diff options
| author | ivan <ivan> | 2002-05-04 00:47:24 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2002-05-04 00:47:24 +0000 |
| commit | 99230201dec5366bf58b33b29fb2f7ab4724b764 (patch) | |
| tree | 199117f7cb815dc14ec46229a22d37dde70d61f6 | |
| parent | b697a86ff35212aaf5ab8cf06d05ab3f7c619d20 (diff) | |
prevent stuff passed from template/user from being used in searches by signup server
| -rw-r--r-- | FS/FS/cust_pkg.pm | 4 | ||||
| -rwxr-xr-x | fs_signup/fs_signup_server | 7 |
2 files changed, 7 insertions, 4 deletions
diff --git a/FS/FS/cust_pkg.pm b/FS/FS/cust_pkg.pm index 08c04a06b..a4256ea1f 100644 --- a/FS/FS/cust_pkg.pm +++ b/FS/FS/cust_pkg.pm @@ -225,7 +225,7 @@ sub check { return "Unknown customer ". $self->custnum unless $self->cust_main; } - return "Unknown pkgpart" + return "Unknown pkgpart: ". $self->pkgpart unless qsearchs( 'part_pkg', { 'pkgpart' => $self->pkgpart } ); $self->otaker(getotaker) unless $self->otaker; @@ -701,7 +701,7 @@ sub order { =head1 VERSION -$Id: cust_pkg.pm,v 1.20 2002-04-22 21:23:16 ivan Exp $ +$Id: cust_pkg.pm,v 1.21 2002-05-04 00:47:24 ivan Exp $ =head1 BUGS diff --git a/fs_signup/fs_signup_server b/fs_signup/fs_signup_server index e8aa6ed64..70045e63b 100755 --- a/fs_signup/fs_signup_server +++ b/fs_signup/fs_signup_server @@ -142,9 +142,12 @@ while (1) { my @invoicing_list = split( /\s*\,\s*/, $signup_data->{'invoicing_list'} ); + $signup_data->{'pkgpart'} =~ /^(\d+)$/ or '' =~ /^()$/; + my $pkgpart = $1; + my $part_pkg = - qsearchs( 'part_pkg', { 'pkgpart' => $signup_data->{'pkgpart'} } ) - or $error ||= "WARNING: unknown pkgpart ". $signup_data->{pkgpart}; + qsearchs( 'part_pkg', { 'pkgpart' => $pkgpart } ) + or $error ||= "WARNING: unknown pkgpart: $pkgpart"; my $svcpart = $part_pkg->svcpart unless $error; my $cust_pkg = new FS::cust_pkg ( { |