X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_pkg.cgi;h=bdade321f4d805e0fa7ebcfaf82f2f334a32e458;hb=0930d22ffc440f80c1b222b2e750cadbabd9e8f6;hp=817c88087a01c29f5dfa1d619a8daa4686765582;hpb=9509e5bfb7f9331303153cac24d7bfecbe2ea9f1;p=freeside.git diff --git a/httemplate/edit/process/cust_pkg.cgi b/httemplate/edit/process/cust_pkg.cgi index 817c88087..bdade321f 100755 --- a/httemplate/edit/process/cust_pkg.cgi +++ b/httemplate/edit/process/cust_pkg.cgi @@ -1,44 +1,68 @@ -% -% -%my $error = ''; -% -%#untaint custnum -%$cgi->param('custnum') =~ /^(\d+)$/; -%my $custnum = $1; -% -%my @remove_pkgnums = map { -% /^(\d+)$/ or die "Illegal remove_pkg value!"; -% $1; -%} $cgi->param('remove_pkg'); -% -%my $error_redirect; -%my @pkgparts; -%if ( $cgi->param('new_pkgpart') =~ /^(\d+)$/ ) { #came from misc/change_pkg.cgi -% $error_redirect = "misc/change_pkg.cgi"; -% @pkgparts = ($1); -%} else { #came from edit/cust_pkg.cgi -% $error_redirect = "edit/cust_pkg.cgi"; -% foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) { -% if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) { -% my $num_pkgs = $1; -% while ( $num_pkgs-- ) { -% push @pkgparts,$pkgpart; -% } -% } else { -% $error = "Illegal quantity"; -% last; -% } -% } -%} -% -%$error ||= FS::cust_pkg::order($custnum,\@pkgparts,\@remove_pkgnums); -% -%if ($error) { -% $cgi->param('error', $error); -% print $cgi->redirect(popurl(3). $error_redirect. '?'. $cgi->query_string ); -%} else { -% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum"); -%} -% -% +% if ($error) { +% $cgi->param('error', $error); +% $cgi->redirect(popurl(3). $error_redirect. '?'. $cgi->query_string ); +% } elsif ( $action eq 'change' ) { + <% header("Package changed") %> + + + + +% } elsif ( $action eq 'bulk' ) { +<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum") %> +% } else { +% die "guru exception #5: action is neither change nor bulk!"; +% } +<%init> + +my $error = ''; + +#untaint custnum +$cgi->param('custnum') =~ /^(\d+)$/; +my $custnum = $1; + +my @remove_pkgnums = map { + /^(\d+)$/ or die "Illegal remove_pkg value!"; + $1; +} $cgi->param('remove_pkg'); + +my $curuser = $FS::CurrentUser::CurrentUser; + +my( $action, $error_redirect ); +my @pkgparts = (); +if ( $cgi->param('new_pkgpart') =~ /^(\d+)$/ ) { #came from misc/change_pkg.cgi + + $action = 'change'; + $error_redirect = "misc/change_pkg.cgi"; + @pkgparts = ($1); + + die "access denied" + unless $curuser->access_right('Change customer package'); + +} else { #came from edit/cust_pkg.cgi + + $action = 'bulk'; + $error_redirect = "edit/cust_pkg.cgi"; + + die "access denied" + unless $curuser->access_right('Bulk change customer packages'); + + foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) { + if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) { + my $num_pkgs = $1; + while ( $num_pkgs-- ) { + push @pkgparts,$pkgpart; + } + } else { + $error = "Illegal quantity"; + last; + } + } + +} + +$error ||= FS::cust_pkg::order($custnum,\@pkgparts,\@remove_pkgnums); + +