|
|
|
|
|
|
by pathartl
2460 days ago
|
|
|
Click bait title. TL;DR: Chipotle is manipulating the year field in CC transactions and expecting a two digit year instead of a four digit, but didn't set a max length on the field. ALWAYS SANITIZE YOUR INPUTS. When that sanitation is complete, replace what's in the form. You don't always have to sanitize the frontend, but ALWAYS sanitize the backend. Click bait because there's nothing substantial claiming that this actually resulted in a loss of revenue for Chipotle other than some napkin mathematics. A counter point I would make is that I assume most people don't use CC saving in their browser as everyone seems to make a big stink about it. Additionally I would wonder about the amount of people that would notice their info was correct, but failing, and then go through and manually change the information before submitting again. In this case, they may be more inclined to follow the standard 2 digit year that everyone seems to ask for. |
|
|
Auto fill messes up the entry, people refill manually. This happens all the time on numerous payment forms