search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixed Patient Portal Offsite-mailbox bug
[openemr.git] / interface / usergroup / addrbook_edit.php
blobce1d509b7b38eef86ca8767db407347bb46c4a57
1 <?php
2 // Copyright (C) 2006-2010 Rod Roark <rod@sunsetsystems.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8
9 //SANITIZE ALL ESCAPES
10 $sanitize_all_escapes=true;
11 //
12
13 //STOP FAKE REGISTER GLOBALS
14 $fake_register_globals=false;
15 //
16
17 include_once("../globals.php");
18 include_once("$srcdir/acl.inc");
19 require_once("$srcdir/options.inc.php");
20 require_once("$srcdir/formdata.inc.php");
21 require_once("$srcdir/htmlspecialchars.inc.php");
22
23 // Collect user id if editing entry
24 $userid = $_REQUEST['userid'];
25
26 // Collect type if creating a new entry
27 $type = $_REQUEST['type'];
28
29 $info_msg = "";
30
31 function invalue($name) {
32 $fld = add_escape_custom(trim($_POST[$name]));
33 return "'$fld'";
34 }
35
36 ?>
37 <html>
38 <head>
39 <title><?php echo $userid ? xlt('Edit') : xlt('Add New') ?> <?php echo xlt('Person'); ?></title>
40 <link rel="stylesheet" href='<?php echo $css_header ?>' type='text/css'>
41 <script type="text/javascript" src="../../library/js/jquery.1.3.2.js"></script>
42
43 <style>
44 td { font-size:10pt; }
45
46 .inputtext {
47 padding-left:2px;
48 padding-right:2px;
49 }
50
51 .button {
52 font-family:sans-serif;
53 font-size:9pt;
54 font-weight:bold;
55 }
56 </style>
57
58 <script language="JavaScript">
59
60 var type_options_js = Array();
61 <?php
62 // Collect the type options. Possible values are:
63 // 1 = Unassigned (default to person centric)
64 // 2 = Person Centric
65 // 3 = Company Centric
66 $sql = sqlStatement("SELECT option_id, option_value FROM list_options WHERE " .
67 "list_id = 'abook_type'");
68 while ($row_query = sqlFetchArray($sql)) {
69 echo "type_options_js"."['" . attr($row_query['option_id']) . "']=" . attr($row_query['option_value']) . ";\n";
70 }
71 ?>
72
73 // Process to customize the form by type
74 function typeSelect(a) {
75 if (type_options_js[a] == 3) {
76 // Company centric:
77 // 1) Hide the person Name entries
78 // 2) Hide the Specialty entry
79 // 3) Show the director Name entries
80 document.getElementById("nameRow").style.display = "none";
81 document.getElementById("specialtyRow").style.display = "none";
82 document.getElementById("nameDirectorRow").style.display = "";
83 }
84 else {
85 // Person centric:
86 // 1) Hide the director Name entries
87 // 2) Show the person Name entries
88 // 3) Show the Specialty entry
89 document.getElementById("nameDirectorRow").style.display = "none";
90 document.getElementById("nameRow").style.display = "";
91 document.getElementById("specialtyRow").style.display = "";
92 }
93 }
94 </script>
95
96 </head>
97
98 <body class="body_top">
99 <?php
100 // If we are saving, then save and close the window.
101 //
102 if ($_POST['form_save']) {
103
104 // Collect the form_abook_type option value
105 // (ie. patient vs company centric)
106 $type_sql_row = sqlQuery("SELECT `option_value` FROM `list_options` WHERE `list_id` = 'abook_type' AND `option_id` = ?", array(trim($_POST['form_abook_type'])));
107 $option_abook_type = $type_sql_row['option_value'];
108 // Set up any abook_type specific settings
109 if ($option_abook_type == 3) {
110 // Company centric
111 $form_title = invalue('form_director_title');
112 $form_fname = invalue('form_director_fname');
113 $form_lname = invalue('form_director_lname');
114 $form_mname = invalue('form_director_mname');
115 }
116 else {
117 // Person centric
118 $form_title = invalue('form_title');
119 $form_fname = invalue('form_fname');
120 $form_lname = invalue('form_lname');
121 $form_mname = invalue('form_mname');
122 }
123
124 if ($userid) {
125
126 $query = "UPDATE users SET " .
127 "abook_type = " . invalue('form_abook_type') . ", " .
128 "title = " . $form_title . ", " .
129 "fname = " . $form_fname . ", " .
130 "lname = " . $form_lname . ", " .
131 "mname = " . $form_mname . ", " .
132 "specialty = " . invalue('form_specialty') . ", " .
133 "organization = " . invalue('form_organization') . ", " .
134 "valedictory = " . invalue('form_valedictory') . ", " .
135 "assistant = " . invalue('form_assistant') . ", " .
136 "federaltaxid = " . invalue('form_federaltaxid') . ", " .
137 "upin = " . invalue('form_upin') . ", " .
138 "npi = " . invalue('form_npi') . ", " .
139 "taxonomy = " . invalue('form_taxonomy') . ", " .
140 "email = " . invalue('form_email') . ", " .
141 "url = " . invalue('form_url') . ", " .
142 "street = " . invalue('form_street') . ", " .
143 "streetb = " . invalue('form_streetb') . ", " .
144 "city = " . invalue('form_city') . ", " .
145 "state = " . invalue('form_state') . ", " .
146 "zip = " . invalue('form_zip') . ", " .
147 "street2 = " . invalue('form_street2') . ", " .
148 "streetb2 = " . invalue('form_streetb2') . ", " .
149 "city2 = " . invalue('form_city2') . ", " .
150 "state2 = " . invalue('form_state2') . ", " .
151 "zip2 = " . invalue('form_zip2') . ", " .
152 "phone = " . invalue('form_phone') . ", " .
153 "phonew1 = " . invalue('form_phonew1') . ", " .
154 "phonew2 = " . invalue('form_phonew2') . ", " .
155 "phonecell = " . invalue('form_phonecell') . ", " .
156 "fax = " . invalue('form_fax') . ", " .
157 "notes = " . invalue('form_notes') . " " .
158 "WHERE id = '" . add_escape_custom($userid) . "'";
159 sqlStatement($query);
160
161 } else {
162
163 $userid = sqlInsert("INSERT INTO users ( " .
164 "username, password, authorized, info, source, " .
165 "title, fname, lname, mname, " .
166 "federaltaxid, federaldrugid, upin, facility, see_auth, active, npi, taxonomy, " .
167 "specialty, organization, valedictory, assistant, billname, email, url, " .
168 "street, streetb, city, state, zip, " .
169 "street2, streetb2, city2, state2, zip2, " .
170 "phone, phonew1, phonew2, phonecell, fax, notes, abook_type " .
171 ") VALUES ( " .
172 "'', " . // username
173 "'', " . // password
174 "0, " . // authorized
175 "'', " . // info
176 "NULL, " . // source
177 $form_title . ", " .
178 $form_fname . ", " .
179 $form_lname . ", " .
180 $form_mname . ", " .
181 invalue('form_federaltaxid') . ", " .
182 "'', " . // federaldrugid
183 invalue('form_upin') . ", " .
184 "'', " . // facility
185 "0, " . // see_auth
186 "1, " . // active
187 invalue('form_npi') . ", " .
188 invalue('form_taxonomy') . ", " .
189 invalue('form_specialty') . ", " .
190 invalue('form_organization') . ", " .
191 invalue('form_valedictory') . ", " .
192 invalue('form_assistant') . ", " .
193 "'', " . // billname
194 invalue('form_email') . ", " .
195 invalue('form_url') . ", " .
196 invalue('form_street') . ", " .
197 invalue('form_streetb') . ", " .
198 invalue('form_city') . ", " .
199 invalue('form_state') . ", " .
200 invalue('form_zip') . ", " .
201 invalue('form_street2') . ", " .
202 invalue('form_streetb2') . ", " .
203 invalue('form_city2') . ", " .
204 invalue('form_state2') . ", " .
205 invalue('form_zip2') . ", " .
206 invalue('form_phone') . ", " .
207 invalue('form_phonew1') . ", " .
208 invalue('form_phonew2') . ", " .
209 invalue('form_phonecell') . ", " .
210 invalue('form_fax') . ", " .
211 invalue('form_notes') . ", " .
212 invalue('form_abook_type') . " " .
213 ")");
214
215 }
216 }
217
218 else if ($_POST['form_delete']) {
219
220 if ($userid) {
221 // Be careful not to delete internal users.
222 sqlStatement("DELETE FROM users WHERE id = ? AND username = ''", array($userid));
223 }
224
225 }
226
227 if ($_POST['form_save'] || $_POST['form_delete']) {
228 // Close this window and redisplay the updated list.
229 echo "<script language='JavaScript'>\n";
230 if ($info_msg) echo " alert('".addslashes($info_msg)."');\n";
231 echo " window.close();\n";
232 echo " if (opener.refreshme) opener.refreshme();\n";
233 echo "</script></body></html>\n";
234 exit();
235 }
236
237 if ($userid) {
238 $row = sqlQuery("SELECT * FROM users WHERE id = ?", array($userid));
239 }
240
241 if ($type) { // note this only happens when its new
242 // Set up type
243 $row['abook_type'] = $type;
244 }
245
246 ?>
247
248 <script language="JavaScript">
249 $(document).ready(function() {
250 // customize the form via the type options
251 typeSelect("<?php echo attr($row['abook_type']); ?>");
252 });
253 </script>
254
255 <form method='post' name='theform' action='addrbook_edit.php?userid=<?php echo attr($userid) ?>'>
256 <center>
257
258 <table border='0' width='100%'>
259
260 <?php if (acl_check('admin', 'practice' )) { // allow choose type option if have admin access ?>
261 <tr>
262 <td width='1%' nowrap><b><?php echo xlt('Type'); ?>:</b></td>
263 <td>
264 <?php
265 echo generate_select_list('form_abook_type', 'abook_type', $row['abook_type'], '', 'Unassigned', '', 'typeSelect(this.value)');
266 ?>
267 </td>
268 </tr>
269 <?php } // end of if has admin access ?>
270
271 <tr id="nameRow">
272 <td width='1%' nowrap><b><?php echo xlt('Name'); ?>:</b></td>
273 <td>
274 <?php
275 generate_form_field(array('data_type'=>1,'field_id'=>'title','list_id'=>'titles','empty_title'=>' '), $row['title']);
276 ?>
277 <b><?php echo xlt('Last'); ?>:</b><input type='text' size='10' name='form_lname' class='inputtext'
278 maxlength='50' value='<?php echo attr($row['lname']); ?>'/>&nbsp;
279 <b><?php echo xlt('First'); ?>:</b> <input type='text' size='10' name='form_fname' class='inputtext'
280 maxlength='50' value='<?php echo attr($row['fname']); ?>' />&nbsp;
281 <b><?php echo xlt('Middle'); ?>:</b> <input type='text' size='4' name='form_mname' class='inputtext'
282 maxlength='50' value='<?php echo attr($row['mname']); ?>' />
283 </td>
284 </tr>
285
286 <tr id="specialtyRow">
287 <td nowrap><b><?php echo xlt('Specialty'); ?>:</b></td>
288 <td>
289 <input type='text' size='40' name='form_specialty' maxlength='250'
290 value='<?php echo attr($row['specialty']); ?>'
291 style='width:100%' class='inputtext' />
292 </td>
293 </tr>
294
295 <tr>
296 <td nowrap><b><?php echo xlt('Organization'); ?>:</b></td>
297 <td>
298 <input type='text' size='40' name='form_organization' maxlength='250'
299 value='<?php echo attr($row['organization']); ?>'
300 style='width:100%' class='inputtext' />
301 </td>
302 </tr>
303
304 <tr id="nameDirectorRow">
305 <td width='1%' nowrap><b><?php echo xlt('Director Name'); ?>:</b></td>
306 <td>
307 <?php
308 generate_form_field(array('data_type'=>1,'field_id'=>'director_title','list_id'=>'titles','empty_title'=>' '), $row['title']);
309 ?>
310 <b><?php echo xlt('Last'); ?>:</b><input type='text' size='10' name='form_director_lname' class='inputtext'
311 maxlength='50' value='<?php echo attr($row['lname']); ?>'/>&nbsp;
312 <b><?php echo xlt('First'); ?>:</b> <input type='text' size='10' name='form_director_fname' class='inputtext'
313 maxlength='50' value='<?php echo attr($row['fname']); ?>' />&nbsp;
314 <b><?php echo xlt('Middle'); ?>:</b> <input type='text' size='4' name='form_director_mname' class='inputtext'
315 maxlength='50' value='<?php echo attr($row['mname']); ?>' />
316 </td>
317 </tr>
318
319 <tr>
320 <td nowrap><b><?php echo xlt('Valedictory'); ?>:</b></td>
321 <td>
322 <input type='text' size='40' name='form_valedictory' maxlength='250'
323 value='<?php echo attr($row['valedictory']); ?>'
324 style='width:100%' class='inputtext' />
325 </td>
326 </tr>
327
328 <tr>
329 <td nowrap><b><?php echo xlt('Home Phone'); ?>:</b></td>
330 <td>
331 <input type='text' size='11' name='form_phone' value='<?php echo attr($row['phone']); ?>'
332 maxlength='30' class='inputtext' />&nbsp;
333 <b><?php echo xlt('Mobile'); ?>:</b><input type='text' size='11' name='form_phonecell'
334 maxlength='30' value='<?php echo attr($row['phonecell']); ?>' class='inputtext' />
335 </td>
336 </tr>
337
338 <tr>
339 <td nowrap><b><?php echo xlt('Work Phone'); ?>:</b></td>
340 <td>
341 <input type='text' size='11' name='form_phonew1' value='<?php echo attr($row['phonew1']); ?>'
342 maxlength='30' class='inputtext' />&nbsp;
343 <b><?php echo xlt('2nd'); ?>:</b><input type='text' size='11' name='form_phonew2' value='<?php echo attr($row['phonew2']); ?>'
344 maxlength='30' class='inputtext' />&nbsp;
345 <b><?php echo xlt('Fax'); ?>:</b> <input type='text' size='11' name='form_fax' value='<?php echo attr($row['fax']); ?>'
346 maxlength='30' class='inputtext' />
347 </td>
348 </tr>
349
350 <tr>
351 <td nowrap><b><?php echo xlt('Assistant'); ?>:</b></td>
352 <td>
353 <input type='text' size='40' name='form_assistant' maxlength='250'
354 value='<?php echo attr($row['assistant']); ?>'
355 style='width:100%' class='inputtext' />
356 </td>
357 </tr>
358
359 <tr>
360 <td nowrap><b><?php echo xlt('Email'); ?>:</b></td>
361 <td>
362 <input type='text' size='40' name='form_email' maxlength='250'
363 value='<?php echo attr($row['email']); ?>'
364 style='width:100%' class='inputtext' />
365 </td>
366 </tr>
367
368 <tr>
369 <td nowrap><b><?php echo xlt('Website'); ?>:</b></td>
370 <td>
371 <input type='text' size='40' name='form_url' maxlength='250'
372 value='<?php echo attr($row['url']); ?>'
373 style='width:100%' class='inputtext' />
374 </td>
375 </tr>
376
377 <tr>
378 <td nowrap><b><?php echo xlt('Main Address'); ?>:</b></td>
379 <td>
380 <input type='text' size='40' name='form_street' maxlength='60'
381 value='<?php echo attr($row['street']); ?>'
382 style='width:100%' class='inputtext' />
383 </td>
384 </tr>
385
386 <tr>
387 <td nowrap>&nbsp;</td>
388 <td>
389 <input type='text' size='40' name='form_streetb' maxlength='60'
390 value='<?php echo attr($row['streetb']); ?>'
391 style='width:100%' class='inputtext' />
392 </td>
393 </tr>
394
395 <tr>
396 <td nowrap><b><?php echo xlt('City'); ?>:</b></td>
397 <td>
398 <input type='text' size='10' name='form_city' maxlength='30'
399 value='<?php echo attr($row['city']); ?>' class='inputtext' />&nbsp;
400 <b><?php echo xlt('State')."/".xlt('county'); ?>:</b> <input type='text' size='10' name='form_state' maxlength='30'
401 value='<?php echo attr($row['state']); ?>' class='inputtext' />&nbsp;
402 <b><?php echo xlt('Postal code'); ?>:</b> <input type='text' size='10' name='form_zip' maxlength='20'
403 value='<?php echo attr($row['zip']); ?>' class='inputtext' />
404 </td>
405 </tr>
406
407 <tr>
408 <td nowrap><b><?php echo xlt('Alt Address'); ?>:</b></td>
409 <td>
410 <input type='text' size='40' name='form_street2' maxlength='60'
411 value='<?php echo attr($row['street2']); ?>'
412 style='width:100%' class='inputtext' />
413 </td>
414 </tr>
415
416 <tr>
417 <td nowrap>&nbsp;</td>
418 <td>
419 <input type='text' size='40' name='form_streetb2' maxlength='60'
420 value='<?php echo attr($row['streetb2']); ?>'
421 style='width:100%' class='inputtext' />
422 </td>
423 </tr>
424
425 <tr>
426 <td nowrap><b><?php echo xlt('City'); ?>:</b></td>
427 <td>
428 <input type='text' size='10' name='form_city2' maxlength='30'
429 value='<?php echo attr($row['city2']); ?>' class='inputtext' />&nbsp;
430 <b><?php echo xlt('State')."/".xlt('county'); ?>:</b> <input type='text' size='10' name='form_state2' maxlength='30'
431 value='<?php echo attr($row['state2']); ?>' class='inputtext' />&nbsp;
432 <b><?php echo xlt('Postal code'); ?>:</b> <input type='text' size='10' name='form_zip2' maxlength='20'
433 value='<?php echo attr($row['zip2']); ?>' class='inputtext' />
434 </td>
435 </tr>
436
437 <tr>
438 <td nowrap><b><?php echo xlt('UPIN'); ?>:</b></td>
439 <td>
440 <input type='text' size='6' name='form_upin' maxlength='6'
441 value='<?php echo attr($row['upin']); ?>' class='inputtext' />&nbsp;
442 <b><?php echo xlt('NPI'); ?>:</b> <input type='text' size='10' name='form_npi' maxlength='10'
443 value='<?php echo attr($row['npi']); ?>' class='inputtext' />&nbsp;
444 <b><?php echo xlt('TIN'); ?>:</b> <input type='text' size='10' name='form_federaltaxid' maxlength='10'
445 value='<?php echo attr($row['federaltaxid']); ?>' class='inputtext' />&nbsp;
446 <b><?php echo xlt('Taxonomy'); ?>:</b> <input type='text' size='10' name='form_taxonomy' maxlength='10'
447 value='<?php echo attr($row['taxonomy']); ?>' class='inputtext' />
448 </td>
449 </tr>
450
451 <tr>
452 <td nowrap><b><?php echo xlt('Notes'); ?>:</b></td>
453 <td>
454 <textarea rows='3' cols='40' name='form_notes' style='width:100%'
455 wrap='virtual' class='inputtext' /><?php echo text($row['notes']) ?></textarea>
456 </td>
457 </tr>
458
459 </table>
460
461 <br />
462
463 <input type='submit' name='form_save' value='<?php echo xla('Save'); ?>' />
464
465 <?php if ($userid && !$row['username']) { ?>
466 &nbsp;
467 <input type='submit' name='form_delete' value='<?php echo xla('Delete'); ?>' style='color:red' />
468 <?php } ?>
469
470 &nbsp;
471 <input type='button' value='<?php echo xla('Cancel'); ?>' onclick='window.close()' />
472 </p>
473
474 </center>
475 </form>
476 </body>
477 </html>
Mirror of official OpenEMR Sourceforge repository