X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=ng_selfservice%2Fpackages_change.php;h=6791a1ad20e719686c854c6356a38dc143c42977;hb=c71fd54c5103b16e7f7296ce6cc6750986119bd8;hp=876f6cd1985519bfe023c929e91b467053900293;hpb=00366d997194ebfa62b8502e638cdfef4c932256;p=freeside.git
diff --git a/ng_selfservice/packages_change.php b/ng_selfservice/packages_change.php
index 876f6cd19..6791a1ad2 100644
--- a/ng_selfservice/packages_change.php
+++ b/ng_selfservice/packages_change.php
@@ -6,20 +6,24 @@ $customer_info = $freeside->customer_info_short( array(
'session_id' => $_COOKIE['session_id'],
) );
-foreach ( $cust_pkg AS $pkg ) {
- $part_pkg .= $pkg[pkgpart];
- $class_num .= $pkg[classnum];
+if ( preg_match( '/^(\d+)$/', $_GET['pkgnum'] ) ) {
+ $cust_pkg = $freeside->pkg_info( array(
+ 'session_id' => $_COOKIE['session_id'],
+ 'pkgnum' => $_GET['pkgnum'],
+ ) );
}
+else { $cust_pkg['error'] = 'Bad Package Number'; }
-$get_params = array( 'pkgnum', 'pkg', 'classnum', 'pkgpart' );
-foreach ( $get_params AS $param ) {
- $params[$param] = $_GET[$param];
+if ( isset($cust_pkg['error']) && $cust_pkg['error'] ) {
+ $error = $cust_pkg['error'];
+ header('Location:index.php?error='. urlencode($error));
+ die();
}
$pkgselect = $freeside->mason_comp( array(
'session_id' => $_COOKIE['session_id'],
'comp' => '/elements/select-part_pkg.html',
- 'args' => [ 'classnum', $params['classnum'], 'curr_value', $params['pkgpart'], ],
+ 'args' => [ 'classnum', $cust_pkg['classnum'], 'curr_value', $cust_pkg['pkgpart'], ],
)
);
@@ -41,7 +45,7 @@ function enable_change_pkg () {
}
-Purchase replacement package for " echo $params['pkg']; ?>"
+Purchase replacement package for " echo htmlspecialchars($cust_pkg['pkg_label']); ?>"
include('elements/error.php'); ?>
@@ -58,8 +62,7 @@ function enable_change_pkg () {
-
-
+