Patients with apostrophes in their name (including afflicted Irish Canadians such as myself) cough on the 'Inbox' listing in Oscar 12.1.
My impression is that the apostrophe character isn't HTML escaped, and the ' character is used for mySQL query.
Inbox
None, I think
Support calls from users who wonder why they can't read the labs of a certain person.
Create a user with an apostrophe in their name, like O'Connor,Robert.
Add a document or lab, so that it shows up in the patient's treating doctors inbox.
Try clicking on the lab entry in the inbox listing. It won't work. It won't say why.
Go to the patient demographic and replacing the apostrophe character in the name with a backquote character instead.
Go back to the ab entry in the inbox listing. It will now work as expected.
None.
10 minutes. My impression is wrapping the inbox listing entry printing to the page in some sort of fuction like an htmlescape() seen in a lot of programming languages.
An unfortunate wrinkle is that unless the apostrophe is in the name, it will get rejected by billing oscar module. So the office manager has to change the name for doc to read the lab, then change it back again for billing module to not reject it.
I tried this and it works for me
1) create patient O'Neill, Robert
2) Go to inbox, doc upload
3) Assign the document to the new patient, and assign the provider to logged in user
4) See the entry in the inbox, and click on the name..doc viewer shows up
5)
Hi Marc,
Thank you.
Maybe it is just the labs in the inbox (Excelleris here) that won't load up, but documents can. I will watch carefully for next time it happens to someone with an apostrophe.
I think the this bug (1320) and 1321:
Bug #1321 'Ampersand in the reason for appointment truncates everything after the ampersand'
are related.
The issue that may also be contending with is code to strip out items that could be used for SQL injection.
Diff:
This sounds like a bug.