X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2Fcust_payby.pm;h=62fa9be5f7a725b565314519a27b4b7cbf55e728;hp=b1a7ddb56b974880a43dc6d8a2045ad98cb9a9cc;hb=4924d635301e5c365d55b0c008f12e9cff40350f;hpb=7b40e0e045368d350529d78208be0e6124f94b5a diff --git a/FS/FS/cust_payby.pm b/FS/FS/cust_payby.pm index b1a7ddb56..62fa9be5f 100644 --- a/FS/FS/cust_payby.pm +++ b/FS/FS/cust_payby.pm @@ -2,9 +2,12 @@ package FS::cust_payby; use base qw( FS::payinfo_Mixin FS::cust_main_Mixin FS::Record ); use strict; +use Scalar::Util qw( blessed ); +use Digest::SHA qw( sha512_base64 ); use Business::CreditCard qw( validate cardtype ); use FS::UID qw( dbh ); use FS::Msgcat qw( gettext ); +use FS::Misc qw( card_types ); use FS::Record; #qw( qsearch qsearchs ); use FS::payby; use FS::cust_main; @@ -16,6 +19,7 @@ sub nohistory_fields { ('payinfo', 'paycvv'); } our $ignore_expired_card = 0; our $ignore_banned_card = 0; our $ignore_invalid_card = 0; +our $ignore_cardtype = 0; our $conf; install_callback FS::UID sub { @@ -152,7 +156,8 @@ sub insert { local $FS::UID::AutoCommit = 0; my $dbh = dbh; - my $error = $self->SUPER::insert; + my $error = $self->check_payinfo_cardtype + || $self->SUPER::insert; if ( $error ) { $dbh->rollback if $oldAutoCommit; return $error; @@ -191,18 +196,13 @@ sub replace { ? shift : $self->replace_old; - if ( length($old->paycvv) && $self->paycvv =~ /^\s*[\*x]*\s*$/ ) { - $self->paycvv($old->paycvv); - } - if ( $self->payby =~ /^(CARD|DCRD)$/ && ( $self->payinfo =~ /xx/ || $self->payinfo =~ /^\s*N\/A\s+\(tokenized\)\s*$/ ) ) { -warn $self->payinfo; -warn $old->payinfo; + $self->payinfo($old->payinfo); } elsif ( $self->payby =~ /^(CHEK|DCHK)$/ && $self->payinfo =~ /xx/ ) { @@ -217,6 +217,17 @@ warn $old->payinfo; $self->payinfo($new_account.'@'.$new_aba); } + # only unmask paycvv if payinfo stayed the same + if ( $self->payby =~ /^(CARD|DCRD)$/ and $self->paycvv =~ /^\s*[\*x]+\s*$/ ) { + if ( $old->payinfo eq $self->payinfo + && $old->paymask eq $self->paymask + ) { + $self->paycvv($old->paycvv); + } else { + $self->paycvv(''); + } + } + local($ignore_expired_card) = 1 if $old->payby =~ /^(CARD|DCRD)$/ && $self->payby =~ /^(CARD|DCRD)$/ @@ -227,6 +238,19 @@ warn $old->payinfo; || $old->payby =~ /^(CHEK|DCHK)$/ && $self->payby =~ /^(CHEK|DCHK)$/ ) && ( $old->payinfo eq $self->payinfo || $old->paymask eq $self->paymask ); + if ( $self->payby =~ /^(CARD|DCRD)$/ + && $old->payinfo ne $self->payinfo + && $old->paymask ne $self->paymask ) + { + my $error = $self->check_payinfo_cardtype; + return $error if $error; + + if ( $conf->exists('business-onlinepayment-verification') ) { + $error = $self->verify; + return $error if $error; + } + } + local $SIG{HUP} = 'IGNORE'; local $SIG{INT} = 'IGNORE'; local $SIG{QUIT} = 'IGNORE'; @@ -477,11 +501,36 @@ sub check { } - ### + if ( ! $self->custpaybynum + && $conf->exists('business-onlinepayment-verification') ) { + $error = $self->verify; + return $error if $error; + } $self->SUPER::check; } +sub check_payinfo_cardtype { + my $self = shift; + + return '' if $ignore_cardtype; + + return '' unless $self->payby =~ /^(CARD|CHEK)$/; + + my $payinfo = $self->payinfo; + $payinfo =~ s/\D//g; + + return '' if $payinfo =~ /^99\d{14}$/; #token + + my %bop_card_types = map { $_=>1 } values %{ card_types() }; + my $cardtype = cardtype($payinfo); + + return "$cardtype not accepted" unless $bop_card_types{$cardtype}; + + ''; + +} + sub _banned_pay_hashref { my $self = shift; @@ -499,6 +548,14 @@ sub _banned_pay_hashref { }; } +sub _new_banned_pay_hashref { + my $self = shift; + my $hr = $self->_banned_pay_hashref; + $hr->{payinfo_hash} = 'SHA512'; + $hr->{payinfo} = sha512_base64($hr->{payinfo}); + $hr; +} + =item paydate_mon_year Returns a two element list consisting of the paydate month and year. @@ -522,6 +579,39 @@ sub paydate_mon_year { } +=item label + +Returns a one line text label for this payment type. + +=cut + +my %weight = ( + 1 => 'Primary', + 2 => 'Secondary', + 3 => 'Tertiary', + 4 => 'Fourth', + 5 => 'Fifth', + 6 => 'Sixth', + 7 => 'Seventh', +); + +sub label { + my $self = shift; + + my $name = $self->payby =~ /^(CARD|DCRD)$/ + && cardtype($self->paymask) || FS::payby->shortname($self->payby); + + ( $self->payby =~ /^(CARD|CHEK)$/ ? $weight{$self->weight}. ' automatic ' + : 'Manual ' + ). + "$name: ". $self->paymask. + ( $self->payby =~ /^(CARD|DCRD)$/ + ? ' Exp '. join('/', $self->paydate_mon_year) + : '' + ); + +} + =item realtime_bop =cut @@ -543,6 +633,44 @@ sub realtime_bop { } +=item verify + +=cut + +sub verify { + my $self = shift; + return '' unless $self->payby =~ /^(CARD|DCRD)$/; + + my %opt = (); + + # false laziness with check + my( $m, $y ); + if ( $self->paydate =~ /^(\d{1,2})[\/\-](\d{2}(\d{2})?)$/ ) { + ( $m, $y ) = ( $1, length($2) == 4 ? $2 : "20$2" ); + } elsif ( $self->paydate =~ /^19(\d{2})[\/\-](\d{1,2})[\/\-]\d+$/ ) { + ( $m, $y ) = ( $2, "19$1" ); + } elsif ( $self->paydate =~ /^(20)?(\d{2})[\/\-](\d{1,2})[\/\-]\d+$/ ) { + ( $m, $y ) = ( $3, "20$2" ); + } else { + return "Illegal expiration date: ". $self->paydate; + } + $m = sprintf('%02d',$m); + $opt{paydate} = "$y-$m-01"; + + $opt{$_} = $self->$_() for qw( payinfo payname paycvv ); + + if ( $self->locationnum ) { + my $cust_location = $self->cust_location; + $opt{$_} = $cust_location->$_() for qw( address1 address2 city state zip ); + } + + $self->cust_main->realtime_verify_bop({ + 'method' => FS::payby->payby2bop( $self->payby ), + %opt, + }); + +} + =item paytypes Returns a list of valid values for the paytype field (bank account type for @@ -568,20 +696,28 @@ sub cgi_cust_payby_fields { payinfo1 payinfo2 payinfo3 paytype paystate payname_CHEK )]; } -=item cgi_hash_callback HASHREF +=item cgi_hash_callback HASHREF OLD Subroutine (not a class or object method). Processes a hash reference of web interface contet (transfers the data from pseudo-fields to real fields). +If OLD object is passed, also preserves locationnum, paystart_month, paystart_year, +payissue and payip. If the new field is blank but the old is not, the old field +will be preserved. + =cut sub cgi_hash_callback { my $hashref = shift; + my $old = shift; my %noauto = ( 'CARD' => 'DCRD', 'CHEK' => 'DCHK', ); + # the payby selector gives the choice of CARD or CHEK (or others, but + # those are the ones with auto and on-demand versions). if the user didn't + # choose a weight, then they mean DCRD/DCHK. $hashref->{payby} = $noauto{$hashref->{payby}} if ! $hashref->{weight} && exists $noauto{$hashref->{payby}}; @@ -610,6 +746,14 @@ sub cgi_hash_callback { $hashref->{paydate}= $hashref->{paydate_month}. '-'. $hashref->{paydate_year}; + if ($old) { + foreach my $field ( qw(locationnum paystart_month paystart_year payissue payip) ) { + next if $hashref->{$field}; + next unless $old->get($field); + $hashref->{$field} = $old->get($field); + } + } + } =item search_sql @@ -697,6 +841,9 @@ sub search_sql { ' LEFT JOIN cust_location AS '.$pre.'location '. 'ON (cust_main.'.$pre.'locationnum = '.$pre.'location.locationnum) '; } + # always make referral available in results + # (maybe we should be using FS::UI::Web::join_cust_main instead?) + $addl_from .= ' LEFT JOIN (select refnum, referral from part_referral) AS part_referral_x ON (cust_main.refnum = part_referral_x.refnum) '; my $count_query = "SELECT COUNT(*) FROM cust_payby $addl_from $extra_sql";