From 3b236eac5f7926f18623f6b9dc7c6f0d350ab61c Mon Sep 17 00:00:00 2001
From: Mitch Jackson <mitch@freeside.biz>
Date: Sun, 26 Aug 2018 17:07:46 -0400
Subject: RT# 80869 Harden process payment screen against Edge browser bug

---
 httemplate/misc/process/payment.cgi | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'httemplate/misc/process')

diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi
index 9458217c1..5f945a71a 100644
--- a/httemplate/misc/process/payment.cgi
+++ b/httemplate/misc/process/payment.cgi
@@ -42,11 +42,11 @@ if ( $cgi->param('fee') =~ /^\s*(\d*(\.\d\d)?)\s*$/ ) {
   $amount = sprintf('%.2f', $amount + $fee);
 }
 
-$cgi->param('year') =~ /^(\d+)$/
+$cgi->param('year') =~ /^(\d{4})/
   or errorpage("illegal year ". $cgi->param('year'));
 my $year = $1;
 
-$cgi->param('month') =~ /^(\d+)$/
+$cgi->param('month') =~ /^(\d{2})/
   or errorpage("illegal month ". $cgi->param('month'));
 my $month = $1;
 
-- 
cgit v1.2.1