diff options
| author | Mitch Jackson <mitch@freeside.biz> | 2018-08-26 17:07:46 -0400 |
|---|---|---|
| committer | Mitch Jackson <mitch@freeside.biz> | 2018-08-26 18:17:37 -0400 |
| commit | 7a177f82917a57bc1a0a8ef4a4608aca24773624 (patch) | |
| tree | bf31c458840791fd1cab4aeff7c11d932552ddb5 /httemplate/misc | |
| parent | 6edcac3fb4f343273195460f03a5e3c01feecb2a (diff) | |
RT# 80869 Harden process payment screen against Edge browser bug
Diffstat (limited to 'httemplate/misc')
| -rw-r--r-- | httemplate/misc/process/payment.cgi | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index d0e589661..7747bcbea 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -100,11 +100,11 @@ if ( (my $custpaybynum = scalar($cgi->param('custpaybynum'))) > 0 ) { # use new info ## - $cgi->param('year') =~ /^(\d+)$/ + $cgi->param('year') =~ /^(\d{4})/ or errorpage("illegal year ". $cgi->param('year')); $year = $1; - $cgi->param('month') =~ /^(\d+)$/ + $cgi->param('month') =~ /^(\d{2})/ or errorpage("illegal month ". $cgi->param('month')); $month = $1; |