don't redirect to a GET with sensitive data, RT#26099

[freeside.git] / FS / FS / Record.pm

diff --git a/FS/FS/Record.pm b/FS/FS/Record.pm
index 8ab96cf..4937347 100644 (file)
--- a/FS/FS/Record.pm
+++ b/FS/FS/Record.pm
@@ -12,7 +12,7 @@ use File::Slurp qw( slurp );
 use File::CounterFile;
 use Text::CSV_XS;
 use DBI qw(:sql_types);
-use DBIx::DBSchema 0.42; #for foreign keys
+use DBIx::DBSchema 0.43; #0.43 for foreign keys
 use Locale::Country;
 use Locale::Currency;
 use NetAddr::IP; # for validation
@@ -42,6 +42,7 @@ our $me = '[FS::Record]';
 our $nowarn_identical = 0;
 our $nowarn_classload = 0;
 our $no_update_diff = 0;
+our $no_history = 0;
 
 our $no_check_foreign = 1; #well, not inefficiently in perl by default anymore
 
@@ -1250,7 +1251,7 @@ sub insert {
   }
 
   my $h_sth;
-  if ( defined dbdef->table('h_'. $table) ) {
+  if ( defined( dbdef->table('h_'. $table) ) && ! $no_history ) {
     my $h_statement = $self->_h_statement('insert');
     warn "[debug]$me $h_statement\n" if $DEBUG > 2;
     $h_sth = dbh->prepare($h_statement) or do {
@@ -3003,7 +3004,7 @@ You should generally not have to worry about calling this, as the system handles
 
 sub encrypt {
   my ($self, $value) = @_;
-  my $encrypted;
+  my $encrypted = $value;
 
   if ($conf->exists('encryption')) {
     if ($self->is_encrypted($value)) {