<body class="body_title"> <?php $result = getPatientData($pid, "fname,lname,pid,pubpid,phone_home,pharmacy_id,DOB,DATE_FORMAT(DOB,'%Y%m%d') as DOB_YMD"); $provider_results = sqlQuery("select * from users where username=?", array($_SESSION["authUser"])); $age = getPatientAge($result["DOB_YMD"]); $info = 'ID: ' . $result['pubpid']; if ($result['DOB']) { $info .= ', ' . xl('DOB') . ': ' . $result['DOB'] . ', ' . xl('Age') . ': ' . $age; } if ($result['phone_home']) { $info .= ', ' . xl('Home') . ': ' . $result['phone_home']; } if ($result['pharmacy_id']) { $pharmacy = new Pharmacy($result['pharmacy_id']); if ($pharmacy->get_phone()) { $info .= ', ' . xl('Pharm') . ': ' . $pharmacy->get_phone(); } } //escape variables for output (to prevent xss attacks) $patient_esc = htmlspecialchars($result["fname"] . " " . $result["lname"], ENT_NOQUOTES); $info_esc = htmlspecialchars($info, ENT_NOQUOTES); $provider_esc = htmlspecialchars($provider_results["fname"] . ' ' . $provider_results["lname"], ENT_NOQUOTES); ?> <table border="0" cellpadding="0" cellspacing="0" width="100%" height="100%"> <tr> <td style="width:45%; vertical-align:middle; white-space: nowrap"> <span class="title_bar_top"><?php echo $patient_esc; ?>
<body class="body_title"> <?php $result = getPatientData($pid, "fname,lname,pid,pubpid,phone_home,pharmacy_id,DOB,DATE_FORMAT(DOB,'%Y%m%d') as DOB_YMD"); $provider_results = sqlQuery("select * from users where username='******'"); $age = getPatientAge($result["DOB_YMD"]); $info = 'ID: ' . $result['pubpid']; if ($result['DOB']) { $info .= ', ' . xl('DOB') . ': ' . $result['DOB'] . ', ' . xl('Age') . ': ' . $age; } if ($result['phone_home']) { $info .= ', ' . xl('Home') . ': ' . $result['phone_home']; } if ($result['pharmacy_id']) { $pharmacy = new Pharmacy($result['pharmacy_id']); if ($pharmacy->get_phone()) { $info .= ', Pharm: ' . $pharmacy->get_phone(); } } ?> <table border="0" cellpadding="0" cellspacing="0" width="100%" height="100%"> <tr> <td style="width:45%; vertical-align:middle; white-space: nowrap"> <span class="title_bar_top"><?php echo $result["fname"] . " " . $result["lname"]; ?> </span> <span style="font-size:0.7em;">(<?php echo $info; ?>