LibreHealthIO · maggienegm · Jul 11, 2020 · Jul 12, 2020
diff --git a/interface/super/manage_site_files.php b/interface/super/manage_site_files.php
@@ -22,42 +22,10 @@
 
 if (!acl_check('admin', 'super')) die(htmlspecialchars(xl('Not authorized')));
 
-// Prepare array of names of editable files, relative to the site directory.
-$my_files = array(
-  'config.php',
-  'faxcover.txt',
-  'faxtitle.eps',
-  'referral_template.html',
-  'statement.inc.php',
-  'letter_templates/custom_pdf.php',
-  'menu_data.json',
-);
-// Append LBF plugin filenames to the array.
-$lres = sqlStatement('SELECT * FROM list_options ' .
-  "WHERE list_id = 'lbfnames' ORDER BY seq, title");
-while ($lrow = sqlFetchArray($lres)) {
-  $option_id = $lrow['option_id']; // should start with LBF
-  $title = $lrow['title'];
-  $my_files[] = "LBF/$option_id.plugin.php";
-}
-
-$form_filename = strip_escape_custom($_REQUEST['form_filename']);
-// Sanity check to prevent evildoing.
-if (!in_array($form_filename, $my_files)) $form_filename = '';
-$filepath = "$OE_SITE_DIR/$form_filename";
-
 $imagedir     = "$OE_SITE_DIR/images";
 $educationdir = "$OE_SITE_DIR/filemanager/files/education";
 
 if (!empty($_POST['bn_save'])) {
-  if ($form_filename) {
-    // Textareas, at least in Firefox, return a \r\n at the end of each line
-    // even though only \n was originally there.  For consistency with
-    // normal LibreEHR usage we translate those back.
-    file_put_contents($filepath, str_replace("\r\n", "\n",
-      $_POST['form_filedata']));
-    $form_filename = '';
-  }
 
   $number_of_files = count($_FILES['form_image']['name']);
   for ($i=0; $i <$number_of_files ; $i++) { 
@@ -150,31 +118,6 @@ function msfFileChanged() {
 <p>
 <table border='1' width='95%'>
 
- <tr bgcolor='#dddddd' class='dehead'>
-  <td colspan='2' align='center'><?php echo htmlspecialchars(xl('Edit File in') . " $OE_SITE_DIR"); ?></td>
- </tr>
-
- <tr>
-  <td valign='top' class='detail' nowrap>
-   <select name='form_filename' onchange='msfFileChanged()'>
-    <option value=''></option>
-<?php
-  foreach ($my_files as $filename) {
-    echo "    <option value='" . htmlspecialchars($filename, ENT_QUOTES) . "'";
-    if ($filename == $form_filename) echo " selected";
-    echo ">" . htmlspecialchars($filename) . "</option>\n";
-  }
-?>
-   </select>
-   <br />
-   <textarea name='form_filedata' rows='25' style='width:100%'><?php
-  if ($form_filename) {
-    echo htmlspecialchars(@file_get_contents($filepath));
-  }
-?></textarea>
-  </td>
- </tr>
-
  <tr bgcolor='#dddddd' class='dehead'>
   <td colspan='2' align='center'><?php echo htmlspecialchars(xl('Upload Image to') . " $imagedir"); ?></td>
  </tr>

diff --git a/interface/super/rules/controllers/browse/controller.php b/interface/super/rules/controllers/browse/controller.php
@@ -15,7 +15,11 @@ function _action_list() {
     }
 
     function _action_plans_config() {
-    	$this->set_view( "plans_config.php" );
+        // This file isn't currently being used and plans_config.php has security vulnerabilities.
+        // Thus, the original code has been commented out and an error message is displayed instead.
+
+        // $this->set_view( "plans_config.php" );
+        $this->_action_error();
     }
 
     function _action_getrows() {

diff --git a/patient_portal/patient/scripts/app/onsitedocuments.js b/patient_portal/patient/scripts/app/onsitedocuments.js
@@ -279,30 +279,36 @@ var page = {
             restoreDocumentEdits();
         }
         else{
-            var liburl = webRoot+'/patient_portal/lib/download_template.php';
-            $.ajax({
-                type: "POST",
-                url: liburl,
-                data: {docid: docname, pid: pid},
-                beforeSend: function(xhr){
-                    console.log("Please wait...");
-                },
-                error: function(qXHR, textStatus, errorThrow){
-                    console.log("There was an error");
-                },
-                success: function(templateHtml, textStatus, jqXHR){
-                    $("#docid").val(docname);
-                    $('#templatecontent').empty().append(templateHtml);
-                    if( isNewDoc ){
-                        isNewDoc = false;
-                        page.isSaved = false;
-                        $("#printTemplate").hide();
-                        $("#submitTemplate").hide();
-                        $("#sendTemplate").hide();
-                        page.onsiteDocument.set('fullDocument',templateHtml);        
-                    }
-                }
-            });
+            // This file isn't currently being used and download_template.php includes security vulnerabilites.
+            // Thus, the original code has been commented out and an error message is displayed instead.
+
+            // var liburl = webRoot+'/patient_portal/lib/download_template.php';
+            // $.ajax({
+            //     type: "POST",
+            //     url: liburl,
+            //     data: {docid: docname, pid: pid},
+            //     beforeSend: function(xhr){
+            //         console.log("Please wait...");
+            //     },
+            //     error: function(qXHR, textStatus, errorThrow){
+            //         console.log("There was an error");
+            //     },
+            //     success: function(templateHtml, textStatus, jqXHR){
+            //         $("#docid").val(docname);
+            //         $('#templatecontent').empty().append(templateHtml);
+            //         if( isNewDoc ){
+            //             isNewDoc = false;
+            //             page.isSaved = false;
+            //             $("#printTemplate").hide();
+            //             $("#submitTemplate").hide();
+            //             $("#sendTemplate").hide();
+            //             page.onsiteDocument.set('fullDocument',templateHtml);
+            //         }
+            //     }
+            // });
+
+            app.appendAlert('An unexpected error has occurred.', 'alert-error',0,'modelAlert');
+            app.hideProgress('modelLoader');
         }
         var cdate = page.onsiteDocument.get('createDate')
         var s = page.onsiteDocument.get('denialReason')

diff --git a/templates/documents/general_upload.php b/templates/documents/general_upload.php
@@ -48,19 +48,6 @@
 <input type="hidden" name="process" value="<?php echo self::PROCESS;?>" />
 </form>
 
-<!-- Section for document template download -->
-<form method='post' action='interface/patient_file/download_template.php' onsubmit='return top.restoreSession()'>
-    <input type='hidden' name='patient_id' value='<?php echo $this->patient_id;?>' />
-<p class='text bold'>
-    <?php echo xlt("Download document template for this patient and visit");?> 
-</p>
-<p class='text'>
- <select name='form_filename'><?php echo $this->templates_list;?></select> &nbsp;
- <input type='submit' value='Fetch' />
-</p>
-</form>
-<!-- End document template download section -->
-
 <?php if(!empty($this->file)) {?>
 <div class="text bold">
 		<br/>