X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fprocess%2Frecharge_svc.html;h=2d49f6b06ed73e47d32ae67ec4d286835a3bd87c;hb=4da3c98f2f021ac48b195dd205bdbb85dc5b58b9;hp=5f68bf151b55a87e1a5ba0b88a30792333832681;hpb=40a7b3dc653e099f7bd0bd762b649b04c4432db2;p=freeside.git

diff --git a/httemplate/misc/process/recharge_svc.html b/httemplate/misc/process/recharge_svc.html
index 5f68bf151..2d49f6b06 100755
--- a/httemplate/misc/process/recharge_svc.html
+++ b/httemplate/misc/process/recharge_svc.html
@@ -22,6 +22,7 @@ $svcnum = $1;
 
 #untaint prepaid
 my $prepaid = $cgi->param('prepaid');
+$prepaid =~ s/\W//g;
 $prepaid =~ /^(\w*)$/;
 $prepaid = $1;
 
@@ -62,6 +63,7 @@ unless ($error) {
     $error = $cust_main->charge($amount, "Recharge " . $svc_acct->label,
                                 $description, $part_pkg->taxclass);
 
+    $error ||= "invalid $_" foreach grep { $rhash{$_} !~ /^\d*$/ } keys %rhash;
     if ($part_pkg->option('recharge_reset', 1)) {
       $error ||= $svc_acct->set_usage(\%rhash, 'null' => 1);
     }else{