From 4f29be788b09c6bc7bd0d1f1b495243ac9e07450 Mon Sep 17 00:00:00 2001 From: mark Date: Thu, 21 Jan 2010 06:07:24 +0000 Subject: [PATCH] Enforce field lengths (RT#5649) --- Changes | 1 + lib/Business/OnlinePayment/PaymenTech.pm | 91 ++++++++++++++++---------------- 2 files changed, 46 insertions(+), 46 deletions(-) diff --git a/Changes b/Changes index 43e44d8..6256a1e 100644 --- a/Changes +++ b/Changes @@ -1,6 +1,7 @@ Revision history for Business-OnlinePayment-PaymenTech 2.03 unreleased + - truncate all request fields to their maximum lengths - doc: in synopsis example, move merchant_id/terminal_id from content call to new constructor, and add currency. also indent the example code so it formats properly diff --git a/lib/Business/OnlinePayment/PaymenTech.pm b/lib/Business/OnlinePayment/PaymenTech.pm index 7711e10..52977f8 100644 --- a/lib/Business/OnlinePayment/PaymenTech.pm +++ b/lib/Business/OnlinePayment/PaymenTech.pm @@ -8,7 +8,7 @@ use Tie::IxHash; use vars qw($VERSION $DEBUG @ISA $me); @ISA = qw(Business::OnlinePayment::HTTPS); -$VERSION = '2.03_02'; +$VERSION = '2.03_03'; $DEBUG = 0; $me='Business::OnlinePayment::PaymenTech'; @@ -21,52 +21,52 @@ my %request_header = ( ); # Content-Type has to be passed separately tie my %new_order, 'Tie::IxHash', ( - OrbitalConnectionUsername => ':login', - OrbitalConnectionPassword => ':password', - IndustryType => 'EC', # Assume industry = Ecommerce - MessageType => ':message_type', - BIN => ':bin', - MerchantID => ':merchant_id', - TerminalID => ':terminal_id', - CardBrand => '', - AccountNum => ':card_number', - Exp => ':expiration', - CurrencyCode => ':currency_code', - CurrencyExponent => ':currency_exp', - CardSecValInd => ':cvvind', - CardSecVal => ':cvv2', - AVSzip => ':zip', - AVSaddress1 => ':address', - AVScity => ':city', - AVSstate => ':state', - OrderID => ':invoice_number', - Amount => ':amount', - Comments => ':email', # as per B:OP:WesternACH - TxRefNum => ':order_number', # used only for Refund + OrbitalConnectionUsername => [ ':login', 32 ], + OrbitalConnectionPassword => [ ':password', 32 ], + IndustryType => [ 'EC', 2 ], + MessageType => [ ':message_type', 2 ], + BIN => [ ':bin', 6 ], + MerchantID => [ ':merchant_id', 12 ], + TerminalID => [ ':terminal_id', 3 ], + CardBrand => [ '', 2 ], + AccountNum => [ ':card_number', 19 ], + Exp => [ ':expiration', 4 ], + CurrencyCode => [ ':currency_code', 3 ], + CurrencyExponent => [ ':currency_exp', 6 ], + CardSecValInd => [ ':cvvind', 1 ], + CardSecVal => [ ':cvv2', 4 ], + AVSzip => [ ':zip', 10 ], + AVSaddress1 => [ ':address', 30 ], + AVScity => [ ':city', 20 ], + AVSstate => [ ':state', 2 ], + OrderID => [ ':invoice_number', 22 ], + Amount => [ ':amount', 12 ], + Comments => [ ':email', 64 ], + TxRefNum => [ ':order_number', 40 ],# used only for Refund ); tie my %mark_for_capture, 'Tie::IxHash', ( - OrbitalConnectionUsername => ':login', - OrbitalConnectionPassword => ':password', - OrderID => ':invoice_number', - Amount => ':amount', - BIN => ':bin', - MerchantID => ':merchant_id', - TerminalID => ':terminal_id', - TxRefNum => ':order_number', + OrbitalConnectionUsername => [ ':login', 32 ], + OrbitalConnectionPassword => [ ':password', 32 ], + OrderID => [ ':invoice_number', 22 ], + Amount => [ ':amount', 12 ], + BIN => [ ':bin', 6 ], + MerchantID => [ ':merchant_id', 12 ], + TerminalID => [ ':terminal_id', 3 ], + TxRefNum => [ ':order_number', 40 ], ); tie my %reversal, 'Tie::IxHash', ( - OrbitalConnectionUsername => ':login', - OrbitalConnectionPassword => ':password', - TxRefNum => ':order_number', - TxRefIdx => 0, - OrderID => ':invoice_number', - BIN => ':bin', - MerchantID => ':merchant_id', - TerminalID => ':terminal_id', + OrbitalConnectionUsername => [ ':login', 32 ], + OrbitalConnectionPassword => [ ':password', 32 ], + TxRefNum => [ ':order_number', 40 ], + TxRefIdx => [ '0', 4 ], + OrderID => [ ':invoice_number', 22 ], + BIN => [ ':bin', 6 ], + MerchantID => [ ':merchant_id', 12 ], + TerminalID => [ ':terminal_id', 3 ], + OnlineReversalInd => [ 'Y', 1 ], # Always attempt to reverse authorization. - OnlineReversalInd => 'Y', ); my %defaults = ( @@ -123,7 +123,8 @@ sub build { ref($skel) eq 'HASH' or die 'Tried to build non-hash'; foreach my $k (keys(%$skel)) { my $v = $skel->{$k}; - # Not recursive like B:OP:WesternACH; Paymentech requests are only one layer deep. + my $l; + ($v, $l) = @$v if(ref $v eq 'ARRAY'); if($v =~ /^:(.*)/) { # Get the content field with that name. $data{$k} = $content{$1}; @@ -131,6 +132,8 @@ sub build { else { $data{$k} = $v; } + # Ruthlessly enforce field length. + $data{$k} = substr($data{$k}, 0, $l) if($data{$k} and $l); } return \%data; } @@ -341,11 +344,7 @@ Business::OnlinePayment::PaymenTech - Chase Paymentech backend for Business::Onl =head1 NOTES -The only supported transaction types are Normal Authorization and Credit. -Paymentech supports separate Authorize and Capture actions as well as recurring -billing, but those are not yet implemented. - -Electronic check processing is not yet supported. +Electronic check processing and recurring billing are not yet supported. =head1 AUTHOR -- 2.11.0