Fix templates and pdf to allow images and barcodes (openemr#6033)

* Fix templates and pdf to allow images and barcodes
- add config items to HTML Purifier

* - restyle signature ped

portal/lib/doc_lib.php

@@ -120,15 +120,28 @@
  if ($_SESSION['language_direction'] == 'rtl') {
  $pdf->SetDirectionality('rtl');
  }
+
+ // snatch style tags content to insert after content purified
+ $style_flag = preg_match('#<\s*?style\b[^>]*>(.*?)</style\b[^>]*>#s', $htmlin, $style_matches);
+ $style = str_replace('<style type="text/css">', '<style>', $style_matches);
+ $pos = stripos($htmlin, "<style>");
+ $pos1 = stripos($htmlin, "</style>");
+
  // purify html
  $config = HTMLPurifier_Config::createDefault();
- $config->set('URI.AllowedSchemes', array('data' => true));
-
+ $config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true));
  $purify = new \HTMLPurifier($config);
  $htmlin = $purify->purify($htmlin);
  // need to create custom stylesheet for templates
  // also our styles_pdf.scss isn't being compiled!!!
- $stylesheet = "<style>.signature {max-height:65px; height:65px !important;width:auto !important;}</style>";
+ // replace existing style tag in template after purifies removes! why!!!
+ // e,g this scheme gets removed <html><head><body> etc
+ if ($pos !== false && $pos1 !== false && !empty($style[0] ?? '')) {
+ $stylesheet = ".signature {max-height:65px; height:65px !important;width:auto !important;}</style>";
+ $stylesheet = str_replace('</style>', $stylesheet, $style[0]);
+ } else {
+ $stylesheet = "<style>.signature {max-height:65px; height:65px !important;width:auto !important;}</style>";
+ }
  $htmlin = "<!DOCTYPE html><html><head>" . $stylesheet . "</head><body>$htmlin</body></html>";
 
  $pdf->writeHtml($htmlin);

portal/lib/download_template.php

@@ -509,12 +509,23 @@ function doSubs($s)
  $encounter
  ));
 }
-$template = $templateService->fetchTemplate($form_id);
-$edata = $template['template_content'];
-
+// From database
+$template = $templateService->fetchTemplate($form_id)['template_content'];
+// snatch style tag content to replace after content purified. Ho-hum!
+$style_flag = preg_match('#<\s*?style\b[^>]*>(.*?)</style\b[^>]*>#s', $template, $style_matches);
+$style = str_replace('<style type="text/css">', '<style>', $style_matches);
 // purify html (and remove js)
-$edata = (new \HTMLPurifier(\HTMLPurifier_Config::createDefault()))->purify($edata);
-
+$config = \HTMLPurifier_Config::createDefault();
+$purify = new \HTMLPurifier($config);
+$edata = $purify->purify($template);
+// insert style tag from raw template content
+if ($style_flag && !empty($style[0] ?? '')) {
+ $edata = $style[0] . $edata;
+}
+// Purify escapes URIs.
+// Add back escaped directive delimiters so any directives in a URL will be parsed by our engine.
+$edata = str_replace('%7B', '{', $edata);
+$edata = str_replace('%7D', '}', $edata);
 // do the substitutions (ie. magic)
 $edata = doSubs($edata);
 

portal/sign/assets/signer_api.js

@@ -2,7 +2,7 @@
  * @package OpenEMR
  * @link http:https://www.open-emr.org
  * @author Jerry Padgett <[email protected]>
- * @copyright Copyright (c) 2016-2021 Jerry Padgett <[email protected]>
+ * @copyright Copyright (c) 2016-2022 Jerry Padgett <[email protected]>
  * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  */
 
@@ -356,12 +356,9 @@ function initSignerApi() {
  $(function (global) {
  var wrapper = document.getElementById("openSignModal");
  var canvasOptions = {
- minWidth: 1.00,
- maxWidth: 2.75,
- penColor: 'rgb(0, 0, 0)',
- minDistance: 4,
- /*throttle: 0,*/
- velocityFilterWeight: .5,
+ minWidth: 3.00,
+ maxWidth: 5.00,
+ penColor: 'rgb(0, 0, 255)',
  };
  var openPatientButton = document.querySelector("[data-type=patient-signature]");
  var openAdminButton = document.querySelector("[data-type=admin-signature]");