I'm working on the Commerce Realex payment gateway module which can accept both credit cards and debit cards. Debit cards don't require a "security code" (aka CVV) field so I'd like the ability to generate the form field but not have it required. The attached patch allows me to specify this - in much the same way as you currently have for the 'issue number' field.

CommentFileSizeAuthor
#7 commerce-skip-cvv-validation-if-empty-1810110-7.patch809 bytesjsacksick
#4 1810110-4-optional_security_code.patch1.12 KBAlbert Volkman
#1 1810110-1-optional_security_code.patch1.14 KBstella
commerce_optional_cvv_code_field.patch746 bytesstella
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

stella’s picture

stella CreditAttribution: stella commented
FileSize
1810110-1-optional_security_code.patch1.14 KB

Patch re-roll to stop the error "You have entered an invalid card security code." appearing too.

rszrama’s picture

rszrama CreditAttribution: rszrama commented

Wouldn't this reverse the current default behavior so sites that currently expect it to be required could suddenly see it appearing as not required?

stella’s picture

stella CreditAttribution: stella commented

I guess it would depend on each payment gateway definition. If the payment gateway doesn't set it then it's not required. I just implemented it the same way as the issue number. Then in the commerce_realex payment gateway I do a requirement check based on the card type selected.

Maybe there's a better approach, but there needs to be some way to have the CVV field be optional as not all card types require it (e.g. Laser debit card).

Albert Volkman’s picture

Albert Volkman CreditAttribution: Albert Volkman commented
FileSize
1810110-4-optional_security_code.patch1.12 KB

This patch builds on the previous patch by introducing a new option "no_code". We can add this piece without breaking existing functionality, and then allow payment types implement this as an option (like the patch from #1948540: Make Security code optional).

rszrama’s picture

rszrama CreditAttribution: rszrama commented
Issue summary: View changes
Status: Needs review » Needs work
Issue tags: +low-hanging fruit

I'd like to see the validation in #4 be a little smarter. commerce_payment_validate_credit_card_security_code() isn't the place to add an exception for an empty code; the function assumes it's being passed a CVV to validate, not an empty string. Better would be to not invoke the function to begin with if we know the CVV isn't required and is an empty string.

nickonom’s picture

nickonom CreditAttribution: nickonom commented

Can't believe this was last updated 3 years ago and nobody else posted here. I am also interested in this feature.

jsacksick’s picture

jsacksick CreditAttribution: jsacksick at Centarro commented
Status: Needs work » Needs review
FileSize
commerce-skip-cvv-validation-if-empty-1810110-7.patch809 bytes

Making the actual field not required could easily be achieved by implementing a hook_form_alter().

However, once you do that, the validation will fail because of the isset() check in commerce_payment_credit_card_validate(), I suggest we replace it by a !empty() check, this way, the CVV would only be validated if filled...

  • rszrama committed 1a22f9c on 7.x-1.x authored by jsacksick 
    Issue #1810110 by stella, Albert Volkman, jsacksick: allow optional CVV...
rszrama’s picture

rszrama CreditAttribution: rszrama at Centarro commented
Status: Needs review » Fixed

Sorry this is so long overdue. Committed the patch in #7.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.