[freeside-commits] branch FREESIDE_3_BRANCH updated. 9639c805abfdd2858a29576b767461c667bd5417

Fri Sep 7 15:33:01 PDT 2018

The branch, FREESIDE_3_BRANCH has been updated
       via  9639c805abfdd2858a29576b767461c667bd5417 (commit)
      from  9ab6c15b92d4cf7935f752fd5408d70e494e0f0b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9639c805abfdd2858a29576b767461c667bd5417
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Fri Sep 7 18:32:18 2018 -0400

    RT# 80869 freeside_upgrade fix for bad payment expiration dates

diff --git a/FS/FS/cust_main.pm b/FS/FS/cust_main.pm
index 36775127b..b103996a4 100644
--- a/FS/FS/cust_main.pm
+++ b/FS/FS/cust_main.pm
@@ -5647,8 +5647,86 @@ sub _upgrade_data { #class method
     FS::Setup::enable_encryption();
   }
 
+  $class->_upgrade_data_paydate_edgebug;
 }
 
+=item _upgrade_data_paydate_edgebug
+
+Correct bad data injected into payment expire date column by Edge browser bug
+
+The month and year values may have an extra character injected into form POST
+data by Edge browser.  It was possible for some bad month values to slip
+past data validation.
+
+If the stored value was out of range, it was causing payments screen to crash.
+We can detect and fix this by dropping the second digit.
+
+If the stored value is is 11 or 12, it's possible the user inputted a 1.  In
+this case, the payment method will fail to authorize, but the record will
+not cause crashdumps for being out of range.
+
+In short, check for any expiration month > 12, and drop the extra digit
+
+=cut
+
+sub _upgrade_data_paydate_edgebug {
+  my $journal_label = 'cust_main_paydate_edgebug';
+  return if FS::upgrade_journal->is_done( $journal_label );
+
+  my $oldAutoCommit = $FS::UID::AutoCommit;
+  local $FS::UID::AutoCommit = 0;
+
+  for my $row (
+    FS::Record::qsearch(
+      cust_main => { paydate => { op => '!=', value => '' }}
+    )
+  ) {
+    next unless $row->ut_daten('paydate');
+
+    # paydate column stored in database has failed date validation
+    my $bad_paydate = $row->paydate;
+
+    my @date = split /[\-\/]/, $bad_paydate;
+    @date = @date[2,0,1] if $date[2] > 1900;
+
+    # Only autocorrecting when month > 12 - notify operator
+    unless ( $date[1] > 12 ) {
+      die sprintf(
+        'Unable to correct bad paydate stored in cust_main row '.
+        'custnum(%s) paydate(%s)',
+        $row->custnum,
+        $bad_paydate,
+      );
+    }
+
+    $date[1] = substr( $date[1], 0, 1 );
+    $row->paydate( join('-', @date ));
+
+    if ( my $error = $row->replace ) {
+      die sprintf(
+        'Failed to autocorrect bad paydate stored in cust_main row '.
+        'custnum(%s) paydate(%s) - error: %s',
+        $row->custnum,
+        $bad_paydate,
+        $error
+      );
+    }
+
+    warn sprintf(
+      'Autocorrected bad paydate stored in cust_main row '.
+      "custnum(%s) old-paydate(%s) new-paydate(%s)\n",
+      $row->custnum,
+      $bad_paydate,
+      $row->paydate,
+    );
+
+  }
+
+  FS::upgrade_journal->set_done( $journal_label );
+  dbh->commit unless $oldAutoCommit;
+}
+
+
 sub queueable_upgrade {
   my $class = shift;
 

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/cust_main.pm | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)


