X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fprocess%2Fchange-password.html;h=37ad6d915e4da9ab765e7c3f389ca3286e5d7b99;hb=405f925e2578705780332900eb5df031bfa7c272;hp=7cab9c4e3a3b3a1192ad20faa9c35f3876951e21;hpb=f3e0ac2b009c4edd5692cb587ff709dac2223ebe;p=freeside.git diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index 7cab9c4e3..37ad6d915 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -1,26 +1,78 @@ +% if ( $error ) { +% if ($svcnum) { +% $cgi->param('svcnum', $svcnum); +% $cgi->param("changepw${svcnum}_error", $error); +% } +% elsif ($contactnum) { +% $cgi->param('contactnum', $contactnum); +% $cgi->param("changepw${contactnum}_error", $error); +% } +% $cgi->param('error', $error); +% } else { +% if ($svcnum) { $cgi->query_string($svcnum); } +% elsif ($contactnum) { $cgi->query_string($contactnum); } +% } + +% if (!$popup) { +% if ($svcnum) { + <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> +% } +% elsif ($contactnum) { + <% $cgi->redirect($fsurl.'view/cust_main.cgi?'.$cgi->param('custnum')) %> +% } +% } + +<& /elements/header-popup.html, 'Password Set' &> + + <%init> my $curuser = $FS::CurrentUser::CurrentUser; -$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum"; +$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum" if $cgi->param('svcnum'); my $svcnum = $1; -my $svc_acct = FS::svc_acct->by_key($svcnum) - or die "svc_acct $svcnum not found"; -my $part_svc = $svc_acct->part_svc; -die "access denied" unless ( - $curuser->access_right('Provision customer service') or - ( $curuser->access_right('Edit password') and - ! $part_svc->restrict_edit_password ) - ); -my $error = $svc_acct->set_password($cgi->param('password')) - || $svc_acct->replace; - -# annoyingly specific to view/svc_acct.cgi, for now... -$cgi->delete('password'); - -% if ( $error ) { -% $cgi->param('svcnum', $svcnum); -% $cgi->param("changepw${svcnum}_error", $error); -% } else { -% $cgi->query_string($svcnum); -% } -<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %> + +foreach my $prefix (grep /^(.*)(password)$/, $cgi->param) { + $cgi->param('password' => $cgi->param($prefix)); +} + +$cgi->param('contactnum') =~ /^(\d+)$/ or die "illegal contactnum" if $cgi->param('contactnum'); +my $contactnum = $1; + +my $popup = $cgi->param('popup'); + +my $newpass = $cgi->param('password'); + +my $error; + +if ($svcnum) { + my $svc_acct = FS::svc_acct->by_key($svcnum) + or die "svc_acct $svcnum not found"; + my $part_svc = $svc_acct->part_svc; + die "access denied" unless ( + $curuser->access_right('Provision customer service') or + ( $curuser->access_right('Edit password') and + ! $part_svc->restrict_edit_password ) + ); + + $error = $svc_acct->is_password_allowed($newpass) + || $svc_acct->set_password($newpass) + || $svc_acct->replace; + + # annoyingly specific to view/svc_acct.cgi, for now... + $cgi->delete('password'); +} +elsif ($contactnum) { + my $contact = qsearchs('contact', { 'contactnum' => $contactnum } ) + or return { 'error' => "Contact not found" . $contactnum }; + + $error = $contact->is_password_allowed($newpass) + || $contact->change_password($newpass); + + # annoyingly specific to view/svc_acct.cgi, for now... + #$cgi->delete('password'); +} + + \ No newline at end of file