OpenEMR 2.8.2 Appliance Manual

Page Last modified: 10/02/07 01:08:05 AM

LINK TO MANUAL IN PDF FORMAT

Author: Brady Miller

Email: brady@sparmy.com

Discussion Board: http://www.oemr.org/modules/newbb/

SECURITY PATCHES: here (Appendix A.)





Introduction

Main TOC Link

The clinical benefits of computerized medical records are clear, however, the costs of current proprietary systems are large. This high cost precludes many small practices from transitioning to computerized medical records. Open Source medical record systems are quickly becoming a viable, cost effective alternative. Comprehensive open source medical practice management software suites consist of several independent software packages, which can make them more difficult to install/evaluate than their proprietary counterparts. This obstacle can easily be circumvented with a pre-installed Appliance.

The goal of this project was to build a comprehensive Open Source Medical Practice Management Software Appliance, which provides office scheduling, electronic medical records, prescriptions, insurance billing, accounting, inventory, and access controls. This appliance will have many possible applications, such as a fully functional demo, a testing/developing platform, and as the starting point in real world clinic applications. It can be run on any operating system that supports the VMware Player. The detailed building instructions of this appliance are also included in this manual, which will allow easy modification/updates of appliance and will allow simple transition to a native server, if required.

OpenEMR is installed, along with FreeB, SQL-Ledger, and php-GACL. They are installed on the Mandriva2006 operating system. OpenEMR is the practice management software. FreeB is the insurance billing/printing software. SQL-Ledger is the accounting software. Php-GACL is the access control software.

This manual contains instructions on downloading, starting, and using the OpenEMR Appliance, OpenEMR user manual web links, helpful tips on OpenEMR use, instructions for configuration of the Appliance, and full detailed instructions on how the Appliance was built.

The Download the OpenEMR Appliance and VMware Player chapter contains how and where to download software from.

The Start the OpenEMR Appliance chapter contains information on starting the OpenEMR Appliance.

The Using the OpenEMR Appliance chapter contains information on how to use the OpenEMR Appliance, web links to User Manuals, helpful tips, and all the login names and passwords that will be needed while using the appliance.

The Configuration of the OpenEMR Appliance chapter describes how to set up a printer, an email server, and an automated backup scheme which incorporates encryption.

The Instructions for Building the OpenEMR Appliance chapter describes in detail how this Appliance was built.

Online Demo

Main TOC Link

Here are online demos of the OpenEMR 2.8.2 appliance:

With the new frames look:

https://OpenSourceEMR.com:2084/openemr/ (Main OpenEMR program)

https://OpenSourceEMR.com:2084/sql-ledger/ (Sql-Ledger accounting)

https://OpenSourceEMR.com:2084/phpgacl/admin (php-GACL access controls)

With the traditional look:

https://OpenSourceEMR.com:2085/openemr/ (Main OpenEMR program)

https://OpenSourceEMR.com:2085/sql-ledger/ (Sql-Ledger accounting)

https://OpenSourceEMR.com:2085/phpgacl/admin (php-GACL access controls)

These are fully functional demos, which allows you to play around with all the software packages in the appliance. It uses all the same logins and passwords as the appliance( refer to 'Login Name and Password' section). Some simple configuration has been added for clearer demonstration of OpenEMR, Sql-Ledger, FreeB, and php-GACL. OpenEMR users were added to demonstrate the access controls:

-Login name------Password---------Description

1. admin__________pass_____________Administrator

2. physician_______physician________Physician(more access than clinician)

3. clinician________clinician_________Clinician(less access than physician)

4. accountant______accountant______Accountant

5. receptionist_____receptionist_____Front desk receptionist

Don't worry about breaking it, because it resets itself to its original state every day at 2:00AM(new frames appliance) and 4:00AM(traditional look appliance) Pacific Time. Have fun. (If demo is not working email me at brady@sparmy.com)

Download the OpenEMR Appliance and VMware Player

Main TOC Link

1. Download and install the FREE VMware Player at: http://www.vmware.com/products/player/

2. Download the FREE OpenEMR Appliance. The file is 1019.7 MB, and will extract to 3 GB.
   1. You can download Appliance via Direct Download or Torrent:
      1. Direct Download from Sourceforge: http://sourceforge.net/project/showfiles.php?group_id=167832

      2. Torrent file link: http://www.bradymd.com/OpenEMR-2-8-2-Appliance-1.torrent (If you need a torrent software client, then try: http://azureus.sourceforge.net/ )

Start the OpenEMR Appliance

Main TOC Link

Windows

Main TOC Link

1. Unpackage the OpenEMR-2-8-2-Appliance-1.tgz file (Use WinZip, WinRAR, or 7-Zip).

2. Run VMware Player.

3. Start up the OpenEMR Appliance by opening the OpenEMR-2-8-2-Appliance-1.vmx file in the VMware Player.

4. If this is your first time starting the OpenEMR Appliance, then a window will pop up explaining some nonsense about the changing location of a configuration file. Just click 'Create'.

5. Several windows will pop up explaining that /dev/hdc, /dev/hdd, and sound drivers are not gonna work. Just click 'ok' several times and continue.

6. Mandriva will now boot up, just give it some time. After boot up you will see the following login screen:

This is the login screen. To log in, proceed to the 'Log In to Appliance' section below.

Linux

Main TOC Link

1. Unpackage the OpenEMR-2-8-2-Appliance-1.tgz file.

2. Run VMware Player.

3. Start the OpenEMR appliance by opening the OpenEMR-2-8-2-Appliance-1.vmx file in the VMware Player.

4. If this is your first time starting the OpenEMR Appliance, then the below window will pop up:

You will only see this window the first time you start the appliance. Click 'Create'.

5. Several windows may pop up explaining that /dev/hdc, /dev/hdd, and/or sound drivers are not gonna work. Just click 'ok' several times and continue.

6. Mandriva will now boot up, just give it some time. After boot up you will see the following login screen:

This is the login screen. To log in, proceed to the 'Log In to Appliance' section below.

Using the OpenEMR Appliance

Main TOC Link

Log In to Appliance

Main TOC Link

1. The first time you use the appliance, you will login with user 'openemr' and password 'openemrpassword'. You may be forced to change the password during your first login (detailed instructions below):

Enter 'Username' -> 'openemr'. Enter 'Password' -> 'openemrpassword'(NOTE that this password may be changed after your first login). When done, hit the ENTER key.

If this is your first login, then you may be prompted to change your password:

Click 'OK'.

Enter and confirm a new password. This will be your new 'openemr' user password. REMEMBER this password!

Congratulations. You successfully logged in.

Using OpenEMR in Appliance

Main TOC Link

1. Use OpenEMR with the user name 'admin' and default password 'pass' via web browser at: https://localhost/openemr
2. Use SQL-Ledger with the user name 'openemr' and password 'openemr' via web browser at: https://localhost/sql-ledger
3. Use php-GACL with user name 'admin' and password 'admin' via web browser at: https://localhost/phpgacl/admin
4. Note that the full list of application login names and passwords can be found in the 'Login Name and Password' section below.

Using OpenEMR from another/virtual computer

Main TOC Link

1. Networking with the Virtual computer over a LAN. You can get the current IP address thru Mandriva settings, and then use that IP address as the web address on another computers(including virtual) web browser.
   1. First, get your virtual server IP address:

Click 'System' -> 'Configuration' -> 'Configure Your Computer'.

Enter 'root' user password. Then click 'OK'.

IMPORTANT, if you have not created a new 'root' user password, you need to proceed to Appendix B. 'Change Mandriva's expired 'root' user password' NOW. (The default 'root' password will expire at some point and will no longer work) When your done updating the password, then type your new password here.

Click 'Network & Internet'.

Click 'Reconfigure a network interface'.

The circled number above is your Your_Current_IP_address.

2. Then you can use below links to connect to your virtual server
   1. OpenEMR at https://Your_Current_IP_address/openemr
   2. SQL-Ledger at https://Your_Current_IP_address/sql-ledger
   3. php-GACL at https://Your_Current_IP_address/phpgacl/admin
   4. For the list of application login names and passwords go to the 'Login Name and Password' section below.

2. You can also change your IP address to a static one, so it doesn't change after your virtual server is turned off or re-started. I'm out of time, so can't go thru it. You'll have to Google this one (Quickly, it can be changed in above window by clicking on the Protocol toggle and selecting static, then you can choose an IP address. However, you then need to type in DNS servers and you need to ensure your router does not assign any other computers your chosen static IP address)

OpenEMR User Training

Main TOC Link

1. There is an excellent web site for learning how to use all of the components of OpenEMR at: http://www.sunsetsystems.com/node/8
2. The above link is also mirrored at the following wiki site, which means it could theoretically contain updates: http://www.oemr.org/modules/cjaycontent/index.php?id=2
3. There is also an older user manual in the /var/www/html/openemr/Documentation directory which can be helpful.
4. You can ask question at the SourceForge OpenEMR forum at: http://sourceforge.net/forum/?group_id=60081
5. The OpenEMR home page is here with a wiki: http://www.oemr.org/
6. The most current version of this appliance user manual will hopefully always be available at: http://www.bradymd.com/appliance

Helpful Tips

Main TOC Link

1. NEED to mark bills as 'cleared' (even after hfca processing) on the billing menu to send data to sql-ledger.
2. NEED to leave the the 'Prior Authorization Form' installed and disabled for the hfca form printing to work.
3. NEED to also create your new OpenEMR users in php-GACL or strange things will happen. (I refer you to above OpenEMR User Training section on how to do this.)
4. NEED to ensure clock is set correctly (Virtual computer time should not differ from the host computers, or there will be cron scheduling and sql-ledger problems)
5. NEED to ensure your provider is authorized or you won't be able to send bills to sql-ledger. It's confusing because there are two different separate authorization options. Screenshots below go thru the process:

Click 'Administration'.

Click 'edit' for the user.

Ensure the 'Authorized:' toggle is on. Ensure the 'See Authorizations:' is set to 'All' or 'only mine'. Then click 'Save Changes'.

List of Login Names and Passwords

Main TOC Link

1. Mandriva2006 user -> user: 'openemr' password: 'openemrpassword' (this password may need to be changed during first login)
2. Mandriva2006 admin -> user: 'root' password: 'rootpassword' (this password may be changed by user also)
3. OpenEMR -> user: 'admin' password: 'pass'
4. SQL-Ledger user -> user: 'openemr' password: 'openemr'
5. SQL-Ledger admin -> password: 'admin'
6. php-GACL -> user: 'admin' password: 'admin'
7. PostgreSQL -> user: 'sql-ledger' password: 'sqlledger'
8. MySQL user -> user: 'openemr' password: 'openemr'
9. MySQL admin -> user: 'root' NO PASSWORD

Configuration of the OpenEMR Appliance

Main TOC Link

Change Display to the New Frames Look

Main TOC Link

1. Decide which look you want by looking at the online demos.

2. The default look is traditional, if you want to change to the new frames look, then enter below bolded instructions on command line as root user:

#log into root

su

#If you want to change to the new “frames look”, then you will need to edit the file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the below bolded variable :

$GLOBALS['concurrent_layout'] = true;

TEXT EDITOR SAVE AND EXIT

Enable Pharmacy Dispensary Module

Main TOC Link

1. The pharmacy dispensary module will allow you to dispense and keep track of your own med/herbs/supplement dispensary. It will also create bottle labels of the drugs you dispense.
2. Turn on the pharmacy dispensary module in the OpenEMR configuration file. Enter below bolded instructions on command line as root user:

#log into root

su

#edit file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the following bolded variable :

$GLOBALS['inhouse_pharmacy'] = true;

TEXT EDITOR SAVE AND EXIT

3. Next, need to upgrade the php-GACL access controls to allow access to the Drug Dispensary Module. Download acl_upgrade_1.txt file, which is a php script. I wrote this script, and it seems to work alright. File can be found at: http://bradymd.com/acl_upgrade_1.txt (to download file, you may need to Right-Click the link and select 'Save Link As...')

   1. Enter below bolded instructions on command line as root user:

#log into root

su

#copy upgrade script to openemr directory (note that the '.txt' is being changed to '.php')

mv /location/to/file/acl_upgrade_1.txt /var/www/html/openemr/acl_upgrade_1.php

2. Run php-gacl upgrade script via : http://localhost/openemr/acl_upgrade_1.php

Ensure you got no 'ERRORS'. Close the window.

1. The Drug Dispensary Module should now work in OpenEMR. Here are some screenshots that show how to navigate to the pharmacy dispensary module for administrative purposes:

Click 'Administration'

Click 'Drugs'.

Click 'Add Drug', enter stuff and play around to figure out how to use.

Quick OpenEMR screenshots of prescribing drugs with the dispensary:

Click 'Add Prescription'.

Note the things circled in red, which are part of the pharmacy dispensary module.

Printer Setup

Main TOC Link

1. For USB printers, you will need to connect the device by clicking on printer on top of window. Your host computer may no longer be able to see the printer after this step(not permanent, but can be a pain).

In my case I click on the 'Hewlett-Packard...' button at top of VMware window.

This is just to demonstrate that the 'Hewlett-Packard...' button is now shaded.

2. Then install software and printer via Mandriva Control Center, which will first install CUPS, and then look for printers. If your lucky, Mandriva will see your printer.

Click 'System' -> 'Configuration' -> 'Configure Your Computer'.

Enter 'root' user password. Then click 'OK'.

IMPORTANT, if you have not created a new 'root' user password, you need to proceed to Appendix A. 'Change Mandriva's expired 'root' user password' NOW. (The default 'root' password is expired and will no longer work) When your done updating the password, then type your new password here.

Click 'Hardware'

Click 'Set up the printer(s)...'.

Click 'Yes'.

Select 'Local CUPS printing system'. Then click 'Ok'.

Click 'Yes'.

Just twiddle your thumbs and wait, it takes a while.

Click 'Add Printer'.

Select both auto-detect options. Then Click 'Next'.

No big deal. Close the windows and we will install the printer below thru CUPS.

3. If the above step found your printer, then you can skip to the section below which will have you place the name of the printer into the openemr config file (this will allow printing while creating billing forms via freeb). If Mandriva can't find the printer, don't worry, we will install it via CUPS directly at: http://localhost:631/

Click 'Manage Printers'.

Click 'Add Printer'.

Enter 'User Name' -> 'root'. Enter the root password. Then click 'OK'.

Fill in form, and then click 'Continue'. The only important field is the 'Name'. This will be used later when configuring printer for freeb/openemr.

In my case I am selecting the 'USB Printer #1'. If your using a USB printer, this will likely work.

Click 'Continue'.

Select the make of your printer. Then click 'Continue'.

Select the model of your printer. Then click 'Continue'.

It Worked!! Click printer name to see more specifics on your newly added printer.

Done installing printer. I'd rec. testing it with 'Print Test Page'.

4. Confirm that your printer is seen by Mandriva and get your printer name:

Your printer name is underlined with red line. This will be typed into the below freeb/openemr configuration file.

5. Enter below bolded instructions on command line as root user:

#log into root

su

#edit file /var/www/html/openemr/includes/config.php:

mcedit /var/www/html/openemr/includes/config.php

#change bolded variable to the name of your printer

$GLOBALS['oer_config']['freeb']['printer_name'] = "YourPrinterName";

TEXT EDITOR SAVE AND EXIT

Email Server Setup

Main TOC Link

1. This will allow only locally produced emails (such as “status” emails during the below 'backup script', or emails originating from OpenEMR) to be sent over the internet.

2. Need to update a package called 'msec' if you want to avoid an error email every minute(not exaggerating)
   1. Enter below bolded instructions on command line as root user:

#log into root

su

#Start MandrivaUpdate

MandrivaUpdate

Click 'Yes'.

Click 'Yes'.

Click 'Ok'. (just select the default mirror)

Type 'msec' and click 'Search'.

Select 'msec-0.49.1-...'. Then click 'Install'.

Your done. Close the window.

3. Enter below bolded instructions on command line as root user:

#log into root

su

#This will allow outgoing mail from server.

# Just made up virtual.org, this can be

# anything since this is only an outgoing

# email server. (It does not need to match

# your domain or server name.)

#edit config file /etc/postfix/main.cf:

mcedit /etc/postfix/main.cf

#add to end of file

mydomain = virtual.org

myhostname = $mydomain

myorigin = $mydomain

relayhost = YourOutgoingSMTPMailServerHere

#This will forward the root's email to

# the below email address (needed to

# monitor server emails such as below

# backup script status)

#edit aliases file /etc/postfix/aliases:

mcedit /etc/postfix/aliases

#edit near end of file:

root: YourFullEmailAddressHere

#start postfix service and configure to start on computer boot up

service postfix start

chkconfig --add postfix

Automatic Backup Setup

Main TOC Link

1. This will enable a full daily backup of the MySQL server, PostGreSQL server, OpenEMR patient documents directory, and FreeB billing documents directory. The script will place a non-encrypted backup in the local hard drive secured /backup directory, and will also copy an encrypted backup to a DVD. The DVD copy works via multi-session, so you basically just need to leave one DVD in the DVD writer until it fills up. Do NOT use RW DVD. This script will work and should be used with R only DVD's. The output of the automated backup script will be emailed to the person's email entered in above email server setup.
   1. The local /backup directory will have to be manually cleaned up occasionally. I'd recommend deleting old backup sub-directories on a monthly basis or so. (of course, a script could be written for this)
   2. There is no restore script yet, will have to be done manually.
   3. The MySQL and PostGreSQL are gzipped. The ...openemr/documents and .../freeb/public backups are compressed via DAR (NOT tar).

2. Download the script file fullbackup.sh. File can be found at: http://bradymd.com/fullbackup.sh (to download file, you may need to Right-Click the link and select 'Save Link As...')

3. Configure file encryption package:
   1. Enter below bolded instructions on command line as root user:

#log into root

su

#Configure file encryption. If you want to be able to decrypt your encrypted files you need to remember (case sensitive) the passphrase that you type below. I'd also remember all the other info you type below.

gpg --gen-key

-'ENTER' to default of 1 for key selection

-'ENTER' to default 2048 keysize bits

-'ENTER' to default '0' so key does not expires

-Type 'Y' to confirm above

-Type your real full name

-Type your real email address

-Type 'openemr secure backup key'

-Type 'O' to confirm

-Type a very secure and long 'passphrase' (the longer your passphrase is the more secure, go for at least 15 characters with numbers, different cases, and strange characters)

#IMPORTANT!!! You NEED to backup the entire contents of directory /root/.gnupg on the most indestructible disk(s) you can find and then keep in a secure place. This directory contains your secret key file, and without this you will be unable to restore from your encrypted data backup!!! You also need to remember your passphrase, or you won't be able to restore your backed up data.

#The decrypt command, in case you need at some point:

#gpg -o OutputFilename -d InputFilename

4. Configure backup script and automate it:
   1. Enter below bolded instructions on command line as root user:

#log into root

su

#install the DAR backup package

urpmi dar

-yes to packages

#create a secure backup directory

mkdir /backup

chown root:root /backup

chmod 700 /backup

#move the backup script to /root , secure it, and allow execution

mv /location/to/file/fullbackup.sh /root

chown root:root /root/fullbackup.sh

chmod 700 /root/fullbackup.sh

#edit file /root/dailybackup.sh:

mcedit /root/fullbackup.sh

#edit the below DVDDEVICE line to what the

#device for the DVD writer is. It is likely going to

#be /dev/hda , /dev/hdb , /dev/hdc ... A very

#non-scientific way to figure this out is to put

#a DVD with files in the DVD writer, go to root

#command line and then use the

#'mount /dev/hda /mnt/cdrom1'

#command then 'ls /mnt/cdrom1', and continue

#this until you get the right device,

#don't forgot to 'umount /mnt/cdrom1':

DVDDEVICE=/dev/hdb

#edit full name you entered above for encryption key:

YOURFULLNAME='Brady Miller'

TEXT EDITOR SAVE AND EXIT

#Automate script to cron for a daily run at 1:02 AM. WARNING: This script needs to finish and start on the same day since it plays around with file names using the date command. Basically, don't start this script before midnight unless you are sure it will finish before midnight. This is why I have it set for 1:02AM.

export EDITOR=/usr/bin/mcedit

crontab -e

#paste below into empty file:

02 1 * * * . /root/fullbackup.sh

TEXT EDITOR SAVE AND EXIT

Instructions for Building the OpenEMR Appliance

Main TOC Link

LINK TO MANUAL IN PDF FORMAT

Required Software

Main TOC Link

Chapter Index Link

1. Apache (2.0.54), MySQL (4.1.12), and PHP (4.4.0)
2. OpenEMR (2.8.1) and OpenEMR (2.8.2)
3. FreeB (0.11) and FreeB (0.12) – Insurance billing software
4. PostgreSQL (8.0.3) – Database program required by SQL-ledger
5. SQL-Ledger (2.6.3) – Billing, Accounting, and Inventory software
6. php-GACL (3.3.6) – Access Control software

Important Issues Before Installation

Main TOC Link

Chapter Index Link

1. These instructions are exact instructions for building this appliance. If you are using these instructions, you have two options:
   1. You can follow the instructions exactly, which means installing OpenEMR 2.8.1(with FreeB 0.11) first and then upgrading to 2.8.2(with FreeB 0.12). This will guarantee getting a working version, which is identical to the Appliance.
   2. Or you can try to install OpenEMR 2.8.2(with FreeB 0.12) using the 2.8.1 instructions(it should work in theory) to avoid having to go thru the upgrade sections. Please note I have not tested this.
2. Complete all of the steps before entering any data into OpenEMR. The SQL-Ledger and OpenEMR software may communicate in strange ways if you enter data into OpenEMR before installing SQL-Ledger.
3. Passwords can be confusing during the SQL-Ledger installation. To avoid any confusion it is helpful to know that during the installation you will create a PostGreSQL user called 'sql-ledger' with a password. This user/password combination will be used frequently, and the password will be referred to as 'sql-ledger-password' throughout this document to avoid confusion.

Install the Mandriva 2006 Virtual Computer

Main TOC Link

Chapter Index Link

1. You can use either VMware Workstation or VMware Server to build the Mandriva 2006 Virtual Computer.
2. VMware Workstation Configuration:

Click 'New Virtual Machine'.

Select 'typical'. Then click 'Next'.

Select 'Linux' and 'Mandrake Linux'. Then click 'Next'.

Select 'Use bridged networking'. Then click 'Next'.

Enter 'Disk Size'->'20 GB'. Select 'Split disk into 2GB files'. Then click 'Finish'.

1. Insert the Mandriva2006 DVD/CD.
1. Click 'Power On' via Vmware.
1. Install Mandriva2006:

Change 'Security Level' -> 'Higher'. Type in an administrator log in name. Then click 'Next'.

Select 'Use free space'. Then click 'Next'.

Click 'Next'.

Click 'Ok'.

Select 'Office Workstation', 'Multimedia Station', 'Internet Station', 'Network Computer(client)', 'Configuration', 'Console Tools', 'Development', 'Documentation', 'KDE Workstation'. Do NOT select any Server selections. Then click 'Next'.

Enter a secure password. Then click 'Next'.

Type in a 'Name', 'Login name', and 'Password'. Toggle ON 'xgrp', 'rtools', and 'wheel'. Then click 'Accept user'.

Click 'Next'.

At 'Graphical Interface', click 'Configure'.

Select 'VMware virtual video card'. Then click 'Next'.

Select '1024x768'. Then click 'Next'.

Select '800x600'. Then click 'OK'.

Select 'Yes'. Then click 'Next'.

Click 'Next'.

Select 'No'. Then click 'Next'.

Click 'Reboot'.

6. Install VMtools (Required by VMware software)
   1. This will require installation of kernel source/headers files
   2. Re-insert the Mandriva2006 CD/DVD
   3. Install kernel source/headers files:
      1. Enter below bolded instructions on command line as root user

#log into root

su

#install the kernel header/source files

urpmi kernel-source

4. Set up Vmware:

Click above 'Install Vmware Tools'.

Click 'Install'.

5. Install the VMTools on Mandriva
6. Enter below bolded instructions on command line as root user:

#log into root

su

#if below doesn't work, try replacing /dev/hda with /dev/cdrom, /dev/hdb, /dev/hdc etc.

mount /dev/hda /mnt/cdrom

#unpack and move file

cd /tmp

tar zxpf /mnt/cdrom/VMwareTools-5.5.0-*.tar.gz

umount /mnt/cdrom

cd vmware-tools-distrib

#install the software

./vmware-install.pl

-answered all questions with defaults

-answered 3 for video mode(“1024x768”)

#need to re-boot or else weird stuff happens

shutdown -r now

8. Enable software package installation over internet:

Click 'System' -> 'Configuration' -> 'Packaging' -> 'Software Media Manager'.

Enter 'root' user password. Then click 'OK'.

Click 'Add...'.

Click 'Distribution sources'.

Select as above. Then click 'Ok'.

8. Disable the screensaver(it's annoying).

Install Apache, MySQL, and PHP4

Main TOC Link

Chapter Index Link

1. OpenMed requires PHP4. You shouldn't of installed PHP5, since you should not of selected any server packages during the Mandriva install(then you can disregard this, and skip to step 2). However if you have PHP5 on your system, then remove it using below bolded instructions on command line as root user:

#log into root

su

#list all the php5 packages

urpme php

#remove them all by pasting in all of the php5 packages below

urpme (paste)

2. Enter below bolded instructions on command line as root user :

#log into root

su

#Install apache, php, mysql

urpmi apache php4-cli apache-mod_php4 apache-mod_ssl php4-mysql php4-xml php4-xmlrpc htmldoc mysql

-I chose 1- apache-mpm-prefork-2.0.54-13mdk.i586

-I chose 1- MySQL-4.1.12-3mdk.i586

-choose Yes to packages

#start apache and mysql

service httpd start

service mysqld start

#enables apache and mysql to start during boot-up

chkconfig --add httpd

chkconfig --add mysqld

3. Open the firewall for the web server:

Click 'System' -> 'Configuration' -> 'Configure Your Computer'.

Enter 'root' user password. Then click 'OK'.

Click 'Security'.

Click 'Set up a personal firewall...'.

Select 'Web Server'. Then click 'OK'.

Click 'OK'.

Click 'Ok'. Keep defaults.

You are done. Close the window.

Install OpenEMR 2.8.1

Main TOC Link

Chapter Index Link

1. Download openemr-2.8.1.tar.gz (version 2.8.1) from sourceforge at : http://sourceforge.net/project/showfiles.php?group_id=60081

2. Enter below bolded instructions on command line as root user:

#log into root

su

#edit file /etc/php4.ini:

mcedit /etc/php4.ini

#edit following variables:

post_max_size = 30M

upload_max_filesize = 30M

memory_limit = 128M

max_execution_time = 45

magic_quotes_gpc = off

register_globals = off

TEXT EDITOR SAVE AND EXIT

#Ensure the following lines are included at the end of the /etc/httpd/conf/httpd.conf file (This was not in original OpenEMR Appliance and has been listed as a security patch; it is required to not allow unauthorized access to confidential patient medical records).

mcedit /etc/httpd/conf/httpd.conf

#Ensure below is included at end of file (if not found, then paste below into end of file)

<Directory "/var/www/html/openemr/documents">

order deny,allow

Deny from all

</Directory>

<Directory "/var/www/html/openemr/edi">

order deny,allow

Deny from all

</Directory>

TEXT EDITOR SAVE AND EXIT

#restart httpd

service httpd restart

#put the OpenEMR program in its place

cd /var/www/html

tar pxzvf /location/to/tar/openemr-*.tar.gz

mv openemr-* /var/www/html/openemr

chown -Rf root:root openemr

#Prepare for install

chmod 666 /var/www/html/openemr/library/sqlconf.php

3. Then use Auto-installer at: http://localhost/openemr/setup.php

Click 'Continue'.

Select 'Have setup create the databases'. Then click 'Continue'.

In SERVER section: enter 'Password' -> secure password, otherwise keep defaults. In CLIENT section: keep defaults. In USER section: enter 'Initial User' -> new user login name, Enter 'Initial User's Name' ->new user name, enter 'Initial Group' -> name of practice. (I would recommend keeping the 'Initial User' -> 'admin' and the 'Initial User's Name' -> 'Administrator' to ensure easy installation of the php-GACL software.) Then Click 'Continue'.

Click 'Continue'. (Don't worry, we have already made the mentioned file world-writeable)

Click 'Continue'. (Don't worry, we will 'restore secure permissions' of file later)

This page list some additional instructions. Again, don't worry, we will do all of this stuff in next section below. You can close your browser window now and move onto the next section.

3. Enter below bolded instructions on command line as root user:

#log into root

su

#Re-secure the sqlconf.php file

chmod 644 /var/www/html/openemr/library/sqlconf.php

#Need to change some file/folder ownerships

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/cache

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/compiled

chown apache:apache -R /var/www/html/openemr/documents

Install FreeB 0.11

Main TOC Link

Chapter Index Link

1. Download freeb-0.11.tar.gz (version 0.11) from sourceforge: http://sourceforge.net/project/showfiles.php?group_id=60081

2. Enter below bolded instructions on command line as root user :

#log into root

su

#put the program in its place

cd /usr/share

tar xzvf /location/to/tar/freeb-*.tar.gz

mv freeb-* /usr/share/freeb

#secure it

chown root:root -R /usr/share/freeb

#install the necessary packages

urpmi perl-Config-General perl-Date-Calc

-choose yes to packages

#need to install several PERL modules

perl -MCPAN -e shell

-Answer NO to first question, and then it will be auto-configured.

At cpan> prompt type:

install PDF::Create

install ConfigFile

install Frontier::Daemon

exit

#create a directory that apache can write to

mkdir /usr/share/freeb/public

chown apache:apache -R /usr/share/freeb/public

#change ownership of following directory

chown apache:apache -R /var/www/html/openemr/library/freeb

#this will allow the user to use freeb while in openemr

cp /usr/bin/php4 /usr/bin/php

3. Configure FreeB as a service
   1. Download freeb file, which is an init.d script. I wrote this file, and it seems to work alright. But I have to say, please use at your own risk. File can be found at: http://bradymd.com/freeb (to download file, you may need to Right-Click the link and select 'Save Link As...')

   2. Enter below bolded instructions on command line as root user :

#log into root

su

#move file and change ownership/permissions

mv /location/to/file/freeb /etc/init.d/

chown root:adm /etc/init.d/freeb

chmod 740 /etc/init.d/freeb

#start service

service freeb start

-After 'before server setup', just hit 'enter' key once to get back to the prompt. If you saw 'before server setup', then it worked.

#configure freeb to start automatically during computer startup

chkconfig --add freeb

#You are done installing service, it will now start

#up automatically during computer start up.

#If the above service is not working, you can

#manually start the FreeB server by typing:

#'/usr/share/freeb/bin/FreeB_Server.pl &'

3. Next, need to do below “work-around”(Bug in OpenEMR) in order for HCFA billing to work.

Log in to OpenEMR with previously created username and default password 'pass' at http://localhost/openemr:

Click 'Administration'.

Click 'Forms'.

Click 'register' at 'prior_auth' entry.

Click 'Install DB' at 'Prior Authorization Form' entry.

WARNING!! Do NOT click anything on screen below, read below the screenshot first.

Do NOT click the disabled button. You are done with OpenEMR for now. Basically this 'prior_auth' form has to be in the database and disabled for program to function normally. Log out and move on to the next section.(continue to research)

lnstall PostgreSQL

Main TOC Link

Chapter Index Link

1. Enter below bolded instructions on command line as root user :

#log into root

su

#install postgresql and needed packages

urpmi postgresql postgresql-devel postgresql-server postgresql-docs postgresql-pl php4-pg

-yes to packages

#start service and also have it start at computer boot-up

service postgresql start

chkconfig --add postgresql

Install SQL-Ledger

Main TOC Link

Chapter Index Link

1. We will do a manual install with version 2.6.3. I'd recommend installing this version also, since we know it works.
2. Download sql-ledger-2.6.3.tar.gz file from: http://sourceforge.net/project/showfiles.php?group_id=4320

3. Enter below bolded instructions on command line as root user :

#log into root

su

#install the needed dependencies

urpmi perl-DBD-Pg LaTeX perl-DBI

-yes to packages

#put the SQL-Ledger program in its place

cd /usr/local

tar xzvf /location/to/file/sql-ledger-2.6.3.tar.gz

mv sql-ledger/sql-ledger.conf.default sql-ledger/sql-ledger.conf

#edit file /usr/local/sql-ledger/sql-ledger.conf:

mcedit /usr/local/sql-ledger/sql-ledger.conf

#add the following to the vars section on first line of file (you must place this within the first line) For example: 'use vars qw($oemr_ar_acc ...)':

$oemr_ar_acc $oemr_cash_acc $oemr_due_days $oemr_username $oemr_services_partnumber

#Paste the entire section below into file:

#Some constants relevant to OpenEMR import.

#sql-ledger user

$oemr_username = 'openemr';

#acc num for acc receivable

$oemr_ar_acc = '1200';

# acc num for check/copay

$oemr_cash_acc = '1060';

# creating a services item for medical services

# OpenEMR billing "part number" here:

$oemr_services_partnumber = 'MS';

# Num of days added to OpenEMR transaction date to

# create the invoice due date when insurance. This affects the

# pat. portion of outstanding balance shown in OpenEMR

# summary, and also SQL-Ledger reports and statements.

$oemr_due_days = 40;

TEXT EDITOR SAVE AND EXIT

#create and edit file /etc/httpd/conf/sql-ledger-httpd.conf:

mcedit /etc/httpd/conf/sql-ledger-httpd.conf

#Paste the entire section below into empty file:

Alias /sql-ledger /usr/local/sql-ledger/

<Directory /usr/local/sql-ledger>

AllowOverride All

AddHandler cgi-script .pl

AddDefaultCharset On

Options ExecCGI Includes FollowSymlinks

Order Allow,Deny

Allow from All

</Directory>

<Directory /usr/local/sql-ledger/users>

Order Deny,Allow

Deny from All

</Directory>

TEXT EDITOR SAVE AND EXIT

#edit file /etc/httpd/conf/httpd.conf:

mcedit /etc/httpd/conf/httpd.conf

#add following line to bottom of file

include /etc/httpd/conf/sql-ledger-httpd.conf

TEXT EDITOR SAVE AND EXIT

#change permissions

cd /usr/local/sql-ledger

chown -hR apache:apache users templates css spool

#restart httpd service

service httpd restart

#Set up PostgreSQL user( use 'sql-ledger'), password, and database

su postgres

createuser -d -P sql-ledger

-type a good password for the sql-ledger user on PostgreSQL

(this password is IMPORTANT and to avoid any severe confusion it will be referred to as the 'sql-ledger-password' during the rest of the install documentation. I mean it, this is important to remember. This password will be typed in many times during instructions below.)

-type y to allow user to make more users

createlang plpgsql template1

exit

1. Load your web browser and connect to: http://localhost/sql-ledger/admin.pl

There is no default password. Just click 'Login'.

Click 'Change Admin Password'.

Enter a secure password. Then click 'Change Password'.

Click 'Pg Database Administration'.

Enter 'User' -> 'sql-ledger'. Enter 'Password' -> 'sql-ledger-password''. Otherwise keep above defaults. Then click 'Create Dataset'.

Enter 'Create Dataset' -> 'openemr'. Toggle 'Create Chart of Accounts' -> 'Default'. Then click 'Continue'.

Click 'Continue'.

Click 'Add User'.

Enter 'Login' ->'openemr'. Enter a secure 'Password'->'openemrpassword'. Enter 'Name'-> 'openemr'. At the 'Database' section: ensure the 'Driver Pg' is toggled to ON , set 'Dataset'->'openemr', set 'User'->'sql-ledger', set 'Password'->'sql-ledger-password'. Keep above defaults for other above entries. Scroll to bottom of page and click 'Save'.

Click 'Logout' and continue below.

1. Enter below bolded instructions on command line as root user:

#log into root

su

#Copy and rename openemr perl script to sql-ledger directory

cp /var/www/html/openemr/accounting/ws_server_26.pl /usr/local/sql-ledger/ws_server.pl

#edit file /usr/local/sql-ledger/ws_server.pl:

mcedit /usr/local/sql-ledger/ws_server.pl

#edit the following bolded path:

use lib qw (/usr/local/sql-ledger);

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/interface/globals.php

mcedit /var/www/html/openemr/interface/globals.php

#edit the following bolded variables :

$sl_income_acc = '4320';

$sl_services_id = 'MS';

$sl_dbname = 'openemr';

$sl_dbuser = 'sql-ledger';

$sl_dbpass = 'sql-ledger-password';

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/includes/config.php:

mcedit /var/www/html/openemr/includes/config.php

#edit the following bolded variables:

$GLOBALS['oer_config']['ws_accounting']['enabled'] = true;

$GLOBALS['oer_config']['ws_accounting']['username'] = "openemr";

$GLOBALS['oer_config']['ws_accounting']['password'] = "openemrpassword";

$GLOBALS['oer_config']['ws_accounting']['income_acct'] = "4320";

TEXT EDITOR SAVE AND EXIT

1. Finish up SQL-Ledger install, go to: http://localhost/sql-ledger/

Enter 'Name' -> 'openemr'. Enter password then click 'Login'.

Click 'Goods & Services'.

Click 'Add Services'.

Enter 'Number' -> 'MS'. Enter 'Description' -> 'Medical Service'. Choose 'Income' -> '4320—Consulting'. Remove checks on the three tax toggles. Otherwise, keep defaults. Then click 'Save'. Your done with SQL-Ledger install, you can log-out now.

Install php-GACL

Main TOC Link

Chapter Index Link

1. Download phpgacl-3.3.6.tar.gz file from: http://sourceforge.net/project/showfiles.php?group_id=57103

2. Enter below bolded instructions on command line as root user:

#log into root

su

#unpack and place program in its proper place

cd /var/www/html

tar xvzf /location/to/file/phpgacl-3.3.6.tar.gz

mv phpgacl-* phpgacl

#create the mySQL database

mysql

At mysql> prompt type:

CREATE DATABASE gacl;

exit

3. Start phpGACL Installer via : http://localhost/phpgacl/setup.php

Close the window. (Don't worry, we will make the 'Important' directory below.)

4. Enter below bolded instructions on command line as root user:

#log into root

su

#make a phpgacl/admin/templates_c directory, and change owner

mkdir /var/www/html/phpgacl/admin/templates_c

chown -R apache:apache /var/www/html/phpgacl/admin/templates_c

#edit file /var/www/html/openemr/library/acl.inc:

mcedit /var/www/html/openemr/library/acl.inc

#uncomment and edit following line:

$phpgacl_location = "/var/www/html/phpgacl";

TEXT EDITOR SAVE AND EXIT

#Password protect the /var/www/html/phpgacl/admin directory. Will need to: FIRST add entry to apache2 config file, SECOND create a password file, and THIRD re-start apache.

#FIRST, edit file /etc/httpd/conf/httpd.conf:

mcedit /etc/httpd/conf/httpd.conf

#paste following section at end of file:

<Directory "/var/www/html/phpgacl/admin">

AuthType Basic

AuthName "ACL Administrators"

AuthUserFile /var/www/html/phpgacl/admin/.htpasswd

Require valid-user

</Directory>

TEXT EDITOR SAVE AND EXIT

#SECOND, create the password file(file is .htpasswd and user is admin)

cd /var/www/html/phpgacl/admin

htpasswd -c /var/www/html/phpgacl/admin/.htpasswd admin

-Type in a secure password

#THIRD, Re-start apache

service httpd restart

5. Configure phpGACL to use OpenEMR via: http://localhost/openemr/acl_setup.php

Close window.

6. Start phpGACL via: http://localhost/phpgacl/admin/acl_admin.php

Log in as 'admin', and with password created by the above htpasswd command.

Close window. Learn how to use later. (Your OpenEMR 'admin' user is already configured as an administrator).

Configure SSL

Main TOC Link

Chapter Index Link

1. SSL is very important, and will ensure encryption of all network traffic. This will allow safe use of a laptop over a wireless network. The protocol uses https instead of http and utilizes port 443 instead of 80. Only two configuration files will need changing. We will also firewall port 80 to ensure that the only available option will be an encrypted connection.

2. Enter below bolded instructions on command line as root user:

#log into root

su

#Edit file /var/www/html/openemr/includes/config.php. This will fix the SQL-Ledger link in the OpenEMR billing page.

mcedit /var/www/html/openemr/includes/config.php

#edit following line (yes, you're just adding an 's'):

$GLOBALS['oer_config']['ws_accounting']['url_path'] = "https://" .

$_SERVER["SERVER_NAME"] . "/sql-ledger/login.pl";

TEXT EDITOR SAVE AND EXIT

#Edit file /etc/httpd/modules.d/41_mod_ssl.default-vhost.conf.

This will ensure only high level secure encryption is used.

mcedit /etc/httpd/modules.d/41_mod_ssl.default-vhost.conf

#REMOVE the entire line below:

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

#PASTE all of below in place of the above removed line:

SSLOptions +StrictRequire

<Directory />

SSLRequireSSL

</Directory>

SSLProtocol -all +TLSv1 +SSLv3

SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM

TEXT EDITOR SAVE AND EXIT

#Re-start apache

service httpd restart

1. Firewall port 80

Click 'System' -> 'Configuration' -> 'Configure Your Computer'.

Enter 'root' user password. Then click 'OK'.

Click 'Security'.

Click 'Set up a personal...'

Ensure 'Web Server' is NOT selected. Then Click on 'Advanced'.

Enter 'Other ports' -> '443/tcp 443/udp'. Then click 'Ok'.

Click 'Ok'. Keep defaults.

Click 'Ok'. Keep defaults.

You are done. Close the window.

Upgrade to OpenEMR 2.8.2

Main TOC Link

Chapter Index Link

1. Download openemr-2.8.2.tar.gz (version 2.8.2) from sourceforge at: http://sourceforge.net/project/showfiles.php?group_id=60081

2. Enter below bolded instructions on command line as root user:

#log into root

su

#Ensure register globals in php is turned off.

#edit file /etc/php4.ini:

mcedit /etc/php4.ini

#EDIT the following variable:

register_globals = off

TEXT EDITOR SAVE AND EXIT

#restart httpd

service httpd restart

#make backup directories

mkdir /backupopenemrandfreeb

mkdir /backupopenemrandfreeb/2_8_1

#move old OpenEMR 2.8.1 to the backup directory

mv /var/www/html/openemr /backupopenemrandfreeb/2_8_1/openemr

#put the new OpenEMR 2.8.2 program in its place

cd /var/www/html

tar pxzvf /location/to/tar/openemr-2.8.2.tar.gz

mv openemr-2.8.2 /var/www/html/openemr

#secure OpenEMR

chown -Rf root:root openemr

#Need to change some file/folder permissions

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/cache

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/compiled

chown apache:apache -R /var/www/html/openemr/library/freeb

#Restore the original scanned documents directory

cp -fr /backupopenemrandfreeb/2_8_1/openemr/documents /var/www/html/openemr/

#Change file-folder permissions of documents directory

chown apache:apache -R /var/www/html/openemr/documents

#Now for the hardest part of the upgrade; editing the new config files. There are five files that need to be compared to your old config files: openemr/interface/globals.php, openemr/library/sqlconf.php, openemr/library/sql-ledger.inc, openemr/includes/config.php, and openemr/library/acl.inc . The below instructions are specific for the openemr 2.8.1 appliance(only the bolded files above require changing or copying). If you have made your own changes to the config files, then I'd recommend comparing them to ensure no other changes are needed. We will replace one file with the previous 2.8.1 config file and will edit three of the new 2.8.2 config files.

#replace new /var/www/html/openemr/library/sqlconf.php file with the old 2.8.1 file

cp /backupopenemrandfreeb/2_8_1/openemr/library/sqlconf.php /var/www/html/openemr/library/sqlconf.php

#edit file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the following bolded variables :

$sl_dbname = 'openemr'; // sql-ledger database name

$sl_dbpass = 'sql-ledger-password'; // sql-ledger database login password (click link for default above password, which is the PostgreSQL database password, and should be 'sqlledger' )

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/includes/config.php:

mcedit /var/www/html/openemr/includes/config.php

#edit the following bolded variables :

$GLOBALS['oer_config']['ws_accounting']['enabled'] = true;

$GLOBALS['oer_config']['ws_accounting']['username'] = "openemr";

$GLOBALS['oer_config']['ws_accounting']['password'] = "openemrpassword"; (click link for default above password, which is sql-ledger 'openemr' user password, and should be “openemr”)

$GLOBALS['oer_config']['ws_accounting']['url_path'] = "https://" .

$_SERVER["SERVER_NAME"] . "/sql-ledger/login.pl";

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/library/acl.inc:

mcedit /var/www/html/openemr/library/acl.inc

#uncomment below line and edit the bolded variable:

$phpgacl_location = "/var/www/html/phpgacl";

TEXT EDITOR SAVE AND EXIT

#Backup the mysql database into backup directory.

mkdir /backupopenemrandfreeb/2_8_1/mysqldatabase

mysqldump --opt --all-databases | gzip > /backupopenemrandfreeb/2_8_1/mysqldatabase/mysql_backup.gz

#Upgrade the mysql database

mysql openemr < /var/www/html/openemr/sql/2_8_1-to-2_8_2_upgrade.sql

#OPTIONAL In the appliance, I left the traditional look of OpenEMR as the default. If you want to change to the new frames look(check out the demos to decide), then you will need to edit the file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the below bolded variable :

$GLOBALS['concurrent_layout'] = true;

TEXT EDITOR SAVE AND EXIT

Upgrade to FreeB 0.12

Main TOC Link

Chapter Index Link

1. Download freeb-0.12.tar.gz (version 0.12) from sourceforge: http://sourceforge.net/project/showfiles.php?group_id=60081

2. Enter below bolded instructions on command line as root user:

#log into root

su

#move old FreeB 0.11 to the backup directory

mv /usr/share/freeb /backupopenemrandfreeb/2_8_1/freeb

#put the new FreeB 0.12 program in its place

cd /usr/share

tar xzvf /location/to/tar/freeb-0.12.tar.gz

mv freeb-* /usr/share/freeb

#secure FreeB directory

chown root:root -R /usr/share/freeb

#create a directory that apache can write to

mkdir /usr/share/freeb/public

#restore original billing files(if they exist)

cp -fr /backupopenemrandfreeb/2_8_1/freeb/public /usr/share/freeb/

#Allow apache access to public directory

chown apache:apache -R /usr/share/freeb/public

#restart the freeb service

service freeb stop

service freeb start

Admin Authorization

Main TOC Link

Chapter Index Link

1. This is to correct an annoying bug, which doesn't allow 'admin' to send bills to sql-ledger. It's easily corrected by below changes.

Log in to OpenEMR with 'admin' username and default password 'pass' at http://localhost/openemr:

Log in with 'admin' user and default password 'pass'.

Click 'Administration'.

Click 'edit' for the 'admin' user.

Set the 'Authorized:' and 'Active:' toggles to on. Set the 'See Authorizations:' to 'All'.

Then click 'Save'.

Then click 'Back'.

ALL DONE

Appendix

Main TOC Link

A. SECURITY PATCHES

Main TOC Link

2. FIX patient medical information directory security

1. The OpenEMR Appliance contains two directories, which contain confidential patient medical information. The below fix is to not allow unauthorized entry to these directories.

2. Enter below bolded instructions on command line as root user:

#log into root

su

#Ensure the following lines are included at the end of the /etc/httpd/conf/httpd.conf file.

mcedit /etc/httpd/conf/httpd.conf

#Ensure below is included at end of file (if not found, then paste below into end of file)

<Directory "/var/www/html/openemr/documents">

order deny,allow

Deny from all

</Directory>

<Directory "/var/www/html/openemr/edi">

order deny,allow

Deny from all

</Directory>

TEXT EDITOR SAVE AND EXIT

#restart apache

service httpd restart

B. Change Mandriva's 'root' user password

Main TOC Link

1. This section describes how to change the 'root' user's password. The default password is 'rootpassword'. Don't worry, this is very quick and easy.

2. We will begin by opening a console window:

Click on the Konsole icon at bottom left of Desktop.

This is the console window, and where you type command line instructions. Move on to the next step.

First, login to 'root' user. At command line type: su

Enter in the default 'root' password. At command line type: rootpassword

When password is expired, it will mandate a password change. At command line type: rootpassword

Enter a new 'root' password. At command line type: A New Root Password

Re-enter new password. At command line type: A New Root Password

Congratulations, you now have your own, secure 'root' password. This is a very important password, DO NOT FORGET IT. You can close the console window now.

C. Upgrade to OpenEMR Version 2.8.3

Main TOC Link

Please, back up all of your data, and use these instructions at your own risk.

First, upgrade OpenEMR:

1. Download openemr-2.8.3.tar.gz (version 2.8.3) from sourceforge at: http://sourceforge.net/project/showfiles.php?group_id=60081

2. Enter below bolded instructions on command line as root user:

#log into root

su

#Ensure the following lines are included at the end of the /etc/httpd/conf/httpd.conf file (this has been listed as a security patch in previous versions, and is required to not allow unauthorized viewing of patient's medical records).

mcedit /etc/httpd/conf/httpd.conf

#Ensure below is included at end of file (if not found, then paste below into end of file)

<Directory "/var/www/html/openemr/documents">

order deny,allow

Deny from all

</Directory>

<Directory "/var/www/html/openemr/edi">

order deny,allow

Deny from all

</Directory>

TEXT EDITOR SAVE AND EXIT

#restart apache

service httpd restart

#make backup directories

mkdir /backupopenemrandfreeb/2_8_2

#move old OpenEMR 2.8.2 to the backup directory

mv /var/www/html/openemr /backupopenemrandfreeb/2_8_2/openemr

#put the new OpenEMR 2.8.3 program in its place

cd /var/www/html

tar pxzvf /location/to/tar/openemr-2.8.3.tar.gz

mv openemr-2.8.3 /var/www/html/openemr

#secure OpenEMR

chown -Rf root:root openemr

#Need to change some file/folder permissions

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/cache

chown apache:apache -R /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/compiled

chown apache:apache -R /var/www/html/openemr/library/freeb

chown apache:apache -R /var/www/html/openemr/edi

#secure the /var/www/html/openemr/edi directory

chmod -R 700 /var/www/html/openemr/edi

#Restore the original scanned documents directory

cp -fr /backupopenemrandfreeb/2_8_2/openemr/documents /var/www/html/openemr/

#Change file-folder permissions of documents directory

chown apache:apache -R /var/www/html/openemr/documents

#Now for the hardest part of the upgrade; editing the new config files. There are five files that need to be compared to your old config files: openemr/interface/globals.php, openemr/library/sqlconf.php, openemr/library/sql-ledger.inc, openemr/includes/config.php, and openemr/library/acl.inc . The below instructions are specific for the openemr 2.8.2 appliance(only the bolded files above require changing or copying). If you have made your own changes to the config files, then I'd recommend comparing them to ensure no other changes are needed. We will replace one file with the previous 2.8.2 config file and will edit three of the new 2.8.3 config files.

#replace new /var/www/html/openemr/library/sqlconf.php file with the old 2.8.2 file

cp -f /backupopenemrandfreeb/2_8_2/openemr/library/sqlconf.php /var/www/html/openemr/library/sqlconf.php

#edit file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the following bolded variables :

$webserver_root = "/var/www/html/openemr";

$GLOBALS['concurrent_layout'] = false;

$sl_dbname = 'openemr'; // sql-ledger database name

$sl_dbpass = 'sql-ledger-password'; // sql-ledger database login password (click link for default above password, which is the PostgreSQL database password, and should be 'sqlledger' )

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/includes/config.php:

mcedit /var/www/html/openemr/includes/config.php

#edit the following bolded variables :

$GLOBALS['oer_config']['ws_accounting']['enabled'] = true;

$GLOBALS['oer_config']['ws_accounting']['username'] = "openemr";

$GLOBALS['oer_config']['ws_accounting']['password'] = "openemrpassword"; (click link for default above password, which is sql-ledger 'openemr' user password, and should be “openemr”)

$GLOBALS['oer_config']['ws_accounting']['url_path'] = "https://" .

$_SERVER["SERVER_NAME"] . "/sql-ledger/login.pl";

TEXT EDITOR SAVE AND EXIT

#edit file /var/www/html/openemr/library/acl.inc:

mcedit /var/www/html/openemr/library/acl.inc

#uncomment below line and edit the bolded variable:

$phpgacl_location = "/var/www/html/phpgacl";

TEXT EDITOR SAVE AND EXIT

#Backup the mysql database into backup directory.

mkdir /backupopenemrandfreeb/2_8_2/mysqldatabase

mysqldump --opt --all-databases | gzip > /backupopenemrandfreeb/2_8_2/mysqldatabase/mysql_backup.gz

#Fix a bug in the mysql upgrade script

mcedit /var/www/html/openemr/sql/2_8_2-to-2_8_3_upgrade.sql

#Delete below two lines

ALTER TABLE form_football_injury_audit

ADD `fimatchtype` int(11) NOT NULL DEFAULT 0;

TEXT EDITOR SAVE AND EXIT

#Upgrade the mysql database

mysql openemr < /var/www/html/openemr/sql/2_8_2-to-2_8_3_upgrade.sql

3. Next, need to fix the calendar bug with a patch. Download CalendarPatchMonth283.txt file, which can be found at:

   http://www.bradymd.com/CalendarPatchMonth283.txt (to download file, you may need to Right-Click the link and select 'Save Link As...')

   1. Enter below bolded instructions on command line as root user:

#log into root

su

#apply the patch (note that the 'CalendarPatchMonth283.txt' file is being copied to file named 'default.html))

cp -f /location/to/file/CalendarPatchMonth283.txt /var/www/html/openemr/interface/main/calendar/modules/PostCalendar/pntemplates/default/views/month/default.html

3. Next, need to upgrade the php-GACL access controls. Download acl_upgrade_1.txt file, which is a php script. I wrote this script, and it seems to work alright. File can be found at: http://bradymd.com/acl_upgrade_1.txt (to download file, you may need to Right-Click the link and select 'Save Link As...')

   1. Enter below bolded instructions on command line as root user:

#log into root

su

#copy upgrade script to openemr directory (note that the '.txt' is being changed to '.php')

mv /location/to/file/acl_upgrade_1.txt /var/www/html/openemr/acl_upgrade_1.php

2. Run php-gacl upgrade script via : http://localhost/openemr/acl_upgrade_1.php

Ensure you got no 'ERRORS'. Close the window.

3. OPTIONAL In the appliance, I left the traditional look of OpenEMR as the default. If you want to change to the new frames look(check out the demos to decide), then you will need to follow below instructions.

#log into root

su

#OPTIONAL If you want to change to the new frames look(check out the demos to decide), then you will need to edit the file /var/www/html/openemr/interface/globals.php:

mcedit /var/www/html/openemr/interface/globals.php

#edit the below bolded variable :

$GLOBALS['concurrent_layout'] = true;

TEXT EDITOR SAVE AND EXIT

Second, upgrade FreeB:

3. Download freeb-0.13.tar.gz (version 0.13) from sourceforge: http://sourceforge.net/project/showfiles.php?group_id=60081

4. Enter below bolded instructions on command line as root user:

#log into root

su

#move old FreeB 0.12 to the backup directory

mv /usr/share/freeb /backupopenemrandfreeb/2_8_2/freeb

#put the new FreeB 0.13 program in its place

cd /usr/share

tar xzvf /location/to/tar/freeb-0.13.tar.gz

mv freeb-* /usr/share/freeb

#secure FreeB directory

chown root:root -R /usr/share/freeb

#fix a bug with Freeb permissions, and allow execution of the /usr/share/freeb/formatbin/ub92.pl file

chmod +x /usr/share/freeb/formatbin/ub92.pl

#create a directory that apache can write to

mkdir /usr/share/freeb/public

#restore original billing files(if they exist)

cp -fr /backupopenemrandfreeb/2_8_2/freeb/public /usr/share/freeb/

#Allow apache access to public directory

chown apache:apache -R /usr/share/freeb/public

#restart the freeb service

service freeb stop

service freeb start

YOU ARE DONE

D. Useful Websites

Main TOC Link

OpenEMR links:

1. http://www.oemr.org/ (Main OpenEMR website with a good Wiki and a new forum)

2. http://sourceforge.net/projects/openemr/ (Main OpenEMR forums are here)

3. http://www.bradymd.com/appliance/ (OpenEMR 2.8.1 Virtual Machine Manual)

Virtual Machine links:

1. http://www.vmware.com/ (VMware website)

2. http://www.vmware.com/appliances/ (VMware virtual appliance explanation)

3. http://www.vmware.com/vmtn/appliances/overview.html (Another VMware virtual appliance explanation)

General EMR links:

1. http://www.linuxmednews.com/ (Open Source EMR news)

2. http://www.emrupdate.com/ (Great site and forums which discusses proprietary and open source EMRs. It also has a great actively updated price comparison for most proprietary EMR's)

3. http://ehr.gplmedicine.org/ (Great detailed reviews of OpenEMR, MirrorMed, and FreeMed)

4. http://www.bradymd.com/ (Installation instructions and quick reviews of OpenEMR, MirrorMed, FreeMed, and VistA.)

C. Author Email and License/Disclaimer

Main TOC Link

Author: Brady Miller

Email:brady@sparmy.com

www.bradymd.com

Copyright (C) <2006-2007> <Brady Miller>

This program is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation; either version 2 of the License, or

(at your option) any later version.

This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

GNU GENERAL PUBLIC LICENSE

Version 2, June 1991

Copyright (C) 1989, 1991 Free Software Foundation, Inc.

51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

Everyone is permitted to copy and distribute verbatim copies

of this license document, but changing it is not allowed.

Preamble

The licenses for most software are designed to take away your

freedom to share and change it. By contrast, the GNU General Public

License is intended to guarantee your freedom to share and change free

software--to make sure the software is free for all its users. This

General Public License applies to most of the Free Software

Foundation's software and to any other program whose authors commit to

using it. (Some other Free Software Foundation software is covered by

the GNU Lesser General Public License instead.) You can apply it to

your programs, too.

When we speak of free software, we are referring to freedom, not

price. Our General Public Licenses are designed to make sure that you

have the freedom to distribute copies of free software (and charge for

this service if you wish), that you receive source code or can get it

if you want it, that you can change the software or use pieces of it

in new free programs; and that you know you can do these things.

To protect your rights, we need to make restrictions that forbid

anyone to deny you these rights or to ask you to surrender the rights.

These restrictions translate to certain responsibilities for you if you

distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether

gratis or for a fee, you must give the recipients all the rights that

you have. You must make sure that they, too, receive or can get the

source code. And you must show them these terms so they know their

rights.

We protect your rights with two steps: (1) copyright the software, and

(2) offer you this license which gives you legal permission to copy,

distribute and/or modify the software.

Also, for each author's protection and ours, we want to make certain

that everyone understands that there is no warranty for this free

software. If the software is modified by someone else and passed on, we

want its recipients to know that what they have is not the original, so

that any problems introduced by others will not reflect on the original

authors' reputations.

Finally, any free program is threatened constantly by software

patents. We wish to avoid the danger that redistributors of a free

program will individually obtain patent licenses, in effect making the

program proprietary. To prevent this, we have made it clear that any

patent must be licensed for everyone's free use or not licensed at all.

The precise terms and conditions for copying, distribution and

modification follow.

GNU GENERAL PUBLIC LICENSE

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. This License applies to any program or other work which contains

a notice placed by the copyright holder saying it may be distributed

under the terms of this General Public License. The "Program", below,

refers to any such program or work, and a "work based on the Program"

means either the Program or any derivative work under copyright law:

that is to say, a work containing the Program or a portion of it,

either verbatim or with modifications and/or translated into another

language. (Hereinafter, translation is included without limitation in

the term "modification".) Each licensee is addressed as "you".

Activities other than copying, distribution and modification are not

covered by this License; they are outside its scope. The act of

running the Program is not restricted, and the output from the Program

is covered only if its contents constitute a work based on the

Program (independent of having been made by running the Program).

Whether that is true depends on what the Program does.

1. You may copy and distribute verbatim copies of the Program's

source code as you receive it, in any medium, provided that you

conspicuously and appropriately publish on each copy an appropriate

copyright notice and disclaimer of warranty; keep intact all the

notices that refer to this License and to the absence of any warranty;

and give any other recipients of the Program a copy of this License

along with the Program.

You may charge a fee for the physical act of transferring a copy, and

you may at your option offer warranty protection in exchange for a fee.

2. You may modify your copy or copies of the Program or any portion

of it, thus forming a work based on the Program, and copy and

distribute such modifications or work under the terms of Section 1

above, provided that you also meet all of these conditions:

a) You must cause the modified files to carry prominent notices

stating that you changed the files and the date of any change.

b) You must cause any work that you distribute or publish, that in

whole or in part contains or is derived from the Program or any

part thereof, to be licensed as a whole at no charge to all third

parties under the terms of this License.

c) If the modified program normally reads commands interactively

when run, you must cause it, when started running for such

interactive use in the most ordinary way, to print or display an

announcement including an appropriate copyright notice and a

notice that there is no warranty (or else, saying that you provide

a warranty) and that users may redistribute the program under

these conditions, and telling the user how to view a copy of this

License. (Exception: if the Program itself is interactive but

does not normally print such an announcement, your work based on

the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If

identifiable sections of that work are not derived from the Program,

and can be reasonably considered independent and separate works in

themselves, then this License, and its terms, do not apply to those

sections when you distribute them as separate works. But when you

distribute the same sections as part of a whole which is a work based

on the Program, the distribution of the whole must be on the terms of

this License, whose permissions for other licensees extend to the

entire whole, and thus to each and every part regardless of who wrote it.

Thus, it is not the intent of this section to claim rights or contest

your rights to work written entirely by you; rather, the intent is to

exercise the right to control the distribution of derivative or

collective works based on the Program.

In addition, mere aggregation of another work not based on the Program

with the Program (or with a work based on the Program) on a volume of

a storage or distribution medium does not bring the other work under

the scope of this License.

3. You may copy and distribute the Program (or a work based on it,

under Section 2) in object code or executable form under the terms of

Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable

source code, which must be distributed under the terms of Sections

1 and 2 above on a medium customarily used for software interchange; or,

b) Accompany it with a written offer, valid for at least three

years, to give any third party, for a charge no more than your

cost of physically performing source distribution, a complete

machine-readable copy of the corresponding source code, to be

distributed under the terms of Sections 1 and 2 above on a medium

customarily used for software interchange; or,

c) Accompany it with the information you received as to the offer

to distribute corresponding source code. (This alternative is

allowed only for noncommercial distribution and only if you

received the program in object code or executable form with such

an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for

making modifications to it. For an executable work, complete source

code means all the source code for all modules it contains, plus any

associated interface definition files, plus the scripts used to

control compilation and installation of the executable. However, as a

special exception, the source code distributed need not include

anything that is normally distributed (in either source or binary

form) with the major components (compiler, kernel, and so on) of the

operating system on which the executable runs, unless that component

itself accompanies the executable.

If distribution of executable or object code is made by offering

access to copy from a designated place, then offering equivalent

access to copy the source code from the same place counts as

distribution of the source code, even though third parties are not

compelled to copy the source along with the object code.

4. You may not copy, modify, sublicense, or distribute the Program

except as expressly provided under this License. Any attempt

otherwise to copy, modify, sublicense or distribute the Program is

void, and will automatically terminate your rights under this License.

However, parties who have received copies, or rights, from you under

this License will not have their licenses terminated so long as such

parties remain in full compliance.

5. You are not required to accept this License, since you have not

signed it. However, nothing else grants you permission to modify or

distribute the Program or its derivative works. These actions are

prohibited by law if you do not accept this License. Therefore, by

modifying or distributing the Program (or any work based on the

Program), you indicate your acceptance of this License to do so, and

all its terms and conditions for copying, distributing or modifying

the Program or works based on it.

6. Each time you redistribute the Program (or any work based on the

Program), the recipient automatically receives a license from the

original licensor to copy, distribute or modify the Program subject to

these terms and conditions. You may not impose any further

restrictions on the recipients' exercise of the rights granted herein.

You are not responsible for enforcing compliance by third parties to

this License.

7. If, as a consequence of a court judgment or allegation of patent

infringement or for any other reason (not limited to patent issues),

conditions are imposed on you (whether by court order, agreement or

otherwise) that contradict the conditions of this License, they do not

excuse you from the conditions of this License. If you cannot

distribute so as to satisfy simultaneously your obligations under this

License and any other pertinent obligations, then as a consequence you

may not distribute the Program at all. For example, if a patent

license would not permit royalty-free redistribution of the Program by

all those who receive copies directly or indirectly through you, then

the only way you could satisfy both it and this License would be to

refrain entirely from distribution of the Program.

If any portion of this section is held invalid or unenforceable under

any particular circumstance, the balance of the section is intended to

apply and the section as a whole is intended to apply in other

circumstances.

It is not the purpose of this section to induce you to infringe any

patents or other property right claims or to contest validity of any

such claims; this section has the sole purpose of protecting the

integrity of the free software distribution system, which is

implemented by public license practices. Many people have made

generous contributions to the wide range of software distributed

through that system in reliance on consistent application of that

system; it is up to the author/donor to decide if he or she is willing

to distribute software through any other system and a licensee cannot

impose that choice.

This section is intended to make thoroughly clear what is believed to

be a consequence of the rest of this License.

8. If the distribution and/or use of the Program is restricted in

certain countries either by patents or by copyrighted interfaces, the

original copyright holder who places the Program under this License

may add an explicit geographical distribution limitation excluding

those countries, so that distribution is permitted only in or among

countries not thus excluded. In such case, this License incorporates

the limitation as if written in the body of this License.

9. The Free Software Foundation may publish revised and/or new versions

of the General Public License from time to time. Such new versions will

be similar in spirit to the present version, but may differ in detail to

address new problems or concerns.

Each version is given a distinguishing version number. If the Program

specifies a version number of this License which applies to it and "any

later version", you have the option of following the terms and conditions

either of that version or of any later version published by the Free

Software Foundation. If the Program does not specify a version number of

this License, you may choose any version ever published by the Free Software

Foundation.

10. If you wish to incorporate parts of the Program into other free

programs whose distribution conditions are different, write to the author

to ask for permission. For software which is copyrighted by the Free

Software Foundation, write to the Free Software Foundation; we sometimes

make exceptions for this. Our decision will be guided by the two goals

of preserving the free status of all derivatives of our free software and

of promoting the sharing and reuse of software generally.

NO WARRANTY

11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY

FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN

OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES

PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED

OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF

MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS

TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE

PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,

REPAIR OR CORRECTION.

12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING

WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR

REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,

INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING

OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED

TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY

YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER

PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE

POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

How to Apply These Terms to Your New Programs

If you develop a new program, and you want it to be of the greatest

possible use to the public, the best way to achieve this is to make it

free software which everyone can redistribute and change under these terms.

To do so, attach the following notices to the program. It is safest

to attach them to the start of each source file to most effectively

convey the exclusion of warranty; and each file should have at least

the "copyright" line and a pointer to where the full notice is found.

<one line to give the program's name and a brief idea of what it does.>

Copyright (C) <year> <name of author>

This program is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation; either version 2 of the License, or

(at your option) any later version.

This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

You should have received a copy of the GNU General Public License

along with this program; if not, write to the Free Software

Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this

when it starts in an interactive mode:

Gnomovision version 69, Copyright (C) year name of author

Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.

This is free software, and you are welcome to redistribute it

under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate

parts of the General Public License. Of course, the commands you use may

be called something other than `show w' and `show c'; they could even be

mouse-clicks or menu items--whatever suits your program.

You should also get your employer (if you work as a programmer) or your

school, if any, to sign a "copyright disclaimer" for the program, if

necessary. Here is a sample; alter the names:

Yoyodyne, Inc., hereby disclaims all copyright interest in the program

`Gnomovision' (which makes passes at compilers) written by James Hacker.

<signature of Ty Coon>, 1 April 1989

Ty Coon, President of Vice

This General Public License does not permit incorporating your program into

proprietary programs. If your program is a subroutine library, you may

consider it more useful to permit linking proprietary applications with the

library. If this is what you want to do, use the GNU Lesser General

Public License instead of this License.