/** * void setLanguage(string $value) * * @param string $value new value to set * @return void * @access public */ public function setLanguage($value) { $this->_lang = Check::safeText($value); }
/** * void setCssRules(string $value) * * @param string $value css rules * @return void * @access public */ public function setCssRules($value) { $this->_cssRules = Check::safeText($value); }
// to clean previous errors /** * Login edits */ $errorFound = false; $loginSession = urlencode(Check::safeText($_POST["login_session"])); if ($loginSession == "") { $errorFound = true; $formError["login_session"] = _("This is a required field."); } /** * Password edits */ $pwdSession = Check::safeText($_POST["md5_session"]); if ($pwdSession == "") { $pwdSession = Check::safeText($_POST["pwd_session"]); // JavaScript disabled? if ($pwdSession == "") { $errorFound = true; $formError["pwd_session"] = _("This is a required field."); } else { $pwdSession = md5($pwdSession); // JavaScript disabled! } } if (!isset($formError["pwd_session"])) { $userQ = new Query_User(); if (!$userQ->existLogin($loginSession)) { $errorFound = true; $formError["login_session"] = _("Login unknown."); $sessLoginAttempts = 1;
Form::compareToken('../medical/patient_search_form.php'); require_once "../model/Query/History.php"; require_once "../model/Query/Page/Patient.php"; require_once "../model/Query/Relative.php"; // referencial integrity require_once "../model/Query/DelPatient.php"; require_once "../model/Query/Page/Problem.php"; // referencial integrity require_once "../model/Query/DelProblem.php"; // referencial integrity require_once "../model/Query/Page/Record.php"; /** * Retrieving post vars */ $idPatient = intval($_POST["id_patient"]); $patName = Check::safeText($_POST["name"]); /** * Prevent user from aborting script */ $oldAbort = ignore_user_abort(true); /** * Delete relatives */ $relQ = new Query_Relative(); $numRows = $relQ->select($idPatient); $rel = array(); for ($i = 0; $i < $numRows; $i++) { $rel[] = $relQ->fetch(); } $relQ->freeResult(); while ($aux = array_shift($rel)) {
* @copyright 2002-2008 jact * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @version CVS: $Id: view_source.php,v 1.16 2008/03/23 12:00:28 jact Exp $ * @author jact <*****@*****.**> */ /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Msg.php"; // include HTML.php /** * Retrieving get var */ $_file = Check::safeText($_GET['file']); /** * XHTML Start (XML prolog, DOCTYPE, title page and meta data) */ $title = sprintf(_("Source file: %s"), $_file); require_once "../layout/xhtml_start.php"; echo HTML::start('link', array('rel' => 'stylesheet', 'type' => 'text/css', 'href' => '../css/style.css'), true); echo HTML::end('head'); $array['id'] = 'viewSource'; if (count($_GET) == 0 || empty($_file)) { $array['onload'] = 'window.close();'; } echo HTML::start('body', $array); if (isset($_SESSION['auth']['is_admin'])) { if (is_file($_file)) { highlight_file($_file);
/** * void setFamilyIllness(string $value) * * @param string $value new value to set * @return void * @access public */ public function setFamilyIllness($value) { $this->_familyIllness = Check::safeText($value); }
/** * Controlling vars */ $tab = "admin"; $nav = "staff"; $returnLocation = "../admin/staff_list.php"; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Check.php"; /** * Show page */ $memberType = isset($_GET["type"]) ? Check::safeText($_GET["type"]) : "A"; // Administrative by default switch (strtolower($memberType)) { case "a": $title = _("Add New Administrative Information"); $typeValue = OPEN_ADMINISTRATIVE; break; case "d": $title = _("Add New Doctor Information"); $typeValue = OPEN_DOCTOR; break; } $focusFormField = "nif"; // to avoid JavaScript mistakes in demo version require_once "../layout/header.php"; /**
/** * void setLastUpdateDate(string $value) * * @param string $value last update date of the medical problem * @return void * @access public */ function setLastUpdateDate($value) { $this->_lastUpdateDate = Check::safeText($value); }
exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATIVE); require_once "../model/Query/Page/Patient.php"; require_once "../model/Query/Page/Record.php"; /** * Validate data */ $idPatient = intval($_POST["id_patient"]); $errorLocation = "../medical/patient_edit_form.php?key=" . $idPatient; // controlling var $patName = urldecode(Check::safeText($_POST["first_name"] . " " . $_POST["surname1"] . " " . $_POST["surname2"])); $pat = new Patient(); $pat->setIdPatient($_POST["id_patient"]); require_once "../medical/patient_validate_post.php"; //$returnLocation = "../medical/patient_view.php?id_patient=" . $idPatient; // controlling var $returnLocation = "../medical/patient_view.php"; // controlling var /** * Destroy form values and errors */ Form::unsetSession(); /** * Prevent user from aborting script */ $oldAbort = ignore_user_abort(true); /**
* Staff member addition process * * Licensed under the GNU GPL. For full terms see the file LICENSE. * * @package OpenClinic * @copyright 2002-2007 jact * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @version CVS: $Id: staff_new.php,v 1.20 2007/12/07 16:50:50 jact Exp $ * @author jact <*****@*****.**> */ require_once "../config/environment.php"; require_once "../lib/Check.php"; /** * Controlling vars */ $errorLocation = "../admin/staff_new_form.php?type=" . Check::safeText($_GET['type']); $returnLocation = "../admin/staff_list.php"; /** * Checking for post vars. Go back to $errorLocation if none found. */ if (count($_POST) == 0) { header("Location: " . $errorLocation); exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); /** * Validate data
if (count($_GET) == 0 || !is_numeric($_GET["id_theme"]) || empty($_GET["name"])) { header("Location: " . $returnLocation); exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Form.php"; require_once "../lib/Check.php"; /** * Retrieving get vars */ $idTheme = intval($_GET["id_theme"]); $name = Check::safeText($_GET["name"]); /** * Show page */ $title = _("Delete Theme"); require_once "../layout/header.php"; /** * Breadcrumb */ $links = array(_("Admin") => "../admin/index.php", _("Themes") => $returnLocation, $title => ""); echo HTML::breadcrumb($links, "icon icon_theme"); unset($links); /** * Form */ echo HTML::start('form', array('method' => 'post', 'action' => '../admin/theme_del.php'));
/** * void setDescription(string $value) * * @param string $value new value to set * @return void * @access public */ public function setDescription($value) { $this->_description = Check::safeText($value); }
/** * void setDocumentType(string $value) * * @param string $value Document Type * @return void * @access public */ public function setDocumentType($value) { //$value = strtolower($value); $this->_documentType = Check::safeText($value); }
* * Contains the function focus * * Licensed under the GNU GPL. For full terms see the file LICENSE. * * @package OpenClinic * @copyright 2002-2013 jact * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @version CVS: $Id: focus.php,v 1.3 2013/01/13 14:20:54 jact Exp $ * @author jact <*****@*****.**> * @since 0.8 */ require_once "../lib/Check.php"; require_once "../config/i18n.php"; header("Content-Type: text/javascript; charset=" . OPEN_CHARSET); $field = Check::safeText($_GET['field']); ?> if (typeof addEvent == 'function') { addEvent(window, 'load', focus, false); // event.js included! } /** * void focus(void) */ function focus() { var field = document.getElementById('<?php echo $field; ?> ');
} /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR, false); // There are not logs in demo version require_once "../model/Query/Page/Access.php"; require_once "../lib/Form.php"; require_once "../lib/Search.php"; require_once "../lib/Check.php"; /** * Retrieving get vars */ $idUser = intval($_GET["id_user"]); $login = Check::safeText($_GET["login"]); $currentPage = isset($_GET["page"]) ? intval($_GET["page"]) : 1; /** * Search user accesses */ $accessQ = new Query_Page_Access(); $accessQ->setItemsPerPage(OPEN_ITEMS_PER_PAGE); $accessQ->searchUser($idUser, $currentPage); if ($accessQ->getRowCount() == 0) { $accessQ->close(); FlashMsg::add(sprintf(_("No logs for user %s."), $login)); header("Location: " . $returnLocation); exit; } /** * Show page
* @version CVS: $Id: login_form.php,v 1.12 2008/03/23 11:59:02 jact Exp $ * @author jact <*****@*****.**> */ /** * Controlling vars */ $tab = "home"; $nav = "login"; $isMd5 = true; require_once "../config/environment.php"; require_once "../lib/Check.php"; /** * this must be here, after environment.php (session_start()) */ if (isset($_GET["ret"])) { $_SESSION['auth']['return_page'] = Check::safeText($_GET["ret"]); } /** * Show page */ $title = _("User Login"); $focusFormField = "login_session"; require_once "../layout/header.php"; /** * Breadcrumb */ $links = array(_("Home") => "../home/index.php", $title => ""); echo HTML::breadcrumb($links, "icon icon_user"); unset($links); /** * Error message if not session exists
$nav = "themes"; $returnLocation = $idTheme > 0 ? $fromCopy ? '../admin/theme_new_form.php?id_theme=' . $idTheme : '../admin/theme_edit_form.php?id_theme=' . $idTheme : '../admin/theme_new_form.php'; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR, false); // Not in DEMO to prevent users' malice // We'll see require_once "../lib/Form.php"; if (count($_POST) > 0) { Form::compareToken($returnLocation); } require_once "../lib/Check.php"; if (!empty($_FILES['css_filename']['name']) && $_FILES['css_filename']['size'] > 0) { $cssRules = fread(fopen($_FILES['css_filename']['tmp_name'], 'r'), $_FILES['css_filename']['size']); $cssRules = Check::safeText($cssRules, false); //Error::debug($cssRules); $_POST['css_file'] = $_FILES['css_filename']['name']; $_POST['css_rules'] = $cssRules; Form::setSession($_POST); header("Location: " . $returnLocation); exit; } /** * Show page */ $title = _("Preload CSS file"); $focusFormField = "css_filename"; // to avoid JavaScript mistakes in demo version require_once "../layout/header.php"; /**
/** * void setPhone(string $value) * * @param string $value phone contact of staff member * @return void * @access public */ public function setPhone($value) { $this->_phone = Check::safeText($value); }
/** * void setEmail(string $value) * * @param string $value email of user * @return void * @access public */ public function setEmail($value) { $this->_email = Check::safeText($value); }
* Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATIVE); require_once "../lib/Form.php"; Form::compareToken('../medical/patient_search_form.php'); require_once "../model/Query/Connection.php"; require_once "../model/Query/Page/Record.php"; require_once "../lib/Check.php"; /** * Retrieving post vars */ $idProblem = intval($_POST["id_problem"]); $idConnection = intval($_POST["id_connection"]); $idPatient = intval($_POST["id_patient"]); $wording = Check::safeText($_POST["wording"]); /** * Prevent user from aborting script */ $oldAbort = ignore_user_abort(true); /** * Delete relative */ $connQ = new Query_Connection(); /** * Record log process (before deleting process) */ $recordQ = new Query_Page_Record(); $recordQ->log("Query_Connection", "DELETE", array($idProblem, $idConnection)); $recordQ->close(); unset($recordQ);
exit; } /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Form.php"; require_once "../lib/Check.php"; /** * Retrieving get vars */ $idMember = intval($_GET["id_member"]); $surname1 = Check::safeText($_GET["surname1"]); $surname2 = Check::safeText($_GET["surname2"]); $firstName = Check::safeText($_GET["first_name"]); /** * Show page */ $title = _("Delete Staff Member"); require_once "../layout/header.php"; /** * Breadcrumb */ $links = array(_("Admin") => "../admin/index.php", _("Staff Members") => $returnLocation, $title => ""); echo HTML::breadcrumb($links, "icon icon_staff"); unset($links); /** * Form */ echo HTML::start('form', array('method' => 'post', 'action' => '../admin/staff_del.php'));
* Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATIVE, false); // Not in DEMO to prevent users' malice require_once "../lib/Form.php"; Form::compareToken('../medical/patient_search_form.php'); require_once "../model/Query/Test.php"; require_once "../model/Query/Page/Record.php"; /** * Retrieving post vars */ $idProblem = intval($_POST["id_problem"]); $idTest = intval($_POST["id_test"]); $idPatient = intval($_POST["id_patient"]); $file = Check::safeText($_POST["path_filename"]); /** * Prevent user from aborting script */ $oldAbort = ignore_user_abort(true); /** * Delete medical test */ $testQ = new Query_Test(); /** * Record log process (before deleting process) */ $recordQ = new Query_Page_Record(); $recordQ->log("Query_Test", "DELETE", array($idTest)); $recordQ->close(); unset($recordQ);
/** * Controlling vars */ $tab = "admin"; $nav = "logs"; /** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR, false); // There are not logs in demo version require_once "../lib/LogStats.php"; /** * Retrieving get vars */ $table = isset($_GET['table']) ? Check::safeText($_GET['table']) : 'access'; $year = isset($_GET["year"]) ? intval($_GET["year"]) : 0; $month = isset($_GET["month"]) ? intval($_GET["month"]) : 0; $day = isset($_GET["day"]) ? intval($_GET["day"]) : 0; //$hour = (isset($_GET["hour"])) ? intval($_GET["hour"]) : 0; // @todo ? /** * Show page */ if ($table == 'record') { $title = _("Record Logs"); } else { $title = _("Access Logs"); } $titlePage = $tempTitle = $title; $links = array(_("Admin") => "../admin/index.php", _("Log Statistics") => "../admin/log_stats.php", $title => "../admin/log_list.php?table=" . $table); if ($year) {
/** * void setInsuranceCompany(string $value) * * @param string $value new value to set * @return void * @access public */ public function setInsuranceCompany($value) { $this->_insuranceCompany = Check::safeText($value); }