4 use vars qw($cgi $session_id $form_max $template_dir);
5 use subs qw(do_template);
7 use CGI::Carp qw(fatalsToBrowser);
9 use FS::SelfService qw(login customer_info invoice payment_info);
17 unless ( defined $cgi->param('session') ) {
18 do_template('login',{});
22 if ( $cgi->param('session') eq 'login' ) {
24 $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i
25 or die "illegal username";
28 $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/
29 or die "illegal domain";
32 $cgi->param('password') =~ /^(.{0,$form_max})$/
33 or die "illegal password";
37 'username' => $username,
39 'password' => $password,
42 do_template('login', {
43 'error' => $rv->{error},
44 'username' => $username,
49 $cgi->param('session' => $rv->{session_id} );
50 $cgi->param('action' => 'myaccount' );
54 $session_id = $cgi->param('session');
56 $cgi->param('action') =~
57 /^(myaccount|view_invoice|make_payment|process_payment)$/
58 or die "unknown action ". $cgi->param('action');
61 my $result = eval "&$action();";
64 if ( $result->{error} eq "Can't resume session" ) { #ick
65 do_template('login',{});
69 #warn $result->{'open_invoices'};
70 #warn scalar(@{$result->{'open_invoices'}});
72 warn "processing template $action\n";
73 do_template($action, {
74 'session_id' => $session_id,
80 sub myaccount { customer_info( 'session_id' => $session_id ); }
84 $cgi->param('invnum') =~ /^(\d+)$/ or die "illegal invnum";
87 invoice( 'session_id' => $session_id,
94 payment_info( 'session_id' => $session_id );
99 $cgi->param('amount') =~ /^\s*(\d+(\.\d{2})?)\s*$/
100 or die "illegal amount"; #!!!
103 my $payinfo = $cgi->param('payinfo');
105 $payinfo =~ /^(\d{13,16})$/
106 #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
107 or die "illegal card"; #!!!
110 #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
111 or die "invalid card"; #!!!
112 cardtype($payinfo) eq $cgi->param('card_type')
113 #or $error ||= $init_data->{msgcat}{not_a}. $cgi->param('CARD_type');
114 or die "not a ". $cgi->param('card_type');
116 $cgi->param('month') =~ /^(\d{2})$/ or die "illegal month";
118 $cgi->param('year') =~ /^(\d{4})$/ or die "illegal year";
121 $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname";
124 $cgi->param('address1') =~ /^(.{0,80})$/ or die "illegal address1";
127 $cgi->param('address2') =~ /^(.{0,80})$/ or die "illegal address2";
130 $cgi->param('city') =~ /^(.{0,80})$/ or die "illegal city";
133 $cgi->param('state') =~ /^(.{2})$/ or die "illegal state";
136 $cgi->param('zip') =~ /^(.{0,10})$/ or die "illegal zip";
140 $save = 1 if $cgi->param('save');
143 $auto = 1 if $cgi->param('auto');
145 $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch";
149 'session_id' => $session_id,
151 'payinfo' => $payinfo,
154 'payname' => $payname,
155 'address1' => $address1,
156 'address2' => $address2,
162 'paybatch' => $paybatch,
174 $fill_in->{'selfurl'} = $cgi->self_url;
176 my $template = new Text::Template( TYPE => 'FILE',
177 SOURCE => "$template_dir/$name.html",
178 DELIMITERS => [ '<%=', '%>' ],
180 or die $Text::Template::ERROR;
182 print $cgi->header( '-expires' => 'now' ),
183 $template->fill_in( HASH => $fill_in );