}
$insertUserSQL = "insert into users set " . "username = '******'rumple')) . "', password = '******'NoLongerUsed' . "', fname = '" . trim(formData('fname')) . "', mname = '" . trim(formData('mname')) . "', lname = '" . trim(formData('lname')) . "', federaltaxid = '" . trim(formData('federaltaxid')) . "', state_license_number = '" . trim(formData('state_license_number')) . "', newcrop_user_role = '" . trim(formData('erxrole')) . "', physician_type = '" . trim(formData('physician_type')) . "', authorized = '" . trim(formData('authorized')) . "', info = '" . trim(formData('info')) . "', federaldrugid = '" . trim(formData('federaldrugid')) . "', upin = '" . trim(formData('upin')) . "', npi = '" . trim(formData('npi')) . "', taxonomy = '" . trim(formData('taxonomy')) . "', facility_id = '" . trim(formData('facility_id')) . "', specialty = '" . trim(formData('specialty')) . "', see_auth = '" . trim(formData('see_auth')) . "', cal_ui = '" . trim(formData('cal_ui')) . "', default_warehouse = '" . trim(formData('default_warehouse')) . "', irnpool = '" . trim(formData('irnpool')) . "', calendar = '" . $calvar . "', pwd_expiration_date = '" . trim("{$exp_date}") . "'";
$clearAdminPass = $_POST['adminPass'];
$clearUserPass = $_POST['stiltskin'];
$password_err_msg = "";
$prov_id = "";
$success = update_password($_SESSION['authId'], 0, $clearAdminPass, $clearUserPass, $password_err_msg, true, $insertUserSQL, trim(formData('rumple')), $prov_id);
error_log($password_err_msg);
$alertmsg .= $password_err_msg;
if ($success) {
//set the facility name from the selected facility_id
sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '" . trim(formData('facility_id')) . "' AND users.username = '******'rumple')) . "'");
sqlStatement("insert into groups set name = '" . trim(formData('groupname')) . "', user = '******'rumple')) . "'");
if (isset($phpgacl_location) && acl_check('admin', 'acl') && trim(formData('rumple'))) {
// Set the access control group of user
set_user_aro($_POST['access_group'], trim(formData('rumple')), trim(formData('fname')), trim(formData('mname')), trim(formData('lname')));
}
$ws = new WSProvider($prov_id);
}
} else {
$alertmsg .= xl('User', '', '', ' ') . trim(formData('rumple')) . xl('already exists.', '', ' ');
}
if ($_POST['access_group']) {
$bg_count = count($_POST['access_group']);
for ($i = 0; $i < $bg_count; $i++) {
if ($_POST['access_group'][$i] == "Emergency Login") {
$set_active_msg = 1;
}
}
}
} else {
}
}
echo "Successfully wrote global configuration defaults.<br><br>";
echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n";
echo "\n<FORM METHOD='POST'>\n\n<INPUT TYPE='HIDDEN' NAME='state' VALUE='4'>\n<INPUT TYPE='HIDDEN' NAME='iuser' VALUE='{$iuser}'>\n<INPUT TYPE='HIDDEN' NAME='iuname' VALUE='{$iuname}'>\n<br>\n\n<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
break;
case 4:
echo "<b>Step {$state}</b><br><br>\n";
echo "Installing and Configuring Access Controls (php-GACL)...<br><br>";
//run gacl config scripts, all sql config data now in sqlconf.php file
require $gaclSetupScript1;
require $gaclSetupScript2;
echo "<br>";
//give the administrator user admin priviledges
$groupArray = array("Administrators");
set_user_aro($groupArray, $iuser, $iuname, "", "");
echo "Gave the '{$iuser}' user (password is 'pass') administrator access.<br><br>";
echo "Done installing and configuring access controls (php-GACL).<br>";
echo "Next step will configure PHP.";
echo "<br><FORM METHOD='POST'>\n\n<INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n\n<INPUT TYPE='HIDDEN' NAME='iuser' VALUE='{$iuser}'>\n\t\n<br>\n\n<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
break;
case 5:
echo "<b>Step {$state}</b><br><br>\n";
echo "Configuration of PHP...<br><br>\n";
echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n";
echo "<ul>";
$gotFileFlag = 0;
if (version_compare(PHP_VERSION, '5.2.4', '>=')) {
$phpINIfile = php_ini_loaded_file();
if ($phpINIfile) {
echo "<li><font color='green'>Your php.ini file can be found at " . $phpINIfile . "</font></li>\n";
if ($_GET["ssi_relayhealth"]) {
$tqvar = formData('ssi_relayhealth', 'G');
sqlStatement("update users set ssi_relayhealth = '{$tqvar}' where id = {$_GET["id"]}");
}
$tqvar = $_GET["authorized"] ? 1 : 0;
$actvar = $_GET["active"] ? 1 : 0;
$calvar = $_GET["calendar"] ? 1 : 0;
sqlStatement("UPDATE users SET authorized = {$tqvar}, active = {$actvar}, " . "calendar = {$calvar}, see_auth = '" . $_GET['see_auth'] . "' WHERE " . "id = {$_GET["id"]}");
if ($_GET["comments"]) {
$tqvar = formData('comments', 'G');
sqlStatement("update users set info = '{$tqvar}' where id = {$_GET["id"]}");
}
if (isset($phpgacl_location) && acl_check('admin', 'acl')) {
// Set the access control group of user
$user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id"]}"));
set_user_aro($_GET['access_group'], $user_data["username"], formData('fname', 'G'), formData('mname', 'G'), formData('lname', 'G'));
}
$ws = new WSProvider($_GET['id']);
/*Dont move usergroup_admin (1).php just close window
// On a successful update, return to the users list.
include("usergroup_admin.php");
exit(0);
*/
echo '
<script type="text/javascript">
<!--
parent.$.fn.fancybox.close();
//-->
</script>
';
public function configure_gacl()
{
//give the administrator user admin priviledges
$groupArray = array("Administrators");
return set_user_aro($groupArray, $this->iuser, $this->iuname, "", "");
}
