|
".__("Authorized facilities")." :
|
|
".freemed::multiple_choice (
"SELECT CONCAT(psrname, ' (', psrcity, ', ', psrstate, ')') AS myfac FROM facility ORDER BY myfac", "myfac", "userfac", fm_join_from_array($userfac))."
|
|
|
".__("Authorized physicians")."
|
|
".freemed::multiple_choice ("SELECT * FROM physician ORDER BY phylname,
phyfname, phymname", "##phylname##, ##phyfname## ##phymname##", "userphy",
fm_join_from_array($userphy))."
|
|
|
".__("Authorized physician groups")."
|
|
".freemed::multiple_choice ("SELECT * FROM phygroup ORDER BY
phygroupname", "phygroupname", "userphygrp",
fm_join_from_array($userphygrp))."
|
|
"
);
// Handle "Cancel"
if ($book->is_cancelled()) {
Header("Location: ".$page_name);
die("");
}
if (!( $book->is_done() )) {
$display_buffer .= "
".__("Modifying")." . . .
";
// build update query:
// only set the values that need to be
// changed... for example, don't set the
// creation date in a modify. also,
// remember the commas...
$query = $sql->update_query($table_name,
array (
"username" => $username,
"userpassword" => $_pass,
"userdescrip" => $userdescrip,
"userlevel" => ($flags+0),
"usertype" => $usertype,
"userfac" => sql_squash(array_unique($userfac)),
"userphy" => sql_squash(array_unique($userphy)),
"userphygrp" => sql_squash(array_unique($userphygrp)),
"userrealphy" => $userrealphy
),
array ( "id" => $id )
);
} else { // now the "add" guts
$display_buffer .= "
".__("Adding")." . . .
";
$query = $sql->insert_query ( $table_name,
array (
"username" => $username,
"userpassword" => $md5_pass,
"userdescrip" => $userdescrip,
"userlevel" => ($flags+0),
"usertype" => $usertype,
"userfac" => sql_squash($userfac),
"userphy" => sql_squash($userphy),
"userphygrp" => sql_squash($userphygrp),
"userrealphy" => $userrealphy
)
);
} // 'add' guts
if ($userpassword1 != $userpassword2) {
$display_buffer .= "
";
template_display();
} // if the passwords _don't_ match...
if ($id != 1)
$result = $sql->query($query); // execute query
else $display_buffer .= __("You cannot modify admin!");
if ($result) {
$display_buffer .= "
".__("Done")." ";
$refresh_location = "user.php";
} else {
$display_buffer .= "
".__("Error")." [$query]\n";
} // end of error reporting clause
$display_buffer .= "
";
// Set automatic refresh
$refresh = $page_name;
} // if 'done'
break;
case "del":
$page_title = __("Deleting User");
// select only "id" record, and delete
if ($id != 1)
$result = $sql->query("DELETE FROM $table_name ".
"WHERE id='".addslashes($id)."'");
else { // if we tried to delete admin!!!
$display_buffer .= "
".__("You cannot delete admin!")."
";
template_display();
}
$display_buffer .= "
$record_name ".__("Deleted")."
".__("Go back to user menu")."
";
// Set automatic refresh
$refresh = $page_name."?action=view";
break;
default:
// with no anythings, ?action=search returns everything
// in the database for modification... useful to note in
// future...
// TODO: MIGRATE THIS TO freemed_display_itemlist FUNCTION
// OR MAKE IT A MODULE, INHEIRITING FROM THE MAINTENANCE
// MODULE
$query = "SELECT * FROM ".addslashes($table_name)." ".
"ORDER BY ".addslashes($order_field);
$result = $sql->query($query);
if ($result) {
$page_title = __("Users");
$display_buffer .= "
|
".__("Users")."
|
|
";
$display_buffer .= freemed_display_actionbar($page_name, "admin.php");
$display_buffer .= "
|
| ".__("Username")." |
".__("Action")." |
"; // header of box
while ($r = $sql->fetch_array($result)) {
$display_buffer .= "
| ".prepare($r['username'])." |
";
// don't allow add or delete on admin...
if ($r[id] != 1)
$display_buffer .= "
".__("MOD")."
".__("DEL")."
"; // show actions...
else $display_buffer .= " \n";
$display_buffer .= "
|
";
} // while there are no more
$display_buffer .= "
".freemed_display_actionbar ($page_name, "admin.php")."
|
";
if (strlen($_ref)<5) {
$_ref="main.php";
} // if no ref, then return to home page...
} else {
$display_buffer .= "\n
".__("No record found with that criteria.")."\n";
}
} // end master action switch
template_display();
?>