| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006939 | OXID eShop (all versions) | 1.03. Basket, checkout process | public | 2019-01-14 14:12 | 2019-05-07 11:23 |
| Reporter | QA | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 6.1.2 | ||||
| Fixed in Version | 6.1.4 | ||||
| Summary | 0006939: Payment method Direct debit no complete check of BIC. A blank character is sufficient here to recognize the form data as valid. | ||||
| Description | If the direct debit payment method (direct debit) is selected, BIC's details are not fully checked. The entry of a blank character is sufficient here to recognize the form data as valid. In vendor/oxid-esales/oxideshop-ce/source/Core/InputValidator::_validateDebitNote() spaces are removed in the _cleanDebitInformation() method. Then the cleaned $aDebitInformation['lsblz'] is passed. $sBankCode = $aDebitInformation['lsblz']; Thus, when a space is entered in the BIC, the field is filled as follows: $sBankCode = """ The following is then checked: if (empty($sBankCode) || $oSepaValidator->isValidBIC($sBankCode)) { $mxValidationResult = true; Thus, when a space is entered in the BIC, it is recognized as valid. | ||||
| Steps To Reproduce | 1. Add article to basket 2. Go to step 2 Direct Debit 3. Insert a blank for BIC and korrect IBAN -> blank character is sufficient here to recognize the form data as valid | ||||
| Tags | No tags attached. | ||||
| Theme | Not defined | ||||
| Browser | Not defined | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
- Anonymous
