Stripe CVVS is optional, but shouldn't be passed if not being used (or it will fail)

ghidinelli / cfpayment

ColdFusion payment processing library makes plumbing e-commerce apps easy. Charging credit cards has never been easier. Inspired by Ruby's ActiveMerchant.

Other

90 stars 54 forks source link

Stripe CVVS is optional, but shouldn't be passed if not being used (or it will fail) #29

Open JamoCA opened 8 years ago

JamoCA commented 8 years ago

The CFPayment library allows an empty CVV2 value to be posted to Stripe, but Stripe requires that the parameter not be passed if it's not being used. Excluding setVerificationValue() still caused an empty value to be set and passed. I added the following logic to api/gateway/base.cfc in order to exclude the empty parameter from being passed.

<CFIF NOT Findnocase("cvc", key) OR (Findnocase("cvc", key) AND LEN(trim(arguments.payload[key])))>
    <!--- CFHTTParam --->
</CFIF>

ghidinelli commented 8 years ago

If you can send a pull request I'll merge it in. Thanks!