diff options
Diffstat (limited to 'httemplate')
| -rw-r--r-- | httemplate/edit/cust_main-contacts.html | 22 | ||||
| -rw-r--r-- | httemplate/edit/elements/edit.html | 2 | ||||
| -rw-r--r-- | httemplate/edit/process/cust_main-contacts.html | 2 | ||||
| -rw-r--r-- | httemplate/elements/change_password.html | 15 | ||||
| -rw-r--r-- | httemplate/elements/city.html | 4 | ||||
| -rw-r--r-- | httemplate/elements/contact.html | 54 | ||||
| -rw-r--r-- | httemplate/elements/cust_payby_new.html | 15 | ||||
| -rw-r--r-- | httemplate/elements/select-country.html | 10 | ||||
| -rw-r--r-- | httemplate/elements/select-month_year.html | 5 | ||||
| -rw-r--r-- | httemplate/elements/select-state.html | 7 | ||||
| -rw-r--r-- | httemplate/elements/select-table.html | 8 | ||||
| -rw-r--r-- | httemplate/elements/validate_password.html | 54 | ||||
| -rw-r--r-- | httemplate/elements/validate_password_js.html | 71 | ||||
| -rw-r--r-- | httemplate/misc/process/change-password.html | 6 | ||||
| -rw-r--r-- | httemplate/misc/process/payment.cgi | 16 | ||||
| -rw-r--r-- | httemplate/misc/xmlhttp-validate_password.html | 4 | ||||
| -rw-r--r-- | httemplate/view/cust_main/contacts_new.html | 14 |
17 files changed, 190 insertions, 119 deletions
diff --git a/httemplate/edit/cust_main-contacts.html b/httemplate/edit/cust_main-contacts.html index 76929a7c9..abef7505d 100644 --- a/httemplate/edit/cust_main-contacts.html +++ b/httemplate/edit/cust_main-contacts.html @@ -4,6 +4,21 @@ Hmm, this is now entirely redundant with edit/cust_main/contacts_new.html, and this one isn't being maintained well. :/ </%doc> + +<SCRIPT> + function checkPasswordValidation(fieldid) { + var validationResult = document.getElementById(fieldid+'_result').innerHTML; + if (validationResult.match(/Password valid!/)) { + return true; + } + else { + return false; + } + } +</SCRIPT> + +<& '/elements/validate_password_js.html', &> + <& elements/edit.html, 'name_singular' => 'customer contacts', #yes, we're editing all of them 'table' => 'cust_main', @@ -45,6 +60,13 @@ this one isn't being maintained well. :/ my $curuser = $FS::CurrentUser::CurrentUser; my $conf = new FS::Conf; +if ( $cgi->param('redirect') ) { + my $session = $cgi->param('redirect'); + my $pref = $curuser->option("redirect$session"); + die "unknown redirect session $session\n" unless length($pref); + $cgi = new CGI($pref); +} + my $custnum; if ( $cgi->param('error') ) { $custnum = scalar($cgi->param('custnum')); diff --git a/httemplate/edit/elements/edit.html b/httemplate/edit/elements/edit.html index 9f3738830..0062b7e2d 100644 --- a/httemplate/edit/elements/edit.html +++ b/httemplate/edit/elements/edit.html @@ -669,7 +669,7 @@ Example: var newrow = <% include(@layer_opt, html_only=>1) |js_string %>; % #until the rest have html/js_only -% if ( $type eq 'selectlayers' || $type =~ /^select-cgp_rule_/ ) { +% if ( ($type eq 'selectlayers') || ($type =~ /^select-cgp_rule_/) || ($type eq 'contact') ) { var newfunc = <% include(@layer_opt, js_only=>1) |js_string %>; % } else { var newfunc = ''; diff --git a/httemplate/edit/process/cust_main-contacts.html b/httemplate/edit/process/cust_main-contacts.html index 2a7185b5c..6e94a290f 100644 --- a/httemplate/edit/process/cust_main-contacts.html +++ b/httemplate/edit/process/cust_main-contacts.html @@ -1,6 +1,6 @@ <% include('elements/process.html', 'table' => 'cust_main', - 'error_redirect' => popurl(3). 'edit/cust_main-contacts.html?', + 'error_redirect' => popurl(3). 'edit/cust_main-contacts.html', 'agent_virt' => 1, 'skip_process' => 1, #we don't want to make any changes to cust_main 'precheck_callback' => $precheck_callback, diff --git a/httemplate/elements/change_password.html b/httemplate/elements/change_password.html index 7d95e19dc..65b7d8502 100644 --- a/httemplate/elements/change_password.html +++ b/httemplate/elements/change_password.html @@ -11,9 +11,9 @@ % if (!$opt{'no_label_display'}) { <A ID="<%$pre%>link" HREF="javascript:void(0)" onclick="<%$pre%>toggle(true)">(<% emt( $change_title ) %>)</A> % } -<DIV ID="<%$pre%>form" CLASS="passwordbox"> +<DIV ID="<%$pre%>div" CLASS="passwordbox"> % if (!$opt{'noformtag'}) { - <FORM METHOD="POST" ACTION="<%$fsurl%>misc/process/change-password.html" onsubmit="return checkPasswordValidation()"> + <FORM ID="<%$pre%>form" METHOD="POST" ACTION="<%$fsurl%>misc/process/change-password.html" onsubmit="return <%$pre%>checkPasswordValidation()"> % } <% $change_id_input %> @@ -44,11 +44,8 @@ function <%$pre%>toggle(toggle, clear) { if (clear) { document.getElementById('<%$pre%>password').value = ''; document.getElementById('<%$pre%>password_result').innerHTML = ''; -% if ($opt{'contact_num'}) { - document.getElementById('<% $opt{'pre_pwd_field_label'} %>selfservice_access').value = 'Y'; -% } } - document.getElementById('<%$pre%>form').style.display = + document.getElementById('<%$pre%>div').style.display = toggle ? 'inline-block' : 'none'; % if (!$opt{'no_label_display'}) { document.getElementById('<%$pre%>link').style.display = @@ -56,7 +53,7 @@ function <%$pre%>toggle(toggle, clear) { % } } -function checkPasswordValidation() { +function <%$pre%>checkPasswordValidation(resultId) { var validationResult = document.getElementById('<%$pre%>password_result').innerHTML; if (validationResult.match(/Password valid!/)) { return true; @@ -83,8 +80,8 @@ if ($opt{'svc_acct'}) { } elsif ($opt{'contact_num'}) { $change_id_input = ' - <INPUT TYPE="hidden" NAME="'.$opt{'pre_pwd_field_label'}.'contactnum" VALUE="' . $opt{'contact_num'} . '"> - <INPUT TYPE="hidden" NAME="'.$opt{'pre_pwd_field_label'}.'custnum" VALUE="' . $opt{'custnum'} . '"> + <INPUT TYPE="hidden" NAME="contactnum" VALUE="' . $opt{'contact_num'} . '"> + <INPUT TYPE="hidden" NAME="custnum" VALUE="' . $opt{'custnum'} . '"> '; $pre .= $opt{'pre_pwd_field_label'}; } diff --git a/httemplate/elements/city.html b/httemplate/elements/city.html index 4e9a60940..05250fef5 100644 --- a/httemplate/elements/city.html +++ b/httemplate/elements/city.html @@ -132,14 +132,14 @@ function <% $pre %>county_changed(what, callback) {} > % unless ( $opt{'disable_empty'} ) { - <OPTION VALUE="" <% $opt{city} eq '' ? 'SELECTED' : '' %>><% $opt{empty_label} %> + <OPTION VALUE="" <% $opt{city} eq '' ? 'SELECTED' : '' %>><% $opt{empty_label} %></OPTION> % } % foreach my $city ( @cities ) { <OPTION VALUE="<% $city |h %>" <% $city eq $opt{city} ? 'SELECTED' : '' %> - ><% $city eq $opt{empty_data_value} ? $opt{empty_data_label} : $city %> + ><% $city eq $opt{empty_data_value} ? $opt{empty_data_label} : $city %></OPTION> % } diff --git a/httemplate/elements/contact.html b/httemplate/elements/contact.html index faee7ead4..31b4e49cb 100644 --- a/httemplate/elements/contact.html +++ b/httemplate/elements/contact.html @@ -1,4 +1,6 @@ -% unless ( $opt{'js_only'} ) { +% if ( $opt{'js_only'} ) { +<% $js %> +% } else { <INPUT TYPE="hidden" NAME="<%$name%>" ID="<%$id%>" VALUE="<% $curr_value %>"> @@ -40,6 +42,8 @@ % } % } elsif ( $field eq 'emailaddress' ) { % $value = join(', ', map $_->emailaddress, $contact->contact_email); +% } elsif ( $field eq 'password' ) { +% $value = $contact->get('_password') ? '********' : ''; % } elsif ( $field eq 'selfservice_access' % or $field eq 'comment' % or $field eq 'invoice_dest' ) { @@ -55,28 +59,25 @@ ID = "<%$id%>_<%$field%>" STYLE = "width: 140px" > - <OPTION VALUE="">Disabled + <OPTION VALUE="" <% !$value ? 'SELECTED' : '' %>>Disabled % if ( $value || $self_base_url ) { <OPTION VALUE="<% $value eq 'Y' ? 'Y' : 'E' %>" <% $value eq 'Y' ? 'SELECTED' : '' %>>Enabled % if ( $value eq 'Y' && $self_base_url ) { <OPTION VALUE="R">Re-email - <OPTION VALUE="P"><% $pwd_change_label %> % } % } </SELECT> - <& /elements/change_password.html, - 'contact_num' => $curr_value, - 'custnum' => $opt{'custnum'}, - 'curr_value' => '', - 'no_label_display' => '1', - 'noformtag' => '1', - 'pre_pwd_field_label' => $id.'_', - &> - <SCRIPT TYPE="text/javascript"> - document.getElementById("<%$id%>_<%$field%>").onchange = function() { - if (this.value == "P" || this.value == "E") { changepw<%$id%>_toggle(true); } - return false - } +% #password form +% } elsif ( $field eq 'password') { + <INPUT TYPE = "text" + NAME = "<%$name%>_<%$field%>" + ID = "changepw<%$id%>_<%$field%>" + SIZE = "<% $size{$field} || 14 %>" + VALUE = "" + placeholder = "<% $value |h %>" + > + <SCRIPT> + <% $js %> </SCRIPT> % } elsif ( $field eq 'invoice_dest' ) { % my $curr_value = $cgi->param($name . '_' . $field); @@ -100,6 +101,9 @@ % } <BR> <FONT SIZE="-1"><% $label{$field} %></FONT> +% if ( $field eq 'password' ) { + <DIV ID="changepw<%$id%>_<%$field%>_result" STYLE="font-size: smaller"></DIV> +% } </TD> % } </TR> @@ -118,6 +122,7 @@ my $name = $opt{'element_name'} || $opt{'field'} || 'contactnum'; my $id = $opt{'id'} || 'contactnum'; my $curr_value = $opt{'curr_value'} || $opt{'value'}; +my $contactnum = $curr_value ? $curr_value : '0'; my $onchange = ''; if ( $opt{'onchange'} ) { @@ -169,6 +174,7 @@ tie my %label, 'Tie::IxHash', unless ($opt{'for_prospect'}) { $label{'invoice_dest'} = 'Send invoices'; $label{'selfservice_access'} = 'Self-service'; + $label{'password'} = 'Password'; } my $first = 0; @@ -183,7 +189,19 @@ $label{'comment'} = 'Comment'; my @fields = $opt{'name_only'} ? qw( first last ) : keys %label; -my $pwd_change_label = 'Change Password'; -$pwd_change_label = 'Setup Password' unless $contact->_password; +my $js = qq( + add_password_validation('changepw$id\_password', 'submit', '', '$contactnum'); + + var selfService = document.getElementById("$id\_selfservice_access").value; + + if (selfService !== "Y") { document.getElementById("changepw$id\_password").disabled = 'true'; } + document.getElementById("$id\_selfservice_access").onchange = function() { + if (this.value == "P" || this.value == "E" || this.value =="Y") { + document.getElementById("changepw$id\_password").disabled = ''; + } + else { document.getElementById("changepw$id\_password").disabled = 'true'; } + return false; + } +); </%init> diff --git a/httemplate/elements/cust_payby_new.html b/httemplate/elements/cust_payby_new.html index 7ed049686..8b1d93d59 100644 --- a/httemplate/elements/cust_payby_new.html +++ b/httemplate/elements/cust_payby_new.html @@ -4,7 +4,6 @@ % my( $payinfo, $paycvv, $month, $year ) = ( '', '', '', '' ); % my $payname = $cust_main->first. ' '. $cust_main->getfield('last'); % my $location = $cust_main->bill_location; - <TR> <TH ALIGN="right"><% mt('Card number') |h %></TH> <TD COLSPAN=7> @@ -15,21 +14,17 @@ <TH><% mt('Exp.') |h %></TH> <TD> <SELECT NAME="month"> -% for ( ( map "0$_", 1 .. 9 ), 10 .. 12 ) { - - <OPTION<% $_ == $month ? ' SELECTED' : '' %>><% $_ %> +% for my $mm ( map{ sprintf( '%02d', $_ ) } (1..12) ) { + <OPTION value="<% $mm %>"<% $mm == $month ? ' SELECTED' : '' %>><% $mm %></OPTION> % } - </SELECT> </TD> <TD> / </TD> <TD> <SELECT NAME="year"> -% my @a = localtime; for ( $a[5]+1900 .. $a[5]+1915 ) { - - <OPTION<% $_ == $year ? ' SELECTED' : '' %>><% $_ %> +% my @a = localtime; for my $yyyy ( $a[5]+1900 .. $a[5]+1915 ) { + <OPTION value="<% $yyyy %>"<% $yyyy == $year ? ' SELECTED' : '' %>><% $yyyy %></OPTION> % } - </SELECT> </TD> </TR> @@ -162,7 +157,7 @@ <% mt('as') |h %> <SELECT NAME="weight"> % for ( 1 .. 1+scalar(grep { $_->payby =~ /^(CARD|CHEK)$/ } @cust_payby) ) { - <OPTION VALUE="<%$_%>"><% mt( $weight{$_} ) |h %> + <OPTION VALUE="<%$_%>"><% mt( $weight{$_} ) |h %></OPTION> % } </SELECT> % } else { diff --git a/httemplate/elements/select-country.html b/httemplate/elements/select-country.html index c98147907..286826752 100644 --- a/httemplate/elements/select-country.html +++ b/httemplate/elements/select-country.html @@ -91,15 +91,13 @@ Example: > % unless ( $opt{'disable_empty'} ) { - <OPTION VALUE=""><% $opt{'empty_label'} || '(all)' %> + <OPTION VALUE=""><% $opt{'empty_label'} || '(all)' %></OPTION> % } % foreach my $country ( @all_countries ) { - - <OPTION VALUE="<% $country |h %>" - <% $country eq $opt{'country'} ? ' SELECTED' : '' %> - ><% FS::geocode_Mixin->code2country($country). " ($country)" %> - + <OPTION VALUE="<% $country |h %>"<% $country eq $opt{'country'} ? ' SELECTED' : '' %>> + <% FS::geocode_Mixin->code2country($country). " ($country)" |h %> + </OPTION> % } </SELECT> diff --git a/httemplate/elements/select-month_year.html b/httemplate/elements/select-month_year.html index 62c10b15f..406c13b21 100644 --- a/httemplate/elements/select-month_year.html +++ b/httemplate/elements/select-month_year.html @@ -3,16 +3,15 @@ <% $empty ? '<OPTION VALUE="">' : '' %> % foreach ( 1 .. 12 ) { - <OPTION<% $_ == $mon ? ' SELECTED' : '' %> VALUE="<% $_ %>"><% $mon[$_-1] %> + <OPTION<% $_ == $mon ? ' SELECTED' : '' %> VALUE="<% sprintf('%02d', $_) %>"><% $mon[$_-1] %></OPTION> % } - </SELECT>/<SELECT NAME="<% $prefix %>_year" SIZE="1" <% $disabled%>> <% $empty ? '<OPTION VALUE="">' : '' %> % for ( $start_year .. $end_year ) { - <OPTION<% $_ == $year ? ' SELECTED' : '' %> VALUE="<% $_ %>"><% $_ %> + <OPTION<% $_ == $year ? ' SELECTED' : '' %> VALUE="<% $_ %>"><% $_ %></OPTION> % } </SELECT> diff --git a/httemplate/elements/select-state.html b/httemplate/elements/select-state.html index 3fb559734..8db157b92 100644 --- a/httemplate/elements/select-state.html +++ b/httemplate/elements/select-state.html @@ -27,16 +27,13 @@ Example: > % unless ( $opt{'disable_empty'} ) { - <OPTION VALUE=""<% $opt{state} eq '' ? ' SELECTED' : '' %>><% $opt{empty_label} %> + <OPTION VALUE=""<% $opt{state} eq '' ? ' SELECTED' : '' %>><% $opt{empty_label} %></OPTION> % } % foreach my $state ( keys %states ) { - - <OPTION VALUE="<% $state |h %>"<% $state eq $opt{'state'} ? ' SELECTED' : '' %>><% $states{$state} || '(n/a)' |h %> - + <OPTION VALUE="<% $state |h %>"<% $state eq $opt{'state'} ? ' SELECTED' : '' %>><% $states{$state} || '(n/a)' |h %></OPTION> % } - </SELECT> <%init> diff --git a/httemplate/elements/select-table.html b/httemplate/elements/select-table.html index a52fdfaaa..d86b7ee43 100644 --- a/httemplate/elements/select-table.html +++ b/httemplate/elements/select-table.html @@ -83,11 +83,11 @@ Example: % || ( $value eq $pre_opt ); <OPTION VALUE="<% $pre_opt %>" <% $selected ? 'SELECTED' : '' %> - ><% $pre_label %> + ><% $pre_label %></OPTION> % } % unless ( $opt{'multiple'} || $opt{'disable_empty'} ) { - <OPTION VALUE=""><% $opt{'empty_label'} || 'all' %> + <OPTION VALUE=""><% $opt{'empty_label'} || 'all' %></OPTION> % } % foreach my $record ( @@ -118,7 +118,7 @@ Example: ? &{ $opt{'label_callback'} }( $record ) : $record->$name_col() |h - %> + %></OPTION> % } % while ( @post_options ) { @@ -128,7 +128,7 @@ Example: % || ( $value eq $post_opt ); <OPTION VALUE="<% $post_opt %>" <% $selected ? 'SELECTED' : '' %> - ><% $post_label %> + ><% $post_label %></OPTION> % } </SELECT> diff --git a/httemplate/elements/validate_password.html b/httemplate/elements/validate_password.html index 4057f5d3f..6aada2fee 100644 --- a/httemplate/elements/validate_password.html +++ b/httemplate/elements/validate_password.html @@ -14,58 +14,10 @@ should be the input id plus '_result'. </%doc> -<& '/elements/xmlhttp.html', - 'url' => $p.'misc/xmlhttp-validate_password.html', - 'subs' => [ 'validate_password' ], - 'method' => 'POST', # important not to put passwords in url -&> -<SCRIPT> -function add_password_validation (fieldid, submitid) { - var inputfield = document.getElementById(fieldid); - inputfield.onkeydown = function(e) { - var key; - if (window.event) { key = window.event.keyCode; } - else { key = e.which; } // for ff browsers - // some browsers allow the enter key to submit a form even if the submit button is disabled - // below prevents enter key from submiting form if password has not been validated. - if (key == '13') { - var check = checkPasswordValidation(); - return check; - } - } - inputfield.onkeyup = function () { - var fieldid = this.id+'_result'; - var resultfield = document.getElementById(fieldid); - if (this.value) { - resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>'; - validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','contactnum','<% $opt{'contactnum'} %>','password',this.value, - function (result) { - result = JSON.parse(result); - var resultfield = document.getElementById(result.fieldid); - if (resultfield) { - var errorimg = '<IMG SRC="<% $p %>images/error.png" style="width: 1em; display: inline-block; padding-right: .5em">'; - var validimg = '<IMG SRC="<% $p %>images/tick.png" style="width: 1em; display: inline-block; padding-right: .5em">'; - if (result.valid) { - resultfield.innerHTML = validimg+'<SPAN STYLE="color: green;">Password valid!</SPAN>'; - if (submitid){ document.getElementById(submitid).disabled = false; } - } else if (result.error) { - resultfield.innerHTML = errorimg+'<SPAN STYLE="color: red;">'+result.error+'</SPAN>'; - if (submitid){ document.getElementById(submitid).disabled = true; } - } else { - result.syserror = result.syserror || 'Server error'; - resultfield.innerHTML = errorimg+'<SPAN STYLE="color: red;">'+result.syserror+'</SPAN>'; - if (submitid){ document.getElementById(submitid).disabled = true; } - } - } - } - ); - } else { - resultfield.innerHTML = ''; - } - }; -} +<& '/elements/validate_password_js.html', %opt &> -add_password_validation('<% $opt{'fieldid'} %>', '<% $opt{'submitid'} %>'); +<SCRIPT> + add_password_validation('<% $opt{'fieldid'} %>', '<% $opt{'submitid'} %>', '<% $opt{'svcnum'} %>', '<% $opt{'contactnum'} %>'); </SCRIPT> <%init> diff --git a/httemplate/elements/validate_password_js.html b/httemplate/elements/validate_password_js.html new file mode 100644 index 000000000..64db0a97b --- /dev/null +++ b/httemplate/elements/validate_password_js.html @@ -0,0 +1,71 @@ +<%doc> + +JavaScript to perform password validation + + <& '/elements/validate_password_js.html', + contactnum => $contactnum, + svcnum => $svcnum + &> + +The ID of the input field can be anything; the ID of the DIV in which to display results +should be the input id plus '_result'. + +</%doc> + +<& '/elements/xmlhttp.html', + 'url' => $p.'misc/xmlhttp-validate_password.html', + 'subs' => [ 'validate_password' ], + 'method' => 'POST', # important not to put passwords in url +&> +<SCRIPT> +function add_password_validation (fieldid, submitid, svcnum, contactnum) { + var inputfield = document.getElementById(fieldid); + inputfield.onkeydown = function(e) { + var key; + if (window.event) { key = window.event.keyCode; } + else { key = e.which; } // for ff browsers + // some browsers allow the enter key to submit a form even if the submit button is disabled + // below prevents enter key from submiting form if password has not been validated. + if (key == '13') { + var check = checkPasswordValidation(fieldid); + return check; + } + } + inputfield.onkeyup = function () { + var fieldid = this.id+'_result'; + var resultfield = document.getElementById(fieldid); + if (this.value) { + resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>'; + validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','contactnum', contactnum,'password',this.value, + function (result) { + result = JSON.parse(result); + var resultfield = document.getElementById(result.fieldid); + if (resultfield) { + var errorimg = '<IMG SRC="<% $p %>images/error.png" style="width: 1em; display: inline-block; padding-right: .5em">'; + var validimg = '<IMG SRC="<% $p %>images/tick.png" style="width: 1em; display: inline-block; padding-right: .5em">'; + if (result.valid) { + resultfield.innerHTML = validimg+'<SPAN STYLE="color: green;">Password valid!</SPAN>'; + if (submitid){ document.getElementById(submitid).disabled = false; } + } else if (result.error) { + resultfield.innerHTML = errorimg+'<SPAN STYLE="color: red;">'+result.error+'</SPAN>'; + if (submitid){ document.getElementById(submitid).disabled = true; } + } else { + result.syserror = result.syserror || 'Server error'; + resultfield.innerHTML = errorimg+'<SPAN STYLE="color: red;">'+result.syserror+'</SPAN>'; + if (submitid){ document.getElementById(submitid).disabled = true; } + } + } + } + ); + } else { + resultfield.innerHTML = ''; + if (submitid){ document.getElementById(submitid).disabled = false; } + } + }; +} + +</SCRIPT> + +<%init> +my %opt = @_; +</%init>
\ No newline at end of file diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index a3e060168..37ad6d915 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -18,7 +18,7 @@ <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> % } % elsif ($contactnum) { - <% $cgi->redirect($fsurl.'edit/cust_main-contacts.html?'.$cgi->param('custnum')) %> + <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %> % } % } @@ -34,6 +34,10 @@ my $curuser = $FS::CurrentUser::CurrentUser; $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum'); my $svcnum = $1; +foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) { + $cgi->param('password' => $cgi->param($prefix)); +} + $cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum'); my $contactnum = $1; diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 939fc38c2..7747bcbea 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -100,11 +100,11 @@ if ( (my $custpaybynum = scalar($cgi->param('custpaybynum'))) > 0 ) { # use new info ## - $cgi->param('year') =~ /^(\d+)$/ + $cgi->param('year') =~ /^(\d{4})/ or errorpage("illegal year ". $cgi->param('year')); $year = $1; - $cgi->param('month') =~ /^(\d+)$/ + $cgi->param('month') =~ /^(\d{2})/ or errorpage("illegal month ". $cgi->param('month')); $month = $1; @@ -211,15 +211,21 @@ if ( (my $custpaybynum = scalar($cgi->param('custpaybynum'))) > 0 ) { my $error = ''; my $paynum = ''; -my $paydate; -if ($cust_payby->paydate) { $paydate = "$year-$month-01"; } -else { $paydate = "2037-12-01"; } if ( $cgi->param('batch') ) { $error = 'Prepayment discounts not supported with batched payments' if $discount_term; + # Invalid payment expire dates are replaced with 2037-12-01 (why?) + my $paydate = "${year}-${month}-01"; + { + use DateTime; + local $@; + eval { DateTime->new({ year => $year, month => $month, day => 1 }) }; + $paydate = '2037-12-01' if $@; + } + $error ||= $cust_main->batch_card( 'payby' => $payby, 'amount' => $amount, diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html index 4d9716bb9..c53abe883 100644 --- a/httemplate/misc/xmlhttp-validate_password.html +++ b/httemplate/misc/xmlhttp-validate_password.html @@ -28,14 +28,14 @@ my $validate_password = sub { $result{'syserror'} = 'Invoked without password' unless $password; return \%result if $result{'syserror'}; - if ($arg{'contactnum'}) { + if ($arg{'contactnum'} =~ /^\d+$/) { my $contactnum = $arg{'contactnum'}; $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/; return \%result if $result{'syserror'}; my $contact = $contactnum ? qsearchs('contact',{'contactnum' => $contactnum}) - : ''; + : (new FS::contact {}); $result{'error'} = $contact->is_password_allowed($password); } diff --git a/httemplate/view/cust_main/contacts_new.html b/httemplate/view/cust_main/contacts_new.html index 94488670d..2209d30f3 100644 --- a/httemplate/view/cust_main/contacts_new.html +++ b/httemplate/view/cust_main/contacts_new.html @@ -21,6 +21,7 @@ % my $bgcolor1 = '#ffffff'; % my $bgcolor2 = '#eeeeee'; % my $bgcolor = $bgcolor2; +% my $count = 0; % foreach my $cust_contact ( @cust_contacts ) { % my $contact = $cust_contact->contact; % my $td = qq(<TD CLASS="grid" BGCOLOR="$bgcolor">); @@ -37,6 +38,16 @@ Enabled %# <FONT SIZE="-1"><A HREF="XXX">disable</A> %# <A HREF="XXX">re-email</A></FONT> + <FONT SIZE="-1"> + <& /elements/change_password.html, + 'contact_num' => $cust_contact->contactnum, + 'custnum' => $cust_contact->custnum, + 'no_label_display' => '', + 'label' => 'change password', + 'curr_value' => '', + 'pre_pwd_field_label' => 'contact'.$count.'_', + &> + </FONT> % } else { Disabled %# <FONT SIZE="-1"><A HREF="XXX">enable</A></FONT> @@ -61,6 +72,7 @@ % } else { % $bgcolor = $bgcolor1; % } +% $count++; % } </TABLE> %} @@ -78,6 +90,6 @@ my @cust_contacts = $cust_main->cust_contact; # residential customers have a default "invisible" contact, but if they # somehow get more than one contact, show them -my $display = scalar(@cust_contacts) > 1; +my $display = scalar(@cust_contacts) > 0; </%init> |