Permalink
Browse files

Second merge from Julia Longtin repository

  • Loading branch information...
bradymiller committed Feb 8, 2013
2 parents 9d857dc + c0f4842 commit e392ac69977d0fd8e7e592a6d876c0724e107059
View
@@ -234,18 +234,21 @@ function debug_db($function_name = '') {
}
/**
- * Wraps the actual acl_query() function.
+ *
+ * Check if the current user has a given type or types of access to an access control object.
*
- * It is simply here to return TRUE/FALSE accordingly.
- * @param string The ACO section value
- * @param string The ACO value
- * @param string The ARO section value
- * @param string The ARO section
- * @param string The AXO section value (optional)
- * @param string The AXO section value (optional)
- * @param integer The group id of the ARO ??Mike?? (optional)
- * @param integer The group id of the AXO ??Mike?? (optional)
- * @return boolean TRUE if the check succeeds, false if not.
+ * Implemented as a wrapper of acl_query().
+ * This function exists simply to return TRUE/FALSE accordingly.
+ *
+ * @param string $aco_section_value The ACO section value
+ * @param string $aco_value The ACO value
+ * @param string $aro_section_value The ARO section value
+ * @param string $aro_value The ARO value
+ * @param string $axo_section_value The AXO section value (optional)
+ * @param string $axo_value The AXO section value (optional)
+ * @param integer $root_aro_group The group id of the ARO (optional)
+ * @param integer $root_axo_group The group id of the AXO (optional)
+ * @return boolean true if the check succeeds, false if not.
*/
function acl_check($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value=NULL, $axo_value=NULL, $root_aro_group=NULL, $root_axo_group=NULL) {
$acl_result = $this->acl_query($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value, $root_aro_group, $root_axo_group);
@@ -312,12 +315,13 @@ function acl_check_array($aco_section_value, $aco_value, $aro_array) {
/**
* The Main function that does the actual ACL lookup.
+ *
* @param string The ACO section value
* @param string The ACO value
* @param string The ARO section value
- * @param string The ARO section
- * @param string The AXO section value (optional)
+ * @param string The ARO value
* @param string The AXO section value (optional)
+ * @param string The AXO value (optional)
* @param string The value of the ARO group (optional)
* @param string The value of the AXO group (optional)
* @param boolean Debug the operation if true (optional)
@@ -508,19 +512,17 @@ function acl_query($aco_section_value, $aco_value, $aro_section_value, $aro_valu
if ($return_all) {
foreach ($row as $single_row) {
+ $allow = FALSE;
if ( isset($single_row[1]) AND $single_row[1] == 1 ) {
$allow = TRUE;
- } else {
- $allow = FALSE;
}
$retarr[] = array('acl_id' => &$single_row[0], 'return_value' => &$single_row[2], 'allow' => $allow);
}
}
else {
+ $allow = FALSE;
if ( isset($row[1]) AND $row[1] == 1 ) {
$allow = TRUE;
- } else {
- $allow = FALSE;
}
$retarr = array('acl_id' => &$row[0], 'return_value' => &$row[2], 'allow' => $allow);
}
@@ -546,7 +548,15 @@ function acl_query($aco_section_value, $aco_value, $aro_section_value, $aro_valu
$this->put_cache($retarr, $cache_id);
}
- $this->debug_text("<b>acl_query():</b> ACO Section: $aco_section_value ACO Value: $aco_value ARO Section: $aro_section_value ARO Value $aro_value ACL ID: ". $retarr['acl_id'] .' Result: '. $retarr['allow']);
+ if ($return_all)
+ {
+ $this->debug_text("<b>acl_query():</b> ACO Section: $aco_section_value ACO Value: $aco_value ARO Section: $aro_section_value ARO Value $aro_value ACL ID: OMITTED due to return_all");
+ }
+ else
+ {
+ $this->debug_text("<b>acl_query():</b> ACO Section: $aco_section_value ACO Value: $aco_value ARO Section: $aro_section_value ARO Value $aro_value ACL ID: ". $retarr['acl_id'] .' Result: '. $retarr['allow']);
+ }
+
return $retarr;
}
@@ -1,8 +1,10 @@
<?php
-// This program is free software; you can redistribute it and/or
-// modify it under the terms of the GNU General Public License
-// as published by the Free Software Foundation; either version 2
-// of the License, or (at your option) any later version.
+/**
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ */
$fake_register_globals=false;
$sanitize_all_escapes=true;
@@ -4,7 +4,6 @@
*
* Copyright 2012 Kevin McCormick Longview, Texas
*
- *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
@@ -18,13 +17,12 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* <http://opensource.org/licenses/gpl-license.php>
*
- *
* @author Kevin McCormick
* @link: http://www.open-emr.org
* @package OpenEMR
* @subpackage ediHistory
*/
-
+
$sanitize_all_escapes=true;
$fake_register_globals=false;
require_once(dirname(__FILE__) . "/../globals.php");
@@ -1,32 +1,30 @@
<?php
-// +-----------------------------------------------------------------------------+
-// Copyright (C) 2010 Z&H Consultancy Services Private Limited <sam@zhservices.com>
-//
-//
-// This program is free software; you can redistribute it and/or
-// modify it under the terms of the GNU General Public License
-// as published by the Free Software Foundation; either version 2
-// of the License, or (at your option) any later version.
-//
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-//
-// A copy of the GNU General Public License is included along with this program:
-// openemr/interface/login/GnuGPL.html
-// For more information write to the Free Software
-// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-//
-// Author: Eldho Chacko <eldho@zhservices.com>
-// Paul Simon K <paul@zhservices.com>
-//
-// +------------------------------------------------------------------------------+
-//===============================================================================
-//This screen handles the cash/cheque entry and its distribution to various charges.
-//===============================================================================
+/**
+ * This screen handles the cash/cheque entry and its distribution to various charges.
+ *
+ * Copyright (C) 2010 Z&H Consultancy Services Private Limited <sam@zhservices.com>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ *
+ * A copy of the GNU General Public License is included along with this program:
+ * openemr/interface/login/GnuGPL.html
+ * For more information write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * Author: Eldho Chacko <eldho@zhservices.com>
+ * Paul Simon K <paul@zhservices.com>
+ *
+ */
require_once("../globals.php");
require_once("$srcdir/invoice_summary.inc.php");
require_once("$srcdir/sl_eob.inc.php");
@@ -1,4 +1,4 @@
-<?php
+<?php
/**
* Used for displaying dated reminders.
*
@@ -1,33 +1,40 @@
<?php
- include_once("../globals.php");
- require_once("$srcdir/formdata.inc.php");
- $_SESSION["encounter"] = "";
-
- // Fetching the password expiration date
- $is_expired=false;
- if($GLOBALS['password_expiration_days'] != 0){
- $is_expired = false;
- $q=formData('authUser','P');
- $result = sqlStatement("select pwd_expiration_date from users where username = '".$q."'");
- $current_date = date("Y-m-d");
- $pwd_expires_date = $current_date;
- if($row = sqlFetchArray($result)) {
- $pwd_expires_date = $row['pwd_expiration_date'];
- }
-
-// Displaying the password expiration message (starting from 7 days before the password gets expired)
- $pwd_alert_date = date("Y-m-d", strtotime($pwd_expires_date . "-7 days"));
-
- if (strtotime($pwd_alert_date) != "" && strtotime($current_date) >= strtotime($pwd_alert_date) &&
- (!isset($_SESSION['expiration_msg']) or $_SESSION['expiration_msg'] == 0)) {
-
- $is_expired = true;
- $_SESSION['expiration_msg'] = 1; // only show the expired message once
- }
+/** The outside frame that holds all of the OpenEMR User Interface.
+ */
+
+/* Include our required headers */
+require_once('../globals.php');
+require_once("$srcdir/formdata.inc.php");
+
+$_SESSION["encounter"] = '';
+
+// Fetch the password expiration date
+$is_expired=false;
+if($GLOBALS['password_expiration_days'] != 0){
+ $is_expired=false;
+ $q=formData('authUser','P');
+ $result = sqlStatement("select pwd_expiration_date from users where username = '".$q."'");
+ $current_date = date('Y-m-d');
+ $pwd_expires_date = $current_date;
+ if($row = sqlFetchArray($result)) {
+ $pwd_expires_date = $row['pwd_expiration_date'];
+ }
+
+ // Display the password expiration message (starting from 7 days before the password gets expired)
+ $pwd_alert_date = date('Y-m-d', strtotime($pwd_expires_date . '-7 days'));
+
+ if (strtotime($pwd_alert_date) != '' &&
+ strtotime($current_date) >= strtotime($pwd_alert_date) &&
+ (!isset($_SESSION['expiration_msg'])
+ or $_SESSION['expiration_msg'] == 0)) {
+ $is_expired = true;
+ $_SESSION['expiration_msg'] = 1; // only show the expired message once
+ }
}
if ($is_expired) {
- $frame1url = "pwd_expires_alert.php"; //php file which display's password expiration message.
+ //display the php file containing the password expiration message.
+ $frame1url = "pwd_expires_alert.php";
}
else if (!empty($_POST['patientID'])) {
$patientID = 0 + $_POST['patientID'];
@@ -79,12 +86,16 @@ function allFramesLoaded() {
</head>
-<?php if ($GLOBALS['concurrent_layout']) { // start new layout ?>
+<?php
-<?php if (empty($GLOBALS['gbl_tall_nav_area'])) { // not tall nav area ?>
+// Please keep in mind that border (mozilla) and framespacing (ie) are the
+// same thing. use both.
+// frameborder specifies a 3d look, not whether there are borders.
-<!-- border (mozilla) and framespacing (ie) are the same thing. -->
-<!-- frameborder specifies a 3d look, not whether there are borders. -->
+if ($GLOBALS['concurrent_layout']) {
+ // start new layout
+ if (empty($GLOBALS['gbl_tall_nav_area'])) {
+ // not tall nav area ?>
<frameset rows='<?php echo $GLOBALS['titleBarHeight'] + 5 ?>,*' frameborder='1' border='1' framespacing='1' onunload='imclosing()'>
<frame src='main_title.php' name='Title' scrolling='no' frameborder='1' noresize />
<frameset cols='<?php echo $nav_area_width; ?>,*' id='fsbody' frameborder='1' border='4' framespacing='4'>
@@ -1,7 +1,10 @@
<?php
-include_once("../globals.php");
-?>
+/**
+ * main_title.php - The main titlebar, at the top of the 'concurrent' layout.
+ */
+include_once('../globals.php');
+?>
<html>
<head>
@@ -14,6 +17,7 @@
display:block;
}
</style>
+
<script type="text/javascript" language="javascript">
function toencounter(rawdata) {
//This is called in the on change event of the Encounter list.
@@ -64,7 +68,6 @@ function showhideMenu() {
</script>
</head>
<body class="body_title">
-
<?php
$res = sqlQuery("select * from users where username='".$_SESSION{"authUser"}."'");
?>
@@ -1,19 +1,18 @@
<?php
-// Copyright (C) 2010 OpenEMR Support LLC
-// This program is free software; you can redistribute it and/or
-// modify it under the terms of the GNU General Public License
-// as published by the Free Software Foundation; either version 2
-// of the License, or (at your option) any later version.
-
+/**
+ * Copyright (C) 2010 OpenEMR Support LLC
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ */
//SANITIZE ALL ESCAPES
$sanitize_all_escapes=true;
-//
//STOP FAKE REGISTER GLOBALS
$fake_register_globals=false;
-//
-require_once("../../globals.php");
+require_once('../../globals.php');
require_once("$srcdir/pnotes.inc");
require_once("$srcdir/patient.inc");
require_once("$srcdir/acl.inc");
@@ -237,14 +236,14 @@
<a class="patLink" onclick="goPid('<?php echo attr($result['pid']);?>')"><?php echo htmlspecialchars( xl('Patient'), ENT_NOQUOTES); ?>:</a>
<?php } else { ?>
<b class='<?php echo ($task=="addnew"?"required":"") ?>'><?php echo htmlspecialchars( xl('Patient'), ENT_NOQUOTES); ?>:</b>
- <?php } ?>
<?php
+ }
if ($reply_to) {
$prow = sqlQuery("SELECT lname, fname " .
"FROM patient_data WHERE pid = ?", array($reply_to) );
$patientname = $prow['lname'] . ", " . $prow['fname'];
}
- if ($patientname == "") {
+ if ($patientname == '') {
$patientname = xl('Click to select');
} ?>
<input type='text' size='10' name='form_patient' style='width:150px;<?php echo ($task=="addnew"?"cursor:pointer;cursor:hand;":"") ?>' value='<?php echo htmlspecialchars($patientname, ENT_QUOTES); ?>' <?php echo ($task=="addnew"?"onclick='sel_patient()' readonly":"disabled") ?> title='<?php echo ($task=="addnew"?(htmlspecialchars( xl('Click to select patient'), ENT_QUOTES)):"") ?>' />
@@ -284,7 +283,8 @@
<!-- This is for displaying a new note. -->
<input type="button" id="newnote" value="<?php echo htmlspecialchars( xl('Send message'), ENT_QUOTES); ?>">
<input type="button" id="cancel" value="<?php echo htmlspecialchars( xl('Cancel'), ENT_QUOTES); ?>">
-<?php } ?>
+<?php }
+?>
<br>
</form></center></div>
@@ -414,7 +414,7 @@ function addtolist(sel){
// Display the Messages table header.
echo "
<table width=100%><tr><td><table border=0 cellpadding=1 cellspacing=0 width=90% style=\"border-left: 1px #000000 solid; border-right: 1px #000000 solid; border-top: 1px #000000 solid;\">
- <form name=wikiList action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&$activity_string_html\" method=post>
+ <form name=MessageList action=\"messages.php?showall=$showall&sortby=$sortby&sortorder=$sortorder&begin=$begin&$activity_string_html\" method=post>
<input type=hidden name=task value=delete>
<tr height=\"24\" style=\"background:lightgrey\">
<td align=\"center\" width=\"25\" style=\"border-bottom: 1px #000000 solid; border-right: 1px #000000 solid;\"><input type=checkbox id=\"checkAll\" onclick=\"selectAll()\"></td>
@@ -471,12 +471,13 @@ function addtolist(sel){
htmlspecialchars( xl('Delete'), ENT_NOQUOTES) . "</a></td>
<td align=right class=\"text\">$prevlink &nbsp; $end of $total &nbsp; $nextlink</td>
</tr>
- </table></td></tr></table><br>"; ?>
+ </table></td></tr></table><br>";
+?>
<script language="javascript">
// This is to confirm delete action.
function confirmDeleteSelected() {
if(confirm("<?php echo htmlspecialchars( xl('Do you really want to delete the selection?'), ENT_QUOTES); ?>")) {
- document.wikiList.submit();
+ document.MessageList.submit();
}
}
// This is to allow selection of all items in Messages table for deletion.
Oops, something went wrong.

0 comments on commit e392ac6

Please sign in to comment.