-my $svc_acct = FS::svc_acct->by_key($svcnum)
- or die "svc_acct $svcnum not found";
-my $part_svc = $svc_acct->part_svc;
-die "access denied" unless (
- $curuser->access_right('Provision customer service') or
- ( $curuser->access_right('Edit password') and
- ! $part_svc->restrict_edit_password )
- );
-my $error = $svc_acct->set_password($cgi->param('password'))
- || $svc_acct->replace;
-
-# annoyingly specific to view/svc_acct.cgi, for now...
-$cgi->delete('password');
-</%init>
-% if ( $error ) {
-% $cgi->param('svcnum', $svcnum);
-% $cgi->param("changepw${svcnum}_error", $error);
-% } else {
-% $cgi->query_string($svcnum);
-% }
-<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>
+
+$cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum');
+my $contactnum = $1;
+
+my $popup = $cgi->param('popup');
+
+my $newpass = $cgi->param('password');
+
+my $error;
+
+if ($svcnum) {
+ my $svc_acct = FS::svc_acct->by_key($svcnum)
+ or die "svc_acct $svcnum not found";
+ my $part_svc = $svc_acct->part_svc;
+ die "access denied" unless (
+ $curuser->access_right('Provision customer service') or
+ ( $curuser->access_right('Edit password') and
+ ! $part_svc->restrict_edit_password )
+ );
+
+ $error = $svc_acct->is_password_allowed($newpass)
+ || $svc_acct->set_password($newpass)
+ || $svc_acct->replace;
+
+ # annoyingly specific to view/svc_acct.cgi, for now...
+ $cgi->delete('password');
+}
+elsif ($contactnum) {
+ my $contact = qsearchs('contact', { 'contactnum' => $contactnum } )
+ or return { 'error' => "Contact not found" . $contactnum };
+
+ $error = $contact->is_password_allowed($newpass)
+ || $contact->change_password($newpass);
+
+ # annoyingly specific to view/svc_acct.cgi, for now...
+ #$cgi->delete('password');
+}
+
+</%init>
\ No newline at end of file