[freeside-devel] Patch to add CVV2 (Card Verification Value)
Webmaster
webmaster at nwdhosting.com
Fri Oct 24 12:43:16 PDT 2003
Good idea, didn't see that recurring_transaction option. Also, I found
and error in my patch, in cust_main.pm, the line:
> > + || $self->ut_number('paycvv')
is incorrect, it makes it required all the time :( oops...
sorry about that.
Brian
> Okay... I make changes based on your patch to collect and store the CVV2
numbers, but delete them after the initial transaction. I modified the
Business::OnlinePayment usage to set the "recurring_transaction" flag
for subsequent transactions to the same card; at least Authorize.Net
uses this to waive the CVV2 requirement. Hopefully other gateways have
an equivalent flag that can be supported in their B:OP modules.
>
> I also added CVV2 collection to the signup server.
>
> --
> _ivan
>
>
> On Tue, Oct 14, 2003 at 08:49:29AM -0700, ivan at 420.am wrote:
>> I'm not sure if I should accept this patch.
>> Jeff pointed out that merchant agreements prohibit the storage of the
CVV2 data after the transaction in which it was captured, such as
storing it in this database for future recurring transactions.
>> This presents a dilemma for merchants which do recurring transacitons,
especially since gateways and merchant account providers seem to be
pressing for CVV2 to get the best rates.
>> Should we patch Freeside to only use the CVV2 numbers for initial
signups, and just deal with the fact we can't store them for recurring
transactions? Or should we have the option to store the CVV2 numbers
anyway, stick on warning that the option may be in violation of
merchant
>> agreements, and be done with it?
>> --
>> _ivan
>> On Sat, Oct 11, 2003 at 03:24:03PM -0400, Webmaster wrote:
>> > I have attached a patch (diff -u) to add CVV2 (Card Verification
>> Value) to
>> > customer entry screen, and submit it to your card processor. This is
based on Fresside v1.4.1, using Apache::ASP. If I have missed
>> anything,
>> > please tell me.
>> >
>> > Database changes:
>> > ALTER TABLE cust_main ADD paycvv VARCHAR(4);
>> > ALTER TABLE h_cust_main ADD paycvv VARCHAR(4);
>> >
>> >
>> > Brian
>> > --- cust_bill.pm Sat Aug 23 02:46:58 2003
>> > +++ /usr/lib/perl5/site_perl/5.6.1/FS/cust_bill.pm Fri Oct 10
>> 19:53:04 2003
>> > @@ -741,6 +741,7 @@
>> > $content{card_number} = $cust_main->payinfo;
>> > $cust_main->paydate =~ /^\d{2}(\d{2})[\/\-](\d+)[\/\-]\d+$/;
$content{expiration} = "$2/$1";
>> > + $content{cvv2} = $cust_main->paycvv;
>> > } elsif ( $method eq 'ECHECK' ) {
>> > my($account_number,$routing_code) = $cust_main->payinfo; (
$content{account_number}, $content{routing_code} ) =
>> > --- cust_main.cgi Wed Jul 23 11:36:56 2003
>> > +++ /usr/local/freeside/asp/edit/cust_main.cgi Fri Oct 10 18:03:27
>> 2003
>> > @@ -401,13 +401,14 @@
>> > "</TABLE>",
>> > &table("#cccccc"), "<TR>";
>> >
>> > - my($payinfo, $payname)=(
>> > + my($payinfo, $payname, $paycvv)=(
>> > $cust_main->payinfo,
>> > $cust_main->payname,
>> > + $cust_main->paycvv
>> > );
>> >
>> > my %payby = (
>> > - 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD"). qq!<BR>${r}Name on card<BR><INPUT TYPE="text"
NAME="CARD_payname" VALUE="">!,
>> > + 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="" MAXLENGTH=19><BR>${r}Exp !.
>> expselect("CARD"). qq!<BR>${r}Name on card<BR><INPUT TYPE="text"
NAME="CARD_payname" VALUE="">!. qq!<BR>Card Verification
>> Value<BR><INPUT TYPE="text" NAME="CARD_paycvv" VALUE="">!,
>> > 'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT
>> TYPE="text" NAME="CHEK_payinfo1" VALUE=""><BR>${r}ABA/Routing
>> code <INPUT TYPE="text" NAME="CHEK_payinfo2" VALUE="" SIZE=10
>> MAXLENGTH=9><INPUT TYPE="hidden" NAME="CHEK_month"
>> VALUE="12"><INPUT TYPE="hidden" NAME="CHEK_year"
>> VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text"
>> NAME="CHEK_payname" VALUE="">!,
>> > 'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT
>> TYPE="text" BANE="LECB_payinfo" VALUE="" MAXLENGTH=15
>> SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT
TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden"
NAME="LECB_payname" VALUE="">!,
>> > 'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text"
>> NAME="BILL_payinfo" VALUE=""><BR><INPUT TYPE="hidden"
>> NAME="BILL_month" VALUE="12"><INPUT TYPE="hidden"
>> NAME="BILL_year" VALUE="2037">Attention<BR><INPUT TYPE="text"
>> NAME="BILL_payname" VALUE="">!,
>> > @@ -417,7 +418,7 @@
>> > my( $account, $aba ) = split('@', $payinfo);
>> >
>> > my %paybychecked = (
>> > - 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19><BR>${r}Exp !.
expselect("CARD", $cust_main->paydate). qq!<BR>${r}Name on
>> card<BR><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname">!,
>> > + 'CARD' => qq!Credit card<BR>${r}<INPUT TYPE="text"
>> NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19><BR>${r}Exp !.
expselect("CARD", $cust_main->paydate). qq!<BR>${r}Name on
>> card<BR><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname">!.
qq!<BR>Card Verification Value<BR><INPUT TYPE="text"
>> NAME="CARD_paycvv" VALUE="$paycvv">!,
>> > 'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT
>> TYPE="text" NAME="CHEK_payinfo1"
>> VALUE="$account"><BR>${r}ABA/Routing code <INPUT TYPE="text"
>> NAME="CHEK_payinfo2" VALUE="$aba" SIZE=10 MAXLENGTH=9><INPUT
>> TYPE="hidden" NAME="CHEK_month" VALUE="12"><INPUT TYPE="hidden"
NAME="CHEK_year" VALUE="2037"><BR>${r}Bank name <INPUT
>> TYPE="text" NAME="CHEK_payname" VALUE="$payname">!,
>> > 'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT
>> TYPE="text" BANE="LECB_payinfo" VALUE="$payinfo" MAXLENGTH=15
>> SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT
TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden"
NAME="LECB_payname" VALUE="">!,
>> > 'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text"
>> NAME="BILL_payinfo" VALUE="$payinfo"><BR><INPUT TYPE="hidden"
>> NAME="BILL_month" VALUE="12"><INPUT TYPE="hidden"
>> NAME="BILL_year" VALUE="2037">Attention<BR><INPUT TYPE="text"
>> NAME="BILL_payname" VALUE="$payname">!,
>> > --- cust_main.pm Thu Jul 17 12:02:04 2003
>> > +++ /usr/lib/perl5/site_perl/5.6.1/FS/cust_main.pm Sat Oct 11
>> 02:16:45 2003
>> > @@ -171,6 +171,8 @@
>> >
>> > =item payname - name on card or billing name
>> >
>> > +=item paycvv - Card Verification Value 3 or 4 digit number on the
>> back of the credit card
>> > +
>> > =item tax - tax exempt, empty or `Y'
>> >
>> > =item otaker - order taker (assigned automatically, see L<FS::UID>)
>> > @@ -476,7 +478,7 @@
>> > }
>> >
>> > if ( $self->payby =~ /^(CARD|CHEK|LECB)$/ &&
>> > - grep { $self->get($_) ne $old->get($_) } qw(payinfo paydate
>> payname) ) {
>> > + grep { $self->get($_) ne $old->get($_) } qw(payinfo paydate
>> payname paycvv) ) {
>> > # card/check/lec info has changed, want to retry realtime_
>> invoice events
>> > my $error = $self->retry_realtime;
>> > if ( $error ) {
>> > @@ -564,6 +566,7 @@
>> > || $self->ut_textn('state')
>> > || $self->ut_country('country')
>> > || $self->ut_anything('comments')
>> > + || $self->ut_number('paycvv')
>> > || $self->ut_numbern('referral_custnum')
>> > ;
>> > #barf. need message catalogs. i18n. etc.
>> > @@ -752,7 +755,7 @@
>> > $self->tax($1);
>> >
>> > $self->otaker(getotaker);
>> > -
>> > + $self->paycvv($self->paycvv);
>> > #warn "AFTER: \n". $self->_dump;
>> >
>> > ''; #no error
>> > --- process/cust_main.cgi Wed Jul 23 11:36:56 2003
>> > +++ /usr/local/freeside/asp/edit/process/cust_main.cgi Sat Oct 11
>> 02:12:11 2003
>> > @@ -19,6 +19,7 @@
>> > $cgi->param('paydate',
>> > $cgi->param( $payby. '_month' ). '-'. $cgi->param( $payby.
>> '_year' ) );
>> > $cgi->param('payname', $cgi->param( $payby. '_payname' ) );
>> > + $cgi->param('paycvv', $cgi->param( $payby. '_paycvv' ) );
>> > }
>> >
>> > $cgi->param('otaker', &getotaker );
>> > --- freeside-setup Fri Jun 13 22:02:25 2003
>> > +++ freeside-setup Sat Oct 11 15:20:41 2003
>> > @@ -494,6 +494,7 @@
>> > 'ship_fax', 'varchar', 'NULL', 12,
>> > 'payby', 'char', '', 4,
>> > 'payinfo', 'varchar', 'NULL', $char_d,
>> > + 'paycvv', 'varchar', 'NULL', 4,
>> > #'paydate', @date_type,
>> > 'paydate', 'varchar', 'NULL', 10,
>> > 'payname', 'varchar', 'NULL', $char_d,
>> --
>> _ivan
>
> --
> _ivan
>
More information about the freeside-devel
mailing list