From 3b236eac5f7926f18623f6b9dc7c6f0d350ab61c Mon Sep 17 00:00:00 2001 From: Mitch Jackson Date: Sun, 26 Aug 2018 17:07:46 -0400 Subject: RT# 80869 Harden process payment screen against Edge browser bug --- httemplate/misc/process/payment.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'httemplate/misc/process') diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi index 9458217c1..5f945a71a 100644 --- a/httemplate/misc/process/payment.cgi +++ b/httemplate/misc/process/payment.cgi @@ -42,11 +42,11 @@ if ( $cgi->param('fee') =~ /^\s*(\d*(\.\d\d)?)\s*$/ ) { $amount = sprintf('%.2f', $amount + $fee); } -$cgi->param('year') =~ /^(\d+)$/ +$cgi->param('year') =~ /^(\d{4})/ or errorpage("illegal year ". $cgi->param('year')); my $year = $1; -$cgi->param('month') =~ /^(\d+)$/ +$cgi->param('month') =~ /^(\d{2})/ or errorpage("illegal month ". $cgi->param('month')); my $month = $1; -- cgit v1.2.1 From 405f925e2578705780332900eb5df031bfa7c272 Mon Sep 17 00:00:00 2001 From: Christopher Burger Date: Tue, 4 Sep 2018 08:30:35 -0400 Subject: RT# 75817 - Added password change link to cust main page Conflicts: httemplate/edit/cust_main-contacts.html httemplate/elements/validate_password.html httemplate/view/cust_main/contacts_new.html --- httemplate/misc/process/change-password.html | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'httemplate/misc/process') diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index a3e060168..37ad6d915 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -18,7 +18,7 @@ <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> % } % elsif ($contactnum) { - <% $cgi->redirect($fsurl.'edit/cust_main-contacts.html?'.$cgi->param('custnum')) %> + <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %> % } % } @@ -34,6 +34,10 @@ my $curuser = $FS::CurrentUser::CurrentUser; $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum'); my $svcnum = $1; +foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) { + $cgi->param('password' => $cgi->param($prefix)); +} + $cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum'); my $contactnum = $1; -- cgit v1.2.1