2 files changed, 7 insertions, 3 deletions

diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
index a3e060168..37ad6d915 100644
--- a/httemplate/misc/process/change-password.html
+++ b/httemplate/misc/process/change-password.html
@@ -18,7 +18,7 @@
 	 <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>
 %   }
 %   elsif ($contactnum) { 
-	 <% $cgi->redirect($fsurl.'edit/cust_main-contacts.html?'.$cgi->param('custnum')) %>
+	 <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %>
 %   }
 % }
 
@@ -34,6 +34,10 @@ my $curuser = $FS::CurrentUser::CurrentUser;
 $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum');
 my $svcnum = $1;
 
+foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) {
+     $cgi->param('password' => $cgi->param($prefix));
+}
+
 $cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum');
 my $contactnum = $1;
 
diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi
index 9458217c1..5f945a71a 100644
--- a/httemplate/misc/process/payment.cgi
+++ b/httemplate/misc/process/payment.cgi
@@ -42,11 +42,11 @@ if ( $cgi->param('fee') =~ /^\s*(\d*(\.\d\d)?)\s*$/ ) {
   $amount = sprintf('%.2f', $amount + $fee);
 }
 
-$cgi->param('year') =~ /^(\d+)$/
+$cgi->param('year') =~ /^(\d{4})/
   or errorpage("illegal year ". $cgi->param('year'));
 my $year = $1;
 
-$cgi->param('month') =~ /^(\d+)$/
+$cgi->param('month') =~ /^(\d{2})/
   or errorpage("illegal month ". $cgi->param('month'));
 my $month = $1;