fix: Fix Nation Notes unable to share templates (openemr#7144)

* Fix Nation Notes unable to share templates - add prevent default to keep form from submitting on button - fix numerous php warnings - fix sql query error for orphan query - some restyle for colors * - add allow share templaes between NN and Text Notes - adjust dialog - fix escape for attr from htmlspecialchar refactor * - fix component list to match theming
sjpadgett · Jan 5, 2024 · 9e7ce34 · 9e7ce34
1 parent 827a4c0
commit 9e7ce34
Show file tree

Hide file tree

Showing 5 changed files with 178 additions and 186 deletions.
diff --git a/interface/forms/LBF/new.php b/interface/forms/LBF/new.php
@@ -466,7 +466,7 @@ function verifyCancel() {
                 e.stopPropagation();
                 let url = $(this).attr('href');
                 url = encodeURI(url);
-                dlgopen('', '', 950, 550, '', '', {
+                dlgopen('', '', 950, 650, '', '', {
                     buttons: [
                         {text: <?php echo xlj('Close'); ?>, close: true, style: 'default btn-sm'}
                     ],

diff --git a/library/ajax/template_context_search.php b/library/ajax/template_context_search.php
@@ -37,16 +37,15 @@
     cl2.cl_deleted = 0 And
     cl3.cl_list_type = 3 And
     cl3.cl_deleted = 0 And
-    cl2.cl_list_item_long Like ? And
-    cl3.cl_creator = ?
+    cl2.cl_list_item_long Like ?
 Group By
     cl2.cl_list_item_long
 createQuery;
 
 $search = $_GET['search'];
 $eSearch = "%" . $search . "%";
 $results = [];
-$r = sqlStatementNoLog($cq, array($eSearch, (int)$_SESSION['authUserID']));
+$r = sqlStatementNoLog($cq, array($eSearch));
 
 while ($result = sqlFetchArray($r)) {
     $results[] = array_map('text', $result);

diff --git a/library/custom_template/ajax_code.php b/library/custom_template/ajax_code.php
@@ -31,12 +31,12 @@
 
 use OpenEMR\Common\Acl\AclMain;
 
-$templateid = $_REQUEST['templateid'];
-$Source = $_REQUEST['source'];
-$list_id = $_REQUEST['list_id'];
-$item = $_REQUEST['item'];
-$multi = $_REQUEST['multi'];
-$content = $_REQUEST['content'];
+$templateid = $_REQUEST['templateid'] ?? '';
+$Source = $_REQUEST['source'] ?? '';
+$list_id = $_REQUEST['list_id'] ?? '';
+$item = $_REQUEST['item'] ?? '';
+$multi = $_REQUEST['multi'] ?? '';
+$content = $_REQUEST['content'] ?? '';
 
 if ($Source == "add_template") {
     $arr = explode("|", $multi);
@@ -86,18 +86,17 @@
     $selcont = sqlQuery("SELECT * FROM customlists WHERE cl_list_slno=? AND cl_list_type=2 AND cl_deleted=0", array($selcat['cl_list_id']));
     $cnt = sqlNumRows($res);
     if ($cnt) {
-        echo "<table width='100%'>";
-        echo "<tr class='text'><th colspan=2  style='background-color:var(--white)'>" . htmlspecialchars(xl('Preview of'), " " . $selcat['cl_list_item_long'] . "(" . $selcont['cl_list_item_long'] . ")", ENT_QUOTES) . "</th></tr>";
+        echo "<table class='table table-dark table-striped table-sm'>";
+        echo "<tr class='text bg-dark text-light'><th colspan=2 class='text bg-dark text-light'>" . text(xl('Preview of') . " " . $selcat['cl_list_item_long'] . "(" . $selcont['cl_list_item_long'] . ")") . "</th></tr>";
         $i = 0;
         while ($row = sqlFetchArray($res)) {
             $i++;
-            $class = ($class == 'reportTableOddRow') ? 'reportTableEvenRow' : 'reportTableOddRow';
-            echo "<tr class='text'><td style='background-color:var(--white)'>" . $i . "</td><td style='background-color:#ffffff'>" . htmlspecialchars($row['cl_list_item_long'], ENT_QUOTES) . "</td></tr>";
+            echo "<tr class='text'><td class='bg-dark text-light'>" . text($i) . "</td><td>" . htmlspecialchars($row['cl_list_item_long'], ENT_QUOTES) . "</td></tr>";
         }
         echo "</table>";
     } else {
         echo "<table width='100%'>";
-        echo "<tr class='text'><th colspan=2  style='background-color:var(--white)'>" . htmlspecialchars(xl('No items under selected category'), ENT_QUOTES) . "</th></tr>";
+        echo "<tr class='text bg-dark text-light'><th colspan=2>" . htmlspecialchars(xl('No items under selected category'), ENT_QUOTES) . "</th></tr>";
         echo "</table>";
     }
     $Source = "add_template";
@@ -158,7 +157,7 @@
     $i = 0;
     while ($row = sqlFetchArray($res)) {
         $i++;
-        echo "<li id='clorder_" . htmlspecialchars($row['cl_list_slno'], ENT_QUOTES) . "' style='cursor:pointer'><span>";
+        echo "<li class='bg-dark text-light' id='clorder_" . htmlspecialchars($row['cl_list_slno'], ENT_QUOTES) . "' style='cursor:pointer'><span class='bg-dark text-light'>";
         if (AclMain::aclCheckCore('nationnotes', 'nn_configure')) {
             echo "<img src='" . $GLOBALS['images_static_relative'] . "/b_edit.png' onclick=update_item_div('" . htmlspecialchars($row['cl_list_slno'], ENT_QUOTES) . "')>";
         }
@@ -171,9 +170,9 @@
         echo "</span></li>";
     }
     if (AclMain::aclCheckCore('nationnotes', 'nn_configure') && $templateid) {
-        echo "<li style='cursor:pointer'><span onclick='add_item()'>" . htmlspecialchars(xl('Click to add new components'), ENT_QUOTES);
+        echo "<li class='bg-dark text-light' style='cursor:pointer'><span class='bg-dark text-light' onclick='add_item()'>" . htmlspecialchars(xl('Click to add new components'), ENT_QUOTES);
         echo "</span><div id='new_item' style='display:none' class='w-100'>";
-        echo "<textarea name='item' id='item' class='w-100'></textarea><br />";
-        echo "<input type='button' name='save' value='" . htmlspecialchars(xl('Save'), ENT_QUOTES) . "' onclick='save_item()'><input type='button' name='cancel' value='" . htmlspecialchars(xl('Cancel'), ENT_QUOTES) . "' onclick=cancel_item('" . htmlspecialchars($row['cl_list_slno'], ENT_QUOTES) . "')></div></li>";
+        echo "<textarea name='item' id='item' class='w-100 bg-dark text-light'></textarea><br />";
+        echo "<input type='button' name='save' value='" . htmlspecialchars(xl('Save'), ENT_QUOTES) . "' onclick='save_item()'><input type='button' name='cancel' value='" . htmlspecialchars(xl('Cancel'), ENT_QUOTES) . "' onclick=cancel_item('" . attr_js($row['cl_list_slno'] ?? '') . "')></div></li>";
     }
 }
diff --git a/library/custom_template/custom_template.php b/library/custom_template/custom_template.php
@@ -132,7 +132,7 @@ function refreshme() {
         $(".iframe_medium").on('click', function (e) {
             e.preventDefault();
             e.stopPropagation();
-            dlgopen('', '', 725, 500, '', '', {
+            dlgopen('', '', 725, 575, '', '', {
                 buttons: [
                     {text: '<?php echo xla('Close'); ?>', close: true, style: 'secondary btn-sm'}
                 ],