X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2Fcust_payby.pm;h=410d69093f300871927fc6e99578a44504aa323f;hp=62fa9be5f7a725b565314519a27b4b7cbf55e728;hb=5372897f367498972c96f5494e142e6e11b29eb8;hpb=65b639012a5dc547eccb01fd0e55efd4aa728039 diff --git a/FS/FS/cust_payby.pm b/FS/FS/cust_payby.pm index 62fa9be5f..410d69093 100644 --- a/FS/FS/cust_payby.pm +++ b/FS/FS/cust_payby.pm @@ -1,5 +1,6 @@ package FS::cust_payby; use base qw( FS::payinfo_Mixin FS::cust_main_Mixin FS::Record ); +use feature 'state'; use strict; use Scalar::Util qw( blessed ); @@ -115,6 +116,9 @@ paytype payip +=item paycardtype + +The credit card type (deduced from the card number). =back @@ -156,8 +160,9 @@ sub insert { local $FS::UID::AutoCommit = 0; my $dbh = dbh; - my $error = $self->check_payinfo_cardtype - || $self->SUPER::insert; + my $error = $self->check_payinfo_cardtype if $self->payby =~/^(CARD|DCRD)$/; + $self->SUPER::insert unless $error; + if ( $error ) { $dbh->rollback if $oldAutoCommit; return $error; @@ -247,8 +252,11 @@ sub replace { if ( $conf->exists('business-onlinepayment-verification') ) { $error = $self->verify; - return $error if $error; + } else { + $error = $self->tokenize; } + return $error if $error; + } local $SIG{HUP} = 'IGNORE'; @@ -270,7 +278,7 @@ sub replace { if ( $self->payby =~ /^(CARD|CHEK)$/ && ( ( $self->get('payinfo') ne $old->get('payinfo') - && $self->get('payinfo') !~ /^99\d{14}$/ + && !$self->tokenized ) || grep { $self->get($_) ne $old->get($_) } qw(paydate payname) ) @@ -308,7 +316,6 @@ sub check { #encrypted #|| $self->ut_textn('payinfo') #encrypted #|| $self->ut_textn('paycvv') # || $self->ut_textn('paymask') #XXX something - #later #|| $self->ut_textn('paydate') || $self->ut_numbern('paystart_month') || $self->ut_numbern('paystart_year') || $self->ut_numbern('payissue') @@ -331,21 +338,43 @@ sub check { # Need some kind of global flag to accept invalid cards, for testing # on scrubbed data. #XXX if ( !$import && $check_payinfo && $self->payby =~ /^(CARD|DCRD)$/ ) { + + # In this block: detect card type; reject credit card / account numbers that + # are impossible or banned; reject other payment features (date, CVV length) + # that are inappropriate for the card type. + # However, if the payinfo is encrypted then just detect card type and assume + # the other checks were already done. + if ( !$ignore_invalid_card && $check_payinfo && $self->payby =~ /^(CARD|DCRD)$/ ) { my $payinfo = $self->payinfo; $payinfo =~ s/\D//g; - $payinfo =~ /^(\d{13,16}|\d{8,9})$/ + $payinfo =~ /^(\d{13,19}|\d{8,9})$/ or return gettext('invalid_card'); #. ": ". $self->payinfo; $payinfo = $1; $self->payinfo($payinfo); validate($payinfo) or return gettext('invalid_card'); # . ": ". $self->payinfo; - return gettext('unknown_card_type') - if $self->payinfo !~ /^99\d{14}$/ #token - && cardtype($self->payinfo) eq "Unknown"; + # see parallel checks in check_payinfo_cardtype & payinfo_Mixin::payinfo_check + my $cardtype = $self->paycardtype; + if ( $self->tokenized ) { + $self->set('is_tokenized', 'Y'); #so we don't try to do it again + if ( $self->paymask =~ /^\d+x/ ) { + $cardtype = cardtype($self->paymask); + } else { + #return "paycardtype required ". + # "(can't derive from a token and no paymask w/prefix provided)" + # unless $cardtype; + } + } else { + $cardtype = cardtype($self->payinfo); + } + + return gettext('unknown_card_type') if $cardtype eq "Unknown"; + + $self->set('paycardtype', $cardtype); unless ( $ignore_banned_card ) { my $ban = FS::banned_pay->ban_search( %{ $self->_banned_pay_hashref } ); @@ -367,7 +396,7 @@ sub check { } if (length($self->paycvv) && !$self->is_encrypted($self->paycvv)) { - if ( cardtype($self->payinfo) eq 'American Express card' ) { + if ( $cardtype eq 'American Express card' ) { $self->paycvv =~ /^(\d{4})$/ or return "CVV2 (CID) for American Express cards is four digits."; $self->paycvv($1); @@ -380,7 +409,6 @@ sub check { $self->paycvv(''); } - my $cardtype = cardtype($payinfo); if ( $cardtype =~ /^(Switch|Solo)$/i ) { return "Start date or issue number is required for $cardtype cards" @@ -438,6 +466,15 @@ sub check { } } + } elsif ( $self->payby =~ /^CARD|DCRD$/ and $self->paymask ) { + # either ignoring invalid cards, or we can't decrypt the payinfo, but + # try to detect the card type anyway. this never returns failure, so + # the contract of $ignore_invalid_cards is maintained. + $self->set('paycardtype', cardtype($self->paymask)); + } else { + $self->set('paycardtype', ''); + } + # } elsif ( $self->payby eq 'PREPAY' ) { # # my $payinfo = $self->payinfo; @@ -449,8 +486,6 @@ sub check { # unless qsearchs('prepay_credit', { 'identifier' => $self->payinfo } ); # $self->paycvv(''); - } - if ( $self->payby =~ /^(CHEK|DCHK)$/ ) { $self->paydate(''); @@ -458,6 +493,7 @@ sub check { } elsif ( $self->payby =~ /^(CARD|DCRD)$/ ) { # shouldn't payinfo_check do this? + # (except we don't ever call payinfo_check from here) return "Expiration date required" if $self->paydate eq '' || $self->paydate eq '-'; @@ -501,12 +537,18 @@ sub check { } - if ( ! $self->custpaybynum - && $conf->exists('business-onlinepayment-verification') ) { - $error = $self->verify; + if ( ! $self->custpaybynum ) { + if ($conf->exists('business-onlinepayment-verification')) { + $error = $self->verify; + } else { + $error = $self->tokenize; + } return $error if $error; } + $error = $self->ut_daten('paydate'); + return $error if $error; + $self->SUPER::check; } @@ -520,10 +562,22 @@ sub check_payinfo_cardtype { my $payinfo = $self->payinfo; $payinfo =~ s/\D//g; - return '' if $payinfo =~ /^99\d{14}$/; #token + # see parallel checks in cust_payby::check & payinfo_Mixin::payinfo_check + if ( $self->tokenized($payinfo) ) { + $self->set('is_tokenized', 'Y'); #so we don't try to do it again + if ( $self->paymask =~ /^\d+x/ ) { + $self->set('paycardtype', cardtype($self->paymask)); + } else { + $self->set('paycardtype', ''); + #return "paycardtype required ". + # "(can't derive from a token and no paymask w/prefix provided)"; + } + return ''; + } my %bop_card_types = map { $_=>1 } values %{ card_types() }; my $cardtype = cardtype($payinfo); + $self->set('paycardtype', $cardtype); return "$cardtype not accepted" unless $bop_card_types{$cardtype}; @@ -599,7 +653,7 @@ sub label { my $self = shift; my $name = $self->payby =~ /^(CARD|DCRD)$/ - && cardtype($self->paymask) || FS::payby->shortname($self->payby); + && $self->paycardtype || FS::payby->shortname($self->payby); ( $self->payby =~ /^(CARD|CHEK)$/ ? $weight{$self->weight}. ' automatic ' : 'Manual ' @@ -614,59 +668,48 @@ sub label { =item realtime_bop +Runs a L transaction on this card + =cut sub realtime_bop { my( $self, %opt ) = @_; - $opt{$_} = $self->$_() for qw( payinfo payname paydate ); - - if ( $self->locationnum ) { - my $cust_location = $self->cust_location; - $opt{$_} = $cust_location->$_() for qw( address1 address2 city state zip ); - } - $self->cust_main->realtime_bop({ - 'method' => FS::payby->payby2bop( $self->payby ), %opt, + 'cust_payby' => $self, }); } -=item verify +=item tokenize + +Runs a L transaction on this card =cut -sub verify { +sub tokenize { my $self = shift; return '' unless $self->payby =~ /^(CARD|DCRD)$/; - my %opt = (); + $self->cust_main->realtime_tokenize({ + 'cust_payby' => $self, + }); - # false laziness with check - my( $m, $y ); - if ( $self->paydate =~ /^(\d{1,2})[\/\-](\d{2}(\d{2})?)$/ ) { - ( $m, $y ) = ( $1, length($2) == 4 ? $2 : "20$2" ); - } elsif ( $self->paydate =~ /^19(\d{2})[\/\-](\d{1,2})[\/\-]\d+$/ ) { - ( $m, $y ) = ( $2, "19$1" ); - } elsif ( $self->paydate =~ /^(20)?(\d{2})[\/\-](\d{1,2})[\/\-]\d+$/ ) { - ( $m, $y ) = ( $3, "20$2" ); - } else { - return "Illegal expiration date: ". $self->paydate; - } - $m = sprintf('%02d',$m); - $opt{paydate} = "$y-$m-01"; +} + +=item verify - $opt{$_} = $self->$_() for qw( payinfo payname paycvv ); +Runs a L transaction on this card - if ( $self->locationnum ) { - my $cust_location = $self->cust_location; - $opt{$_} = $cust_location->$_() for qw( address1 address2 city state zip ); - } +=cut + +sub verify { + my $self = shift; + return '' unless $self->payby =~ /^(CARD|DCRD)$/; $self->cust_main->realtime_verify_bop({ - 'method' => FS::payby->payby2bop( $self->payby ), - %opt, + 'cust_payby' => $self, }); } @@ -872,6 +915,171 @@ sub search_sql { =back +=item has_autobill_cards + +Returns the number of unexpired cards configured for autobill + +=cut + +sub has_autobill_cards { + scalar FS::Record::qsearch({ + table => 'cust_payby', + addl_from => 'JOIN cust_main USING (custnum)', + order_by => 'LIMIT 1', + hashref => { + paydate => { op => '>', value => DateTime->now->ymd }, + weight => { op => '>', value => 0 }, + }, + extra_sql => + "AND cust_payby.payby IN ('CARD', 'DCRD') ". + 'AND '. + $FS::CurrentUser::CurrentUser->agentnums_sql( table => 'cust_main' ), + }); +} + +=item has_autobill_checks + +Returns the number of check accounts configured for autobill + +=cut + +sub has_autobill_checks { + scalar FS::Record::qsearch({ + table => 'cust_payby', + addl_from => 'JOIN cust_main USING (custnum)', + order_by => 'LIMIT 1', + hashref => { + weight => { op => '>', value => 0 }, + }, + extra_sql => + "AND cust_payby.payby IN ('CHEK','DCHEK','DCHK') ". + 'AND '. + $FS::CurrentUser::CurrentUser->agentnums_sql( table => 'cust_main' ), + }); +} + +=item future_autobill_report_title + +Determine if the future_autobill report should be available. +If so, return a dynamic title for it + +=cut + +sub future_autobill_report_title { + # Perhaps this function belongs somewhere else + state $title; + return $title if defined $title; + + # Report incompatible with tax engines + return $title = '' if FS::TaxEngine->new->info->{batch}; + + my $has_cards = has_autobill_cards(); + my $has_checks = has_autobill_checks(); + my $_title = 'Future %s transactions'; + + if ( $has_cards && $has_checks ) { + $title = sprintf $_title, 'credit card and electronic check'; + } elsif ( $has_cards ) { + $title = sprintf $_title, 'credit card'; + } elsif ( $has_checks ) { + $title = sprintf $_title, 'electronic check'; + } else { + $title = ''; + } + + $title; +} + +sub _upgrade_data { + + my $class = shift; + local $ignore_banned_card = 1; + local $ignore_expired_card = 1; + local $ignore_invalid_card = 1; + $class->upgrade_set_cardtype; + $class->_upgrade_data_paydate_edgebug; + +} + +=item _upgrade_data_paydate_edgebug + +Correct bad data injected into payment expire date column by Edge browser bug + +The month and year values may have an extra character injected into form POST +data by Edge browser. It was possible for some bad month values to slip +past data validation. + +If the stored value was out of range, it was causing payments screen to crash. +We can detect and fix this by dropping the second digit. + +If the stored value is is 11 or 12, it's possible the user inputted a 1. In +this case, the payment method will fail to authorize, but the record will +not cause crashdumps for being out of range. + +In short, check for any expiration month > 12, and drop the extra digit + +=cut + +sub _upgrade_data_paydate_edgebug { + my $journal_label = 'cust_payby_paydate_edgebug'; + return if FS::upgrade_journal->is_done( $journal_label ); + + my $oldAutoCommit = $FS::UID::AutoCommit; + local $FS::UID::AutoCommit = 0; + + for my $row ( + FS::Record::qsearch( + cust_payby => { paydate => { op => '!=', value => '' }} + ) + ) { + next unless $row->ut_daten('paydate'); + + # paydate column stored in database has failed date validation + my $bad_paydate = $row->paydate; + + my @date = split /[\-\/]/, $bad_paydate; + @date = @date[2,0,1] if $date[2] > 1900; + + # Only autocorrecting when month > 12 - notify operator + unless ( $date[1] > 12 ) { + die sprintf( + 'Unable to correct bad paydate stored in cust_payby row '. + 'custpaybynum(%s) custnum(%s) paydate(%s)', + $row->custpaybynum, + $row->custnum, + $bad_paydate, + ); + } + + $date[1] = substr( $date[1], 0, 1 ); + $row->paydate( join('-', @date )); + + if ( my $error = $row->replace ) { + die sprintf( + 'Failed to autocorrect bad paydate stored in cust_payby row '. + 'custpaybynum(%s) custnum(%s) paydate(%s) - error: %s', + $row->custpaybynum, + $row->custnum, + $bad_paydate, + $error + ); + } + + warn sprintf( + 'Autocorrected bad paydate stored in cust_payby row '. + "custpaybynum(%s) custnum(%s) old-paydate(%s) new-paydate(%s)\n", + $row->custpaybynum, + $row->custnum, + $bad_paydate, + $row->paydate, + ); + + } + + FS::upgrade_journal->set_done( $journal_label ); + dbh->commit unless $oldAutoCommit; +} + =head1 BUGS =head1 SEE ALSO