From fc39a7a80106b6ee92122cce1969ade99be9342a Mon Sep 17 00:00:00 2001 From: Colin Campbell Date: Fri, 26 Oct 2018 10:42:13 +0100 Subject: [PATCH] Bug 21605: Ensure EDI acct fields set to boolean val Validate the input to the fields indicating account functionality. The only valid values are 1 and 0 non-integer (or integers other than 0/1) are invalid Signed-off-by: Marcel de Rooy Signed-off-by: Martin Renvoize Signed-off-by: Nick Clemens (cherry picked from commit c9c3fc4368ee9d37a45c48167d25d5cee511898b) Signed-off-by: Martin Renvoize (cherry picked from commit ae409c2fb347f7605e20afb34c6e7fe6a04092bb) Signed-off-by: Lucas Gass (cherry picked from commit 4360ba1a247cca6466eb1bcf4e286dd45645d621) Signed-off-by: Fridolin Somers --- admin/edi_accounts.pl | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/admin/edi_accounts.pl b/admin/edi_accounts.pl index 9225b7ced8..fb7cddc49e 100755 --- a/admin/edi_accounts.pl +++ b/admin/edi_accounts.pl @@ -82,14 +82,17 @@ else { download_directory => scalar $input->param('download_directory'), san => scalar $input->param('san'), transport => scalar $input->param('transport'), - quotes_enabled => defined $input->param('quotes_enabled'), - invoices_enabled => defined $input->param('invoices_enabled'), - orders_enabled => defined $input->param('orders_enabled'), - responses_enabled => defined $input->param('responses_enabled'), - auto_orders => defined $input->param('auto_orders'), id_code_qualifier => scalar $input->param('id_code_qualifier'), plugin => scalar $input->param('plugin'), }; + # ensure all capability fields set to binary 0 or 1 + foreach my $capability + (qw( quotes_enabled invoices_enabled orders_enabled responses_enabled auto_orders)) { + $fields->{$capability} = defined $input->param($capability); + if ($fields->{$capability} != 1) { + $fields->{$capability} = 0; + } + } if ($id) { $schema->resultset('VendorEdiAccount')->search( -- 2.39.5