X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fpref%2Fpref-process.html;h=84f0832bf9e6048cc8a1f6f8a72183935d697dce;hb=71cfb409fca5c4f8cfb639a0f022de8c640b7775;hp=a5e13f062fce948caa1e72c4ecbad16545948b95;hpb=8591b5a157a2ee24c1467718eb0ce731a388f5c1;p=freeside.git

diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html
index a5e13f062..84f0832bf 100644
--- a/httemplate/pref/pref-process.html
+++ b/httemplate/pref/pref-process.html
@@ -1,51 +1,90 @@
-% my $error = '';
-%
-% my $access_user;
-% if ( grep { $cgi->param($_) !~ /^\s*$/ }
-%           qw(_password new_password new_password2)
-%    ) {
-%
-%   $access_user = qsearchs( 'access_user', {
-%     'username'  => getotaker,
-%     '_password' => $cgi->param('_password'),
-%   } );
-%
-%   $error = 'Current password incorrect; password not changed'
-%     unless $access_user;
-%
-%   $error ||= "New passwords don't match"
-%     unless $cgi->param('new_password') eq $cgi->param('new_password2');
-%
-%   $error ||= "No new password entered"
-%    unless length($cgi->param('new_password'));
-% 
-%   $access_user->_password($cgi->param('new_password')) unless $error;
-%
-% } else {
-%
-%   $access_user = $FS::CurrentUser::CurrentUser;
-%
-% }
-%
-% #XXX autogen
-% my @paramlist = qw( menu_position email_address
-%                     height width availHeight availWidth colorDepth
-%                   );
-%
-% foreach (@paramlist) {
-%   scalar($cgi->param($_)) =~ /^[,.\@\w]*$/ && next;
-%   $error ||= "Illegal value for parameter $_";
-%   last;
-% }
-%
-% $error ||= $access_user->replace( {
-%   map { $_ => scalar($cgi->param($_)) } @paramlist,
-% } );
-%
 % if ( $error ) {
 %   $cgi->param('error', $error);
-%   print $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string );
+<% $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string ) %>
 % } else {
 <% include('/elements/header.html', 'Preferences updated') %>
 <% include('/elements/footer.html') %>
 % }
+<%init>
+
+if ( FS::Conf->new->exists('disable_acl_changes') ) {
+  errorpage("Preference changes disabled in public demo");
+  die "shouldn't be reached";
+}
+
+my $error = '';
+my $access_user = '';
+
+if ( grep { $cgi->param($_) !~ /^\s*$/ }
+          qw(_password new_password new_password2)
+   ) {
+
+  $access_user = qsearchs( 'access_user', {
+    'username'  => getotaker,
+    '_password' => scalar($cgi->param('_password')),
+  } );
+
+  $error = 'Current password incorrect; password not changed'
+    unless $access_user;
+
+  $error ||= "New passwords don't match"
+    unless $cgi->param('new_password') eq $cgi->param('new_password2');
+
+  $error ||= "No new password entered"
+   unless length($cgi->param('new_password'));
+
+  $access_user->_password($cgi->param('new_password')) unless $error;
+
+} else {
+
+  $access_user = $FS::CurrentUser::CurrentUser;
+
+}
+
+#well, if you got your password change wrong, you don't get anything else
+#changed right now.  but it should be sticky on the form
+unless ( $error ) { # if ($access_user) {
+
+  my %param = $access_user->options;
+
+  #XXX autogen
+  my @paramlist = qw( locale menu_position default_customer_view 
+                      spreadsheet_format mobile_menu
+                      enable_fuzzy_on_exact
+                      disable_html_editor disable_enter_submit_onetimecharge
+                      email_address
+                      snom-ip snom-username snom-password
+                      vonage-fromnumber vonage-username vonage-password
+                      cust_pkg-display_times
+                      show_pkgnum show_confitem_counts export_getsettings
+                      show_db_profile save_db_profile save_tmp_typesetting
+                      height width availHeight availWidth colorDepth
+                    );
+
+  foreach (@paramlist) {
+    scalar($cgi->param($_)) =~ /^[,.\-\@\w]*$/ && next;
+    $error ||= "Illegal value for parameter $_";
+    last;
+  }
+
+  foreach (@paramlist) {
+    $param{$_} = scalar($cgi->param($_));
+  }
+
+  $error ||= $access_user->replace( \%param );
+
+}
+
+if ( !$error and ($FS::TicketSystem::system || '') eq 'RT_Internal' ) {
+  # sync RT user locale on every update
+  my $locale = $access_user->option('locale');
+  FS::TicketSystem->init;
+  my $UserObj = FS::TicketSystem->session('')->{'CurrentUser'}->UserObj;
+  # Bypass RT ModifySelf ACL
+  $UserObj->CurrentUser( RT::SystemUser );
+  if ( $UserObj->Lang ne $locale ) {
+    my ($val, $msg) = $UserObj->SetLang($locale);
+    $error = $msg if !$val;
+  }
+}
+</%init>