Issue with saving masked credit card in method SaveOrderDetails

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
6 years ago
I think that I might have found a bug with the method SaveOrderDetails in OrderProcessingService.cs v3.9.  On line 664 where you are setting the MaskedCreditCardNumber you are not checking the processPaymentResult.AllowStoringCreditCardNumber flag to see if it should be saved.  I also checked the source for v4.0 and you aren't checking it there too.  You are however checking the flag for the CardType, CardName, CardNumber, CardCvv2, CardExpirationMonth and CardExpirationYear fields.

Is there a reason that you aren't checking the processPaymentResult.AllowStoringCreditCardNumber flag for the MaskedCreditCardNumber?


CardType = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardType) : string.Empty,
                CardName = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardName) : string.Empty,
                CardNumber = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardNumber) : string.Empty,
                MaskedCreditCardNumber = _encryptionService.EncryptText(_paymentService.GetMaskedCreditCardNumber(processPaymentRequest.CreditCardNumber)),
                CardCvv2 = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardCvv2) : string.Empty,
                CardExpirationMonth = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardExpireMonth.ToString()) : string.Empty,
                CardExpirationYear = processPaymentResult.AllowStoringCreditCardNumber ? _encryptionService.EncryptText(processPaymentRequest.CreditCardExpireYear.ToString()) : string.Empty,
0
6 years ago
It's not the bug. Masked credit card number (just last 4 numbers) should be always saved
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Andrei Mazulnitsyn
nopCommerce team
0
6 years ago
Ok, thank you for the reply.
0
6 years ago
Hi,

Looking at the masking of the credit card. Where is the masked credit card information used or displayed?

I mean which reports / screen views.

Thanks,

Andy
0
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.