#1321 Ampersand in the 'reason for appointment' truncates everything after ampersand

[Robert O'Connor]

Change Description (incl. Benefits)

Ampersands in the reason for appt will truncate everything else after ampersand when written at the top of the newly created progress note for that appointment. My impression is that the ampersand is a special character for a URL get/post and it isn't HTML escaped.

OSCAR Interaction points

The 'toilet paper roll' progres notes, and the appointment view daysheet.

Integration risks

None

Risk if not incorporated

The reading doctor misses out the stuff after the ampersand as the reason for the appt. For example, the appt saw Check BP & Check toe and the doc only did the BP check.

Minimum testing requirements/process

(1) In the daysheet view, create a new appointment for an existing patient, and the reason for appointment is:
Check BP & Check toe
(2) In the daysheet view, click on the newly created appointment.
(3) Now in the 'toilet paper roll', at the top it reads: Check BP
(4) Make another appointment for the same patient that says:
Check BP and Check toe
(5) In the daysheet view, click on this second newly created appointment.
(6) Now in the 'toilet paper roll', at the top it reads: Check BP and Check toe

Training requirements to support changes

None. It actually removes training requirement to try to explain why the ampersand is truncating things. Ampersands are common since there is a fixed limit of characters for the appointment field.

Time Estimate

10 minutes. Likely an htmlescape() type of function

[Robert O'Connor]

As an appendum the plus sign + gets stripped out. So an appointment of:
toe + fungus
will come up as
toe fungus
when start the EMR progress note.

I wonder, as as well as HTML special characters, if there is a relationship to likely code to try to stop SQL injection attacks.

[Jay Gallagher]

This sounds like a bug.

[Marc Dumontier]

moved to bug tracker

https://sourceforge.net/p/oscarmcmaster/bugs/4333/