blob: 1b18d2ec8b850ccea0d6df23a2df22626483693f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
% if ( $error ) {
% $cgi->param('error', $error);
<% $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string ) %>
% } else {
<% $cgi->redirect( -uri => popurl(1). "pref.html",
-cookie => CGI::Cookie->new(
-name => 'freeside_status',
-value => mt('Preferences updated'),
-expires => '+5m',
),
)
%>
% }
<%init>
my $access_user = $FS::CurrentUser::CurrentUser;
if ( FS::Conf->new->exists('disable_acl_changes') ) {
errorpage("Preference changes disabled in public demo");
die "shouldn't be reached";
}
my $error = '';
if ( FS::Auth->auth_class->can('change_password')
&& grep { $cgi->param($_) !~ /^\s*$/ }
qw(_password new_password new_password2)
) {
my $oldpass = $cgi->param('_password');
my $newpass = $cgi->param('new_password');
if ( $newpass ne $cgi->param('new_password2') ) {
$error = mt("New passwords don't match");
} elsif ( ! length($newpass) ) {
$error = mt('No new password entered');
} elsif ( ! FS::Auth->authenticate( $access_user, $oldpass ) ) {
$error = mt('Current password incorrect; password not changed');
} else {
$error = $access_user->is_password_allowed($newpass)
|| $access_user->change_password($newpass);
}
}
#well, if you got your password change wrong, you don't get anything else
#changed right now. but it should be sticky on the form
unless ( $error ) { # if ($access_user) {
my %param = $access_user->options;
#XXX autogen
my @paramlist = qw( locale menu_position default_customer_view
history_order
spreadsheet_format mobile_menu
disable_html_editor disable_enter_submit_onetimecharge
enable_mask_clipboard_hack dashboard_customers
customer_view_emails
printtofit
email_address
snom-ip snom-username snom-password
vonage-fromnumber vonage-username vonage-password
cust_pkg-display_times
show_pkgnum show_confitem_counts export_getsettings
show_db_profile save_db_profile save_tmp_typesetting
height width availHeight availWidth colorDepth
);
foreach (@paramlist) {
scalar($cgi->param($_)) =~ /^[,.\-\@\w]*$/ && next;
$error ||= mt("Illegal value for parameter")." $_";
last;
}
foreach (@paramlist) {
$param{$_} = scalar($cgi->param($_));
}
$error ||= $access_user->replace( \%param );
}
if ( !$error and ($FS::TicketSystem::system || '') eq 'RT_Internal' ) {
# sync RT user locale on every update
my $locale = $access_user->option('locale');
FS::TicketSystem->init;
my $UserObj = FS::TicketSystem->session('')->{'CurrentUser'}->UserObj;
# Bypass RT ModifySelf ACL
$UserObj->CurrentUser( $RT::SystemUser );
if ( $UserObj->Lang ne $locale ) {
my ($val, $msg) = $UserObj->SetLang($locale);
$error = $msg if !$val;
}
}
</%init>
|
