blob: 272ddcc47158b2794ba523d936ece9844f40956f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
% if ($error) {
% $cgi->param('error', $error);
% $cgi->redirect(popurl(3). $error_redirect. '?'. $cgi->query_string );
% } elsif ( $action eq 'change' ) {
<% header("Package changed") %>
<SCRIPT TYPE="text/javascript">
window.top.location.reload();
</SCRIPT>
</BODY>
</HTML>
% } elsif ( $action eq 'bulk' ) {
<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum") %>
% } else {
% die "guru exception #5: action is neither change nor bulk!";
% }
<%init>
my $error = '';
#untaint custnum
$cgi->param('custnum') =~ /^(\d+)$/;
my $custnum = $1;
my @remove_pkgnums = map {
/^(\d+)$/ or die "Illegal remove_pkg value!";
$1;
} $cgi->param('remove_pkg');
my $curuser = $FS::CurrentUser::CurrentUser;
my( $action, $error_redirect ) = ( '', '' );
my @pkgparts = ();
if ( $cgi->param('action') eq 'change' ) { #came from misc/change_pkg.cgi
$action = 'change';
$error_redirect = "misc/change_pkg.cgi";
die "access denied"
unless $curuser->access_right('Change customer package');
if ( $cgi->param('new_pkgpart') =~ /^(\d+)$/ ) {
@pkgparts = ($1);
} else {
$error = 'Select a new package';
}
} elsif ( $cgi->param('action') eq 'bulk' ) { #came from edit/cust_pkg.cgi
$action = 'bulk';
$error_redirect = "edit/cust_pkg.cgi";
die "access denied"
unless $curuser->access_right('Bulk change customer packages');
foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) {
if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) {
my $num_pkgs = $1;
while ( $num_pkgs-- ) {
push @pkgparts,$pkgpart;
}
} else {
$error = "Illegal quantity";
last;
}
}
} else {
die "guru exception #5: action is neither change nor bulk!";
}
$error ||= FS::cust_pkg::order($custnum,\@pkgparts,\@remove_pkgnums);
</%init>
|
