X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fprocess%2Frecharge_svc.html;h=2d49f6b06ed73e47d32ae67ec4d286835a3bd87c;hb=871dcd21f09f22605fefbabb5fe96d32d84a46a8;hp=5f68bf151b55a87e1a5ba0b88a30792333832681;hpb=624b2d44625f69d71175c3348cae635d580c890b;p=freeside.git

diff --git a/httemplate/misc/process/recharge_svc.html b/httemplate/misc/process/recharge_svc.html
index 5f68bf151..2d49f6b06 100755
--- a/httemplate/misc/process/recharge_svc.html
+++ b/httemplate/misc/process/recharge_svc.html
@@ -22,6 +22,7 @@ $svcnum = $1;
 
 #untaint prepaid
 my $prepaid = $cgi->param('prepaid');
+$prepaid =~ s/\W//g;
 $prepaid =~ /^(\w*)$/;
 $prepaid = $1;
 
@@ -62,6 +63,7 @@ unless ($error) {
     $error = $cust_main->charge($amount, "Recharge " . $svc_acct->label,
                                 $description, $part_pkg->taxclass);
 
+    $error ||= "invalid $_" foreach grep { $rhash{$_} !~ /^\d*$/ } keys %rhash;
     if ($part_pkg->option('recharge_reset', 1)) {
       $error ||= $svc_acct->set_usage(\%rhash, 'null' => 1);
     }else{