search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- modules/fotolab updated imagej to current version & some cod fixes to make it work
[care2x.git] / Care2007 / modules / system_admin / edv_user_access_edit.php
blob83c83bf54afa9fc624ed3d2a82bef5705bdf438b
1 <?php
2 error_reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
3 require('./roots.php');
4 require($root_path.'include/inc_environment_global.php');
5 /**
6 * CARE2X Integrated Hospital Information System Deployment 2.2 - 2006-07-10
7 * GNU General Public License
8 * Copyright 2002,2003,2004,2005,2006 Elpidio Latorilla
9 * elpidio@care2x.org,
10 *
11 * See the file "copy_notice.txt" for the licence notice
12 */
13 $lang_tables[] = 'access.php';
14 define('LANG_FILE','edp.php');
15 $local_user='ck_edv_user';
16 require_once($root_path.'include/inc_front_chain_lang.php');
17
18 /**
19 * The following require loads the access areas that can be assigned for
20 * user permissions.
21 */
22 require($root_path.'include/inc_accessplan_areas_functions.php');
23
24 $breakfile='edv-system-admi-welcome.php'.URL_APPEND;
25 $returnfile=$HTTP_SESSION_VARS['sess_file_return'].URL_APPEND;
26 $HTTP_SESSION_VARS['sess_file_return']=basename(__FILE__);
27
28 //gjergji : load the department list
29 require_once($root_path.'include/care_api_classes/class_department.php');
30 $dept_obj=new Department;
31 $deptarray=$dept_obj->getAllActiveSort('name_formal');
32
33 $edit=0;
34 $error=0;
35
36 if(!isset($mode)) $mode='';
37 if(!isset($errorname)) $errorname='';
38 if(!isset($erroruser)) $erroruser='';
39 if(!isset($username)) $username='';
40 if(!isset($userid)) $userid='';
41 if(!isset($errorpass)) $errorpass='';
42 if(!isset($pass)) $pass='';
43 if(!isset($errorbereich)) $errorbereich='';
44 if(!isset($dept_nr)) $dept_nr='0';
45
46 if($mode!= ''){
47 if($mode!='edit' && $mode!='update' && $mode!='data_saved'){
48 /* Trim white spaces off */
49 $username=trim($username);
50 $userid=trim($userid);
51 $pass=trim($pass);
52
53 if($username=='') { $errorname=1; $error=1; }
54 if($userid=='') { $erroruser=1; $error=1; }
55 if($pass=='') { $errorpass=1; $error=1; }
56 }
57
58
59 if(($mode=='save' && !$error ) || ($mode=='update' && !$erroruser))
60 {
61
62
63 /* Prepare the permission codes */
64
65
66 $p_areas='';
67
68 while(list($x,$v)=each($HTTP_POST_VARS))
69 {
70 if(!ereg('_a_',$x)) continue;
71
72 if($HTTP_POST_VARS[$x] != '') $p_areas.=$v.' ';
73 }
74 /* If permission area is available, save it */
75 if($p_areas != '')
76 {
77 //$db->debug=true;
78
79 if($mode=='save')
80 {
81 $sql="INSERT INTO care_users
82 (
83 name,
84 login_id,
85 password,
86 permission,
87 personell_nr,
88 s_date,
89 s_time,
90 dept_nr,
91 status,
92 modify_id,
93 create_id,
94 create_time
95 )
96 VALUES
97 (
98 '".addslashes($username)."',
99 '".addslashes($userid)."',
100 '".md5($pass)."',
101 '".$p_areas."',
102 '".((int)$personell_nr)."',
103 '".date('Y-m-d')."',
104 '".date('H:i:s')."',
105 '".serialize($dept_nr)."',
106 'normal',
107 '',
108 '".$HTTP_SESSION_VARS['sess_user_name']."',
109 '".date('YmdHis')."'
110 )";
111
112 } else {
113 $dept_nr=serialize($dept_nr);
114 $sql="UPDATE care_users SET permission='$p_areas', dept_nr='$dept_nr' ,modify_id='".$HTTP_COOKIE_VARS[$local_user.$sid]."' WHERE login_id='$userid'";
115 }
116
117 /* Do the query */
118 $db->BeginTrans();
119 $ok=$db->Execute($sql);
120 if($ok&&$db->CommitTrans())
121 {
122 //echo $sql;
123 header('Location:edv_user_access_edit.php'.URL_REDIRECT_APPEND.'&userid='.strtr($userid,' ','+').'&mode=data_saved');
124 exit;
125 }
126 else
127 {
128 $db->RollbackTrans();
129 if($mode!='save') $edit=1;
130 $mode='error_double';
131 //echo "$sql $LDDbNoSave";
132 }
133 }
134 else
135 {
136 if($mode!='save') $edit=1;
137 $mode='error_noareas';
138 } // end if ($p_areas!="")
139 }// end of if($mode=="save"
140
141 if($mode=='edit' || $mode=='data_saved' || $edit) {
142
143 $sql="SELECT name, login_id, permission, dept_nr FROM care_users WHERE login_id='$userid'";
144
145 if($ergebnis=$db->Execute($sql)) {
146
147 if($ergebnis->RecordCount()) {
148
149 $user=$ergebnis->FetchRow();
150 $edit=1;
151 }
152
153 }
154 }
155 }
156
157 # Start Smarty templating here
158 /**
159 * LOAD Smarty
160 */
161 # Note: it is advisable to load this after the inc_front_chain_lang.php so
162 # that the smarty script can use the user configured template theme
163
164 require_once($root_path.'gui/smarty_template/smarty_care.class.php');
165 $smarty = new smarty_care('system_admin');
166
167 # Title in toolbar
168 $smarty->assign('sToolbarTitle',$LDManageAccess);
169
170 # href for return button
171 $smarty->assign('pbBack',$returnfile);
172
173 # href for help button
174 $smarty->assign('pbHelp',"javascript:gethelp('edp.php','access','$mode')");
175
176 # href for close button
177 $smarty->assign('breakfile',$breakfile);
178
179 # Window bar title
180 $smarty->assign('sWindowTitle',$LDManageAccess);
181
182 # Buffer page output
183
184 ob_start();
185 //start tabbs
186 echo '<script src="../../js/SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
187 <link href="../../js/SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />';
188 ?>
189
190 <ul>
191
192 <?php
193 //if ($mode=='data_saved' || $error || $mode=='error_noareas' || $mode=='data_nosave' )
194
195 if (($mode!='' || $error ) && $mode!='edit' ){
196
197 ?>
198 <table border=0>
199 <tr>
200 <td><img <?php echo createMascot($root_path,'mascot1_r.gif','0','bottom') ?> align="absmiddle"></td>
201 <td class="warnprompt">
202 <?php
203 if ($error) echo $LDInputError;
204 elseif ($mode=='data_saved') echo $LDUserInfoSaved;
205 elseif($mode=='error_save') echo $LDUserInfoNoSave;
206 elseif($mode=='error_noareas') echo $LDNoAreas;
207 elseif($mode=='error_double') echo $LDUserDouble;
208 ?></td>
209 </tr>
210 </table>
211 <?php
212 }
213 ?>
214
215 <FONT class="prompt">
216
217 <?php
218
219 if(($mode=="")and($remark!='fromlist'))
220 {
221 $gtime=date('H.i');
222 if ($gtime<'9.00') echo $LDGoodMorning;
223 if (($gtime>'9.00')and($gtime<'18.00')) echo $LDGoodDay;
224 if ($gtime>'18.00') echo $LDGoodEvening;
225 echo ' '.$HTTP_COOKIE_VARS[$local_user.$sid];
226 }
227 ?>
228
229 <p>
230 <FORM action="edv_user_access_list.php" name="all">
231
232 <input type="hidden" name="sid" value="<?php echo $sid; ?>">
233 <input type="hidden" name="lang" value="<?php echo $lang; ?>">
234 <INPUT type="submit" name=message value="<?php echo $LDListActual ?>"></font>
235
236 </FORM>
237 <p>
238 </FONT>
239
240 <form method="post" action="edv_user_access_edit.php" name="user">
241
242 <input type="image" <?php echo createLDImgSrc($root_path,'savedisc.gif','0','absmiddle') ?>>
243
244 <?php
245 if($mode=='data_saved' || $edit)
246 {
247 echo '<input type="button" value="'.$LDEnterNewUser.'" onClick="javascript:window.location.href=\'edv_user_access_edit.php'.URL_REDIRECT_APPEND.'&remark=fromlist\'">';
248 }
249 ?>
250 <input type="button" value="<?php echo $LDFindEmployee; ?>" onClick="javascript:window.location.href='edv_user_search_employee.php<?php echo URL_REDIRECT_APPEND; ?>&remark=fromlist'">
251
252 <table border=0 bgcolor="#000000" cellpadding=0 cellspacing=0>
253 <tr>
254 <td>
255
256 <table border="0" cellpadding="5" cellspacing="1">
257
258 <tr bgcolor="#dddddd">
259 <td colspan="3">
260 <?php echo $LDNewAccess ?>:
261 </td>
262 </tr>
263
264 <tr bgcolor="#dddddd">
265 <td>
266 <input type=hidden name=route value=validroute>
267
268
269 <?php if ($errorname) {echo "<font color=red > <b>$LDName</b>";}
270 else { echo $LDName;} ?>
271
272 <?php
273
274 if($edit)
275 {
276 echo '<input type="hidden" name="username" value="'.$user['name'].'">'.'<b>'.$user['name'].'</b>';
277 }
278 elseif(isset($is_employee)&&$is_employee)
279 {
280 ?>
281 <input name="username" type="hidden"
282 <?php
283 if ($username!="") echo ' value="'.$username.'"><br><b>'.$username.'</b>';
284 else echo '>';
285
286 }else{
287 ?>
288
289 <input name="username" type="text" <?php if ($username!="") echo ' value="'.$username.'"'; ?>>
290 <?php
291 }
292 ?>
293
294 <br>
295 </td>
296 <td>
297 <?php if ($erroruser) {echo "<font color=red > <b>$LDUserId</b>";}
298 else { echo $LDUserId;} ?>
299
300 <?php
301
302 if($edit) echo '<input type="hidden" name="userid" value="'.$user['login_id'].'">'.'<b>'.$user['login_id'].'</b>';
303 else
304 {
305 ?>
306 <input type=text name="userid"
307 <?php if ($userid!="") echo 'value="'.$userid.'"'; ?>>
308 <?php
309 }
310 ?>
311
312 <br>
313 </td>
314 <td>
315 <?php if ($errorpass) {echo "<font color=red > <b>$LDPassword</b>";}
316 else { echo $LDPassword;} ?>
317
318 <?php
319
320 if($edit) echo '<input type="hidden" name="pass" value="*">****';
321 else
322 {
323 ?>
324 <input type="password" name="pass" <?php if ($pass!="") echo "value=".$pass ; ?>>
325
326 <?php
327 }
328 ?>
329
330 <br>
331 </td>
332 </tr>
333
334 <tr bgcolor="#dddddd">
335 <td colspan=3>
336 <?php if ($errorbereich) {echo "<font color=red > <b>$LDAllowedArea</b> </font>";}
337 else { echo $LDAllowedArea;} ?>
338 </td>
339 </tr>
340
341
342 <tr bgcolor="#dddddd">
343 <td colspan=3>
344 <div id="TabbedPanels1" class="TabbedPanels">
345 <ul class="TabbedPanelsTabGroup">
346 <li class="TabbedPanelsTab" tabindex="0"><?php echo $LDAllowedArea ?></li>
347 <li class="TabbedPanelsTab" tabindex="0"><?php echo $LDOwnerDept ?></li>
348 </ul>
349 <div class="TabbedPanelsContentGroup">
350 <div class="TabbedPanelsContent">
351 <table border=0 cellspacing=0 width=100%>
352
353 <!-- The list of the permissible areas are displayed here -->
354
355 <?php
356
357 /* Loop through the elements of the access area tags */
358 while (list($x,$v)=each($area_opt))
359 {
360 echo '<tr bgcolor="white">';
361
362
363 if (eregi('title',$x)) // If title print it out
364 {
365 echo '
366 <td valign=top bgcolor="#81eff5" colspan=5><FONT SIZE=2 FACE="Arial">'.$v.'</td>';
367 }
368 else
369 {
370 // get the colum index
371 $cindex=substr($x,3,1);
372
373 // extract the actual index name
374
375 //$x_name=substr($x,strpos($x,'x')+1);
376
377
378 switch($cindex)
379 {
380 case 0: echo '
381 <td valign=top colspan=5><img '.createComIcon($root_path,'redpfeil.gif','0','absmiddle').'><input type="checkbox" name="'.$x.'" value="'.$x.'" ';
382 if($edit && strstr($user['permission'],$x)) echo 'checked ><FONT SIZE=2 FACE="Arial" color="#ff0000"> ';
383 else echo '>';
384 echo $v.'</td>';
385 break;
386 case 1: echo '
387 <td><img src="p.gif" width=15></td><td valign=top colspan=4><img src="tl2-blue.gif" border=0 width=20 height=21 align="absmiddle"><input type="checkbox" name="'.$x.'" value="'.$x.'" ';
388 if($edit && strstr($user['permission'],$x)) echo 'checked ><FONT SIZE=2 FACE="Arial" color="#ff0000">';
389 else echo '>';
390 echo $v.'</td>';
391 break;
392 case 2: echo '
393 <td><img src="p.gif" width=15><td><img src="p.gif" width=15><td valign=top colspan=3><img src="tl2-blue.gif" border=0 width=20 height=21 align="absmiddle"><input type="checkbox" name="'.$x.'" value="'.$x.'" ';
394 if($edit && strstr($user['permission'],$x)) echo 'checked ><FONT SIZE=2 FACE="Arial" color="#ff0000">';
395 else echo '>';
396 echo $v.'</td>';
397 break;
398 case 3: echo '
399 <td><img src="p.gif" width=15><td><img src="p.gif" width=15><td><img src="p.gif" width=15><td valign=top colspan=2><img src="tl2-blue.gif" border=0 width=20 height=21 align="absmiddle"><input type="checkbox" name="'.$x.'" value="'.$x.'" ';
400 if($edit && strstr($user['permission'],$x)) echo 'checked ><FONT SIZE=2 FACE="Arial" color="#ff0000">';
401 else echo '>';
402 echo $v.'</td>';
403 break;
404 case 4: echo '
405 <td><img src="p.gif" width=15><td><img src="p.gif" width=15><td><img src="p.gif" width=15><td><img src="p.gif" width=15><td valign=top colspan=1><img src="tl2-blue.gif" border=0 width=20 height=21 align="absmiddle"><input type="checkbox" name="'.$x.'" value="'.$x.'" ';
406 if($edit && strstr($user['permission'],$x)) echo 'checked ><FONT SIZE=2 FACE="Arial" color="#ff0000">';
407 else echo '>';
408 echo $v.'</td>';
409 break;
410 }
411 }
412
413 echo '
414 </tr>';
415 }
416
417 ?>
418
419 </table>
420 </div>
421 <!-- begin dept list -->
422 <div class="TabbedPanelsContent">
423 <table border=0 cellpadding=3>
424 <tr class="wardlisttitlerow">
425 <!-- <td bgcolor="#e9e9e9"></td>
426 --> <td class=pblock align=center><?php echo $LDDept ?></td>
427 </tr>
428 <?php
429 while(list($x,$dept)=each($deptarray)){
430 $actualDept = unserialize($user['dept_nr']);
431 ?>
432 <tr>
433 <td class=pblock bgColor="#eeeeee">
434 <input type="checkbox" name="dept_nr[]" id="<?php echo $dept['nr'] ?>" value="<?php echo $dept['nr']?>" <?php if( in_array($dept['nr'],$actualDept)) echo 'checked' ?>>
435 <?php
436 if(isset($$dept['LD_var'])&&!empty($$dept['LD_var'])) echo $$dept['LD_var'];
437 else echo $dept['name_formal'];
438 ?>
439 </td>
440 </tr>
441 <?php
442 }
443 ?>
444
445 </table>
446 </div>
447 </div>
448 </div>
449 <script type="text/javascript">
450 <?php
451 echo 'var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");'
452 ?>
453 </script>
454 <!-- end dept list -->
455 </td>
456 </tr>
457
458 <tr bgcolor="#dddddd">
459 <td colspan=3>
460 <p>
461 <input type="hidden" name="personell_nr" value="<?php echo $personell_nr; ?>">
462 <input type="hidden" name="itemname" value="<?php echo $itemname ?>">
463 <input type="hidden" name="sid" value="<?php echo $sid; ?>">
464 <input type="hidden" name="lang" value="<?php echo $lang; ?>">
465 <input type="hidden" name="mode" value="<?php if($edit || $mode=='data_saved' || $mode=='edit') echo 'update'; else echo 'save'; ?>">
466 <input type="image" <?php echo createLDImgSrc($root_path,'savedisc.gif','0','absmiddle') ?>>
467 <!-- <input type="reset" value="<?php echo $LDReset ?>"> -->
468 </td>
469 </tr>
470 </table>
471
472 </td>
473 </tr>
474 </table>
475
476 </form>
477
478 <p>
479 <a href="<?php echo $breakfile ?>" ><img <?php echo createLDImgSrc($root_path,'cancel.gif','0') ?> alt="<?php echo $LDCancel ?>" align="middle"></a>
480
481 </ul>
482
483 <?php
484
485 $sTemp = ob_get_contents();
486 ob_end_clean();
487
488 # Assign page output to the mainframe template
489
490 $smarty->assign('sMainFrameBlockData',$sTemp);
491 /**
492 * show Template
493 */
494 $smarty->display('common/mainframe.tpl');
495
496 ?>
Care2x Electronic Medical System