X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Felements%2Fcreate_uri_query;h=ce6249e0ed0bbbd595ef773acb428f1e28eef5f0;hp=32d8e2f87b913d76caa848f8ecbff00d4739aa25;hb=d4cdc4db87f1b6a373398b7ab33e791bd0527dda;hpb=0076a0d790d1385cd2a16472ec2c11528edbc9e3

diff --git a/httemplate/elements/create_uri_query b/httemplate/elements/create_uri_query
index 32d8e2f87..ce6249e0e 100644
--- a/httemplate/elements/create_uri_query
+++ b/httemplate/elements/create_uri_query
@@ -1,17 +1,34 @@
 <% $query %>\
 <%init>
 
+my %opt = @_;
+
+if ( $opt{secure} ) {
+
+  foreach my $param (grep /pay(info\d?|cvv)$/, $cgi->param) {
+    my $value = $cgi->param($param);
+    next unless length($value);
+    my $encrypted = FS::Record->encrypt( $value );
+    $cgi->param($param, $encrypted);
+  }
+
+}
+
 my $query = $cgi->query_string;
 
-if ( length($query) > 1920 ) { #stupid IE 2083 URL limit
+if ( length($query) > 1920 || $opt{secure} ) { #stupid IE 2083 URL limit
 
   my $session = int(rand(4294967296)); #XXX
   my $pref = new FS::access_user_pref({
     'usernum'    => $FS::CurrentUser::CurrentUser->usernum,
     'prefname'   => "redirect$session",
     'prefvalue'  => $query,
-    'expiration' => time + 3600, #1h?  1m?
+    'expiration' => time + ( $opt{secure} ? 120  #2m?
+                                          : 3600 #1h?
+                           ),
   });
+  local($FS::Record::no_history) = 1;
+
   my $pref_error = $pref->insert;
   if ( $pref_error ) {
     die "FATAL: couldn't even set redirect cookie: $pref_error".