diff options
author | ivan <ivan> | 2009-04-08 07:32:24 +0000 |
---|---|---|
committer | ivan <ivan> | 2009-04-08 07:32:24 +0000 |
commit | fdbee9ee821385bfbd9578f940eeb8ca74cb9eff (patch) | |
tree | b58ffddaaf1c8651f6a1fa2285aa3d9243ee1564 | |
parent | 21a246ce7f44f7d3304d73ea38074c0c29b9b3ac (diff) |
eliminate all trace of cvv from history records, RT#5093
-rw-r--r-- | FS/FS/Record.pm | 12 | ||||
-rw-r--r-- | FS/FS/Upgrade.pm | 3 | ||||
-rw-r--r-- | FS/FS/cust_main.pm | 11 |
3 files changed, 21 insertions, 5 deletions
diff --git a/FS/FS/Record.pm b/FS/FS/Record.pm index 1689845..3e3af52 100644 --- a/FS/FS/Record.pm +++ b/FS/FS/Record.pm @@ -1747,16 +1747,18 @@ sub _h_statement { $time ||= time; + my %nohistory = map { $_=>1 } $self->nohistory_fields; + my @fields = - grep { defined($self->getfield($_)) && $self->getfield($_) ne "" } + grep { defined($self->get($_)) && $self->get($_) ne "" && ! $nohistory{$_} } real_fields($self->table); ; - # If we're encrypting then don't ever store the payinfo or CVV2 in the history.... - # You can see if it changed by the paymask... - if ($conf && $conf->exists('encryption') ) { - @fields = grep $_ ne 'payinfo' && $_ ne 'cvv2', @fields; + # If we're encrypting then don't store the payinfo in the history + if ( $conf && $conf->exists('encryption') ) { + @fields = grep { $_ ne 'payinfo' } @fields; } + my @values = map { _quote( $self->getfield($_), $self->table, $_) } @fields; "INSERT INTO h_". $self->table. " ( ". diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm index 5abfa69..7cf4051 100644 --- a/FS/FS/Upgrade.pm +++ b/FS/FS/Upgrade.pm @@ -91,6 +91,9 @@ sub upgrade_data { tie my %hash, 'Tie::IxHash', + #cust_main (remove paycvv from history) + 'cust_main' => [], + #msgcat 'msgcat' => [], diff --git a/FS/FS/cust_main.pm b/FS/FS/cust_main.pm index e696e1b..a39ac34 100644 --- a/FS/FS/cust_main.pm +++ b/FS/FS/cust_main.pm @@ -76,6 +76,8 @@ $skip_fuzzyfiles = 0; $ignore_expired_card = 0; @encrypted_fields = ('payinfo', 'paycvv'); +sub nohistory_fields { ('paycvv'); } + @paytypes = ('', 'Personal checking', 'Personal savings', 'Business checking', 'Business savings'); #ask FS::UID to run this stuff for us later @@ -8429,6 +8431,15 @@ sub queued_bill { ); } +sub _upgrade_data { #class method + my ($class, %opts) = @_; + + my $sql = 'UPDATE h_cust_main SET paycvv = NULL'; + my $sth = dbh->prepare($sql) or die dbh->errstr; + $sth->execute or die $sth->errstr; + +} + =back =head1 BUGS |