/**
* function __errorProcess($errorException):
* Handle the error of the exception generated by Matcha:connect
* it now support FirePHP and ChomePHP.
*/
public static function __errorProcess($errorException, $__browserDebug = true)
{
// construct the exception error
$trace = $errorException->getTrace();
$constructErrorMessage = 'Exception: "';
$constructErrorMessage .= $errorException->getMessage();
$constructErrorMessage .= '" @ ';
if ($trace[0]['class'] != '') {
$constructErrorMessage .= $trace[0]['class'];
$constructErrorMessage .= '->';
}
$constructErrorMessage .= $trace[0]['function'];
$constructErrorMessage .= '();';
// normal output - to Apache error.log
error_log('Matcha::connect: ' . $constructErrorMessage);
// Browser Debug Feature - Plugin
$browserName = MatchaUtils::BrowserOS()->getBrowser();
if ($__browserDebug) {
if ($browserName == Browser::BROWSER_FIREFOX) {
MatchaUtils::FirePHP()->getInstance(true)->log($constructErrorMessage, 'FirePHP -> ');
}
// if($browserName == Browser::BROWSER_CHROME) MatchaUtils::ChromePHP()->log('ChromePHP -> '.$constructErrorMessage);
}
return $errorException;
}
function base64ToBinary($document, $encrypted = false)
{
if (isset($encrypted) && $encrypted == true) {
$document = base64_decode(MatchaUtils::decrypt($document));
} else {
$document = base64_decode($document);
}
return $document;
}
function base64ToBinary($doc)
{
$doc = (object) $doc;
if (isset($doc->encrypted) && $doc->encrypted == true) {
$doc->document = base64_decode(MatchaUtils::decrypt($doc->document));
} else {
$doc->document = base64_decode($doc->document);
}
return $doc;
}
/**
* function __recursiveArraySearch($needle,$haystack):
* An recursive array search method
*/
public static function __recursiveArraySearch($needle, $haystack)
{
foreach ($haystack as $key => $value) {
$current_key = $key;
if ($needle === $value || is_array($value) && MatchaUtils::__recursiveArraySearch($needle, $value) !== false) {
return $current_key;
}
}
return false;
}
/**
* @param $model
* @return array|bool
*/
public static function __getEncryptedFields($model)
{
$arr = array();
$fields = is_object($model) ? MatchaUtils::__objectToArray($model->fields) : $model['fields'];
foreach ($fields as $field) {
if (isset($field['encrypt']) && $field['encrypt']) {
$arr[] = $field['name'];
}
}
$arr = empty($arr) ? false : $arr;
return $arr;
}
/**
* @param $file
* @param $data
* @return mixed
*/
private function saveBase64File($file, $data)
{
$data = base64_decode($data);
if ($this->encrypt) {
$data = MatchaUtils::__encrypt($data);
}
if (!file_put_contents($file, $data)) {
$this->error = true;
$this->errorMsg = 'Unable to save ' . $file;
}
return $file;
}
/**
* @param stdClass $params
* @return int
*/
public function login(stdClass $params)
{
error_reporting(E_ALL);
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authUser) >= 26) {
return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authPass) >= 15) {
return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Simple check username
//-------------------------------------------
if (!$params->authUser) {
return array('success' => false, 'type' => 'error', 'message' => 'The username field can not be in blank. Try again.');
}
//-------------------------------------------
// Simple check password
//-------------------------------------------
if (!$params->authPass) {
return array('success' => false, 'type' => 'error', 'message' => 'The password field can not be in blank. Try again.');
}
//-------------------------------------------
// remove empty spaces single and double quotes from username and password
//-------------------------------------------
$params->authUser = trim(str_replace(array('\'', '"'), '', $params->authUser));
$params->authPass = trim(str_replace(array('\'', '"'), '', $params->authPass));
//-------------------------------------------
// Username & password match
// Only bring authorized and active users.
//-------------------------------------------
$u = MatchaModel::setSenchaModel('App.model.administration.User');
$user = $u->load(array('username' => $params->authUser, 'authorized' => 1, 'active' => 1), array('id', 'username', 'title', 'fname', 'mname', 'lname', 'email', 'facility_id', 'npi', 'password'))->one();
if ($user === false || $params->authPass != $user['password']) {
return array('success' => false, 'type' => 'error', 'message' => 'The username or password you provided is invalid.');
} else {
//-------------------------------------------
// Change some User related variables and go
//-------------------------------------------
$_SESSION['user']['name'] = trim($user['title'] . ' ' . $user['lname'] . ', ' . $user['fname'] . ' ' . $user['mname']);
$_SESSION['user']['id'] = $user['id'];
$_SESSION['user']['email'] = $user['email'];
$_SESSION['user']['facility'] = $params->facility == 0 ? $user['facility_id'] : $params->facility;
$_SESSION['user']['localization'] = $params->lang;
$_SESSION['user']['npi'] = $user['npi'];
$_SESSION['user']['site'] = $params->site;
$_SESSION['user']['auth'] = true;
//-------------------------------------------
// Also fetch the current version of the
// Application & Database
//-------------------------------------------
// $sql = "SELECT * FROM version LIMIT 1";
// $db->setSQL($sql);
// $version = $db->fetchRecord();
// $_SESSION['ver']['codeName'] = $version['v_tag'];
// $_SESSION['ver']['major'] = $version['v_major'];
// $_SESSION['ver']['rev'] = $version['v_patch'];
// $_SESSION['ver']['minor'] = $version['v_minor'];
// $_SESSION['ver']['database'] = $version['v_database'];
$_SESSION['site']['localization'] = $params->lang;
$_SESSION['site']['checkInMode'] = $params->checkInMode;
$_SESSION['timeout'] = time();
$_SESSION['user']['token'] = MatchaUtils::__encrypt('{"uid":' . $user['id'] . ',"sid":' . $this->session->loginSession() . ',"site":"' . $params->site . '"}');
$_SESSION['inactive']['timeout'] = time();
unset($db);
return array('success' => true, 'token' => $_SESSION['user']['token'], 'user' => array('id' => $_SESSION['user']['id'], 'name' => $_SESSION['user']['name'], 'npi' => $_SESSION['user']['npi'], 'site' => $_SESSION['user']['site'], 'email' => $_SESSION['user']['email'], 'facility' => $_SESSION['user']['facility'], 'localization' => $params->lang));
}
}
/**
* function defineLogModel($logModelArray):
* Method to define the audit log structure all data and definition will be saved in LOG table.
* @param $logModelArray
* @return bool or exception
*/
public static function defineLogModel($logModelArray)
{
try {
if (!is_object(self::$__conn)) {
return false;
}
//check if the table exist
$recordSet = self::$__conn->query("SHOW TABLES LIKE '" . self::$hookTable . "';");
if (isset($recordSet)) {
self::__createTable(self::$hookTable);
}
unset($recordSet);
// get the table column information and remove the id column
// from the log table
$tableColumns = self::$__conn->query("SHOW FULL COLUMNS IN " . self::$hookTable . ";")->fetchAll();
unset($tableColumns[MatchaUtils::__recursiveArraySearch('id', $tableColumns)]);
// prepare the columns from the table and passed array for comparison
$columnsTableNames = array();
$columnsLogModelNames = array();
foreach ($tableColumns as $column) {
$columnsTableNames[] = $column['Field'];
}
foreach ($logModelArray as $column) {
$columnsLogModelNames[] = $column['name'];
}
// get all the column that are not present in the database-table
$differentCreateColumns = array_diff($columnsLogModelNames, $columnsTableNames);
$differentDropColumns = array_diff($columnsTableNames, $columnsLogModelNames);
if (count($differentCreateColumns) || count($differentDropColumns)) {
// create columns on the database
foreach ($differentCreateColumns as $key => $column) {
self::__createColumn($logModelArray[$key], self::$hookTable);
}
// remove columns from the table
foreach ($differentDropColumns as $column) {
self::__dropColumn($column, self::$hookTable);
}
}
return true;
} catch (PDOException $e) {
MatchaErrorHandler::__errorProcess($e);
return false;
}
}
/**
* @param $item
* @param $key
* @param $encryptedFields
*/
private function dataDecrypt(&$item, $key, $encryptedFields)
{
if (in_array($key, $encryptedFields)) {
$item = MatchaUtils::__decrypt($item);
}
}
/**
* @param $params
*
* @return array
*/
public function updatePatientDocument($params)
{
$this->setPatientDocumentModel();
if (is_array($params)) {
foreach ($params as $i => $param) {
if (!isset($params[$i]->document)) {
continue;
}
$doc = $this->d->load(['id' => $params[$i]->id])->one();
/** remove the mime type */
$params[$i]->document = $this->trimBase64($params[$i]->document);
/** encrypted if necessary */
if ($doc['encrypted']) {
$params[$i]->document = MatchaUtils::encrypt($params[$i]->document);
}
$params[$i]->hash = hash('sha256', $params[$i]->document);
}
} else {
if (isset($params->document)) {
$doc = $this->d->load(['id' => $params->id])->one();
/** remove the mime type */
$params->document = $this->trimBase64($params->document);
/** encrypted if necessary */
if ($doc['encrypted']) {
$params->document = MatchaUtils::encrypt($params->document);
}
$params->hash = hash('sha256', $params->document);
}
}
return $this->d->save($params);
}
/**
* @param stdClass $params
* @return int
*/
public function login(stdClass $params)
{
error_reporting(E_ALL);
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authUser) >= 26) {
return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authPass) >= 15) {
return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Simple check username
//-------------------------------------------
if (!$params->authUser) {
return array('success' => false, 'type' => 'error', 'message' => 'The username field can not be in blank. Try again.');
}
//-------------------------------------------
// Simple check password
//-------------------------------------------
if (!$params->authPass) {
return array('success' => false, 'type' => 'error', 'message' => 'The password field can not be in blank. Try again.');
}
//-------------------------------------------
// Find the AES key in the selected site
// And include the rest of the remaining
// variables to connect to the database.
//-------------------------------------------
// $root = ROOT;
// $fileConf = $root . '/sites/' . $params->site . '/conf.php';
// if(file_exists($fileConf)){
// /** @noinspection PhpIncludeInspection */
// include_once($fileConf);
// $db = new MatchaHelper();
// $err = $db->getError();
// if(!is_array($err)){
// return array('success' => false, 'type' => 'error', 'message' => 'For some reason, I can\'t connect to the database.');
// }
// // Do not stop here!, continue with the rest of the code.
// } else{
// return array('success' => false, 'type' => 'error', 'message' => 'No configuration file found for site <span style="font-weight:bold">' . $params->site . '</span>.<br>Please double check URL or contact support desk.');
// }
//-------------------------------------------
// remove empty spaces single and double quotes from username and password
//-------------------------------------------
$params->authUser = trim(str_replace(array('\'', '"'), '', $params->authUser));
$params->authPass = trim(str_replace(array('\'', '"'), '', $params->authPass));
//-------------------------------------------
// Username & password match
//-------------------------------------------
$u = MatchaModel::setSenchaModel('App.model.administration.User');
$user = $u->load(array('username' => $params->authUser, 'authorized' => 1), array('id', 'username', 'title', 'fname', 'mname', 'lname', 'email', 'facility_id', 'npi', 'password'))->one();
if ($user === false || $params->authPass != $user['password']) {
return array('success' => false, 'type' => 'error', 'message' => 'The username or password you provided is invalid.');
} else {
//-------------------------------------------
// Change some User related variables and go
//-------------------------------------------
$_SESSION['user']['name'] = trim($user['title'] . ' ' . $user['lname'] . ', ' . $user['fname'] . ' ' . $user['mname']);
$_SESSION['user']['id'] = $user['id'];
$_SESSION['user']['email'] = $user['email'];
// $_SESSION['user']['facility'] = ($params->facility == 0 ? $user['facility_id'] : $params->facility);
$_SESSION['user']['localization'] = $params->lang;
// $_SESSION['user']['npi'] = $user['npi'] ;
$_SESSION['user']['site'] = $params->site;
$_SESSION['user']['auth'] = true;
//-------------------------------------------
// Also fetch the current version of the
// Application & Database
//-------------------------------------------
// $sql = "SELECT * FROM version LIMIT 1";
// $db->setSQL($sql);
// $version = $db->fetchRecord();
// $_SESSION['ver']['codeName'] = $version['v_tag'];
// $_SESSION['ver']['major'] = $version['v_major'];
// $_SESSION['ver']['rev'] = $version['v_patch'];
// $_SESSION['ver']['minor'] = $version['v_minor'];
// $_SESSION['ver']['database'] = $version['v_database'];
$_SESSION['site']['localization'] = $params->lang;
// $_SESSION['site']['checkInMode'] = $params->checkInMode;
$_SESSION['timeout'] = time();
$_SESSION['user']['token'] = MatchaUtils::__encrypt('{"uid":' . $user['id'] . ',"sid":' . $this->session->loginSession() . ',"site":"' . $params->site . '"}');
$_SESSION['inactive']['timeout'] = time();
unset($db);
return array('success' => true, 'token' => $_SESSION['user']['token'], 'user' => array('id' => $_SESSION['user']['id'], 'name' => $_SESSION['user']['name'], 'email' => $_SESSION['user']['email'], 'localization' => $params->lang));
}
}
