diff options
| author | Jonathan Prykop <jonathan@freeside.biz> | 2015-12-02 05:02:17 -0600 |
|---|---|---|
| committer | Jonathan Prykop <jonathan@freeside.biz> | 2015-12-14 22:38:35 -0600 |
| commit | eb2c0c03d10e1561f8bfbea42b29bdf1b165c52b (patch) | |
| tree | f98b1033ec5b986ebfbfc541f3cad100ee2b3c69 /fs_selfservice/FS-SelfService/cgi/selfservice.cgi | |
| parent | e0258f0085ce5ef7d3b21a51fd60635f1735b421 (diff) | |
RT#29354: Password Security in Email [xmlhttp validation for selfservice]
Diffstat (limited to 'fs_selfservice/FS-SelfService/cgi/selfservice.cgi')
| -rwxr-xr-x | fs_selfservice/FS-SelfService/cgi/selfservice.cgi | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 4199f7005..f6f3c21d1 100755 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -23,6 +23,7 @@ use FS::SelfService qw( mason_comp port_graph start_thirdparty finish_thirdparty reset_passwd check_reset_passwd process_reset_passwd + validate_passwd billing_history ); @@ -84,6 +85,7 @@ my @actions = ( qw( customer_suspend_pkg process_suspend_pkg history + validate_password )); my @nologin_actions = (qw( @@ -108,7 +110,6 @@ if ( $cgi->param('action') =~ /^process_forgot_password_session_(\w+)$/ ) { warn "WARNING: unrecognized action '$1'\n"; } } - unless ( $nologin_actions{$action} ) { my %cookies = CGI::Cookie->fetch; @@ -1109,6 +1110,14 @@ sub do_process_forgot_password { ); } +sub validate_password { + validate_passwd( + 'session_id' => $session_id, + map { $_ => scalar($cgi->param($_)) } + qw( fieldid svcnum check_password ) + ) +} + #-- sub do_template { |