} $insertUserSQL = "insert into users set " . "username = '******'rumple')) . "', password = '******'NoLongerUsed' . "', fname = '" . trim(formData('fname')) . "', mname = '" . trim(formData('mname')) . "', lname = '" . trim(formData('lname')) . "', federaltaxid = '" . trim(formData('federaltaxid')) . "', state_license_number = '" . trim(formData('state_license_number')) . "', newcrop_user_role = '" . trim(formData('erxrole')) . "', physician_type = '" . trim(formData('physician_type')) . "', authorized = '" . trim(formData('authorized')) . "', info = '" . trim(formData('info')) . "', federaldrugid = '" . trim(formData('federaldrugid')) . "', upin = '" . trim(formData('upin')) . "', npi = '" . trim(formData('npi')) . "', taxonomy = '" . trim(formData('taxonomy')) . "', facility_id = '" . trim(formData('facility_id')) . "', specialty = '" . trim(formData('specialty')) . "', see_auth = '" . trim(formData('see_auth')) . "', cal_ui = '" . trim(formData('cal_ui')) . "', default_warehouse = '" . trim(formData('default_warehouse')) . "', irnpool = '" . trim(formData('irnpool')) . "', calendar = '" . $calvar . "', pwd_expiration_date = '" . trim("{$exp_date}") . "'"; $clearAdminPass = $_POST['adminPass']; $clearUserPass = $_POST['stiltskin']; $password_err_msg = ""; $prov_id = ""; $success = update_password($_SESSION['authId'], 0, $clearAdminPass, $clearUserPass, $password_err_msg, true, $insertUserSQL, trim(formData('rumple')), $prov_id); error_log($password_err_msg); $alertmsg .= $password_err_msg; if ($success) { //set the facility name from the selected facility_id sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '" . trim(formData('facility_id')) . "' AND users.username = '******'rumple')) . "'"); sqlStatement("insert into groups set name = '" . trim(formData('groupname')) . "', user = '******'rumple')) . "'"); if (isset($phpgacl_location) && acl_check('admin', 'acl') && trim(formData('rumple'))) { // Set the access control group of user set_user_aro($_POST['access_group'], trim(formData('rumple')), trim(formData('fname')), trim(formData('mname')), trim(formData('lname'))); } $ws = new WSProvider($prov_id); } } else { $alertmsg .= xl('User', '', '', ' ') . trim(formData('rumple')) . xl('already exists.', '', ' '); } if ($_POST['access_group']) { $bg_count = count($_POST['access_group']); for ($i = 0; $i < $bg_count; $i++) { if ($_POST['access_group'][$i] == "Emergency Login") { $set_active_msg = 1; } } } } else {
} } echo "Successfully wrote global configuration defaults.<br><br>"; echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n"; echo "\n<FORM METHOD='POST'>\n\n<INPUT TYPE='HIDDEN' NAME='state' VALUE='4'>\n<INPUT TYPE='HIDDEN' NAME='iuser' VALUE='{$iuser}'>\n<INPUT TYPE='HIDDEN' NAME='iuname' VALUE='{$iuname}'>\n<br>\n\n<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n"; break; case 4: echo "<b>Step {$state}</b><br><br>\n"; echo "Installing and Configuring Access Controls (php-GACL)...<br><br>"; //run gacl config scripts, all sql config data now in sqlconf.php file require $gaclSetupScript1; require $gaclSetupScript2; echo "<br>"; //give the administrator user admin priviledges $groupArray = array("Administrators"); set_user_aro($groupArray, $iuser, $iuname, "", ""); echo "Gave the '{$iuser}' user (password is 'pass') administrator access.<br><br>"; echo "Done installing and configuring access controls (php-GACL).<br>"; echo "Next step will configure PHP."; echo "<br><FORM METHOD='POST'>\n\n<INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n\n<INPUT TYPE='HIDDEN' NAME='iuser' VALUE='{$iuser}'>\n\t\n<br>\n\n<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n"; break; case 5: echo "<b>Step {$state}</b><br><br>\n"; echo "Configuration of PHP...<br><br>\n"; echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n"; echo "<ul>"; $gotFileFlag = 0; if (version_compare(PHP_VERSION, '5.2.4', '>=')) { $phpINIfile = php_ini_loaded_file(); if ($phpINIfile) { echo "<li><font color='green'>Your php.ini file can be found at " . $phpINIfile . "</font></li>\n";
if ($_GET["ssi_relayhealth"]) { $tqvar = formData('ssi_relayhealth', 'G'); sqlStatement("update users set ssi_relayhealth = '{$tqvar}' where id = {$_GET["id"]}"); } $tqvar = $_GET["authorized"] ? 1 : 0; $actvar = $_GET["active"] ? 1 : 0; $calvar = $_GET["calendar"] ? 1 : 0; sqlStatement("UPDATE users SET authorized = {$tqvar}, active = {$actvar}, " . "calendar = {$calvar}, see_auth = '" . $_GET['see_auth'] . "' WHERE " . "id = {$_GET["id"]}"); if ($_GET["comments"]) { $tqvar = formData('comments', 'G'); sqlStatement("update users set info = '{$tqvar}' where id = {$_GET["id"]}"); } if (isset($phpgacl_location) && acl_check('admin', 'acl')) { // Set the access control group of user $user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id"]}")); set_user_aro($_GET['access_group'], $user_data["username"], formData('fname', 'G'), formData('mname', 'G'), formData('lname', 'G')); } $ws = new WSProvider($_GET['id']); /*Dont move usergroup_admin (1).php just close window // On a successful update, return to the users list. include("usergroup_admin.php"); exit(0); */ echo ' <script type="text/javascript"> <!-- parent.$.fn.fancybox.close(); //--> </script> ';
public function configure_gacl() { //give the administrator user admin priviledges $groupArray = array("Administrators"); return set_user_aro($groupArray, $this->iuser, $this->iuname, "", ""); }