diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2018-09-13 10:51:01 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2018-09-13 10:51:01 -0700 |
| commit | 6383208b0f004ddcb26c74788595dce6673863f8 (patch) | |
| tree | 98a9d8902e707bb63f25154fdf84d1b146fd2004 /httemplate/misc | |
| parent | 24fcbda43464e5ee5a342a52f6c5780e12693402 (diff) | |
| parent | bc552f2fba7fd376a2f036a7dc02b58a48fa31b0 (diff) | |
Merge branch 'FREESIDE_4_BRANCH' of git.freeside.biz:/home/git/freeside into FREESIDE_4_BRANCH
Diffstat (limited to 'httemplate/misc')
| -rw-r--r-- | httemplate/misc/process/change-password.html | 6 | ||||
| -rw-r--r-- | httemplate/misc/process/payment.cgi | 16 | ||||
| -rw-r--r-- | httemplate/misc/xmlhttp-validate_password.html | 4 |
3 files changed, 18 insertions, 8 deletions
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index a3e060168..37ad6d915 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -18,7 +18,7 @@ <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> % } % elsif ($contactnum) { - <% $cgi->redirect($fsurl.'edit/cust_main-contacts.html?'.$cgi->param('custnum')) %> + <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %> % } % } @@ -34,6 +34,10 @@ my $curuser = $FS::CurrentUser::CurrentUser; $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum'); my $svcnum = $1; +foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) { + $cgi->param('password' => $cgi->param($prefix)); +} + $cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum'); my $contactnum = $1; diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 939fc38c2..7747bcbea 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -100,11 +100,11 @@ if ( (my $custpaybynum = scalar($cgi->param('custpaybynum'))) > 0 ) { # use new info ## - $cgi->param('year') =~ /^(\d+)$/ + $cgi->param('year') =~ /^(\d{4})/ or errorpage("illegal year ". $cgi->param('year')); $year = $1; - $cgi->param('month') =~ /^(\d+)$/ + $cgi->param('month') =~ /^(\d{2})/ or errorpage("illegal month ". $cgi->param('month')); $month = $1; @@ -211,15 +211,21 @@ if ( (my $custpaybynum = scalar($cgi->param('custpaybynum'))) > 0 ) { my $error = ''; my $paynum = ''; -my $paydate; -if ($cust_payby->paydate) { $paydate = "$year-$month-01"; } -else { $paydate = "2037-12-01"; } if ( $cgi->param('batch') ) { $error = 'Prepayment discounts not supported with batched payments' if $discount_term; + # Invalid payment expire dates are replaced with 2037-12-01 (why?) + my $paydate = "${year}-${month}-01"; + { + use DateTime; + local $@; + eval { DateTime->new({ year => $year, month => $month, day => 1 }) }; + $paydate = '2037-12-01' if $@; + } + $error ||= $cust_main->batch_card( 'payby' => $payby, 'amount' => $amount, diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html index 4d9716bb9..c53abe883 100644 --- a/httemplate/misc/xmlhttp-validate_password.html +++ b/httemplate/misc/xmlhttp-validate_password.html @@ -28,14 +28,14 @@ my $validate_password = sub { $result{'syserror'} = 'Invoked without password' unless $password; return \%result if $result{'syserror'}; - if ($arg{'contactnum'}) { + if ($arg{'contactnum'} =~ /^\d+$/) { my $contactnum = $arg{'contactnum'}; $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/; return \%result if $result{'syserror'}; my $contact = $contactnum ? qsearchs('contact',{'contactnum' => $contactnum}) - : ''; + : (new FS::contact {}); $result{'error'} = $contact->is_password_allowed($password); } |