From dcdf657e77ec7b46dc69e19a849a9c133123db7c Mon Sep 17 00:00:00 2001 From: ivan Date: Thu, 14 Dec 2006 06:00:46 +0000 Subject: encryption fixes from huntsberg & jayce --- httemplate/edit/cust_main/billing.html | 26 +++-- httemplate/edit/cust_refund.cgi | 147 +++++++++++++++---------- httemplate/edit/process/cust_main.cgi | 6 + httemplate/misc/payment.cgi | 4 +- httemplate/misc/process/payment.cgi | 21 ++-- httemplate/search/cust_pay.cgi | 2 +- httemplate/view/cust_main/billing.html | 8 +- httemplate/view/cust_main/payment_history.html | 4 +- 8 files changed, 137 insertions(+), 81 deletions(-) (limited to 'httemplate') diff --git a/httemplate/edit/cust_main/billing.html b/httemplate/edit/cust_main/billing.html index 78a2002a4..ae5630739 100644 --- a/httemplate/edit/cust_main/billing.html +++ b/httemplate/edit/cust_main/billing.html @@ -23,7 +23,10 @@
% # XXX key -% foreach my $field (qw( payinfo payname paycvv paystart_month paystart_year payissue payip )) { + + + +% foreach my $field (qw( payname paycvv paystart_month paystart_year payissue payip )) { @@ -136,16 +139,19 @@ % % -% my($payby, $payinfo, $payname)=( +% my($payby, $paymask, $payname)=( % $cust_main->payby, -% $cust_main->payinfo, +% $cust_main->paymask, % $cust_main->payname, % ); -% my( $account, $aba ) = split('@', $payinfo); +% my( $account, $aba ) = split('@', $paymask); % % my $disabled = 'DISABLED style="background-color: #dddddd"'; % my $text_disabled = 'style="color: #999999"'; -% if ( $payby =~ /^(CARD|DCRD)$/ && cardtype($payinfo) =~ /^(Switch|Solo)$/ ) { +% +% # this is not going to work unless the mask-generation recognizes +% # Switch/Solo cards +% if ( $payby =~ /^(CARD|DCRD)$/ && cardtype($paymask) =~ /^(Switch|Solo)$/ ) { % $disabled = 'style="background-color: #ffffff"'; % $text_disabled = 'style="color: #000000";' % } @@ -157,7 +163,7 @@ % ''. % % qq!!. -% qq!!. +% qq!!. % % qq!!. % '!. -% '!. @@ -188,7 +194,7 @@ % 'end_year' => (localtime())[5] + 1900, % 'selected_date' => ( % ( $payby =~ /^(CARD|DCRD)$/ -% && cardtype($payinfo) =~ /^(Switch|Solo)$/ ) +% && cardtype($paymask) =~ /^(Switch|Solo)$/ ) #also % ? $cust_main->paystart_month. '-'. % $cust_main->paystart_year % : '' @@ -236,7 +242,7 @@ % '
${r}Card number
${r}Expiration '. @@ -174,7 +180,7 @@ % % qq!(help)!. % qq!'. +% ''. % % % qq!
Start date
'. % % qq!!. -% qq!!. +% qq!!. % % qq!!. % qq!!. @@ -256,7 +262,7 @@ % '
${r}Phone number
'. % % qq!!. -% qq!!. +% qq!!. % % qq!!. % qq!!. diff --git a/httemplate/edit/cust_refund.cgi b/httemplate/edit/cust_refund.cgi index 2b3e02614..aa825af94 100755 --- a/httemplate/edit/cust_refund.cgi +++ b/httemplate/edit/cust_refund.cgi @@ -1,4 +1,3 @@ - % % %my $conf = new FS::Conf; @@ -26,70 +25,102 @@ % %my $p1 = popurl(1); % -%print header('Refund '. ucfirst(lc($payby)). ' payment', ''); -%print qq!Error: !, $cgi->param('error'), -% "" -% if $cgi->param('error'); -%print <config('countrydefault')); -% -% -% -% -% -% -% -% -% -%
-%END % -%if ( $cust_pay ) { + + +<% include('/elements/header.html', 'Refund '. ucfirst(lc($payby)). ' payment', '') %> +% if ( $cgi->param('error') ) { + + Error: <% $cgi->param('error') %> +

+% } + + +<% small_custview($custnum, $conf->config('countrydefault')) %> + + + + + + + + + + +
+% if ( $cust_pay ) { % % #false laziness w/FS/FS/cust_pay.pm % my $payby = $cust_pay->payby; -% my $payinfo = $cust_pay->payinfo; -% $payby =~ s/^BILL$/Check/ if $payinfo; +% my $paymask = $cust_pay->paymask; +% $payby =~ s/^BILL$/Check/ if $paymask; % $payby =~ s/^CHEK$/Electronic check/; -% $payinfo = $cust_pay->payinfo_masked if $payby eq 'CARD'; % -% print '
Payment'. ntable("#cccccc", 2). -% ''. -% ''. -% ''; +% + + +
Payment + <% ntable("#cccccc", 2) %> + + + + + + + + + + + + +% % #false laziness w/FS/FS/cust_main::realtime_refund_bop % if ( $cust_pay->paybatch =~ /^(\w+):(\w+)(:(\w+))?$/ ) { % my ( $processor, $auth, $order_number ) = ( $1, $2, $4 ); -% print ''; -% print '' -% if length($auth); -% print '' -% if length($order_number); -% } -% print '
P.O.
Amount$'. -% $cust_pay->paid. '
Date'. -% time2str("%D",$cust_pay->_date). '
Method'. -% ucfirst(lc($payby)). ' # '. $payinfo. '
Amount$<% $cust_pay->paid %>
Date<% time2str("%D",$cust_pay->_date) %>
Method<% ucfirst(lc($payby)) %> # <% $paymask %>
Processor'. -% $processor. '
Authorization'. -% $auth. '
Order number'. -% $order_number. '
'; -%} -% -%print '
Refund'. ntable("#cccccc", 2). -% 'Date'. -% time2str("%D",$_date). ''; -% -%print qq!Amount\$!; -% -%print qq!Reason!; -% -%print < -%
-% -% -% -% -%END -% -% +% + + + + Processor<% $processor %> + +% if ( length($auth) ) { + + + Authorization<% $auth %> + +% } +% if ( length($order_number) ) { + + + Order number<% $order_number %> + +% } +% } + + +% } + + +
Refund +<% ntable("#cccccc", 2) %> + + + Date<% time2str("%D",$_date) %> + + + + Amount$ + + + + Reason + + + +
+ + + + +<% include('/elements/footer.html') %> diff --git a/httemplate/edit/process/cust_main.cgi b/httemplate/edit/process/cust_main.cgi index d5d127b2d..789f29522 100755 --- a/httemplate/edit/process/cust_main.cgi +++ b/httemplate/edit/process/cust_main.cgi @@ -46,6 +46,9 @@ % } fields('cust_main') %} ); % +% delete( $new->hashref->{'agent_custid'} ) +% unless $new->hashref->{'agent_custid'}; +% %if ( defined($cgi->param('same')) && $cgi->param('same') eq "Y" ) { % $new->setfield("ship_$_", '') foreach qw( % last first company address1 address2 city county state zip @@ -151,6 +154,9 @@ % && $new->paycvv =~ /^\s*\*+\s*$/ ) { % $new->paycvv($old->paycvv); % } +% if ($new->payby =~ /CARD|DCRD|CHEK|DCHK/ && $new->payinfo =~ /xx/) { +% $new->payinfo($old->payinfo); +% } % $error ||= $new->replace($old, \@invoicing_list); % %} diff --git a/httemplate/misc/payment.cgi b/httemplate/misc/payment.cgi index 4c6ae3349..081964e93 100644 --- a/httemplate/misc/payment.cgi +++ b/httemplate/misc/payment.cgi @@ -67,7 +67,7 @@ function OLiframeContent(src, width, height, name) { % my $state = $cust_main->state; % my $zip = $cust_main->zip; % if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) { -% $payinfo = $cust_main->payinfo; +% $payinfo = $cust_main->paymask; % $paycvv = $cust_main->paycvv; % ( $month, $year ) = $cust_main->paydate_monthyear; % $payname = $cust_main->payname if $cust_main->payname; @@ -153,7 +153,7 @@ function OLiframeContent(src, width, height, name) { % } elsif ( $payby eq 'CHEK' ) { % my( $payinfo1, $payinfo2, $payname, $ss ) = ( '', '', '', '' ); % if ( $cust_main->payby =~ /^(CHEK|DCHK)$/ ) { -% $cust_main->payinfo =~ /^(\d+)\@(\d+)$/ +% $cust_main->paymask =~ /^(\d+)\@(\d+)$/ % or die "unparsable payinfo ". $cust_main->payinfo; % ($payinfo1, $payinfo2) = ($1, $2); % $payname = $cust_main->payname; diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 027cd502a..d591db1e8 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -44,17 +44,24 @@ %my $paycvv = ''; %if ( $payby eq 'CHEK' ) { % -% $cgi->param('payinfo1') =~ /^(\d+)$/ -% or eidiot "illegal account number ". $cgi->param('payinfo1'); -% my $payinfo1 = $1; -% $cgi->param('payinfo2') =~ /^(\d+)$/ -% or eidiot "illegal ABA/routing number ". $cgi->param('payinfo2'); -% my $payinfo2 = $1; -% $payinfo = $payinfo1. '@'. $payinfo2; +% if ($cgi->param('payinfo1') =~ /xx/ || $cgi->param('payinfo2') =~ /xx/ ) { +% $payinfo = $cust_main->payinfo; +% } else { +% $cgi->param('payinfo1') =~ /^(\d+)$/ +% or eidiot "illegal account number ". $cgi->param('payinfo1'); +% my $payinfo1 = $1; +% $cgi->param('payinfo2') =~ /^(\d+)$/ +% or eidiot "illegal ABA/routing number ". $cgi->param('payinfo2'); +% my $payinfo2 = $1; +% $payinfo = $payinfo1. '@'. $payinfo2; +% } % %} elsif ( $payby eq 'CARD' ) { % % $payinfo = $cgi->param('payinfo'); +% if ($payinfo eq $cust_main->paymask) { +% $payinfo = $cust_main->payinfo; +% } % $payinfo =~ s/\D//g; % $payinfo =~ /^(\d{13,16})$/ % or eidiot gettext('invalid_card'); # . ": ". $self->payinfo; diff --git a/httemplate/search/cust_pay.cgi b/httemplate/search/cust_pay.cgi index 87da1791b..98cc0e799 100755 --- a/httemplate/search/cust_pay.cgi +++ b/httemplate/search/cust_pay.cgi @@ -164,7 +164,7 @@ sub { my $cust_pay = shift; if ( $cust_pay->payby eq 'CARD' ) { - 'Card #'. $cust_pay->payinfo_masked; + 'Card #'. $cust_pay->paymask; } elsif ( $cust_pay->payby eq 'CHEK' ) { 'E-check acct#'. $cust_pay->payinfo; } elsif ( $cust_pay->payby eq 'BILL' ) { diff --git a/httemplate/view/cust_main/billing.html b/httemplate/view/cust_main/billing.html index d1be8936f..1f80dc5bc 100644 --- a/httemplate/view/cust_main/billing.html +++ b/httemplate/view/cust_main/billing.html @@ -7,7 +7,11 @@ Billing information -(Bill now) +% # If we can't see the unencrypted card, then bill now is an exercise in frustration +%if ( ! $cust_main->is_encrypted($cust_main->payinfo) ) { + (Bill now) +% } + <% ntable("#cccccc") %><% ntable("#cccccc",2) %> % %( my $balance = $cust_main->balance ) @@ -31,7 +35,7 @@ Billing information Card number - <% $cust_main->payinfo_masked %> + <% $cust_main->paymask %> % %#false laziness w/elements/select-month_year.html & edit/cust_main/billing.html diff --git a/httemplate/view/cust_main/payment_history.html b/httemplate/view/cust_main/payment_history.html index 4f46ace6d..57d11b9e8 100644 --- a/httemplate/view/cust_main/payment_history.html +++ b/httemplate/view/cust_main/payment_history.html @@ -18,6 +18,7 @@ % if ( ( $payby{'CARD'} || $payby{'DCRD'} ) % && $curuser->access_right('Process payment') +% && ! $cust_main->is_encrypted($cust_main->payinfo) % ) { <% $s++ ? ' | ' : '' %> Process credit card payment @@ -25,6 +26,7 @@ % if ( ( $payby{'CHEK'} || $payby{'DCHK'} ) % && $curuser->access_right('Process payment') +% && ! $cust_main->is_encrypted($cust_main->payinfo) % ) { <% $s++ ? ' | ' : '' %> Process electronic check (ACH) payment @@ -76,7 +78,7 @@ % % my $payinfo; % if ( $payby eq 'CARD' ) { -% $payinfo = $cust_pay->payinfo_masked; +% $payinfo = $cust_pay->paymask; % } elsif ( $payby eq 'CHEK' && $cust_pay->payinfo =~ /^(\d+)\@(\d+)$/ ) { % $payinfo = "ABA $2, Acct# $1"; % } else { -- cgit v1.2.1