[freeside-devel] Patch to add CVV2 (Card Verification Value)
Webmaster
webmaster at nwdhosting.com
Tue Oct 14 10:13:09 PDT 2003
This I did not know, I will have to look into this, see exactally how my
merchant states this in their agreement, there may be a way around this.
Brian
> I'm not sure if I should accept this patch.
>
> Jeff pointed out that merchant agreements prohibit the storage of the
> CVV2 data after the transaction in which it was captured, such as
> storing it in this database for future recurring transactions.
>
> This presents a dilemma for merchants which do recurring transacitons,
> especially since gateways and merchant account providers seem to be
> pressing for CVV2 to get the best rates.
>
> Should we patch Freeside to only use the CVV2 numbers for initial
> signups, and just deal with the fact we can't store them for recurring
> transactions? Or should we have the option to store the CVV2 numbers
> anyway, stick on warning that the option may be in violation of merchant
> agreements, and be done with it?
>
> --
> _ivan
>
>
> On Sat, Oct 11, 2003 at 03:24:03PM -0400, Webmaster wrote:
>> I have attached a patch (diff -u) to add CVV2 (Card Verification Value)
>> to
>> customer entry screen, and submit it to your card processor. This is
>> based on Fresside v1.4.1, using Apache::ASP. If I have missed anything,
>> please tell me.
>>
>> Database changes:
>> ALTER TABLE cust_main ADD paycvv VARCHAR(4);
>> ALTER TABLE h_cust_main ADD paycvv VARCHAR(4);
>>
>>
>> Brian
>> --- cust_bill.pm Sat Aug 23 02:46:58 2003
>> +++ /usr/lib/perl5/site_perl/5.6.1/FS/cust_bill.pm Fri Oct 10
>> 19:53:04 2003
>> @@ -741,6 +741,7 @@
>> $content{card_number} = $cust_main->payinfo;
>> $cust_main->paydate =~ /^\d{2}(\d{2})[\/\-](\d+)[\/\-]\d+$/;
>> $content{expiration} = "$2/$1";
>> + $content{cvv2} = $cust_main->paycvv;
>> } elsif ( $method eq 'ECHECK' ) {
>> my($account_number,$routing_code) = $cust_main->payinfo;
>> ( $content{account_number}, $content{routing_code} ) =
>> --- cust_main.cgi Wed Jul 23 11:36:56 2003
>> +++ /usr/local/freeside/asp/edit/cust_main.cgi Fri Oct 10 18:03:27 2003
>> @@ -401,13 +401,14 @@
>> "</TABLE>",
>> &table("#cccccc"), "<TR>";
>>
>> - my($payinfo, $payname)=(
>> + my($payinfo, $payname, $paycvv)=(
>> $cust_main->payinfo,
>> $cust_main->payname,
>> + $cust_main->paycvv
>> );
>>
>> my %payby = (
>> - 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD"). qq!<BR>${r}Name on card<BR><INPUT TYPE="text"
>> NAME="CARD_payname" VALUE="">!,
>> + 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD"). qq!<BR>${r}Name on card<BR><INPUT TYPE="text"
>> NAME="CARD_payname" VALUE="">!. qq!<BR>Card Verification Value<BR><INPUT
>> TYPE="text" NAME="CARD_paycvv" VALUE="">!,
>> 'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT
>> TYPE="text" NAME="CHEK_payinfo1" VALUE=""><BR>${r}ABA/Routing code
>> <INPUT TYPE="text" NAME="CHEK_payinfo2" VALUE="" SIZE=10
>> MAXLENGTH=9><INPUT TYPE="hidden" NAME="CHEK_month"
>> VALUE="12"><INPUT TYPE="hidden" NAME="CHEK_year"
>> VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text"
>> NAME="CHEK_payname" VALUE="">!,
>> 'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT
>> TYPE="text" BANE="LECB_payinfo" VALUE="" MAXLENGTH=15
>> SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT
>> TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden"
>> NAME="LECB_payname" VALUE="">!,
>> 'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text" NAME="BILL_payinfo"
>> VALUE=""><BR><INPUT TYPE="hidden" NAME="BILL_month"
>> VALUE="12"><INPUT TYPE="hidden" NAME="BILL_year"
>> VALUE="2037">Attention<BR><INPUT TYPE="text" NAME="BILL_payname"
>> VALUE="">!,
>> @@ -417,7 +418,7 @@
>> my( $account, $aba ) = split('@', $payinfo);
>>
>> my %paybychecked = (
>> - 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD", $cust_main->paydate). qq!<BR>${r}Name on
>> card<BR><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname">!,
>> + 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD", $cust_main->paydate). qq!<BR>${r}Name on
>> card<BR><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname">!.
>> qq!<BR>Card Verification Value<BR><INPUT TYPE="text" NAME="CARD_paycvv"
>> VALUE="$paycvv">!,
>> 'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT
>> TYPE="text" NAME="CHEK_payinfo1"
>> VALUE="$account"><BR>${r}ABA/Routing code <INPUT TYPE="text"
>> NAME="CHEK_payinfo2" VALUE="$aba" SIZE=10 MAXLENGTH=9><INPUT
>> TYPE="hidden" NAME="CHEK_month" VALUE="12"><INPUT TYPE="hidden"
>> NAME="CHEK_year" VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text"
>> NAME="CHEK_payname" VALUE="$payname">!,
>> 'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT
>> TYPE="text" BANE="LECB_payinfo" VALUE="$payinfo" MAXLENGTH=15
>> SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT
>> TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden"
>> NAME="LECB_payname" VALUE="">!,
>> 'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text" NAME="BILL_payinfo"
>> VALUE="$payinfo"><BR><INPUT TYPE="hidden" NAME="BILL_month"
>> VALUE="12"><INPUT TYPE="hidden" NAME="BILL_year"
>> VALUE="2037">Attention<BR><INPUT TYPE="text" NAME="BILL_payname"
>> VALUE="$payname">!,
>> --- cust_main.pm Thu Jul 17 12:02:04 2003
>> +++ /usr/lib/perl5/site_perl/5.6.1/FS/cust_main.pm Sat Oct 11
>> 02:16:45 2003
>> @@ -171,6 +171,8 @@
>>
>> =item payname - name on card or billing name
>>
>> +=item paycvv - Card Verification Value 3 or 4 digit number on the back
>> of the credit card
>> +
>> =item tax - tax exempt, empty or `Y'
>>
>> =item otaker - order taker (assigned automatically, see L<FS::UID>)
>> @@ -476,7 +478,7 @@
>> }
>>
>> if ( $self->payby =~ /^(CARD|CHEK|LECB)$/ &&
>> - grep { $self->get($_) ne $old->get($_) } qw(payinfo paydate
>> payname) ) {
>> + grep { $self->get($_) ne $old->get($_) } qw(payinfo paydate
>> payname paycvv) ) {
>> # card/check/lec info has changed, want to retry realtime_ invoice
>> events
>> my $error = $self->retry_realtime;
>> if ( $error ) {
>> @@ -564,6 +566,7 @@
>> || $self->ut_textn('state')
>> || $self->ut_country('country')
>> || $self->ut_anything('comments')
>> + || $self->ut_number('paycvv')
>> || $self->ut_numbern('referral_custnum')
>> ;
>> #barf. need message catalogs. i18n. etc.
>> @@ -752,7 +755,7 @@
>> $self->tax($1);
>>
>> $self->otaker(getotaker);
>> -
>> + $self->paycvv($self->paycvv);
>> #warn "AFTER: \n". $self->_dump;
>>
>> ''; #no error
>> --- process/cust_main.cgi Wed Jul 23 11:36:56 2003
>> +++ /usr/local/freeside/asp/edit/process/cust_main.cgi Sat Oct 11
>> 02:12:11 2003
>> @@ -19,6 +19,7 @@
>> $cgi->param('paydate',
>> $cgi->param( $payby. '_month' ). '-'. $cgi->param( $payby. '_year'
>> ) );
>> $cgi->param('payname', $cgi->param( $payby. '_payname' ) );
>> + $cgi->param('paycvv', $cgi->param( $payby. '_paycvv' ) );
>> }
>>
>> $cgi->param('otaker', &getotaker );
>> --- freeside-setup Fri Jun 13 22:02:25 2003
>> +++ freeside-setup Sat Oct 11 15:20:41 2003
>> @@ -494,6 +494,7 @@
>> 'ship_fax', 'varchar', 'NULL', 12,
>> 'payby', 'char', '', 4,
>> 'payinfo', 'varchar', 'NULL', $char_d,
>> + 'paycvv', 'varchar', 'NULL', 4,
>> #'paydate', @date_type,
>> 'paydate', 'varchar', 'NULL', 10,
>> 'payname', 'varchar', 'NULL', $char_d,
>
> --
> _ivan
>
More information about the freeside-devel
mailing list