summaryrefslogtreecommitdiff
path: root/httemplate
diff options
context:
space:
mode:
Diffstat (limited to 'httemplate')
-rwxr-xr-xhttemplate/edit/process/svc_acct.cgi19
-rwxr-xr-xhttemplate/edit/svc_acct.cgi46
-rwxr-xr-xhttemplate/view/svc_acct.cgi9
3 files changed, 53 insertions, 21 deletions
diff --git a/httemplate/edit/process/svc_acct.cgi b/httemplate/edit/process/svc_acct.cgi
index 0a89e253c..515d89e91 100755
--- a/httemplate/edit/process/svc_acct.cgi
+++ b/httemplate/edit/process/svc_acct.cgi
@@ -5,12 +5,13 @@
<% $cgi->redirect(popurl(3). "view/svc_acct.cgi?" . $svcnum ) %>
%}
<%init>
-
+use CGI::Carp;
die "access denied"
unless $FS::CurrentUser::CurrentUser->access_right('Provision customer service'); #something else more specific?
$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
my $svcnum = $1;
+my $error;
my $old;
if ( $svcnum ) {
@@ -23,12 +24,6 @@ if ( $svcnum ) {
#unmunge popnum
$cgi->param('popnum', (split(/:/, $cgi->param('popnum') ))[0] );
-#unmunge passwd
-if ( $cgi->param('_password') eq '*HIDDEN*' ) {
- die "fatal: no previous account to recall hidden password from!" unless $old;
- $cgi->param('_password',$old->getfield('_password'));
-}
-
#unmunge usergroup
$cgi->param('usergroup', [ $cgi->param('radius_usergroup') ] );
@@ -45,7 +40,15 @@ map {
} (fields('svc_acct'), qw ( pkgnum svcpart usergroup ));
my $new = new FS::svc_acct ( \%hash );
-my $error;
+$new->_password($old->_password) if $old;
+if( $cgi->param('clear_password') eq '*HIDDEN*'
+ or $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
+ die "fatal: no previous account to recall hidden password from!" unless $old;
+}
+else {
+ $error = $new->set_password($cgi->param('clear_password'));
+}
+
if ( $svcnum ) {
foreach (grep { $old->$_ != $new->$_ } qw( seconds upbytes downbytes totalbytes )) {
my %hash = map { $_ => $new->$_ }
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index b9a587d2a..afbd002c1 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -9,6 +9,18 @@
<BR>
% }
+<SCRIPT TYPE="text/javascript">
+function randomPass() {
+ var i=0;
+ var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
+ var pass='';
+ while(i < 8) {
+ i++;
+ pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
+ }
+ document.OneTrueForm.clear_password.value = pass;
+}
+</SCRIPT>
<FORM NAME="OneTrueForm" ACTION="<% $p1 %>process/svc_acct.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
@@ -35,13 +47,14 @@ Service # <% $svcnum ? "<B>$svcnum</B>" : " (NEW)" %><BR>
<TR>
<TD ALIGN="right">Password</TD>
<TD>
- <INPUT TYPE="text" NAME="_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
- (blank to generate)
+ <INPUT TYPE="text" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
+ <INPUT TYPE="button" VALUE="Generate" onclick="randomPass();">
</TD>
</TR>
%}else{
- <INPUT TYPE="hidden" NAME="_password" VALUE="<% $password %>">
+ <INPUT TYPE="hidden" NAME="clear_password" VALUE="<% $password %>">
%}
+<INPUT TYPE="hidden" NAME="_password_encoding" VALUE="<% $password_encoding %>">
%
%my $sec_phrase = $svc_acct->sec_phrase;
%if ( $conf->exists('security_phrase')
@@ -428,14 +441,21 @@ my $otaker = getotaker;
my $username = $svc_acct->username;
my $password;
-if ( $svc_acct->_password ) {
- if ( $conf->exists('showpasswords') || ! $svcnum ) {
- $password = $svc_acct->_password;
- } else {
- $password = "*HIDDEN*";
+my $password_encryption = $svc_acct->_password_encryption;
+my $password_encoding = $svc_acct->_password_encoding;
+
+if($svcnum) {
+ if($password = $svc_acct->get_cleartext_password) {
+ if (! $conf->exists('showpasswords')) {
+ $password = '*HIDDEN*';
+ }
+ }
+ elsif($svc_acct->_password and $password_encryption ne 'plain') {
+ $password = "(".uc($password_encryption)." encrypted)";
+ }
+ else {
+ $password = '';
}
-} else {
- $password = '';
}
my $ulen =
@@ -444,9 +464,13 @@ my $ulen =
: dbdef->table('svc_acct')->column('username')->length;
my $ulen2 = $ulen+2;
-my $pmax = $conf->config('passwordmax') || 8;
+my $pmax = max($conf->config('passwordmax') || 13);
my $pmax2 = $pmax+2;
my $p1 = popurl(1);
+sub max {
+ (sort(@_))[-1]
+}
+
</%init>
diff --git a/httemplate/view/svc_acct.cgi b/httemplate/view/svc_acct.cgi
index 6a47ec767..44a2aa611 100755
--- a/httemplate/view/svc_acct.cgi
+++ b/httemplate/view/svc_acct.cgi
@@ -160,14 +160,19 @@ Service #<B><% $svcnum %></B>
<TR>
<TD ALIGN="right">Password</TD>
<TD BGCOLOR="#ffffff">
-% my $password = $svc_acct->_password;
+% my $password = $svc_acct->get_cleartext_password;
% if ( $password =~ /^\*\w+\* (.*)$/ ) {
% $password = $1;
%
<I>(login disabled)</I>
% }
-% if ( $conf->exists('showpasswords') ) {
+% if ( !$password and
+% $svc_acct->_password_encryption ne 'plain' and
+% $svc_acct->_password ) {
+ <I>(<% uc($svc_acct->_password_encryption) %> encrypted)</I>
+% }
+% elsif ( $conf->exists('showpasswords') ) {
<PRE><% encode_entities($password) %></PRE>
% } else {
generated by cgit v1.2.1 (git 2.18.0) at 2025-10-31 20:45:35 +0000