1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
% if ( $error ) {
% if ($svcnum) {
% $cgi->param('svcnum', $svcnum);
% $cgi->param("changepw${svcnum}_error", $error);
% }
% elsif ($contactnum) {
% $cgi->param('contactnum', $contactnum);
% $cgi->param("changepw${contactnum}_error", $error);
% }
% $cgi->param('error', $error);
% } else {
% if ($svcnum) { $cgi->query_string($svcnum); }
% elsif ($contactnum) { $cgi->query_string($contactnum); }
% }
% if (!$popup) {
% if ($svcnum) {
<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>
% }
% elsif ($contactnum) {
% my $freeside_status = "Contact ".$contact->{'Hash'}->{'first'}." ".$contact->{'Hash'}->{'last'}." password updated.";
<% $cgi->redirect( -uri => popurl(3). "view/cust_main.cgi?". $cgi->param('custnum'),
-cookie => CGI::Cookie->new(
-name => 'freeside_status',
-value => mt($freeside_status),
-expires => '+5m',
),
)
%>
% }
% }
<& /elements/header-popup.html, 'Password Set' &>
<SCRIPT TYPE="text/javascript">
topreload();
parent.cClick();
</SCRIPT>
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
my $contact;
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum');
my $svcnum = $1;
foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) {
$cgi->param('password' => $cgi->param($prefix));
}
$cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum');
my $contactnum = $1;
my $popup = $cgi->param('popup');
my $newpass = $cgi->param('password');
my $error;
if ($svcnum) {
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
my $part_svc = $svc_acct->part_svc;
die "access denied" unless (
$curuser->access_right('Provision customer service') or
( $curuser->access_right('Edit password') and
! $part_svc->restrict_edit_password )
);
$error = $svc_acct->is_password_allowed($newpass)
|| $svc_acct->set_password($newpass)
|| $svc_acct->replace;
# annoyingly specific to view/svc_acct.cgi, for now...
$cgi->delete('password');
}
elsif ($contactnum) {
$contact = qsearchs('contact', { 'contactnum' => $contactnum } )
or return { 'error' => "Contact not found" . $contactnum };
$error = $contact->is_password_allowed($newpass)
|| $contact->change_password($newpass);
# annoyingly specific to view/svc_acct.cgi, for now...
#$cgi->delete('password');
}
</%init>
|
