Commit a6de0d6f authored by Jamie McClelland's avatar Jamie McClelland Committed by mattwire

ensure disallowed characters in description don't stop contributions

See extensions/stripe#218
parent 00440cfd
......@@ -844,19 +844,28 @@ class CRM_Core_Payment_Stripe extends CRM_Core_Payment {
* @return string
*/
private function getDescription($params, $type = 'description') {
$description = NULL;
# See https://stripe.com/docs/statement-descriptors
$disallowed_characters = array('<', '>', '\\', "'", '"', '*');
if (!isset(\Civi::$statics[__CLASS__]['description']['contact_contribution'])) {
\Civi::$statics[__CLASS__]['description']['contact_contribution'] = $params['contactID'] . '-' . ($params['contributionID'] ?? 'XX');
}
switch ($type) {
case 'statement_descriptor':
return substr(\Civi::$statics[__CLASS__]['description']['contact_contribution'] . " " . $params['description'], 0, 22);
$description = substr(\Civi::$statics[__CLASS__]['description']['contact_contribution'] . " " . $params['description'], 0, 22);
break;
case 'statement_descriptor_suffix':
return \Civi::$statics[__CLASS__]['description']['contact_contribution'] . " " . substr($params['description'],0,7);
$description = \Civi::$statics[__CLASS__]['description']['contact_contribution'] . " " . substr($params['description'],0,7);
break;
default:
// The (paymentIntent) full description has no restriction on characters that are allowed/disallowed.
return "{$params['description']} " . \Civi::$statics[__CLASS__]['description']['contact_contribution'] . " #" . CRM_Utils_Array::value('invoiceID', $params);
}
return str_replace($disallowed_characters, ' ', $description);
}
/**
......
......@@ -13,6 +13,7 @@ Where:
* Fix [#210](https://lab.civicrm.org/extensions/stripe/-/issues/210): If there are multiple reCaptcha on the page check and validate the one on the Stripe billing form only.
* Update implementation for cancel subscription. Option to notify (default Yes) is now available on the backend cancel subscription form.
* Fix [#218](https://lab.civicrm.org/extensions/stripe/-/issues/218): Ensure disallowed characters in description don't stop contributions from being processed.
## Release 6.4.1
**This release REQUIRES that you upgrade mjwshared to 0.8.**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment