+my %past = ( 'cancel' => 'cancelled',
+ 'expire' => 'expired',
+ 'suspend' => 'suspended',
+ 'adjourn' => 'adjourned',
+ 'resume' => 'scheduled to resume',
+ 'uncancel' => 'un-cancelled',
+ );
+
+#i'm sure this is false laziness with somewhere, at least w/misc/cancel_pkg.html
+my %right = ( 'cancel' => 'Cancel customer package immediately',
+ 'expire' => 'Cancel customer package later',
+ 'suspend' => 'Suspend customer package',
+ 'adjourn' => 'Suspend customer package later',
+ 'resume' => 'Unsuspend customer package', #later?
+ 'uncancel' => 'Un-cancel customer package',
+ );
+
+</%once>
+<%init>
+
+#untaint method
+my $method = $cgi->param('method');
+$method =~ /^(cancel|expire|suspend|adjourn|resume|uncancel)$/
+ or die "Illegal method";
+$method = $1;
+my $past_method = $past{$method};
+
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+die "access denied"
+ unless $curuser->access_right($right{$method});
+
+#untaint pkgnum
+my $pkgnum = $cgi->param('pkgnum');
+$pkgnum =~ /^(\d+)$/ or die "Illegal pkgnum";
+$pkgnum = $1;
+
+my $date = time;
+if ($method eq 'expire' || $method eq 'adjourn' || $method eq 'resume') {
+ #untaint date
+ $date = $cgi->param('date'); #huh?
+ parse_datetime($cgi->param('date')) =~ /^(\d+)$/ or die "Illegal date";
+ $date = $1;
+ $method = 'cancel' if $method eq 'expire';
+ $method = 'suspend' if $method eq 'adjourn';
+ $method = 'unsuspend' if $method eq 'resume';
+}
+
+my $resume_date = '';
+my $options = '';
+if ( $method eq 'suspend' ) { #or 'adjourn'
+ $resume_date = parse_datetime($cgi->param('resume_date'))
+ if $cgi->param('resume_date');
+
+ $options = { map { $_ => scalar($cgi->param($_)) }
+ qw( suspend_bill no_suspend_bill )
+ }
+ if $curuser->access_right('Customize billing during suspension');
+}
+
+my $cust_pkg = qsearchs( 'cust_pkg', {'pkgnum'=>$pkgnum} );
+
+#untaint reasonnum, and set up new reason if appropriate
+my ($reasonnum, $error);
+if ($method ne 'unsuspend' and $method ne 'uncancel') {
+ ($reasonnum, $error) = $m->comp('elements/reason');
+ if (!$reasonnum) {
+ $error ||= 'Reason required';
+ }
+}
+
+#for uncancel
+my $last_bill =
+ $cgi->param('last_bill') ? parse_datetime($cgi->param('last_bill')) : '';
+my $bill =
+ $cgi->param('bill') ? parse_datetime($cgi->param('bill')) : '';
+
+my $svc_fatal = ( $cgi->param('svc_not_fatal') ne 'Y' );
+
+my $only_svcnum = ($method eq 'uncancel') ? [ $cgi->param('only_svcnum') ] : undef;
+
+$error ||= $cust_pkg->$method( 'reason' => $reasonnum,
+ 'date' => $date,
+ 'resume_date' => $resume_date,
+ 'last_bill' => $last_bill,
+ 'bill' => $bill,
+ 'svc_fatal' => $svc_fatal,
+ 'options' => $options,
+ 'only_svcnum' => $only_svcnum,
+ );
+
+if ($error) {
+ $cgi->param('error', $error);
+ print $cgi->redirect(popurl(2). "cancel_pkg.html?". $cgi->query_string );
+}
+
+</%init>