PageRenderTime 50ms CodeModel.GetById 26ms RepoModel.GetById 1ms app.codeStats 0ms

/portal/account/verify.php

https://github.com/bradymiller/openemr
PHP | 197 lines | 161 code | 18 blank | 18 comment | 26 complexity | 75710553bf940249b7f9ad2bcdce3395 MD5 | raw file
Possible License(s): GPL-3.0, Apache-2.0, LGPL-2.1, AGPL-1.0 
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Portal Verify Email
    5. 

  5.  *
    6. 

  6.  * @package   OpenEMR
    7. 

  7.  * @link      http://www.open-emr.org
    8. 

  8.  * @author    Jerry Padgett <sjpadgett@gmail.com>
    9. 

  9.  * @author    Brady Miller <brady.g.miller@gmail.com>
    10. 

  10.  * @copyright Copyright (c) 2017-2019 Jerry Padgett <sjpadgett@gmail.com>
    11. 

  11.  * @copyright Copyright (c) 2019-2022 Brady Miller <brady.g.miller@gmail.com>
    12. 

  12.  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
    13. 

  13.  */
    14. 

  14. 

  15. use OpenEMR\Common\Csrf\CsrfUtils;
    16. 

  16. use OpenEMR\Core\Header;
    17. 

  17. use OpenEMR\Common\Logging\SystemLogger;
    18. 

  18. 

  19. // Will start the (patient) portal OpenEMR session/cookie.
    20. 

  20. require_once(dirname(__FILE__) . "/../../src/Common/Session/SessionUtil.php");
    21. 

  21. OpenEMR\Common\Session\SessionUtil::portalSessionStart();
    22. 

  22. session_regenerate_id(true);
    23. 

  23. 

  24. unset($_SESSION['itsme']);
    25. 

  25. $_SESSION['verifyPortalEmail'] = true;
    26. 

  26. 

  27. $ignoreAuth_onsite_portal = true;
    28. 

  28. require_once("../../interface/globals.php");
    29. 

  29. 

  30. $landingpage = "../index.php?site=" . urlencode($_SESSION['site_id']);
    31. 

  31. 

  32. if (empty($GLOBALS['portal_onsite_two_register']) || empty($GLOBALS['google_recaptcha_site_key']) || empty($GLOBALS['google_recaptcha_secret_key'])) {
    33. 

  33.     OpenEMR\Common\Session\SessionUtil::portalSessionCookieDestroy();
    34. 

  34.     echo xlt("Not Authorized");
    35. 

  35.     header('HTTP/1.1 401 Unauthorized');
    36. 

  36.     die();
    37. 

  37. }
    38. 

  38. 

  39. // set up csrf
    40. 

  40. CsrfUtils::setupCsrfKey();
    41. 

  41. 

  42. $res2 = sqlStatement("select * from lang_languages where lang_description = ?", array(
    43. 

  43.     $GLOBALS['language_default']
    44. 

  44. ));
    45. 

  45. for ($iter = 0; $row = sqlFetchArray($res2); $iter++) {
    46. 

  46.     $result2[$iter] = $row;
    47. 

  47. }
    48. 

  48. if (count($result2) == 1) {
    49. 

  49.     $defaultLangID = $result2[0]["lang_id"];
    50. 

  50.     $defaultLangName = $result2[0]["lang_description"];
    51. 

  51. } else {
    52. 

  52.     // default to english if any problems
    53. 

  53.     $defaultLangID = 1;
    54. 

  54.     $defaultLangName = "English";
    55. 

  55. }
    56. 

  56. 

  57. if (!isset($_SESSION['language_choice'])) {
    58. 

  58.     $_SESSION['language_choice'] = $defaultLangID;
    59. 

  59. }
    60. 

  60. // collect languages if showing language menu
    61. 

  61. if ($GLOBALS['language_menu_login']) {
    62. 

  62.     // sorting order of language titles depends on language translation options.
    63. 

  63.     $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
    64. 

  64.     // Use and sort by the translated language name.
    65. 

  65.     $sql = "SELECT ll.lang_id, " . "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " . "ll.lang_description " .
    66. 

  66.         "FROM lang_languages AS ll " . "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
    67. 

  67.         "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " . "ld.lang_id = ? " .
    68. 

  68.         "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
    69. 

  69.     $res3 = SqlStatement($sql, array(
    70. 

  70.         $mainLangID
    71. 

  71.     ));
    72. 

  72. 

  73.     for ($iter = 0; $row = sqlFetchArray($res3); $iter++) {
    74. 

  74.         $result3[$iter] = $row;
    75. 

  75.     }
    76. 

  76. 

  77.     if (count($result3) == 1) {
    78. 

  78.         // default to english if only return one language
    79. 

  79.         $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='1' />\n";
    80. 

  80.     }
    81. 

  81. } else {
    82. 

  82.     $hiddenLanguageField = "<input type='hidden' name='languageChoice' value='" . attr($defaultLangID) . "' />\n";
    83. 

  83. }
    84. 

  84. 

  85. ?>
    86. 

  86. <!DOCTYPE html>
    87. 

  87. <html>
    88. 

  88. <head>
    89. 

  89.     <title><?php echo xlt('New Patient'); ?> | <?php echo xlt('Register'); ?></title>
    90. 

  90.     <meta name="description" content="Developed By sjpadgett@gmail.com" />
    91. 

  91. 

  92.     <?php Header::setupHeader(['no_main-theme', 'datetime-picker', 'patientportal-style', 'patientportal-register']); ?>
    93. 

  93. 

  94.     <script src="https://www.google.com/recaptcha/api.js" async defer></script>
    95. 

  95. 

  96.     <script>
    97. 

  97.         function enableVerifyBtn(){
    98. 

  98.             document.getElementById("verifyBtn").disabled = false;
    99. 

  99.         }
    100. 

  100.     </script>
    101. 

  101. 

  102. </head>
    103. 

  103. <body class="mt-4 skin-blue">
    104. 

  104.     <div class="container-lg">
    105. 

  105.         <h1 class="text-center"><?php echo xlt('Account Registration'); ?></h1>
    106. 

  106.         <div class="stepwiz">
    107. 

  107.             <div class="stepwiz-row setup-panel">
    108. 

  108.                 <div class="stepwiz-step">
    109. 

  109.                     <a href="#step-1" type="button" class="btn btn-primary btn-circle">1</a>
    110. 

  110.                     <p><?php echo xlt('Verify Email') ?></p>
    111. 

  111.                 </div>
    112. 

  112.                 <div class="stepwiz-step">
    113. 

  113.                     <a href="#step-2" type="button" class="btn btn-light btn-circle disabled">2</a>
    114. 

  114.                     <p><?php echo xlt('Profile') ?></p>
    115. 

  115.                 </div>
    116. 

  116.                 <div class="stepwiz-step">
    117. 

  117.                     <a href="#step-3" type="button" class="btn btn-light btn-circle disabled">3</a>
    118. 

  118.                     <p><?php echo xlt('Insurance') ?></p>
    119. 

  119.                 </div>
    120. 

  120.                 <div class="stepwiz-step">
    121. 

  121.                     <a href="#step-4" type="button" class="btn btn-light btn-circle disabled">4</a>
    122. 

  122.                     <p><?php echo xlt('Register') ?></p>
    123. 

  123.                 </div>
    124. 

  124.             </div>
    125. 

  125.         </div>
    126. 

  126.         <!-- // Start Forms // -->
    127. 

  127.         <form id="startForm" role="form" action="account.php?action=verify_email" method="post">
    128. 

  128.             <input type='hidden' name='csrf_token_form' value='<?php echo attr(CsrfUtils::collectCsrfToken('verifyEmailCsrf')); ?>' />
    129. 

  129.             <div class="text-center setup-content" id="step-1">
    130. 

  130.                 <legend class="bg-primary text-white"><?php echo xlt('Contact Information') ?></legend>
    131. 

  131.                 <div class="jumbotron">
    132. 

  132.                     <?php if ($GLOBALS['language_menu_login'] && (count($result3) != 1)) { ?>
    133. 

  133.                         <div class="form-group">
    134. 

  134.                             <label class="col-form-label" for="selLanguage"><?php echo xlt('Language'); ?></label>
    135. 

  135.                             <select class="form-control" id="selLanguage" name="languageChoice">
    136. 

  136.                                 <?php
    137. 

  137.                                 echo "<option selected='selected' value='" . attr($defaultLangID) . "'>" .
    138. 

  138.                                     text(xl('Default') . " - " . xl($defaultLangName)) . "</option>\n";
    139. 

  139.                                 foreach ($result3 as $iter) {
    140. 

  140.                                     if ($GLOBALS['language_menu_showall']) {
    141. 

  141.                                         if (!$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') {
    142. 

  142.                                             continue; // skip the dummy language
    143. 

  143.                                         }
    144. 

  144.                                         echo "<option value='" . attr($iter['lang_id']) . "'>" .
    145. 

  145.                                             text($iter['trans_lang_description']) . "</option>\n";
    146. 

  146.                                     } else {
    147. 

  147.                                         if (in_array($iter['lang_description'], $GLOBALS['language_menu_show'])) {
    148. 

  148.                                             if (!$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') {
    149. 

  149.                                                 continue; // skip the dummy language
    150. 

  150.                                             }
    151. 

  151.                                             echo "<option value='" . attr($iter['lang_id']) . "'>" .
    152. 

  152.                                                 text($iter['trans_lang_description']) . "</option>\n";
    153. 

  153.                                         }
    154. 

  154.                                     }
    155. 

  155.                                 }
    156. 

  156.                                 ?>
    157. 

  157.                             </select>
    158. 

  158.                         </div>
    159. 

  159.                     <?php } else {
    160. 

  160.                         echo $hiddenLanguageField;
    161. 

  161.                     }
    162. 

  162.                     ?>
    163. 

  163. 

  164.                     <div class="form-row">
    165. 

  165.                         <div class="col-12 col-md-6 col-lg-3 form-group">
    166. 

  166.                             <label for="fname"><?php echo xlt('First Name') ?></label>
    167. 

  167.                             <input type="text" class="form-control" id="fname" name="fname" required placeholder="<?php echo xla('First Name'); ?>" />
    168. 

  168.                         </div>
    169. 

  169.                         <div class="col-12 col-md-6 col-lg-3 form-group">
    170. 

  170.                             <label for="mname"><?php echo xlt('Middle Name') ?></label>
    171. 

  171.                             <input type="text" class="form-control" id="mname" name="mname" placeholder="<?php echo xla('Full or Initial'); ?>" />
    172. 

  172.                         </div>
    173. 

  173.                         <div class="col-12 col-md-6 col-lg-3 form-group">
    174. 

  174.                             <label for="lname"><?php echo xlt('Last Name') ?></label>
    175. 

  175.                             <input type="text" class="form-control" id="lname" name="lname" required placeholder="<?php echo xla('Enter Last'); ?>" />
    176. 

  176.                         </div>
    177. 

  177.                         <div class="col-12 col-md-6 col-lg-3 form-group">
    178. 

  178.                             <label for="dob"><?php echo xlt('Birth Date') ?></label>
    179. 

  179.                             <input id="dob" type="text" required class="form-control datepicker" name="dob" placeholder="<?php echo xla('YYYY-MM-DD'); ?>" />
    180. 

  180.                         </div>
    181. 

  181.                     </div>
    182. 

  182.                     <div class="form-group">
    183. 

  183.                         <label class="col-form-label" for="emailInput"><?php echo xlt('Enter E-Mail Address') ?></label>
    184. 

  184.                         <input id="emailInput" type="email" class="reg-email form-control" name="email" required placeholder="<?php echo xla('Enter email address to receive registration.'); ?>" maxlength="100" />
    185. 

  185.                     </div>
    186. 

  186.                     <div class="form-group">
    187. 

  187.                         <div class="d-flex justify-content-center">
    188. 

  188.                             <div class="g-recaptcha" data-sitekey="<?php echo attr($GLOBALS['google_recaptcha_site_key']); ?>" data-callback="enableVerifyBtn"></div>
    189. 

  189.                         </div>
    190. 

  190.                     </div>
    191. 

  191.                 </div>
    192. 

  192.                 <button type="submit" id="verifyBtn" class="btn btn-primary pull-right mb-5" type="button" disabled="disabled"><?php echo xlt('Verify Email') ?></button>
    193. 

  193.             </div>
    194. 

  194.         </form>
    195. 

  195.     </div>
    196. 

  196. </body>
    197. 

  197. </html>
    198. 

  198.