From: Mitch Jackson Date: Sun, 4 Nov 2018 15:07:30 +0000 (-0500) Subject: RT# 81616 Mask CVV on Process Card Payment page X-Git-Url: http://git.freeside.biz/gitweb/?a=commitdiff_plain;h=ac50269d081f6490705d103186e5b89baac58930;p=freeside.git RT# 81616 Mask CVV on Process Card Payment page --- diff --git a/httemplate/misc/payment.cgi b/httemplate/misc/payment.cgi index 9e530cf0a..b882da061 100644 --- a/httemplate/misc/payment.cgi +++ b/httemplate/misc/payment.cgi @@ -42,7 +42,7 @@ % my $payname = $cust_main->first. ' '. $cust_main->getfield('last'); % if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) { % $payinfo = $cust_main->paymask; -% $paycvv = $cust_main->paycvv; +% ( $paycvv = $cust_main->paycvv ) =~ s/./*/g; % ( $month, $year ) = $cust_main->paydate_monthyear; % $payname = $cust_main->payname if $cust_main->payname; % } elsif ($disable_payauto_default) { diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 5f945a71a..6163b93dd 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -124,7 +124,9 @@ if ( $payby eq 'CHEK' ) { if ( defined $cust_main->dbdef_table->column('paycvv') ) { if ( length($cgi->param('paycvv') ) ) { - if ( cardtype($payinfo) eq 'American Express card' ) { + if ( $cgi->param('paycvv') =~ /^\*+$/ ) { + $paycvv = $cust_main->paycvv; + } elsif ( cardtype($payinfo) eq 'American Express card' ) { $cgi->param('paycvv') =~ /^(\d{4})$/ or errorpage("CVV2 (CID) for American Express cards is four digits."); $paycvv = $1;