parse gegen setValue getauscht um Injections mit ^ zu verhindern.

10 年之前 · e9b54b7bbe
--- a/src/main/java/de/uniluebeck/mi/projmi6/hapi/HL7Sender.java
+++ b/src/main/java/de/uniluebeck/mi/projmi6/hapi/HL7Sender.java
@@ -43,48 +43,49 @@ public class HL7Sender {

        //MSH Segment:
        MSH msh = adt_a01.getMSH();
        msh.getMsh3_SendingApplication().getNamespaceID().parse("KISGruppe6");
        msh.getMsh5_ReceivingApplication().getNamespaceID().parse("OPSGruppe3");
        msh.getMsh15_AcceptAcknowledgmentType().parse("AL");
        msh.getMsh3_SendingApplication().getNamespaceID().setValue("KISGruppe6");
        msh.getMsh5_ReceivingApplication().getNamespaceID().setValue("OPSGruppe3");
        msh.getMsh15_AcceptAcknowledgmentType().setValue("AL");

        //EVN Segment:
        EVN evn = adt_a01.getEVN();
        evn.getEvn1_EventTypeCode().parse("A01");
        evn.getEvn1_EventTypeCode().setValue("A01");
        evn.getEvn2_RecordedDateTime().getTime().setValue(msh.getDateTimeOfMessage().encode());
        evn.getEvn4_EventReasonCode().parse("01");
        evn.getEvn4_EventReasonCode().setValue("01");

        //PID
        PID pid = adt_a01.getPID();
        pid.getPid1_SetIDPID().parse("1");
        pid.getPid2_PatientID().getIDNumber().parse(String.valueOf(patient.getPatID()));
        pid.getPid3_PatientIdentifierList(0).getIDNumber().parse(Integer.toString(patient.getPatID()));
        pid.getPid5_PatientName(0).getFamilyName().getSurname().parse(patient.getNachname());
        pid.getPid5_PatientName(0).getGivenName().parse(patient.getVorname());
        pid.getPid1_SetIDPID().setValue("1");
        pid.getPid2_PatientID().getIDNumber().setValue(String.valueOf(patient.getPatID()));
        pid.getPid3_PatientIdentifierList(0).getIDNumber().setValue(Integer.toString(patient.getPatID()));
        pid.getPid5_PatientName(0).getFamilyName().getSurname().setValue(patient.getNachname());
        pid.getPid5_PatientName(0).getGivenName().setValue(patient.getVorname());
        pid.getPid7_DateTimeOfBirth().getTime().setValue(Date.from(patient.getGeburtsdatum().atStartOfDay().atZone(ZoneId.systemDefault()).toInstant()));
        pid.getPid8_AdministrativeSex().parse(String.valueOf(patient.getGeschlecht().id()));
        pid.getPid11_PatientAddress(0).getStreetAddress().getStreetName().parse(patient.getStrasse());
        pid.getPid11_PatientAddress(0).getStreetAddress().getDwellingNumber().parse(patient.getHausnummer());
        pid.getPid11_PatientAddress(0).getCity().parse(patient.getOrt());
        pid.getPid11_PatientAddress(0).getZipOrPostalCode().parse(patient.getPlz());
        pid.getPid13_PhoneNumberHome(0).getTelephoneNumber().parse(patient.getTelefon());
        pid.getPid16_MaritalStatus().getAlternateIdentifier().parse(patient.getFamilienstand().toString());
        pid.getPid8_AdministrativeSex().setValue(String.valueOf(patient.getGeschlecht().id()));
        pid.getPid11_PatientAddress(0).getStreetAddress().getStreetName().setValue(patient.getStrasse());
        pid.getPid11_PatientAddress(0).getStreetAddress().getDwellingNumber().setValue(patient.getHausnummer());
        pid.getPid11_PatientAddress(0).getCity().setValue(patient.getOrt());
        pid.getPid11_PatientAddress(0).getZipOrPostalCode().setValue(patient.getPlz());
        pid.getPid13_PhoneNumberHome(0).getTelephoneNumber().setValue(patient.getTelefon());
        pid.getPid16_MaritalStatus().getAlternateIdentifier().setValue(patient.getFamilienstand().toString());

        //Diagnosen (DG1 Segmente des PV1 Segments
        List<Diagnose> diagnosen = DBHandler.getDiagnosenByFall(fall);
        PV1 pv1 = adt_a01.getPV1();
        pv1.getPv11_SetIDPV1().parse("1");
        pv1.getPv12_PatientClass().parse("U");
        pv1.getPv119_VisitNumber().getIDNumber().parse(String.valueOf(fall.getFallID()));
        pv1.getPv11_SetIDPV1().setValue("1");
        pv1.getPv12_PatientClass().setValue("U");
        pv1.getPv119_VisitNumber().getIDNumber().setValue(String.valueOf(fall.getFallID()));
        pv1.getPv144_AdmitDateTime().getTime().setValue(Date.from(fall.getAufnahmeDatum().atZone(ZoneId.systemDefault()).toInstant()));

        for (int i = 0; i < diagnosen.size(); i++) {
            Diagnose diagnose = diagnosen.get(i);
            Mitarbeiter arzt = diagnose.getArzt();
            DG1 dg1 = adt_a01.getDG1(i);
            dg1.getDg11_SetIDDG1().setValue(String.valueOf(i + 1));
            dg1.getDg13_DiagnosisCodeDG1().getIdentifier().parse(diagnose.getIcd10code().getCode());
            dg1.getDg13_DiagnosisCodeDG1().getNameOfCodingSystem().parse("I10");
            dg1.getDg14_DiagnosisDescription().parse(diagnose.getFreiText());
            dg1.getDg16_DiagnosisType().parse(diagnose.getDiagArt().id());
            dg1.getDg13_DiagnosisCodeDG1().getIdentifier().setValue(diagnose.getIcd10code().getCode());
            dg1.getDg13_DiagnosisCodeDG1().getNameOfCodingSystem().setValue("I10");
            dg1.getDg14_DiagnosisDescription().setValue(diagnose.getFreiText());
            dg1.getDg16_DiagnosisType().setValue(diagnose.getDiagArt().id());
            XCN xcn = dg1.getDg116_DiagnosingClinician(0);
            xcn.getIDNumber().setValue(arzt.getEinweisenderArzt());
            xcn.getGivenName().setValue(arzt.getVorname());