You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by mo...@apache.org on 2009/08/14 11:23:54 UTC
svn commit: r804136 -
/ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl
Author: mor
Date: Fri Aug 14 09:23:51 2009
New Revision: 804136
URL: http://svn.apache.org/viewvc?rev=804136&view=rev
Log:
Mask sensitive numbers on party profile page.
Modified:
ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl
Modified: ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl?rev=804136&r1=804135&r2=804136&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl (original)
+++ ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/PaymentMethods.ftl Fri Aug 14 09:23:51 2009
@@ -17,6 +17,23 @@
under the License.
-->
+<#macro maskSensitiveNumber cardNumber>
+ <#assign cardNumberDisplay = "">
+ <#if cardNumber?has_content>
+ <#assign size = cardNumber?length - 4>
+ <#if (size > 0)>
+ <#list 0 .. size-1 as foo>
+ <#assign cardNumberDisplay = cardNumberDisplay + "*">
+ </#list>
+ <#assign cardNumberDisplay = cardNumberDisplay + cardNumber[size .. size + 3]>
+ <#else>
+ <#-- but if the card number has less than four digits (ie, it was entered incorrectly), display it in full -->
+ <#assign cardNumberDisplay = cardNumber>
+ </#if>
+ </#if>
+ ${cardNumberDisplay?if_exists}
+</#macro>
+
<div id="partyPaymentMethod" class="screenlet">
<div class="screenlet-title-bar">
<ul>
@@ -50,7 +67,7 @@
-
<#if security.hasEntityPermission("PAY_INFO", "_VIEW", session)>
${creditCard.cardType}
- ${creditCard.cardNumber}
+ <@maskSensitiveNumber cardNumber=creditCard.cardNumber?if_exists/>
${creditCard.expireDate}
<#else>
${Static["org.ofbiz.party.contact.ContactHelper"].formatCreditCard(creditCard)}
@@ -77,22 +94,8 @@
<#if security.hasEntityPermission("PAY_INFO", "_VIEW", session)>
${giftCard.cardNumber?default("N/A")} [${giftCard.pinNumber?default("N/A")}]
<#else>
- <#if giftCard?has_content && giftCard.cardNumber?has_content>
- <#assign giftCardNumber = "">
- <#assign pcardNumber = giftCard.cardNumber>
- <#if pcardNumber?has_content>
- <#assign psize = pcardNumber?length - 4>
- <#if 0 < psize>
- <#list 0 .. psize-1 as foo>
- <#assign giftCardNumber = giftCardNumber + "*">
- </#list>
- <#assign giftCardNumber = giftCardNumber + pcardNumber[psize .. psize + 3]>
- <#else>
- <#assign giftCardNumber = pcardNumber>
- </#if>
- </#if>
- </#if>
- ${giftCardNumber?default("N/A")}
+ <@maskSensitiveNumber cardNumber=giftCard.cardNumber?if_exists/>
+ <#if !cardNumberDisplay?has_content>N/A</#if>
</#if>
<#if paymentMethod.description?has_content>(${paymentMethod.description})</#if>
<#if paymentMethod.glAccountId?has_content>(for GL Account ${paymentMethod.glAccountId})</#if>