diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2018-09-13 10:54:53 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2018-09-13 10:54:53 -0700 |
| commit | d7b4beaeb975c55f5203aef275c7c01853fa51f2 (patch) | |
| tree | 2eb0a708bfbfdbfaa3c6db935911a8fd830446d4 /httemplate/misc | |
| parent | 2c0ab6236b187a39fbb6e2046180e2531a391333 (diff) | |
| parent | 4cf578816f5a491b1f66ddb5a9e832457ebe1332 (diff) | |
Merge branch 'FREESIDE_3_BRANCH' of git.freeside.biz:/home/git/freeside into FREESIDE_3_BRANCH
Diffstat (limited to 'httemplate/misc')
| -rw-r--r-- | httemplate/misc/payment.cgi | 8 | ||||
| -rw-r--r-- | httemplate/misc/process/change-password.html | 6 | ||||
| -rw-r--r-- | httemplate/misc/process/payment.cgi | 4 | ||||
| -rw-r--r-- | httemplate/misc/xmlhttp-validate_password.html | 4 |
4 files changed, 12 insertions, 10 deletions
diff --git a/httemplate/misc/payment.cgi b/httemplate/misc/payment.cgi index 44904fba6..9e530cf0a 100644 --- a/httemplate/misc/payment.cgi +++ b/httemplate/misc/payment.cgi @@ -59,9 +59,8 @@ <TH><% mt('Exp.') |h %></TH> <TD> <SELECT NAME="month"> -% for ( ( map "0$_", 1 .. 9 ), 10 .. 12 ) { - - <OPTION<% $_ == $month ? ' SELECTED' : '' %>><% $_ %> +% for ( map{ sprintf('%02d',$_) } (1..12) ) { + <OPTION VALUE="<% $_ %>"<% $_ == $month ? ' SELECTED' : '' %>><% $_ %></OPTION> % } </SELECT> @@ -70,8 +69,7 @@ <TD> <SELECT NAME="year"> % my @a = localtime; for ( $a[5]+1900 .. $a[5]+1915 ) { - - <OPTION<% $_ == $year ? ' SELECTED' : '' %>><% $_ %> + <OPTION VALUE="<% $_ %>"<% $_ == $year ? ' SELECTED' : '' %>><% $_ %></OPTION> % } </SELECT> diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index a3e060168..37ad6d915 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -18,7 +18,7 @@ <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> % } % elsif ($contactnum) { - <% $cgi->redirect($fsurl.'edit/cust_main-contacts.html?'.$cgi->param('custnum')) %> + <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %> % } % } @@ -34,6 +34,10 @@ my $curuser = $FS::CurrentUser::CurrentUser; $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum'); my $svcnum = $1; +foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) { + $cgi->param('password' => $cgi->param($prefix)); +} + $cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum'); my $contactnum = $1; diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 9458217c1..5f945a71a 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -42,11 +42,11 @@ if ( $cgi->param('fee') =~ /^\s*(\d*(\.\d\d)?)\s*$/ ) { $amount = sprintf('%.2f', $amount + $fee); } -$cgi->param('year') =~ /^(\d+)$/ +$cgi->param('year') =~ /^(\d{4})/ or errorpage("illegal year ". $cgi->param('year')); my $year = $1; -$cgi->param('month') =~ /^(\d+)$/ +$cgi->param('month') =~ /^(\d{2})/ or errorpage("illegal month ". $cgi->param('month')); my $month = $1; diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html index b340170f8..95f1fd33c 100644 --- a/httemplate/misc/xmlhttp-validate_password.html +++ b/httemplate/misc/xmlhttp-validate_password.html @@ -29,14 +29,14 @@ my $validate_password = sub { $result{'syserror'} = 'Invoked without password' unless $password; return \%result if $result{'syserror'}; - if ($arg{'contactnum'}) { + if ($arg{'contactnum'} =~ /^\d+$/) { my $contactnum = $arg{'contactnum'}; $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/; return \%result if $result{'syserror'}; my $contact = $contactnum ? qsearchs('contact',{'contactnum' => $contactnum}) - : ''; + : (new FS::contact {}); $result{'error'} = $contact->is_password_allowed($password); } |