4 use vars qw($cgi $session_id $form_max $template_dir);
5 use subs qw(do_template);
7 use CGI::Carp qw(fatalsToBrowser);
9 use FS::SelfService qw( login customer_info invoice payment_info
18 unless ( defined $cgi->param('session') ) {
19 do_template('login',{});
23 if ( $cgi->param('session') eq 'login' ) {
25 $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i
26 or die "illegal username";
29 $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/
30 or die "illegal domain";
33 $cgi->param('password') =~ /^(.{0,$form_max})$/
34 or die "illegal password";
38 'username' => $username,
40 'password' => $password,
43 do_template('login', {
44 'error' => $rv->{error},
45 'username' => $username,
50 $cgi->param('session' => $rv->{session_id} );
51 $cgi->param('action' => 'myaccount' );
55 $session_id = $cgi->param('session');
57 $cgi->param('action') =~
58 /^(myaccount|view_invoice|make_payment|payment_results)$/
59 or die "unknown action ". $cgi->param('action');
62 my $result = eval "&$action();";
65 if ( $result->{error} eq "Can't resume session" ) { #ick
66 do_template('login',{});
70 #warn $result->{'open_invoices'};
71 #warn scalar(@{$result->{'open_invoices'}});
73 warn "processing template $action\n";
74 do_template($action, {
75 'session_id' => $session_id,
81 sub myaccount { customer_info( 'session_id' => $session_id ); }
85 $cgi->param('invnum') =~ /^(\d+)$/ or die "illegal invnum";
88 invoice( 'session_id' => $session_id,
95 payment_info( 'session_id' => $session_id );
100 use Business::CreditCard;
102 $cgi->param('amount') =~ /^\s*(\d+(\.\d{2})?)\s*$/
103 or die "illegal amount"; #!!!
106 my $payinfo = $cgi->param('payinfo');
108 $payinfo =~ /^(\d{13,16})$/
109 #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
110 or die "illegal card"; #!!!
113 #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
114 or die "invalid card"; #!!!
115 cardtype($payinfo) eq $cgi->param('card_type')
116 #or $error ||= $init_data->{msgcat}{not_a}. $cgi->param('CARD_type');
117 or die "not a ". $cgi->param('card_type');
119 $cgi->param('month') =~ /^(\d{2})$/ or die "illegal month";
121 $cgi->param('year') =~ /^(\d{4})$/ or die "illegal year";
124 $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname";
127 $cgi->param('address1') =~ /^(.{0,80})$/ or die "illegal address1";
130 $cgi->param('address2') =~ /^(.{0,80})$/ or die "illegal address2";
133 $cgi->param('city') =~ /^(.{0,80})$/ or die "illegal city";
136 $cgi->param('state') =~ /^(.{2})$/ or die "illegal state";
139 $cgi->param('zip') =~ /^(.{0,10})$/ or die "illegal zip";
143 $save = 1 if $cgi->param('save');
146 $auto = 1 if $cgi->param('auto');
148 $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch";
152 'session_id' => $session_id,
154 'payinfo' => $payinfo,
157 'payname' => $payname,
158 'address1' => $address1,
159 'address2' => $address2,
165 'paybatch' => $paybatch,
177 $fill_in->{'selfurl'} = $cgi->self_url;
179 my $template = new Text::Template( TYPE => 'FILE',
180 SOURCE => "$template_dir/$name.html",
181 DELIMITERS => [ '<%=', '%>' ],
183 or die $Text::Template::ERROR;
185 print $cgi->header( '-expires' => 'now' ),
186 $template->fill_in( HASH => $fill_in );