예제 #1
0
        //Security Defect -START - Added the below code to validate the fields in the lineitem
        public CCResponse ValidateFields()
        {
            //Security Defect - Added the below code to trim all the fields
            ProductCode   = ProductCode.Trim();
            ProductName   = ProductName.Trim();
            ClubCode      = ClubCode.Trim();
            SubProduct    = SubProduct.Trim();
            AccountNumber = AccountNumber.Trim();
            LastName      = LastName.Trim();
            FirstName     = FirstName.Trim();
            SKU           = SKU.Trim();
            RevenueCode   = RevenueCode.Trim();
            RevenueType   = RevenueType.Trim();
            //Security Defect - Added the below code to trim all the fields
            CCResponse c = new CCResponse();

            if ((ProductCode.Length > 10) || junkValidation(ProductCode))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "ProductCode";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_PRODUCTCODE");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((ProductName.Length > 50) || junkValidation(ProductName))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "ProductName";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_PRODUCTNAME");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((ClubCode.Length > 50) || junkValidation(ClubCode))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "ClubCode";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_CLUBCODE");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((SubProduct.Length > 25) || junkValidation(SubProduct))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "SubProduct";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_SUBPRODUCT");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if (IsMissing(AccountNumber) || (AccountNumber.Length > 25) || junkValidation(AccountNumber))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "AccountNumber";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_ACCOUNTNUMBER");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            //if (IsMissing(LastName))
            //{
            //    c.Message = CSAAWeb.Constants.ERR_AUTHVALIDATION + "LastName";
            //    c.ActualMessage = c.Message;
            //    c.Flag = Config.Setting("ERRCDE_LASTNAME");
            //    Logger.Log(c.Message + c.Flag);
            //    return c;
            //}
            //if (IsMissing(FirstName))
            //{
            //    c.Message = CSAAWeb.Constants.ERR_AUTHVALIDATION + "FirstName";
            //    c.ActualMessage = c.Message;
            //    c.Flag = Config.Setting("ERRCDE_FIRSTNAME");
            //    Logger.Log(c.Message + c.Flag);
            //    return c;
            //}
            if ((SKU.Length > 3) || junkValidation(SKU))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "SKU";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_SKU");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((RevenueCode.Length > 10) || junkValidation(RevenueCode))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "RevenueCode";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_REVENUECODE");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if (IsMissing(RevenueType) || (RevenueType.Length > 20) || junkValidation(RevenueType))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "RevenueType";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_REVENUETYPE");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((Amount < 0) || (Amount > 25000) || junkValidation(Amount.ToString()))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "Amount";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_AMOUNT");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            if ((Tax_Amount < 0) || (Tax_Amount > 25000) || junkValidation(Tax_Amount.ToString()))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "Tax_Amount";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_TAXAMOUNT");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            //if ((LineItemNo > 10) || !CSAAWeb.Validate.IsAllNumeric(LineItemNo.ToString()))
            //{
            //    c.Message = CSAAWeb.Constants.ERR_AUTHVALIDATION + "LineItemNo";
            //    c.ActualMessage = c.Message;
            //    c.Flag = Config.Setting("ERRCDE_LINEITEMNO");
            //    Logger.Log(c.Message + c.Flag);
            //    return c;
            //}
            if ((Quantity > 10) || !CSAAWeb.Validate.IsAllNumeric(Quantity.ToString()))
            {
                c.Message       = CSAAWeb.Constants.ERR_AUTHVALIDATION + "Quantity";
                c.ActualMessage = c.Message;
                c.Flag          = Config.Setting("ERRCDE_QUANTITY");
                Logger.Log(c.Message + c.Flag);
                return(c);
            }
            else
            {
                return(null);
            }
            //Security Defect -END - Added the below code to validate the fields in the lineitem
        }