Practices gui - bootstrap light, no pure php in smarty, html escaping in smarty

controllers/C_InsuranceCompany.class.php

@@ -14,6 +14,7 @@ function __construct($template_mod = "general") {
 		$this->assign("CURRENT_ACTION", $GLOBALS['webroot']."/controller.php?" . "practice_settings&insurance_company&");
 		$this->assign("STYLE", $GLOBALS['style']);
 		$this->assign("WEB_ROOT", $GLOBALS['webroot'] );
+		$this->assign("SUPPORT_ENCOUNTER_CLAIMS", $GLOBALS['support_encounter_claims'] );
 		$this->InsuranceCompany = new InsuranceCompany();
 	}
 

library/classes/Pharmacy.class.php

@@ -24,7 +24,7 @@ class Pharmacy extends ORDataObject{
 	var $address;
 	var $transmit_method;
 	var $email;
-	var $transmit_method_array = array("","Print", "Email" ,"Fax");
+	var $transmit_method_array; //set in constructor
 
 	/**
 	 * Constructor sets all Prescription attributes to their default value
@@ -34,6 +34,7 @@ function __construct($id = "", $prefix = "")	{
 		$this->name = "";
 		$this->email = "";
 		$this->transmit_method = 1;
+		$this->transmit_method_array = array(xl("None Selected"), xl("Print"), xl("Email"), xl("Fax"));
 		$this->_table = "pharmacies";
 		$phone  = new PhoneNumber();
 		$phone->set_type(TYPE_WORK);

templates/document_categories/general_list.html

@@ -14,13 +14,13 @@
 </style>
 {/literal}
 <script type="text/javascript">
-var deleteLabel="{xl t="Delete"}";
-var editLabel="{xl t="Edit"}";
+var deleteLabel="{xl t="Delete"|escape:'html'}";
+var editLabel="{xl t="Edit"|escape:'html'}";
 </script>
 <script type="text/javascript" src="{$WEBROOT}/library/js/CategoryTreeMenu.js?v={php}echo $GLOBALS['v_js_includes'];{/php}"></script>
 <table>
 	<tr>
-		<td height="20" valign="top">{xl t="Document Categories"}</td>
+		<td height="20" valign="top">{xl t="Document Categories"|escape:'html'}</td>
 	</tr>
 	<tr>
 		<td valign="top">{$tree_html}</td>
@@ -31,29 +31,29 @@
 		<td width="25"></td>
 		<td valign="top">
     {if $add_node eq true}
-		{xl t="This new category will be a sub-category of "} {$parent_name}<br>
+		{xl t="This new category will be a sub-category of "|escape:'html'} {$parent_name|escape:'html'}<br>
 		{/if}
 		<form method="post" action="{$FORM_ACTION}" onsubmit="return top.restoreSession()">
 
     <table>
       <tr>
-        <td>{xl t="Category Name"}&nbsp;</td>
-        <td><input type="text" name="name" value="{$NAME}" onKeyDown="PreventIt(event)" /></td>
+        <td>{xl t="Category Name"|escape:'html'}&nbsp;</td>
+        <td><input type="text" name="name" value="{$NAME|escape:'html'}" onKeyDown="PreventIt(event)" /></td>
       </tr>
       <tr>
-        <td>{xl t="Value"}&nbsp;</td>
-		    <td><input type="text" name="value" value="{$VALUE}" onKeyDown="PreventIt(event)" ></td>
+        <td>{xl t="Value"|escape:'html'}&nbsp;</td>
+		    <td><input type="text" name="value" value="{$VALUE|escape:'html'}" onKeyDown="PreventIt(event)" ></td>
       </tr>
       <tr>
-        <td>{xl t="Access Control"}&nbsp;</td>
+        <td>{xl t="Access Control"|escape:'html'}&nbsp;</td>
 		    <td><select name="aco_spec">{$ACO_OPTIONS}</select></td>
       </tr>
     </table>
     &nbsp;<br />
 
-		<input type="submit" name="Add Category" value="{xl t='Save Category'}">
-		<input type="hidden" name="parent_is" value="{$parent_is}">
-		<input type="hidden" name="process" value="{$PROCESS}" />
+		<button type="submit" name="Add Category" class="btn btn-default btn-save">{xl t='Save Category'|escape:'html'}</button>
+		<input type="hidden" name="parent_is" value="{$parent_is|escape:'html'}">
+		<input type="hidden" name="process" value="{$PROCESS|escape:'html'}" />
 		</form>
 		</td>
 		{/if}

templates/documents/general_queue.html

@@ -1,50 +1,56 @@
-{literal}
-<head>
-<script language="javascript">
-function submit_documents()
-{
-    top.restoreSession();
-    document.queue.submit();
-}
-</script>
-</head>
-{/literal}
-
-<a href="controller.php?practice_settings&{$TOP_ACTION}document_category&action=list" onclick="top.restoreSession()" class="css_button" >
-<span>{xl t='Edit Categories'}</span></a><a href="#" onclick="submit_documents();" class="css_button" target="_self" ><span>{xl t='Update files'}</span></a>
-<input type="hidden" name="process" value="{$PROCESS}" /><br><br>
+<div class="btn-group">
+    <a href="controller.php?practice_settings&{$TOP_ACTION}document_category&action=list" onclick="top.restoreSession()" class="btn btn-default btn-edit" >
+        {xl t='Edit Categories'|escape:'html'}
+    </a>
+    <a href="#" onclick="submit_documents();" class="btn btn-default btn-transmit" target="_self" onclick="top.restoreSession()">
+        {xl t='Update files'|escape:'html'}
+    </a>
+</div>
+<input type="hidden" name="process" value="{$PROCESS|escape:'html'}" /><br><br>
 
 <form name="queue" method="post" action="{$FORM_ACTION}" onsubmit="return top.restoreSession()">
-<table cellpadding="1" class="showborder">
+<table class="table table-responsive table-striped">
 	<tr class="center_display">
 		<td colspan="6">{$messages}</td>
 	</tr>
 	<tr class="showborder_head">
-		<th colspan="2" width="110px">{xl t='Name'}</td>
-		<th width="100px">{xl t='Date'}</td>
-		<th width="200px">{xl t='Patient'}</td>
-		<th colspan="2">{xl t='Category'}</td>
+		<th colspan="2" width="110px">{xl t='Name'|escape:'html'}</td>
+		<th width="100px">{xl t='Date'|escape:'html'}</td>
+		<th width="200px">{xl t='Patient'|escape:'html'}</td>
+		<th colspan="2">{xl t='Category'|escape:'html'}</td>
 	</tr>
 	{foreach name=queue_list from=$queue_files item=file}
 	<tr>
 		<td><input type="checkbox" name="files[{$file.document_id}][active]" value="1" {if is_numeric($file.patient_id)}checked{/if}></td>
 
-		<td><a href="{$file.web_path}" onclick="top.restoreSession()">{$file.filename}</a><input type="hidden" name="files[{$file.document_id}][name]" value="{$file.filename}"></td>
+		<td><a href="{$file.web_path}" onclick="top.restoreSession()">{$file.filename}</a><input type="hidden" name="files[{$file.document_id|escape:'html'}][name]" value="{$file.filename|escape:'html'}"></td>
 
-		<td>{$file.mtime}</td>
+		<td>{$file.mtime|escape:'html'}</td>
 
-		<td><input type="text" name="files[{$file.document_id}][patient_id]" size="5" value="{$file.patient_id}"><input type="hidden" name="patient_name" value=""></td>
+		<td><input type="text" name="files[{$file.document_id|escape:'html'}][patient_id]" size="5" value="{$file.patient_id|escape:'html'}"><input type="hidden" name="patient_name" value=""></td>
 
 		<td><a href="javascript:{literal}{}{/literal}" onclick="top.restoreSession();var URL='controller.php?patient_finder&find&form_id=queue{"['files[`$file.document_id`][patient_id]']"|escape:"url"}&form_name=patient_name'; window.open(URL, 'queue', 'toolbar=0,scrollbars=1,location=0,statusbar=1,menubar=0,resizable=1,width=450,height=400,left = 425,top = 250');"><img src="images/stock_search-16.png" border="0"</a>&nbsp;&nbsp;&nbsp;</td>
 		<td><select name="files[{$file.document_id}][category_id]">{$tree_html_listbox}</select></td>
 
 	</tr>
 	{foreachelse}
 	<tr height="25" class="center_display">
-		<td colspan="6">{xl t='No Documents Found'}</td>
+		<td colspan="6">{xl t='No Documents Found'|escape:'html'}</td>
 	</tr>
 	{/foreach}
 
 </table><br><br>
 
 </form>
+
+{literal}
+<head>
+<script language="javascript">
+function submit_documents()
+{
+    top.restoreSession();
+    document.queue.submit();
+}
+</script>
+</head>
+{/literal}

templates/hl7/general_parse.html

@@ -1,7 +1,5 @@
 <html>
 <head>
-{php}html_header_show();{/php}
-
 </head>
 <body bgcolor="{$STYLE.BGCOLOR2}">
 <form name="prescribe" method="post" action="{$FORM_ACTION}" onsubmit="return top.restoreSession()">
@@ -13,31 +11,38 @@
 NK1|JOHNSON^JOAN^K|WIFE||||||NK^NEXT OF KIN
 PV1|1|I|2000^2053^01||||004777^FISHER^BEN^J.|||SUR||||ADM|A0|</td></tr>-->
 <tr>
-<td colspan="2"><b>{xl t='Paste HL7 Data'}</b></td>
+<td colspan="2"><b>{xl t='Paste HL7 Data'|escape:'html'}</b></td>
 </tr>
 <tr height="25">
 	<td colspan="2" ><textarea rows="10" wrap="virtual" cols="70" name="hl7data"></textarea><br /><br />
 	</td></tr>
 	<tr class="text"><td colspan="2">
-	<a href="javascript:document.forms[0].reset();" class="css_button"><span>{xl t='Clear HL7 Data'}</span></a><a href="javascript:document.forms[0].submit();" class="css_button" ><span>{xl t='Parse HL7'}</span></a>
+	<div class="btn-group">
+	    <a href="javascript:document.forms[0].reset();" class="btn btn-default btn-delete" onclick="top.restoreSession()">
+	        {xl t='Clear HL7 Data'|escape:'html'}
+	    </a>
+	    <a href="javascript:document.forms[0].submit();" class="btn btn-default btn-transmit" onclick="top.restoreSession()">
+	        {xl t='Parse HL7'|escape:'html'}
+	    </a>
+	</div>
 	</td>
 
 {if $hl7_message_err}
-	<tr height="25"><td colspan="2">{$hl7_message_err}</td></tr>
+	<tr height="25"><td colspan="2">{$hl7_message_err|escape:'html'}</td></tr>
 {/if}
 {if $hl7_array}
-	<tr class="text"><td colspan="2">
+	<tr><td colspan="2">
 	<table class="showborder">
 	{foreach from=$hl7_array item=hl7item key=hl7key}
-	<tr height="25"><td colspan="3">{$hl7key}</td></tr>
+	<tr height="25"><td colspan="3">{$hl7key|escape:'html'}</td></tr>
 		{foreach from=$hl7item item=segment_val key=segment_name}
-			<tr><td>&nbsp;</td><td>{$segment_name}: </td><td>{$segment_val}</td></tr>
+			<tr><td>&nbsp;</td><td>{$segment_name|escape:'html'}: </td><td>{$segment_val|escape:'html'}</td></tr>
 		{/foreach}
 	{/foreach}
 	</table>
 	</td></tr>
 {/if}
-<input type="hidden" name="process" value="{$PROCESS}" />
+<input type="hidden" name="process" value="{$PROCESS|escape:'html'}" />
 </table>
 </form>