/** * function __errorProcess($errorException): * Handle the error of the exception generated by Matcha:connect * it now support FirePHP and ChomePHP. */ public static function __errorProcess($errorException, $__browserDebug = true) { // construct the exception error $trace = $errorException->getTrace(); $constructErrorMessage = 'Exception: "'; $constructErrorMessage .= $errorException->getMessage(); $constructErrorMessage .= '" @ '; if ($trace[0]['class'] != '') { $constructErrorMessage .= $trace[0]['class']; $constructErrorMessage .= '->'; } $constructErrorMessage .= $trace[0]['function']; $constructErrorMessage .= '();'; // normal output - to Apache error.log error_log('Matcha::connect: ' . $constructErrorMessage); // Browser Debug Feature - Plugin $browserName = MatchaUtils::BrowserOS()->getBrowser(); if ($__browserDebug) { if ($browserName == Browser::BROWSER_FIREFOX) { MatchaUtils::FirePHP()->getInstance(true)->log($constructErrorMessage, 'FirePHP -> '); } // if($browserName == Browser::BROWSER_CHROME) MatchaUtils::ChromePHP()->log('ChromePHP -> '.$constructErrorMessage); } return $errorException; }
function base64ToBinary($document, $encrypted = false) { if (isset($encrypted) && $encrypted == true) { $document = base64_decode(MatchaUtils::decrypt($document)); } else { $document = base64_decode($document); } return $document; }
function base64ToBinary($doc) { $doc = (object) $doc; if (isset($doc->encrypted) && $doc->encrypted == true) { $doc->document = base64_decode(MatchaUtils::decrypt($doc->document)); } else { $doc->document = base64_decode($doc->document); } return $doc; }
/** * function __recursiveArraySearch($needle,$haystack): * An recursive array search method */ public static function __recursiveArraySearch($needle, $haystack) { foreach ($haystack as $key => $value) { $current_key = $key; if ($needle === $value || is_array($value) && MatchaUtils::__recursiveArraySearch($needle, $value) !== false) { return $current_key; } } return false; }
/** * @param $model * @return array|bool */ public static function __getEncryptedFields($model) { $arr = array(); $fields = is_object($model) ? MatchaUtils::__objectToArray($model->fields) : $model['fields']; foreach ($fields as $field) { if (isset($field['encrypt']) && $field['encrypt']) { $arr[] = $field['name']; } } $arr = empty($arr) ? false : $arr; return $arr; }
/** * @param $file * @param $data * @return mixed */ private function saveBase64File($file, $data) { $data = base64_decode($data); if ($this->encrypt) { $data = MatchaUtils::__encrypt($data); } if (!file_put_contents($file, $data)) { $this->error = true; $this->errorMsg = 'Unable to save ' . $file; } return $file; }
/** * @param stdClass $params * @return int */ public function login(stdClass $params) { error_reporting(E_ALL); //------------------------------------------- // Check that the username do not pass // the maximum limit of the field. // // NOTE: // If this condition is met, the user did not // use the logon form. Possible hack. //------------------------------------------- if (strlen($params->authUser) >= 26) { return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.'); } //------------------------------------------- // Check that the username do not pass // the maximum limit of the field. // // NOTE: // If this condition is met, the user did not // use the logon form. Possible hack. //------------------------------------------- if (strlen($params->authPass) >= 15) { return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.'); } //------------------------------------------- // Simple check username //------------------------------------------- if (!$params->authUser) { return array('success' => false, 'type' => 'error', 'message' => 'The username field can not be in blank. Try again.'); } //------------------------------------------- // Simple check password //------------------------------------------- if (!$params->authPass) { return array('success' => false, 'type' => 'error', 'message' => 'The password field can not be in blank. Try again.'); } //------------------------------------------- // remove empty spaces single and double quotes from username and password //------------------------------------------- $params->authUser = trim(str_replace(array('\'', '"'), '', $params->authUser)); $params->authPass = trim(str_replace(array('\'', '"'), '', $params->authPass)); //------------------------------------------- // Username & password match // Only bring authorized and active users. //------------------------------------------- $u = MatchaModel::setSenchaModel('App.model.administration.User'); $user = $u->load(array('username' => $params->authUser, 'authorized' => 1, 'active' => 1), array('id', 'username', 'title', 'fname', 'mname', 'lname', 'email', 'facility_id', 'npi', 'password'))->one(); if ($user === false || $params->authPass != $user['password']) { return array('success' => false, 'type' => 'error', 'message' => 'The username or password you provided is invalid.'); } else { //------------------------------------------- // Change some User related variables and go //------------------------------------------- $_SESSION['user']['name'] = trim($user['title'] . ' ' . $user['lname'] . ', ' . $user['fname'] . ' ' . $user['mname']); $_SESSION['user']['id'] = $user['id']; $_SESSION['user']['email'] = $user['email']; $_SESSION['user']['facility'] = $params->facility == 0 ? $user['facility_id'] : $params->facility; $_SESSION['user']['localization'] = $params->lang; $_SESSION['user']['npi'] = $user['npi']; $_SESSION['user']['site'] = $params->site; $_SESSION['user']['auth'] = true; //------------------------------------------- // Also fetch the current version of the // Application & Database //------------------------------------------- // $sql = "SELECT * FROM version LIMIT 1"; // $db->setSQL($sql); // $version = $db->fetchRecord(); // $_SESSION['ver']['codeName'] = $version['v_tag']; // $_SESSION['ver']['major'] = $version['v_major']; // $_SESSION['ver']['rev'] = $version['v_patch']; // $_SESSION['ver']['minor'] = $version['v_minor']; // $_SESSION['ver']['database'] = $version['v_database']; $_SESSION['site']['localization'] = $params->lang; $_SESSION['site']['checkInMode'] = $params->checkInMode; $_SESSION['timeout'] = time(); $_SESSION['user']['token'] = MatchaUtils::__encrypt('{"uid":' . $user['id'] . ',"sid":' . $this->session->loginSession() . ',"site":"' . $params->site . '"}'); $_SESSION['inactive']['timeout'] = time(); unset($db); return array('success' => true, 'token' => $_SESSION['user']['token'], 'user' => array('id' => $_SESSION['user']['id'], 'name' => $_SESSION['user']['name'], 'npi' => $_SESSION['user']['npi'], 'site' => $_SESSION['user']['site'], 'email' => $_SESSION['user']['email'], 'facility' => $_SESSION['user']['facility'], 'localization' => $params->lang)); } }
/** * function defineLogModel($logModelArray): * Method to define the audit log structure all data and definition will be saved in LOG table. * @param $logModelArray * @return bool or exception */ public static function defineLogModel($logModelArray) { try { if (!is_object(self::$__conn)) { return false; } //check if the table exist $recordSet = self::$__conn->query("SHOW TABLES LIKE '" . self::$hookTable . "';"); if (isset($recordSet)) { self::__createTable(self::$hookTable); } unset($recordSet); // get the table column information and remove the id column // from the log table $tableColumns = self::$__conn->query("SHOW FULL COLUMNS IN " . self::$hookTable . ";")->fetchAll(); unset($tableColumns[MatchaUtils::__recursiveArraySearch('id', $tableColumns)]); // prepare the columns from the table and passed array for comparison $columnsTableNames = array(); $columnsLogModelNames = array(); foreach ($tableColumns as $column) { $columnsTableNames[] = $column['Field']; } foreach ($logModelArray as $column) { $columnsLogModelNames[] = $column['name']; } // get all the column that are not present in the database-table $differentCreateColumns = array_diff($columnsLogModelNames, $columnsTableNames); $differentDropColumns = array_diff($columnsTableNames, $columnsLogModelNames); if (count($differentCreateColumns) || count($differentDropColumns)) { // create columns on the database foreach ($differentCreateColumns as $key => $column) { self::__createColumn($logModelArray[$key], self::$hookTable); } // remove columns from the table foreach ($differentDropColumns as $column) { self::__dropColumn($column, self::$hookTable); } } return true; } catch (PDOException $e) { MatchaErrorHandler::__errorProcess($e); return false; } }
/** * @param $item * @param $key * @param $encryptedFields */ private function dataDecrypt(&$item, $key, $encryptedFields) { if (in_array($key, $encryptedFields)) { $item = MatchaUtils::__decrypt($item); } }
/** * @param $params * * @return array */ public function updatePatientDocument($params) { $this->setPatientDocumentModel(); if (is_array($params)) { foreach ($params as $i => $param) { if (!isset($params[$i]->document)) { continue; } $doc = $this->d->load(['id' => $params[$i]->id])->one(); /** remove the mime type */ $params[$i]->document = $this->trimBase64($params[$i]->document); /** encrypted if necessary */ if ($doc['encrypted']) { $params[$i]->document = MatchaUtils::encrypt($params[$i]->document); } $params[$i]->hash = hash('sha256', $params[$i]->document); } } else { if (isset($params->document)) { $doc = $this->d->load(['id' => $params->id])->one(); /** remove the mime type */ $params->document = $this->trimBase64($params->document); /** encrypted if necessary */ if ($doc['encrypted']) { $params->document = MatchaUtils::encrypt($params->document); } $params->hash = hash('sha256', $params->document); } } return $this->d->save($params); }
/** * @param stdClass $params * @return int */ public function login(stdClass $params) { error_reporting(E_ALL); //------------------------------------------- // Check that the username do not pass // the maximum limit of the field. // // NOTE: // If this condition is met, the user did not // use the logon form. Possible hack. //------------------------------------------- if (strlen($params->authUser) >= 26) { return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.'); } //------------------------------------------- // Check that the username do not pass // the maximum limit of the field. // // NOTE: // If this condition is met, the user did not // use the logon form. Possible hack. //------------------------------------------- if (strlen($params->authPass) >= 15) { return array('success' => false, 'type' => 'error', 'message' => 'Possible hack, please use the Logon Screen.'); } //------------------------------------------- // Simple check username //------------------------------------------- if (!$params->authUser) { return array('success' => false, 'type' => 'error', 'message' => 'The username field can not be in blank. Try again.'); } //------------------------------------------- // Simple check password //------------------------------------------- if (!$params->authPass) { return array('success' => false, 'type' => 'error', 'message' => 'The password field can not be in blank. Try again.'); } //------------------------------------------- // Find the AES key in the selected site // And include the rest of the remaining // variables to connect to the database. //------------------------------------------- // $root = ROOT; // $fileConf = $root . '/sites/' . $params->site . '/conf.php'; // if(file_exists($fileConf)){ // /** @noinspection PhpIncludeInspection */ // include_once($fileConf); // $db = new MatchaHelper(); // $err = $db->getError(); // if(!is_array($err)){ // return array('success' => false, 'type' => 'error', 'message' => 'For some reason, I can\'t connect to the database.'); // } // // Do not stop here!, continue with the rest of the code. // } else{ // return array('success' => false, 'type' => 'error', 'message' => 'No configuration file found for site <span style="font-weight:bold">' . $params->site . '</span>.<br>Please double check URL or contact support desk.'); // } //------------------------------------------- // remove empty spaces single and double quotes from username and password //------------------------------------------- $params->authUser = trim(str_replace(array('\'', '"'), '', $params->authUser)); $params->authPass = trim(str_replace(array('\'', '"'), '', $params->authPass)); //------------------------------------------- // Username & password match //------------------------------------------- $u = MatchaModel::setSenchaModel('App.model.administration.User'); $user = $u->load(array('username' => $params->authUser, 'authorized' => 1), array('id', 'username', 'title', 'fname', 'mname', 'lname', 'email', 'facility_id', 'npi', 'password'))->one(); if ($user === false || $params->authPass != $user['password']) { return array('success' => false, 'type' => 'error', 'message' => 'The username or password you provided is invalid.'); } else { //------------------------------------------- // Change some User related variables and go //------------------------------------------- $_SESSION['user']['name'] = trim($user['title'] . ' ' . $user['lname'] . ', ' . $user['fname'] . ' ' . $user['mname']); $_SESSION['user']['id'] = $user['id']; $_SESSION['user']['email'] = $user['email']; // $_SESSION['user']['facility'] = ($params->facility == 0 ? $user['facility_id'] : $params->facility); $_SESSION['user']['localization'] = $params->lang; // $_SESSION['user']['npi'] = $user['npi'] ; $_SESSION['user']['site'] = $params->site; $_SESSION['user']['auth'] = true; //------------------------------------------- // Also fetch the current version of the // Application & Database //------------------------------------------- // $sql = "SELECT * FROM version LIMIT 1"; // $db->setSQL($sql); // $version = $db->fetchRecord(); // $_SESSION['ver']['codeName'] = $version['v_tag']; // $_SESSION['ver']['major'] = $version['v_major']; // $_SESSION['ver']['rev'] = $version['v_patch']; // $_SESSION['ver']['minor'] = $version['v_minor']; // $_SESSION['ver']['database'] = $version['v_database']; $_SESSION['site']['localization'] = $params->lang; // $_SESSION['site']['checkInMode'] = $params->checkInMode; $_SESSION['timeout'] = time(); $_SESSION['user']['token'] = MatchaUtils::__encrypt('{"uid":' . $user['id'] . ',"sid":' . $this->session->loginSession() . ',"site":"' . $params->site . '"}'); $_SESSION['inactive']['timeout'] = time(); unset($db); return array('success' => true, 'token' => $_SESSION['user']['token'], 'user' => array('id' => $_SESSION['user']['id'], 'name' => $_SESSION['user']['name'], 'email' => $_SESSION['user']['email'], 'localization' => $params->lang)); } }