Bug #14325
closedCaptive Portal incorrectly allows leading zeroes on voucher roll numbers
100%
Description
If you will create the Voucher roll with the number "000" or "0001" the system will allow you to create a such roll, but the Vouchers from this list will be not valid and the end user will be not able to authorized in the CP. Lists without zeros are working as expected.
Files
Updated by aleksei prokofiev over 1 year ago
I've tested on 23.01 and can confirm that.
Updated by Kris Phillips over 1 year ago
Tested and confirm behavior in pfSense CE 2.7.
Updated by aleksei prokofiev over 1 year ago
Checked, I confirm this behavior on 23.05.1 as well.
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT
Updated by aleksei prokofiev about 1 year ago
- File clipboard-202309240909-0sqae.png clipboard-202309240909-0sqae.png added
- File clipboard-202309240910-bmpvq.png clipboard-202309240910-bmpvq.png added
Tested on
23.09-DEVELOPMENT (amd64)
built on 20230922-1539
FreeBSD 14.0-CURRENT
The issue still persists, if the voucher has zeros you will get next message when test voucher
Updated by Jim Pingle about 1 year ago
- Status changed from New to In Progress
- Assignee set to Jim Pingle
- Target version set to 2.8.0
- Plus Target Version set to 23.09
The underlying voucher
binary strips leading zeroes so we should strip them when creating rolls as well (use intval()
for example).
The input validation code already makes sure you can't create overlapping rolls such as 22 and 00022, so it should be safe to also trim the number on the backend.
Updated by Jim Pingle about 1 year ago
Fixing the backend or doing upgrade code seemed like overkill since there is no way these worked before. I fixed the edit screen to use the integer value of the roll number. So if you edit one of these and save it will be OK as-is. The generated vouchers for roll 22 are the same as 00022 for example so there is no need to worry about generated voucher codes not being valid.
Updated by Jim Pingle about 1 year ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset 502398beea2e0d6930a6e9d1f7fc16737f63265d.
Updated by Jim Pingle about 1 year ago
- Status changed from Feedback to Resolved
Current snapshot uses the integer value as it should, no more leading zeroes in the roll number after saving.
Updated by Jim Pingle about 1 year ago
- Subject changed from Voucher page of Captive portal doesn't properly validate the roll number to Captive Portal incorrectly allows leading zeroes on voucher roll numbers
Updating subject for release notes.
Updated by Jim Pingle about 1 year ago
- Target version changed from 2.8.0 to 2.7.1