$method = $1;
my $past_method = $past{$method};
+my $curuser = $FS::CurrentUser::CurrentUser;
+
die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right($right{$method});
+ unless $curuser->access_right($right{$method});
#untaint pkgnum
my $pkgnum = $cgi->param('pkgnum');
$resume_date = parse_datetime($cgi->param('resume_date'))
if $cgi->param('resume_date');
- $options = { map scalar($cgi->param($_)),
- suspend_bill no_suspend_bill
- };
+ $options = { map { $_ => scalar($cgi->param($_)) }
+ qw( suspend_bill no_suspend_bill )
+ }
+ if $curuser->access_right('Customize billing during suspension');
}
my $cust_pkg = qsearchs( 'cust_pkg', {'pkgnum'=>$pkgnum} );
-#untaint reasonnum
-my $reasonnum = $cgi->param('reasonnum');
-if ( $method !~ /^(unsuspend|uncancel)$/ ) {
- $reasonnum =~ /^(-?\d+)$/ or die "Illegal reasonnum";
- $reasonnum = $1;
-
- if ($reasonnum == -1) {
- $reasonnum = {
- 'typenum' => scalar( $cgi->param('newreasonnumT') ),
- 'reason' => scalar( $cgi->param('newreasonnum' ) ),
- };
+#untaint reasonnum, and set up new reason if appropriate
+my ($reasonnum, $error);
+if ($method ne 'unsuspend' and $method ne 'uncancel') {
+ ($reasonnum, $error) = $m->comp('elements/reason');
+ if (!$reasonnum) {
+ $error ||= 'Reason required';
}
}
my $svc_fatal = ( $cgi->param('svc_not_fatal') ne 'Y' );
-my $error = $cust_pkg->$method( 'reason' => $reasonnum,
+my $only_svcnum = ($method eq 'uncancel') ? [ $cgi->param('only_svcnum') ] : undef;
+
+$error ||= $cust_pkg->$method( 'reason' => $reasonnum,
'date' => $date,
'resume_date' => $resume_date,
'last_bill' => $last_bill,
'bill' => $bill,
'svc_fatal' => $svc_fatal,
'options' => $options,
+ 'only_svcnum' => $only_svcnum,
);
if ($error) {