($row['suffix
']); ?>' />
346 <td nowrap
><b
><?php
echo xlt('Valedictory'); ?
>:</b
></td
>
348 <input type
='text' size
='40' name
='form_valedictory' maxlength
='250'
349 value
='<?php echo attr($row['valedictory
']); ?>'
350 style
='width:100%' class='inputtext' />
355 <td nowrap
><b
><?php
echo xlt('Home Phone'); ?
>:</b
></td
>
357 <input type
='text' size
='11' name
='form_phone' value
='<?php echo attr($row['phone
']); ?>'
358 maxlength
='30' class='inputtext' /> 
;
359 <b
><?php
echo xlt('Mobile'); ?
>:</b
><input type
='text' size
='11' name
='form_phonecell'
360 maxlength
='30' value
='<?php echo attr($row['phonecell
']); ?>' class='inputtext' />
365 <td nowrap
><b
><?php
echo xlt('Work Phone'); ?
>:</b
></td
>
367 <input type
='text' size
='11' name
='form_phonew1' value
='<?php echo attr($row['phonew1
']); ?>'
368 maxlength
='30' class='inputtext' /> 
;
369 <b
><?php
echo xlt('2nd'); ?
>:</b
><input type
='text' size
='11' name
='form_phonew2' value
='<?php echo attr($row['phonew2
']); ?>'
370 maxlength
='30' class='inputtext' /> 
;
371 <b
><?php
echo xlt('Fax'); ?
>:</b
> <input type
='text' size
='11' name
='form_fax' value
='<?php echo attr($row['fax
']); ?>'
372 maxlength
='30' class='inputtext' />
377 <td nowrap
><b
><?php
echo xlt('Assistant'); ?
>:</b
></td
>
379 <input type
='text' size
='40' name
='form_assistant' maxlength
='250'
380 value
='<?php echo attr($row['assistant
']); ?>'
381 style
='width:100%' class='inputtext' />
386 <td nowrap
><b
><?php
echo xlt('Email'); ?
>:</b
></td
>
388 <input type
='text' size
='40' name
='form_email' maxlength
='250'
389 value
='<?php echo attr($row['email
']); ?>'
390 style
='width:100%' class='inputtext' />
395 <td nowrap
><b
><?php
echo xlt('Trusted Email'); ?
>:</b
></td
>
397 <input type
='text' size
='40' name
='form_email_direct' maxlength
='250'
398 value
='<?php echo attr($row['email_direct
']); ?>'
399 style
='width:100%' class='inputtext' />
404 <td nowrap
><b
><?php
echo xlt('Website'); ?
>:</b
></td
>
406 <input type
='text' size
='40' name
='form_url' maxlength
='250'
407 value
='<?php echo attr($row['url
']); ?>'
408 style
='width:100%' class='inputtext' />
413 <td nowrap
><b
><?php
echo xlt('Main Address'); ?
>:</b
></td
>
415 <input type
='text' size
='40' name
='form_street' maxlength
='60'
416 value
='<?php echo attr($row['street
']); ?>'
417 style
='width:100%' class='inputtext' />
422 <td nowrap
> 
;</td
>
424 <input type
='text' size
='40' name
='form_streetb' maxlength
='60'
425 value
='<?php echo attr($row['streetb
']); ?>'
426 style
='width:100%' class='inputtext' />
431 <td nowrap
><b
><?php
echo xlt('City'); ?
>:</b
></td
>
433 <input type
='text' size
='10' name
='form_city' maxlength
='30'
434 value
='<?php echo attr($row['city
']); ?>' class='inputtext' /> 
;
435 <b
><?php
echo xlt('State')."/".xlt('county'); ?
>:</b
> <input type
='text' size
='10' name
='form_state' maxlength
='30'
436 value
='<?php echo attr($row['state
']); ?>' class='inputtext' /> 
;
437 <b
><?php
echo xlt('Postal code'); ?
>:</b
> <input type
='text' size
='10' name
='form_zip' maxlength
='20'
438 value
='<?php echo attr($row['zip
']); ?>' class='inputtext' />
443 <td nowrap
><b
><?php
echo xlt('Alt Address'); ?
>:</b
></td
>
445 <input type
='text' size
='40' name
='form_street2' maxlength
='60'
446 value
='<?php echo attr($row['street2
']); ?>'
447 style
='width:100%' class='inputtext' />
452 <td nowrap
> 
;</td
>
454 <input type
='text' size
='40' name
='form_streetb2' maxlength
='60'
455 value
='<?php echo attr($row['streetb2
']); ?>'
456 style
='width:100%' class='inputtext' />
461 <td nowrap
><b
><?php
echo xlt('City'); ?
>:</b
></td
>
463 <input type
='text' size
='10' name
='form_city2' maxlength
='30'
464 value
='<?php echo attr($row['city2
']); ?>' class='inputtext' /> 
;
465 <b
><?php
echo xlt('State')."/".xlt('county'); ?
>:</b
> <input type
='text' size
='10' name
='form_state2' maxlength
='30'
466 value
='<?php echo attr($row['state2
']); ?>' class='inputtext' /> 
;
467 <b
><?php
echo xlt('Postal code'); ?
>:</b
> <input type
='text' size
='10' name
='form_zip2' maxlength
='20'
468 value
='<?php echo attr($row['zip2
']); ?>' class='inputtext' />
473 <td nowrap
><b
><?php
echo xlt('UPIN'); ?
>:</b
></td
>
475 <input type
='text' size
='6' name
='form_upin' maxlength
='6'
476 value
='<?php echo attr($row['upin
']); ?>' class='inputtext' /> 
;
477 <b
><?php
echo xlt('NPI'); ?
>:</b
> <input type
='text' size
='10' name
='form_npi' maxlength
='10'
478 value
='<?php echo attr($row['npi
']); ?>' class='inputtext' /> 
;
479 <b
><?php
echo xlt('TIN'); ?
>:</b
> <input type
='text' size
='10' name
='form_federaltaxid' maxlength
='10'
480 value
='<?php echo attr($row['federaltaxid
']); ?>' class='inputtext' /> 
;
481 <b
><?php
echo xlt('Taxonomy'); ?
>:</b
> <input type
='text' size
='10' name
='form_taxonomy' maxlength
='10'
482 value
='<?php echo attr($row['taxonomy
']); ?>' class='inputtext' />
487 <td nowrap
><b
><?php
echo xlt('Notes'); ?
>:</b
></td
>
489 <textarea rows
='3' cols
='40' name
='form_notes' style
='width:100%'
490 wrap
='virtual' class='inputtext' /><?php
echo text($row['notes']) ?
></textarea
>
498 <input type
='submit' name
='form_save' value
='<?php echo xla('Save
'); ?>' />
500 <?php
if ($userid && !$row['username']) { ?
>
502 <input type
='submit' name
='form_delete' value
='<?php echo xla('Delete
'); ?>' style
='color:red' />
506 <input type
='button' value
='<?php echo xla('Cancel
'); ?>' onclick
='window.close()' />
510 <?php
$use_validate_js = 1;?
>
511 <?php
validateUsingPageRules($_SERVER['PHP_SELF']);?
>