'session_id' => $_COOKIE['session_id'],
) );
-$list_pkgs = $freeside->list_pkgs( array(
- 'session_id' => $_COOKIE['session_id'],
-) );
+if ( preg_match( '/^(\d+)$/', $_GET['pkgnum'] ) ) {
+ $cust_pkg = $freeside->pkg_info( array(
+ 'session_id' => $_COOKIE['session_id'],
+ 'pkgnum' => $_GET['pkgnum'],
+ ) );
+}
+else { $cust_pkg['error'] = 'Bad Package Number'; }
-if ( isset($list_pkgs['error']) && $list_pkgs['error'] ) {
- $error = $list_pkgs['error'];
+if ( isset($cust_pkg['error']) && $cust_pkg['error'] ) {
+ $error = $cust_pkg['error'];
header('Location:index.php?error='. urlencode($error));
die();
}
-extract($list_pkgs);
-
-$get_params = array( 'pkgnum', 'pkg' );
-foreach ( $get_params AS $param ) {
- $params[$param] = $_GET[$param];
-}
-
-$pkgnum = $_GET['pkgnum'];
-$pkg = $_GET['pkg'];
-
$pkgselect = $freeside->mason_comp( array(
'session_id' => $_COOKIE['session_id'],
'comp' => '/elements/select-part_pkg.html',
- 'args' => array( 'custnum' => $customer_info['custnum'],
- 'curr_value' => 'current_value',
- ),
+ 'args' => [ 'classnum', $cust_pkg['classnum'], 'curr_value', $cust_pkg['pkgpart'], ],
)
);
}
</SCRIPT>
-<FONT SIZE=4>Purchase replacement package for "<? echo $pkg; ?>"</FONT><BR><BR>
+<FONT SIZE=4>Purchase replacement package for "<? echo htmlspecialchars($cust_pkg['pkg_label']); ?>"</FONT><BR><BR>
<? include('elements/error.php'); ?>
</TABLE>
<BR>
<INPUT TYPE="hidden" NAME="custnum" VALUE="<? echo $customer_info['custnum'] ?>">
-<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<? echo $params['pkgnum'] ?>">
-<INPUT TYPE="hidden" NAME="pkg" VALUE="<? echo $params['pkg'] ?>">
+<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<? echo htmlspecialchars($_GET['pkgnum']) ?>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_change_pkg">
<INPUT NAME="submit" TYPE="submit" VALUE="Change Package">
</FORM>