Skip to content
Permalink
Browse files
bug fix e4
  • Loading branch information
bradymiller committed Jul 28, 2022
1 parent 74d2103 commit 2973592bc7b1f4996738a6fd27d1e277e33676b6
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 8 deletions.
@@ -17,8 +17,18 @@

use OpenEMR\Common\Acl\AclMain;
use OpenEMR\Common\Csrf\CsrfUtils;
use OpenEMR\Common\Twig\TwigContainer;
use OpenEMR\Core\Header;


//ensure user has proper access
if (!AclMain::aclCheckCore('patients', 'amendment')) {
echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Amendments")]);
exit;
}
$editAccess = AclMain::aclCheckCore('patients', 'amendment', '', 'write');
$addAccess = ($editAccess || AclMain::aclCheckCore('patients', 'amendment', '', 'addonly'));

if (isset($_POST['mode'])) {
if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
CsrfUtils::csrfNotVerified();
@@ -28,6 +38,10 @@
$created_time = date('Y-m-d H:i');
if ($_POST["amendment_id"] == "") {
// New. Insert
if (!$addAccess) {
echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Amendment Add")]);
exit;
}
$query = "INSERT INTO amendments SET
amendment_date = ?,
amendment_by = ?,
@@ -50,6 +64,10 @@
} else {
$amendment_id = $_POST['amendment_id'];
// Existing. Update
if (!$editAccess) {
echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Amendment Edit")]);
exit;
}
$query = "UPDATE amendments SET
amendment_date = ?,
amendment_by = ?,
@@ -102,12 +120,9 @@
$resultSet = sqlStatement($query, array($amendment_id));
}

// Check the ACL
$haveAccess = AclMain::aclCheckCore('patients', 'trans');
$onlyRead = ( $haveAccess ) ? 0 : 1;
$onlyRead = ( $editAccess || ($addAccess && empty($amendment_id)) ) ? 0 : 1;
$onlyRead = ( $onlyRead || (!empty($amendment_status)) ) ? 1 : 0;
$customAttributes = ( $onlyRead ) ? array("disabled" => "true") : null;

?>

<html>
@@ -852,7 +852,7 @@ function setMyPatient() {
}

<?php
if (!empty($GLOBALS['right_justify_labels_demographics']) && ($_SESSION['language_direction'] == 'ltr')) { ?>
if (!empty($GLOBALS['right_justify_labels_demographics']) && ($_SESSION['language_direction'] == 'ltr')) { ?>
div.tab td.label_custom, div.label_custom {
text-align: right !important;
}
@@ -863,7 +863,7 @@ function setMyPatient() {
}
<?php
} ?>

<?php
// This is for layout font size override.
$grparr = array();
@@ -881,7 +881,7 @@ function setMyPatient() {
#DEM .label {
font-size: <?php echo attr($FONTSIZE); ?>rem;
}

#DEM .data {
font-size: <?php echo attr($FONTSIZE); ?>rem;
}
@@ -1218,7 +1218,7 @@ function setMyPatient() {
'btnCLass' => '',
'linkMethod' => 'html',
'bodyClass' => 'notab collapse show',
'auth' => AclMain::aclCheckCore('patients', 'amendment', '', 'write'),
'auth' => AclMain::aclCheckCore('patients', 'amendment', '', ['write', 'addonly']),
'amendments' => $amendments,
'prependedInjection' => $dispatchResult->getPrependedInjection(),
'appendedInjection' => $dispatchResult->getAppendedInjection(),
@@ -15,8 +15,15 @@
require_once("../../globals.php");
require_once("$srcdir/options.inc.php");

use OpenEMR\Common\Acl\AclMain;
use OpenEMR\Common\Twig\TwigContainer;
use OpenEMR\Core\Header;

//ensure user has proper access
if (!AclMain::aclCheckCore('patients', 'amendment')) {
echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Amendment List")]);
exit;
}
?>

<html>
@@ -15,8 +15,16 @@
require_once("../../globals.php");
require_once("$srcdir/options.inc.php");

use OpenEMR\Common\Acl\AclMain;
use OpenEMR\Common\Twig\TwigContainer;
use OpenEMR\Core\Header;

//ensure user has proper access
if (!AclMain::aclCheckCore('patients', 'amendment')) {
echo (new TwigContainer(null, $GLOBALS['kernel']))->getTwig()->render('core/unauthorized.html.twig', ['pageTitle' => xl("Amendment Print")]);
exit;
}

$amendments = $_REQUEST["ids"];
$amendments = rtrim($amendments, ",");
$amendmentsList = explode(",", $amendments);

0 comments on commit 2973592

Please sign in to comment.