Skip to content

Fix Error 500 on Manage Billing Form and clarify the service-code grid#2488

Open
D3V41 wants to merge 5 commits into
developfrom
fix/manage-billing-form-update-500
Open

Fix Error 500 on Manage Billing Form and clarify the service-code grid#2488
D3V41 wants to merge 5 commits into
developfrom
fix/manage-billing-form-update-500

Conversation

@D3V41

@D3V41 D3V41 commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

Problem

In Administration → Billing → Manage Billing Form (Service Code), entering a billing code but leaving the Order box empty and clicking Update returned an Error 500. The page also gave no hint the second box was required - just a wall of unlabeled boxes, so this was easy to hit.

Root cause: the save code ran Integer.parseInt("") on the empty Order value, which throws NumberFormatException.

before image

Solution

  • Clearer form: Billing code and Order are now labeled, side-by-side columns, and each group has a Group name label.
after
  • No more crash: a blank or non-numeric Order now falls back to the row position instead of throwing; parameter reads are null-safe.
after with require
  • Guided input: the Order box is type="number" and becomes required the moment a code is typed, so the browser blocks the bad submit up front instead of failing on the server.

Closes https://trello.com/c/8hPqu3LY

Summary by Sourcery

Prevent crashes when saving billing service codes with missing or invalid order values and improve the usability of the Manage Billing Form service-code grid.

Bug Fixes:

  • Handle blank or non-numeric service order values without throwing errors when persisting billing services.

Enhancements:

  • Normalize and validate service code and order request parameters before persistence to make the Manage Billing Form more robust.
  • Clarify the Manage Billing Form service-code grid layout and input behavior so required fields are more obvious to users.

Summary by cubic

Fixed the 500 error on Administration → Billing → Manage Billing Form when Order is blank, negative, or out of range. Clarified the service-code grid and made inputs safer to block bad submits.

  • Bug Fixes
    • Null-safe, trimmed reads; guard Order parse against blank, non-numeric, negative, and overflow; fallback to row index instead of throwing.
    • Labeled “Group name”, “Billing code”, and “Order”; two-column layout; number-only Order (min 0) becomes required when a code is entered; render empty Group name/Billing code when null with a null-safe required check.

Written for commit 5e1856e. Summary will update on new commits.

Review in cubic

Summary by CodeRabbit

  • Bug Fixes
    • Improved billing form behavior so the “Order” field is only required when a billing code is entered.
    • Prevented errors when saving billing services by handling blank or invalid order values more safely.
    • Updated the billing section layout for a clearer two-column display of billing code and order fields.

@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@sourcery-ai

sourcery-ai Bot commented Jun 29, 2026

Copy link
Copy Markdown
Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Fixes the 500 error when saving service codes with a blank Order, hardens request parsing, and restructures the Manage Billing Form UI to make service code and order entry clearer and guided.

Sequence diagram for saving service codes with safe order handling

sequenceDiagram
    participant Browser
    participant ManageBillingform_service_jsp as ManageBillingform_service.jsp
    participant CtlBillingService
    participant CtlBillingServiceDao

    Browser->>ManageBillingform_service_jsp: POST ManageBillingForm
    loop groups and rows
        ManageBillingform_service_jsp->>ManageBillingform_service_jsp: request.getParameter(field)
        ManageBillingform_service_jsp->>ManageBillingform_service_jsp: serviceCode.trim()
        alt serviceCode not empty
            ManageBillingform_service_jsp->>ManageBillingform_service_jsp: request.getParameter(field + "_order")
            ManageBillingform_service_jsp->>ManageBillingform_service_jsp: orderParam.trim()
            alt orderParam.matches("\\d+")
                ManageBillingform_service_jsp->>ManageBillingform_service_jsp: Integer.parseInt(orderParam)
            else fallback to row index
                ManageBillingform_service_jsp->>ManageBillingform_service_jsp: serviceOrder = i
            end
            ManageBillingform_service_jsp->>CtlBillingService: new CtlBillingService()
            ManageBillingform_service_jsp->>CtlBillingService: setServiceCode(serviceCode)
            ManageBillingform_service_jsp->>CtlBillingService: setServiceOrder(serviceOrder)
            ManageBillingform_service_jsp->>CtlBillingServiceDao: persist(cbs)
        end
    end
    ManageBillingform_service_jsp-->>Browser: Render updated Manage Billing Form
Loading

Flow diagram for guided service code and order entry in Manage Billing Form

flowchart TD
    A[ServiceCode input empty] --> B[Order input disabled or not required]
    B --> C[User types serviceCode]
    C --> D[Browser sets Order type number]
    D --> E[Browser marks Order required]
    E --> F{Order valid number?}
    F -->|No| G[Browser blocks form submit]
    F -->|Yes| H[Browser allows submit]
    H --> I[Server applies safe order fallback logic]
Loading

File-Level Changes

Change Details Files
Harden server-side parsing of service code and order, preventing NumberFormatException and defaulting invalid orders to the row index.
  • Introduced local variables for the service field name and service code value, trimming and null-normalizing the request parameter.
  • Guarded service processing with an is-empty check instead of relying on raw length() on the request parameter.
  • Added retrieval and trimming of the associated order parameter, with a numeric-only regex check to decide whether to parse or fall back.
  • Changed service order assignment to use the parsed numeric order when valid, or the loop index when missing/invalid, and passed the cleaned service code into the billing service object.
src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp
Improve the Manage Billing Form UI for service codes so required fields are labeled and browser validation prevents bad submissions.
  • Reworked the service-code grid layout so billing code and order appear as labeled, side-by-side columns within clearly labeled groups.
  • Updated the order input to use an HTML number field and made it conditionally required when a billing code is entered, enabling client-side validation.
  • Adjusted markup and any associated attributes/classes to align the new labels and columns with the existing styling of the billing form.
src/main/webapp/billing/CA/ON/manageBillingform_service.jspf

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 5e1856e.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

Scanned Files

None

@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Server-side JSP now reads billing service form parameters with null-safe trimming and numeric regex validation, falling back to the loop index for invalid order values. The form fragment adds a toggleOrderRequired JavaScript helper and restructures group inputs into a two-column layout with conditional server-side required attributes.

Changes

Billing Service Form Input Hardening

Layer / File(s) Summary
Form layout and client-side required toggling
src/main/webapp/billing/CA/ON/manageBillingform_service.jspf
Adds toggleOrderRequired JS function that dynamically sets the order input's required attribute based on billing code presence; restructures group inputs into a two-column "Billing code"/"Order" layout with oninput hooks and server-side conditional required.
Null-safe parameter parsing and persistence
src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp
Constructs parameter names via a local field variable, trims serviceCode with null-to-empty handling, validates serviceOrder via \\d+ regex with fallback to loop index i, and passes the result to CtlBillingService.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 A null once snuck in, causing quite a scene,
The rabbit trimmed it tidy, kept the fields clean.
With regex and fallback, the order is set,
No NPE troubles to cause us regret.
The form now toggles required with a hop—
Safe billing at last, and we'll never stop! 🥕

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main fixes: preventing the Manage Billing Form 500 error and improving the service-code grid layout.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/manage-billing-form-update-500

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@D3V41 D3V41 self-assigned this Jun 29, 2026

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've reviewed your changes and they look great!


Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request refactors the billing service form processing and layout. It introduces dynamic validation for the service order field using JavaScript, improves input styling, and adds basic validation to prevent page crashes when parsing the service order parameter. The review feedback highlights potential runtime exceptions, such as a NumberFormatException if the order parameter exceeds Integer.MAX_VALUE, and NullPointerException or rendering issues if servicetype_name or service_code[k] are null.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp Outdated
Comment thread src/main/webapp/billing/CA/ON/manageBillingform_service.jspf
Comment thread src/main/webapp/billing/CA/ON/manageBillingform_service.jspf

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
src/main/webapp/billing/CA/ON/manageBillingform_service.jspf (1)

44-45: 🔒 Security & Privacy | 🔵 Trivial

Add the standard CSRF hidden field, or link the follow-up issue.

This POST form is still missing the repository-standard _csrf hidden input, so billing-form updates remain forgeable even though this PR already touches the form markup.

Suggested patch
 	<tr>
 		<td colspan="3"><input type="submit" name="submit"
 			value="<fmt:setBundle basename="oscarResources"/><fmt:message key="billing.manageBillingform_service.btnUpdate"/>"><input
+			type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"><input
 			type="hidden" name="typeid"
 			value="<%=Encode.forHtmlAttribute(request.getParameter("billingform"))%>"><input
 			type="hidden" name="type" value="<%=Encode.forHtmlAttribute(String.valueOf(service_name))%>"></td>
 	</tr>

If you want to keep this bug fix narrowly scoped, I can help draft the follow-up issue and the PR description note for it. As per coding guidelines, all HTML forms must include the standard CSRF token, and based on learnings this should be raised non-blockingly for unrelated src/main/webapp JSP bug-fix PRs.

Also applies to: 122-126

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/main/webapp/billing/CA/ON/manageBillingform_service.jspf` around lines 44
- 45, The POST form in manageBillingform_service.jspf is missing the
repository-standard _csrf hidden field, so update the form markup around the
form element to include the standard CSRF token input used elsewhere in the app.
If this change is intentionally out of scope, link or create the follow-up issue
in the PR notes; otherwise, ensure the form submits with the existing CSRF
protection pattern referenced by form1 and dbManageBillingform_service.jsp.

Sources: Coding guidelines, Learnings

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/main/webapp/billing/CA/ON/manageBillingform_service.jspf`:
- Around line 44-45: The POST form in manageBillingform_service.jspf is missing
the repository-standard _csrf hidden field, so update the form markup around the
form element to include the standard CSRF token input used elsewhere in the app.
If this change is intentionally out of scope, link or create the follow-up issue
in the PR notes; otherwise, ensure the form submits with the existing CSRF
protection pattern referenced by form1 and dbManageBillingform_service.jsp.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f0a1a5c0-eec8-474b-a65a-94e9d8e4df78

📥 Commits

Reviewing files that changed from the base of the PR and between 5f49a01 and ef20c30.

📒 Files selected for processing (2)
  • src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp
  • src/main/webapp/billing/CA/ON/manageBillingform_service.jspf

Comment thread src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp Outdated

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 issues found across 2 files

Confidence score: 2/5

  • In src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp, Integer.parseInt is still reachable for overflow-length numeric strings, so a crafted POST can throw NumberFormatException after existing rows are deleted, risking partial or empty billing data persistence—add a strict length/range guard (or safe parse with rejection) before the delete/insert flow and fail validation early.
  • In src/main/webapp/billing/CA/ON/manageBillingform_service.jspf, calling .isEmpty() on service_code[k] without a null check can trigger a NullPointerException and break request processing for affected submissions—guard service_code[k] != null before .isEmpty() checks.
  • In src/main/webapp/billing/CA/ON/manageBillingform_service.jspf, String.valueOf(servicetype_name) can render a literal "null" into the UI, which is user-facing and can confuse editing workflows—render an empty string when servicetype_name is null before merging.

Reply with feedback, questions, or to request a fix.

Re-trigger cubic

Comment thread src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp Outdated
Comment thread src/main/webapp/billing/CA/ON/manageBillingform_service.jspf Outdated
Comment thread src/main/webapp/billing/CA/ON/manageBillingform_service.jspf Outdated

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 2 files (changes from recent commits).

Reply with feedback, questions, or to request a fix.

Re-trigger cubic

Comment thread src/main/webapp/billing/CA/ON/dbManageBillingform_service.jsp
@D3V41 D3V41 requested a review from LiamStanziani June 29, 2026 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants