X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=25d61aca69451559e4ed350912efa46652395b84;hb=123bc067cc9fd8b247fb0b4e9a86066f32e83991;hp=09cfe6073b875c585ef0751ae793e7060b0fb75b;hpb=7f43bf155bc79e3c9bd5d88e53117595963c301e;p=freeside.git diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 09cfe6073..25d61aca6 100644 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -10,13 +10,14 @@ use HTML::Entities; use Date::Format; use Number::Format 1.50; use FS::SelfService qw( - skin_info login_info login customer_info edit_info invoice + access_info login_info login customer_info edit_info invoice payment_info process_payment realtime_collect process_prepay list_pkgs order_pkg signup_info order_recharge part_svc_info provision_acct provision_external - unprovision_svc change_pkg domainselector + unprovision_svc change_pkg suspend_pkg domainselector list_svcs list_svc_usage list_cdr_usage list_support_usage - myaccount_passwd + myaccount_passwd list_invoices create_ticket + mason_comp ); $template_dir = '.'; @@ -28,7 +29,7 @@ $form_max = 255; $cgi = new CGI; unless ( defined $cgi->param('session') ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) ); do_template('login', $login_info ); exit; @@ -54,7 +55,7 @@ if ( $cgi->param('session') eq 'login' ) { 'password' => $password, ); if ( $rv->{error} ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => $cgi->param('agentnum') ); do_template('login', { 'error' => $rv->{error}, 'username' => $username, @@ -72,7 +73,7 @@ $session_id = $cgi->param('session'); #order|pw_list XXX ??? $cgi->param('action') =~ - /^(myaccount|view_invoice|make_payment|make_ach_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password)$/ + /^(myaccount|tktcreate|invoices|view_invoice|make_payment|make_ach_payment|make_term_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password|customer_suspend_pkg|process_suspend_pkg)$/ or die "unknown action ". $cgi->param('action'); my $action = $1; @@ -98,13 +99,14 @@ warn "processing template $action\n" do_template($action, { 'session_id' => $session_id, 'action' => $action, #so the menu knows what tab we're on... - %{ payment_info( 'session_id' => $session_id ) }, # cust_paybys for the menu + #%{ payment_info( 'session_id' => $session_id ) }, # cust_paybys for the menu %{$result} }); #-- -sub myaccount { customer_info( 'session_id' => $session_id ); } +use Data::Dumper; +sub myaccount { my $result = customer_info( 'session_id' => $session_id ); warn Dumper($result); $result;} sub change_bill { my $payment_info = payment_info( 'session_id' => $session_id ); @@ -164,13 +166,18 @@ sub process_change_ship { sub process_change_pay { my $postal = $cgi->param( 'postal_invoicing' ); + my $payby = $cgi->param( 'payby' ); my @list = qw( payby payinfo payinfo1 payinfo2 month year payname address1 address2 city county state zip country auto paytype paystate ss stateid stateid_state invoicing_list ); push @list, 'postal_invoicing' if $postal; - unless ( $postal || $cgi->param( 'invoicing_list' ) ) { + unless ( $payby ne 'BILL' + || $postal + || $cgi->param( 'invoicing_list' ) + ) + { $action = 'change_pay'; return { %{&change_pay()}, @@ -192,6 +199,31 @@ sub view_invoice { } +sub invoices { + list_invoices( 'session_id' => $session_id, ); +} + +sub tktcreate { + my $customer_info = customer_info( 'session_id' => $session_id ); + return $customer_info if ( $customer_info->{'error'} ); + + my $requestor = ""; + if ( $customer_info->{'invoicing_list'} ) { + my @requestor = split( /\s*\,\s*/, $customer_info->{'invoicing_list'} ); + $requestor = $requestor[0] if scalar(@requestor); + } + + return { 'requestor' => $requestor } + unless ($cgi->param('subject') && $cgi->param('message') && + length($cgi->param('subject')) && length($cgi->param('message'))); + + create_ticket( 'session_id' => $session_id, + 'subject' => $cgi->param('subject'), + 'message' => $cgi->param('message'), + 'requestor' => $requestor, + ); +} + sub customer_order_pkg { my $init_data = signup_info( 'customer_session_id' => $session_id ); return $init_data if ( $init_data->{'error'} ); @@ -199,11 +231,24 @@ sub customer_order_pkg { my $customer_info = customer_info( 'session_id' => $session_id ); return $customer_info if ( $customer_info->{'error'} ); + my $pkgselect = mason_comp( + 'session_id' => $session_id, + 'comp' => '/edit/cust_main/first_pkg/select-part_pkg.html', + 'args' => [ 'password_verify' => 1, + 'onchange' => 'enable_order_pkg()', + 'relurls' => 1, + 'empty_label' => 'Select package', + ], + ); + + $pkgselect = $pkgselect->{'error'} || $pkgselect->{'output'}; + return { ( map { $_ => $init_data->{$_} } qw( part_pkg security_phrase svc_acct_pop ), ), %$customer_info, + 'pkg_selector' => $pkgselect, }; } @@ -229,23 +274,46 @@ sub process_order_pkg { my $results = ''; - unless ( length($cgi->param('_password')) ) { - my $init_data = signup_info( 'customer_session_id' => $session_id ); - $results = { 'error' => $init_data->{msgcat}{empty_password} }; - $results = { 'error' => $init_data->{error} } if($init_data->{error}); + my @params = (qw( custnum pkgpart )); + my $svcdb = ''; + if ( $cgi->param('pkgpart_svcpart') =~ /^(\d+)_(\d+)$/ ) { + $cgi->param('pkgpart', $1); + $cgi->param('svcpart', $2); + push @params, 'svcpart'; + $svcdb = $cgi->param('svcdb'); + push @params, 'domsvc' if $svcdb eq 'svc_acct'; + } else { + $svcdb = 'svc_acct'; } - if ( $cgi->param('_password') ne $cgi->param('_password2') ) { - my $init_data = signup_info( 'customer_session_id' => $session_id ); - $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} }; - $results = { 'error' => $init_data->{error} } if($init_data->{error}); - $cgi->param('_password', ''); - $cgi->param('_password2', ''); + + if ( $svcdb eq 'svc_acct' ) { + + push @params, qw( username _password _password2 sec_phrase popnum ); + + unless ( length($cgi->param('_password')) ) { + my $init_data = signup_info( 'customer_session_id' => $session_id ); + $results = { 'error' => $init_data->{msgcat}{empty_password} }; + $results = { 'error' => $init_data->{error} } if($init_data->{error}); + } + if ( $cgi->param('_password') ne $cgi->param('_password2') ) { + my $init_data = signup_info( 'customer_session_id' => $session_id ); + $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} }; + $results = { 'error' => $init_data->{error} } if($init_data->{error}); + $cgi->param('_password', ''); + $cgi->param('_password2', ''); + } + + } elsif ( $svcdb eq 'svc_phone' ) { + + push @params, qw( phonenum sip_password pin phone_name ); + + } else { + die "$svcdb not handled on process_order_pkg yet"; } $results ||= order_pkg ( 'session_id' => $session_id, - map { $_ => $cgi->param($_) } - qw( custnum pkgpart username _password _password2 sec_phrase popnum ) + map { $_ => $cgi->param($_) } @params ); @@ -286,6 +354,24 @@ sub process_change_pkg { } +sub process_suspend_pkg { + my $results = ''; + $results = suspend_pkg ( + 'session_id' => $session_id, + map { $_ => $cgi->param($_) } + qw( pkgnum ) + ); + if ( $results->{'error'} ) { + $action = 'provision'; + return { + 'error' => ''. $results->{'error'}. '', + } + } + else { + return $results; + } +} + sub process_order_recharge { my $results = ''; @@ -319,7 +405,7 @@ sub make_payment { sub payment_results { - use Business::CreditCard; + use Business::CreditCard 0.30; #we should only do basic checking here for DoS attacks and things #that couldn't be constructed by the web form... let process_payment() do @@ -330,14 +416,16 @@ sub payment_results { my $amount = $1; my $payinfo = $cgi->param('payinfo'); - $payinfo =~ s/\D//g; - $payinfo =~ /^(\d{13,16})$/ + $payinfo =~ s/[^\dx]//g; + $payinfo =~ /^([\dx]{13,16})$/ #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; or die "illegal card"; #!!! $payinfo = $1; - validate($payinfo) - #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; - or die "invalid card"; #!!! + unless ( $payinfo =~ /x/ ) { + validate($payinfo) + #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; + or die "invalid card"; #!!! + } if ( $cgi->param('card_type') ) { cardtype($payinfo) eq $cgi->param('card_type') @@ -383,6 +471,10 @@ sub payment_results { $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch"; my $paybatch = $1; + $cgi->param('discount_term') =~ /^(\d*)$/ or die "illegal discount_term"; + my $discount_term = $1; + + process_payment( 'session_id' => $session_id, 'payby' => 'CARD', @@ -401,6 +493,7 @@ sub payment_results { 'save' => $save, 'auto' => $auto, 'paybatch' => $paybatch, + 'discount_term' => $discount_term, ); } @@ -420,14 +513,16 @@ sub ach_payment_results { my $amount = $1; my $payinfo1 = $cgi->param('payinfo1'); - $payinfo1=~ /^(\d+)$/ + $payinfo1 =~ s/[^\dx]//g; + $payinfo1 =~ /^([\dx]+)$/ or die "illegal account"; #!!! - $payinfo1= $1; + $payinfo1 = $1; my $payinfo2 = $cgi->param('payinfo2'); - $payinfo2=~ /^(\d+)$/ + $payinfo2 =~ s/[^\dx]//g; + $payinfo2 =~ /^([\dx]+)$/ or die "illegal ABA/routing code"; #!!! - $payinfo2= $1; + $payinfo2 = $1; $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname"; my $payname = $1; @@ -483,6 +578,20 @@ sub make_thirdparty_payment { realtime_collect( 'session_id' => $session_id, 'method' => $1 ); } +sub make_term_payment { + $cgi->param('amount') =~ /^(\d+\.\d{2})$/ + or die "illegal payment amount"; + my $balance = $1; + $cgi->param('discount_term') =~ /^(\d+)$/ + or die "illegal discount term"; + my $discount_term = $1; + $action = 'make_payment'; + ({ %{payment_info( 'session_id' => $session_id )}, + 'balance' => $balance, + 'discount_term' => $discount_term, + }) +} + sub recharge_prepay { customer_info( 'session_id' => $session_id ); } @@ -645,8 +754,10 @@ sub do_template { $fill_in->{'selfurl'} = $cgi->self_url; $fill_in->{'cgi'} = \$cgi; - my $skin_info = skin_info(); - $fill_in->{$_} = $skin_info->{$_} foreach keys %$skin_info; + my $access_info = $session_id + ? access_info( 'session_id' => $session_id ) + : {}; + $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info; my $source = "$template_dir/$name.html"; #warn "creating template for $source\n"; @@ -673,8 +784,12 @@ use HTML::Entities; use FS::SelfService qw(regionselector popselector domainselector location_form); #false laziness w/agent.cgi +use vars qw(@INCLUDE_ARGS); sub include { my $name = shift; + + @INCLUDE_ARGS = @_; + my $template = new Text::Template( TYPE => 'FILE', SOURCE => "$main::template_dir/$name.html", DELIMITERS => [ '<%=', '%>' ], @@ -688,3 +803,4 @@ sub include { } +1;