From d2e483bb8c4c5611811025941538a94f5fe8625d Mon Sep 17 00:00:00 2001 From: stephen waite Date: Mon, 31 May 2021 17:57:51 -0400 Subject: [PATCH] Calinc (#4429) * replace getIdFromUser in calendar.inc with UserService->getIdByUsername * styling * typo * getUserByUsername() from UserService instead of calendar.inc * remove unneccesary added function * remove calendar.inc requires * fix variable name, add BINARY to WHERE clause for exact case-sensitive username match * simplify return; create 1 liner for UserService() * convert other calls to getIdByUsername() --- .../calendar/modules/PostCalendar/pnuserapi.php | 23 ++++++++++++- interface/patient_file/encounter/forms.php | 8 +++-- library/ajax/adminacl_ajax.php | 5 +-- library/appointments.inc.php | 18 +++++----- library/calendar.inc | 29 +++++------------ library/encounter_events.inc.php | 38 +++++++--------------- src/Common/Acl/AclExtended.php | 8 +++-- src/Services/UserService.php | 15 ++++++++- 8 files changed, 77 insertions(+), 67 deletions(-) diff --git a/interface/main/calendar/modules/PostCalendar/pnuserapi.php b/interface/main/calendar/modules/PostCalendar/pnuserapi.php index 55de0203c..ea0c94155 100644 --- a/interface/main/calendar/modules/PostCalendar/pnuserapi.php +++ b/interface/main/calendar/modules/PostCalendar/pnuserapi.php @@ -1,6 +1,21 @@ + * @author The PostCalendar Team + * @author Brady Miller + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 +*/ + +use OpenEMR\Services\UserService; + @define('__POSTCALENDAR__', 'PostCalendar'); + /** * $Id$ * @@ -30,6 +45,7 @@ //========================================================================= // Require utility classes //========================================================================= + require_once($GLOBALS['fileroot'] . "/library/patient.inc"); require_once($GLOBALS['fileroot'] . "/library/group.inc"); require_once($GLOBALS['fileroot'] . "/library/encounter_events.inc.php"); @@ -838,7 +854,12 @@ function &postcalendar_userapi_pcQueryEvents($args) if ($pc_username == '__PC_ALL__' || $pc_username == -1) { $ruserid = -1; } else { - $ruserid = getIDfromUser($pc_username); + $user = (new $userService())->getIdByUsername($pc_username); + if ($user) { + $ruserid = $user; + } else { + $ruserid = -1; + } } } diff --git a/interface/patient_file/encounter/forms.php b/interface/patient_file/encounter/forms.php index 24799694e..64c3e7130 100644 --- a/interface/patient_file/encounter/forms.php +++ b/interface/patient_file/encounter/forms.php @@ -13,16 +13,17 @@ require_once("../../globals.php"); require_once("$srcdir/encounter.inc"); require_once("$srcdir/group.inc"); -require_once("$srcdir/calendar.inc"); require_once("$srcdir/patient.inc"); require_once("$srcdir/amc.php"); -require_once $GLOBALS['srcdir'] . '/ESign/Api.php'; +require_once($GLOBALS['srcdir'] . '/ESign/Api.php'); require_once("$srcdir/../controllers/C_Document.class.php"); use ESign\Api; use OpenEMR\Common\Acl\AclMain; use OpenEMR\Common\Csrf\CsrfUtils; use OpenEMR\Core\Header; +use OpenEMR\Services\UserService; + $expand_default = (int)$GLOBALS['expand_form'] ? 'show' : 'hide'; $reviewMode = false; @@ -937,7 +938,8 @@ if ( } $acl_groups = AclMain::aclCheckCore("groups", "glog", false, 'write') ? true : false; - $user = getNameFromUsername($iter['user']); + $userService = new UserService(); + $user = $userService->getUserByUsername($iter['user']); $form_name = ($formdir == 'newpatient') ? xl('Visit Summary') : xl_form_title($iter['form_name']); diff --git a/library/ajax/adminacl_ajax.php b/library/ajax/adminacl_ajax.php index 3fa16b7e3..d425f5d34 100644 --- a/library/ajax/adminacl_ajax.php +++ b/library/ajax/adminacl_ajax.php @@ -16,12 +16,13 @@ require_once("../../interface/globals.php"); require_once("$srcdir/user.inc"); -require_once("$srcdir/calendar.inc"); use OpenEMR\Common\Acl\AclExtended; use OpenEMR\Common\Acl\AclMain; use OpenEMR\Common\Csrf\CsrfUtils; use OpenEMR\Common\Logging\EventAuditLogger; +use OpenEMR\Services\UserService; + header("Content-type: text/xml"); header("Cache-Control: no-cache"); @@ -87,7 +88,7 @@ if ($_POST["control"] == "membership") { } // check if user is protected. If so, then state message unable to remove from admin group. - $userNametoID = getIDfromUser($_POST["name"]); + $userNametoID = (new $userService())->getIdByUsername($_POST["name"]); if (checkUserSetting("gacl_protect", "1", $userNametoID) || ($_POST["name"] == "admin")) { $gacl_protect = true; } else { diff --git a/library/appointments.inc.php b/library/appointments.inc.php index 25403bee2..b24c6bec5 100644 --- a/library/appointments.inc.php +++ b/library/appointments.inc.php @@ -1,15 +1,13 @@ + * @copyright Copyright (c) 2011 Ken Chapple + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 +*/ require_once(dirname(__FILE__) . "/encounter_events.inc.php"); require_once(dirname(__FILE__) . "/../interface/main/calendar/modules/PostCalendar/pnincludes/Date/Calc.php"); diff --git a/library/calendar.inc b/library/calendar.inc index e3954c28c..061254da7 100644 --- a/library/calendar.inc +++ b/library/calendar.inc @@ -1,20 +1,17 @@ + * @copyright Copyright (c) 2005 Brady Miller + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 +*/ + //Require once the holidays controller for the is_holiday() function require_once($GLOBALS['incdir'] . "/main/holidays/Holidays_Controller.php"); -function getIDfromUser($name) -{ - $query = "select id from users where username=? limit 1"; - $rez = sqlStatement($query, array($name)); - $row = sqlFetchArray($rez); - if (!is_numeric($row['id'])) { - return -1; - } else { - return $row['id']; - } -} - // Returns an array of the facility ids and names that the user is allowed to access. // Access might be for inventory purposes ($inventory=true) or calendar purposes. // @@ -71,14 +68,6 @@ function getUserFacWH($uID, $fID) return $returnVal; } -//retrieve the name based on the username -function getNameFromUsername($username) -{ - $query = "select * from users where username like ? and username != ''"; - $res = sqlQuery($query, [$username]); - return $res; -} - /** * Check if day is weekend day * @param (int) $day diff --git a/library/encounter_events.inc.php b/library/encounter_events.inc.php index eba099487..2081a3a0d 100644 --- a/library/encounter_events.inc.php +++ b/library/encounter_events.inc.php @@ -1,36 +1,20 @@ -// -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// -// A copy of the GNU General Public License is included along with this program: -// openemr/interface/login/GnuGPL.html -// For more information write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -// -// Author: Eldho Chacko -// Paul Simon K -// Ian Jardine ( github.com/epsdky ) ( Modified calendar_arrived ) -// -// +------------------------------------------------------------------------------+ +/** + * Holds library functions used by events + * @package OpenEMR + * @link https://www.open-emr.org + * @author Z&H Consultancy Services Private Limited + * @author Eldho Chacko + * @author Paul Simon K + * @author Ian Jardine ( github.com/epsdky ) ( Modified calendar_arrived ) + * @copyright Copyright (c) 2010 Z&H Consultancy Services Private Limited + * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3 +*/ require_once(__DIR__ . '/calendar.inc'); require_once(__DIR__ . '/patient_tracker.inc.php'); - //=============================================================================== //This section handles the events of payment screen. //=============================================================================== diff --git a/src/Common/Acl/AclExtended.php b/src/Common/Acl/AclExtended.php index f0a7c1e32..2c7bc9901 100644 --- a/src/Common/Acl/AclExtended.php +++ b/src/Common/Acl/AclExtended.php @@ -19,6 +19,7 @@ namespace OpenEMR\Common\Acl; use OpenEMR\Gacl\GaclApi; +use OpenEMR\Services\UserService; use OpenEMR\Services\VersionService; class AclExtended @@ -236,9 +237,10 @@ class AclExtended //see if this user is gacl protected (ie. do not allow //removal from the Administrators group) require_once(dirname(__FILE__) . '/../../../library/user.inc'); - require_once(dirname(__FILE__) . '/../../../library/calendar.inc'); - $userNametoID = getIDfromUser($user_name); - if (checkUserSetting("gacl_protect", "1", $userNametoID) || $user_name == "admin") { + + $userNameToID = (new UserService())->getIdByUsername($user_name); + + if (checkUserSetting("gacl_protect", "1", $userNameToID) || $user_name == "admin") { $gacl_protect = true; } else { $gacl_protect = false; diff --git a/src/Services/UserService.php b/src/Services/UserService.php index 33bc50106..d9a4d2052 100644 --- a/src/Services/UserService.php +++ b/src/Services/UserService.php @@ -62,7 +62,7 @@ class UserService */ public function getUserByUsername($username) { - return sqlQuery("SELECT * FROM `users` WHERE `username` = ?", [$username]); + return sqlQuery("SELECT * FROM `users` WHERE BINARY `username` = ?", [$username]); } /** @@ -191,4 +191,17 @@ class UserService return $results; } + + /** + * @return array id of User + */ + public function getIdByUsername($username) + { + $id = sqlQuery("SELECT `id` FROM `users` WHERE BINARY `username` = ?", [$username]); + if (!empty($id['id'])) { + return $id['id']; + } else { + return false; + } + } } -- 2.11.4.GIT