1 <% include('/elements/header.html', 'Preferences for '. getotaker ) %>
3 <FORM METHOD="POST" NAME="pref_form" ACTION="pref-process.html">
5 <% include('/elements/error.html') %>
8 Change password (leave blank for no change)
9 <% ntable("#cccccc",2) %>
12 <TH ALIGN="right">Current password: </TH>
13 <TD><INPUT TYPE="password" NAME="_password"></TD>
17 <TH ALIGN="right">New password: </TH>
18 <TD><INPUT TYPE="password" NAME="new_password"></TD>
22 <TH ALIGN="right">Re-enter new password: </TH>
23 <TD><INPUT TYPE="password" NAME="new_password2"></TD>
31 <% ntable("#cccccc",2) %>
34 <TH ALIGN="right">Menu location: </TH>
36 <INPUT TYPE="radio" NAME="menu_position" VALUE="left" onClick="document.images['menu_example'].src='../images/menu-left-example.png';" <% $menu_position eq 'left' ? ' CHECKED' : ''%>> Left<BR>
37 <INPUT TYPE="radio" NAME="menu_position" VALUE="top"onClick="document.images['menu_example'].src='../images/menu-top-example.png';" <% $menu_position eq 'top' ? ' CHECKED' : ''%>> Top <BR>
39 <TD><IMG NAME="menu_example" SRC="../images/menu-<% $menu_position %>-example.png"></TD>
43 <TH ALIGN="right">Default customer view: </TD>
45 <SELECT NAME="default_customer_view">
46 % foreach my $view ( keys %customer_views ) {
48 % $customer_views{$view} eq $curuser->option('default_customer_view')
51 <OPTION VALUE="<%$customer_views{$view}%>" <%$selected%>><%$view%></OPTION>
62 <% ntable("#cccccc",2) %>
65 <TH>Email Address(es) (comma separated) </TH>
67 <TD><INPUT TYPE="text" NAME="email_address" VALUE="<% $email_address %>">
76 <% ntable("#cccccc",2) %>
79 <TH>Show internal package numbers: </TH>
80 <TD><INPUT TYPE="checkbox" NAME="show_pkgnum" VALUE="1" <% $curuser->option('show_pkgnum') ? 'CHECKED' : '' %>></TD>
83 <TH>Show database profiling (when available): </TH>
84 <TD><INPUT TYPE="checkbox" NAME="show_db_profile" VALUE="1" <% $curuser->option('show_db_profile') ? 'CHECKED' : '' %>></TD>
87 <TH>Save database profiling logs (when available): </TH>
88 <TD><INPUT TYPE="checkbox" NAME="save_db_profile" VALUE="1" <% $curuser->option('save_db_profile') ? 'CHECKED' : '' %>></TD>
95 Vonage integration (see <a href="https://secure.click2callu.com/">Click2Call</a>)
96 <% ntable("#cccccc",2) %>
99 <TH ALIGN="right">Vonage phone number</TH>
100 <TD><INPUT TYPE="text" NAME="vonage-fromnumber" VALUE="<% $curuser->option('vonage-fromnumber') %>"></TD>
104 <TH ALIGN="right">Vonage username</TH>
105 <TD><INPUT TYPE="text" NAME="vonage-username" VALUE="<% $curuser->option('vonage-username') %>"></TD>
109 <TH ALIGN="right">Vonage password</TH>
110 <TD><INPUT TYPE="password" NAME="vonage-password" VALUE="<% $curuser->option('vonage-password') %>"></TD>
117 % foreach my $prop (qw( height width availHeight availWidth colorDepth )) {
118 <INPUT TYPE="hidden" NAME="<% $prop %>" VALUE="">
119 <SCRIPT TYPE="text/javascript">
120 document.pref_form.<% $prop %>.value = screen.<% $prop %>;
124 <INPUT TYPE="submit" VALUE="Update preferences">
126 <% include('/elements/footer.html') %>
129 my $curuser = $FS::CurrentUser::CurrentUser;
131 #false laziness w/view/cust_main.cgi and Conf.pm (cust_main-default_view)
133 tie my %customer_views, 'Tie::IxHash',
134 'Basics' => 'basics',
135 'Notes' => 'notes', #notes and files?
136 'Tickets' => 'tickets',
137 'Packages' => 'packages',
138 'Payment History' => 'payment_history',
140 $customer_views{'Change History'} = 'change_history'
141 if $curuser->access_right('View customer history');
142 $customer_views{'Jumbo'} = 'jumbo';
144 # XSS via your own preferences? seems unlikely, but nice try anyway...
145 ( $curuser->option('menu_position') || 'top' )
146 =~ /^(\w+)$/ or die "illegal menu_position";
147 my $menu_position = $1;
148 ( $curuser->option('email_address') )
149 =~ /^([,\w\@.]*)$/ or die "illegal email_address"; #too late
150 my $email_address = $1;