diff options
Diffstat (limited to 'httemplate/misc/process/change-password.html')
| -rw-r--r-- | httemplate/misc/process/change-password.html | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html new file mode 100644 index 000000000..7cab9c4e3 --- /dev/null +++ b/httemplate/misc/process/change-password.html @@ -0,0 +1,26 @@ +<%init> +my $curuser = $FS::CurrentUser::CurrentUser; + +$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum"; +my $svcnum = $1; +my $svc_acct = FS::svc_acct->by_key($svcnum) + or die "svc_acct $svcnum not found"; +my $part_svc = $svc_acct->part_svc; +die "access denied" unless ( + $curuser->access_right('Provision customer service') or + ( $curuser->access_right('Edit password') and + ! $part_svc->restrict_edit_password ) + ); +my $error = $svc_acct->set_password($cgi->param('password')) + || $svc_acct->replace; + +# annoyingly specific to view/svc_acct.cgi, for now... +$cgi->delete('password'); +</%init> +% if ( $error ) { +% $cgi->param('svcnum', $svcnum); +% $cgi->param("changepw${svcnum}_error", $error); +% } else { +% $cgi->query_string($svcnum); +% } +<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> |