my $h_sth;
- if ( defined dbdef->table('h_'. $table) ) {
+ if ( defined( dbdef->table('h_'. $table) ) && ! $no_history ) {
my $h_statement = $self->_h_statement('insert');
warn "[debug]$me $h_statement\n" if $DEBUG > 2;
$h_sth = dbh->prepare($h_statement) or do {
sub encrypt {
my ($self, $value) = @_;
- my $encrypted;
+ my $encrypted = $value;
if ($conf->exists('encryption')) {
if ($self->is_encrypted($value)) {
use FS::queue;
use FS::queue_depend;
use FS::Log;
+use FS::Cron::expire_user_pref qw( expire_user_pref );
# no autoloading for non-FS classes...
use Net::SSH 0.07;
if ( $kids >= $max_kids ) {
warn "WARNING: maximum $kids children reached\n" unless $warnkids++;
&reap_kids;
+ expire_user_pref() unless $warnkids % 10;
sleep 1; #waiting for signals is cheap
next;
}
undef $FS::UID::dbh;
next;
};
+ expire_user_pref();
sleep $sleep_time;
next;
}
my $prospectnum = '';
my $locationnum = '';
+$m->comp('/elements/handle_uri_query', 'secure'=>1);
+
if ( $cgi->param('error') ) {
$cust_main = new FS::cust_main ( {
% if ( $error ) {
% $cgi->param('error', $error);
-%
-<% $cgi->redirect(popurl(2). "cust_main.cgi?". $cgi->query_string ) %>
+% my $query = $m->scomp('/elements/create_uri_query', 'secure'=>1);
+<% $cgi->redirect(popurl(2). "cust_main.cgi?$query" ) %>
%
% } else {
%
<% $query %>\
<%init>
+my %opt = @_;
+
+if ( $opt{secure} ) {
+
+ foreach my $param (grep /pay(info\d?|cvv)$/, $cgi->param) {
+ my $value = $cgi->param($param);
+ next unless length($value);
+ my $encrypted = FS::Record->encrypt( $value );
+ $cgi->param($param, $encrypted);
+ }
+
+}
+
my $query = $cgi->query_string;
-if ( length($query) > 1920 ) { #stupid IE 2083 URL limit
+if ( length($query) > 1920 || $opt{secure} ) { #stupid IE 2083 URL limit
my $session = int(rand(4294967296)); #XXX
my $pref = new FS::access_user_pref({
'usernum' => $FS::CurrentUser::CurrentUser->usernum,
'prefname' => "redirect$session",
'prefvalue' => $query,
- 'expiration' => time + 3600, #1h? 1m?
+ 'expiration' => time + ( $opt{secure} ? 120 #2m?
+ : 3600 #1h?
+ ),
});
+ local($FS::Record::no_history) = 1;
+
my $pref_error = $pref->insert;
if ( $pref_error ) {
die "FATAL: couldn't even set redirect cookie: $pref_error".
% if ( $curuser->access_right('List customers') ) {
- <FORM ACTION="<%$fsurl%>search/cust_main.cgi" METHOD="GET" STYLE="margin:0">
+ <FORM ACTION="<%$fsurl%>search/cust_main.cgi" METHOD="POST" STYLE="margin:0">
<INPUT NAME="search_cust" TYPE="text" VALUE="<% $cust_label |n %>" STYLE="width:<%$width%>" onFocus="clearhint_search_cust(this);" onClick="clearhint_search_cust(this);" CLASS="fstext"><BR>
<A HREF="<%$fsurl%>search/report_cust_main.html" CLASS="fslink" STYLE="font-size: 11px"><% mt('Advanced') |h %></A>
<INPUT TYPE="submit" VALUE="<% mt('Search customers') |h %>" CLASS="fsblackbutton" onMouseOver="this.className='fsblackbuttonselected'; return true;" onMouseOut="this.className='fsblackbutton'; return true;" STYLE="font-size:11px">
projects / freeside.git / commitdiff