projects
/
freeside.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
6686819
)
RT# 80869 Harden process payment screen against Edge browser bug
author
Mitch Jackson
<mitch@freeside.biz>
Sun, 26 Aug 2018 21:07:46 +0000
(17:07 -0400)
committer
Mitch Jackson
<mitch@freeside.biz>
Fri, 7 Sep 2018 21:17:17 +0000
(17:17 -0400)
httemplate/elements/city.html
patch
|
blob
|
history
httemplate/elements/select-country.html
patch
|
blob
|
history
httemplate/elements/select-month_year.html
patch
|
blob
|
history
httemplate/elements/select-state.html
patch
|
blob
|
history
httemplate/elements/select-table.html
patch
|
blob
|
history
httemplate/misc/payment.cgi
patch
|
blob
|
history
httemplate/misc/process/payment.cgi
patch
|
blob
|
history
diff --git
a/httemplate/elements/city.html
b/httemplate/elements/city.html
index
4e9a609
..
05250fe
100644
(file)
--- a/
httemplate/elements/city.html
+++ b/
httemplate/elements/city.html
@@
-132,14
+132,14
@@
function <% $pre %>county_changed(what, callback) {}
>
% unless ( $opt{'disable_empty'} ) {
>
% unless ( $opt{'disable_empty'} ) {
- <OPTION VALUE="" <% $opt{city} eq '' ? 'SELECTED' : '' %>><% $opt{empty_label} %>
+ <OPTION VALUE="" <% $opt{city} eq '' ? 'SELECTED' : '' %>><% $opt{empty_label} %>
</OPTION>
% }
% foreach my $city ( @cities ) {
<OPTION VALUE="<% $city |h %>"
<% $city eq $opt{city} ? 'SELECTED' : '' %>
% }
% foreach my $city ( @cities ) {
<OPTION VALUE="<% $city |h %>"
<% $city eq $opt{city} ? 'SELECTED' : '' %>
- ><% $city eq $opt{empty_data_value} ? $opt{empty_data_label} : $city %>
+ ><% $city eq $opt{empty_data_value} ? $opt{empty_data_label} : $city %>
</OPTION>
% }
% }
diff --git
a/httemplate/elements/select-country.html
b/httemplate/elements/select-country.html
index
c981479
..
2868267
100644
(file)
--- a/
httemplate/elements/select-country.html
+++ b/
httemplate/elements/select-country.html
@@
-91,15
+91,13
@@
Example:
>
% unless ( $opt{'disable_empty'} ) {
>
% unless ( $opt{'disable_empty'} ) {
- <OPTION VALUE=""><% $opt{'empty_label'} || '(all)' %>
+ <OPTION VALUE=""><% $opt{'empty_label'} || '(all)' %>
</OPTION>
% }
% foreach my $country ( @all_countries ) {
% }
% foreach my $country ( @all_countries ) {
-
- <OPTION VALUE="<% $country |h %>"
- <% $country eq $opt{'country'} ? ' SELECTED' : '' %>
- ><% FS::geocode_Mixin->code2country($country). " ($country)" %>
-
+ <OPTION VALUE="<% $country |h %>"<% $country eq $opt{'country'} ? ' SELECTED' : '' %>>
+ <% FS::geocode_Mixin->code2country($country). " ($country)" |h %>
+ </OPTION>
% }
</SELECT>
% }
</SELECT>
diff --git
a/httemplate/elements/select-month_year.html
b/httemplate/elements/select-month_year.html
index
ad84b91
..
9091bae
100644
(file)
--- a/
httemplate/elements/select-month_year.html
+++ b/
httemplate/elements/select-month_year.html
@@
-3,16
+3,15
@@
<% $empty ? '<OPTION VALUE="">' : '' %>
% foreach ( 1 .. 12 ) {
<% $empty ? '<OPTION VALUE="">' : '' %>
% foreach ( 1 .. 12 ) {
- <OPTION<% $_ == $mon ? ' SELECTED' : '' %> VALUE="<%
$_ %>"><% $mon[$_-1] %
>
+ <OPTION<% $_ == $mon ? ' SELECTED' : '' %> VALUE="<%
sprintf('%02d', $_) %>"><% $mon[$_-1] %></OPTION
>
% }
% }
-
</SELECT>/<SELECT NAME="<% $prefix %>_year" SIZE="1" <% $disabled%>>
<% $empty ? '<OPTION VALUE="">' : '' %>
% for ( $start_year .. $end_year ) {
</SELECT>/<SELECT NAME="<% $prefix %>_year" SIZE="1" <% $disabled%>>
<% $empty ? '<OPTION VALUE="">' : '' %>
% for ( $start_year .. $end_year ) {
- <OPTION<% $_ == $year ? ' SELECTED' : '' %> VALUE="<% $_ %>"><% $_ %>
+ <OPTION<% $_ == $year ? ' SELECTED' : '' %> VALUE="<% $_ %>"><% $_ %>
</OPTION>
% }
</SELECT>
% }
</SELECT>
diff --git
a/httemplate/elements/select-state.html
b/httemplate/elements/select-state.html
index
115a98d
..
7606e25
100644
(file)
--- a/
httemplate/elements/select-state.html
+++ b/
httemplate/elements/select-state.html
@@
-27,16
+27,13
@@
Example:
>
% unless ( $opt{'disable_empty'} ) {
>
% unless ( $opt{'disable_empty'} ) {
- <OPTION VALUE=""<% $opt{state} eq '' ? ' SELECTED' : '' %>><% $opt{empty_label} %>
+ <OPTION VALUE=""<% $opt{state} eq '' ? ' SELECTED' : '' %>><% $opt{empty_label} %>
</OPTION>
% }
% foreach my $state ( keys %states ) {
% }
% foreach my $state ( keys %states ) {
-
- <OPTION VALUE="<% $state |h %>"<% $state eq $opt{'state'} ? ' SELECTED' : '' %>><% $states{$state} || '(n/a)' |h %>
-
+ <OPTION VALUE="<% $state |h %>"<% $state eq $opt{'state'} ? ' SELECTED' : '' %>><% $states{$state} || '(n/a)' |h %></OPTION>
% }
% }
-
</SELECT>
<%init>
</SELECT>
<%init>
diff --git
a/httemplate/elements/select-table.html
b/httemplate/elements/select-table.html
index
3f6c880
..
4ac0887
100644
(file)
--- a/
httemplate/elements/select-table.html
+++ b/
httemplate/elements/select-table.html
@@
-83,11
+83,11
@@
Example:
% || ( $value eq $pre_opt );
<OPTION VALUE="<% $pre_opt %>"
<% $selected ? 'SELECTED' : '' %>
% || ( $value eq $pre_opt );
<OPTION VALUE="<% $pre_opt %>"
<% $selected ? 'SELECTED' : '' %>
- ><% $pre_label %>
+ ><% $pre_label %>
</OPTION>
% }
% unless ( $opt{'multiple'} || $opt{'disable_empty'} ) {
% }
% unless ( $opt{'multiple'} || $opt{'disable_empty'} ) {
- <OPTION VALUE=""><% $opt{'empty_label'} || 'all' %>
+ <OPTION VALUE=""><% $opt{'empty_label'} || 'all' %>
</OPTION>
% }
% # XXX fix this eventually, when we have time to test it
% }
% # XXX fix this eventually, when we have time to test it
@@
-117,7
+117,7
@@
Example:
? &{ $opt{'label_callback'} }( $record )
: $record->$name_col()
|h
? &{ $opt{'label_callback'} }( $record )
: $record->$name_col()
|h
- %>
+ %>
</OPTION>
% }
% while ( @post_options ) {
% }
% while ( @post_options ) {
@@
-127,7
+127,7
@@
Example:
% || ( $value eq $post_opt );
<OPTION VALUE="<% $post_opt %>"
<% $selected ? 'SELECTED' : '' %>
% || ( $value eq $post_opt );
<OPTION VALUE="<% $post_opt %>"
<% $selected ? 'SELECTED' : '' %>
- ><% $post_label %>
+ ><% $post_label %>
</OPTION>
% }
</SELECT>
% }
</SELECT>
diff --git
a/httemplate/misc/payment.cgi
b/httemplate/misc/payment.cgi
index
44904fb
..
9e530cf
100644
(file)
--- a/
httemplate/misc/payment.cgi
+++ b/
httemplate/misc/payment.cgi
@@
-59,9
+59,8
@@
<TH><% mt('Exp.') |h %></TH>
<TD>
<SELECT NAME="month">
<TH><% mt('Exp.') |h %></TH>
<TD>
<SELECT NAME="month">
-% for ( ( map "0$_", 1 .. 9 ), 10 .. 12 ) {
-
- <OPTION<% $_ == $month ? ' SELECTED' : '' %>><% $_ %>
+% for ( map{ sprintf('%02d',$_) } (1..12) ) {
+ <OPTION VALUE="<% $_ %>"<% $_ == $month ? ' SELECTED' : '' %>><% $_ %></OPTION>
% }
</SELECT>
% }
</SELECT>
@@
-70,8
+69,7
@@
<TD>
<SELECT NAME="year">
% my @a = localtime; for ( $a[5]+1900 .. $a[5]+1915 ) {
<TD>
<SELECT NAME="year">
% my @a = localtime; for ( $a[5]+1900 .. $a[5]+1915 ) {
-
- <OPTION<% $_ == $year ? ' SELECTED' : '' %>><% $_ %>
+ <OPTION VALUE="<% $_ %>"<% $_ == $year ? ' SELECTED' : '' %>><% $_ %></OPTION>
% }
</SELECT>
% }
</SELECT>
diff --git
a/httemplate/misc/process/payment.cgi
b/httemplate/misc/process/payment.cgi
index
9458217
..
5f945a7
100644
(file)
--- a/
httemplate/misc/process/payment.cgi
+++ b/
httemplate/misc/process/payment.cgi
@@
-42,11
+42,11
@@
if ( $cgi->param('fee') =~ /^\s*(\d*(\.\d\d)?)\s*$/ ) {
$amount = sprintf('%.2f', $amount + $fee);
}
$amount = sprintf('%.2f', $amount + $fee);
}
-$cgi->param('year') =~ /^(\d
+)$
/
+$cgi->param('year') =~ /^(\d
{4})
/
or errorpage("illegal year ". $cgi->param('year'));
my $year = $1;
or errorpage("illegal year ". $cgi->param('year'));
my $year = $1;
-$cgi->param('month') =~ /^(\d
+)$
/
+$cgi->param('month') =~ /^(\d
{2})
/
or errorpage("illegal month ". $cgi->param('month'));
my $month = $1;
or errorpage("illegal month ". $cgi->param('month'));
my $month = $1;