RT#29354: Password Security in Email [customer fields, images, js files]

[freeside.git] / fs_selfservice / FS-SelfService / cgi / signup.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
  <TITLE><%= $agent || ( $signup_service eq 'svc_phone' ? 'ITSP' : 'ISP' ) %> Signup form</TITLE>
  <%= $head %>
</HEAD>
<BODY BGCOLOR="<%= $body_bgcolor || '#e8e8e8' %>" onUnload="myclose()">
<%= if ( $terms_of_service =~ /\S/ ) { # enable overlib
  $OUT .= qq!<SCRIPT type="text/javascript" src="$_.js"></SCRIPT>\n!
    foreach (qw(overlibmws overlibmws_iframe overlibmws_draggable 
                overlibmws_crossframe iframecontentmws ));
}
%>
<script type="text/javascript">
  var mywindow = -1;
  function myopen(filename,windowname,properties) {
    myclose();
    mywindow = window.open(filename,windowname,properties);
  }
  function myclose() {
    if ( mywindow != -1 )
      mywindow.close();
    mywindow = -1
  }
</script>

<%= $OUT .= $body_header
      || '<FONT SIZE=7>'.
         ( $agent || ( $signup_service eq 'svc_phone' ? 'ITSP' : 'ISP' ) ).
         ' Signup form</FONT><BR><BR>';
%>

<%= if ( $error ) {
      $OUT .= '<FONT SIZE="+1" COLOR="#ff0000">'. encode_entities($error).
              '</FONT><BR><BR>';
    }
%>

<FORM NAME="OneTrueForm" ACTION="<%= $self_url %>" METHOD=POST onSubmit="document.OneTrueForm.signup.disabled=true" STYLE="margin:0">
<INPUT TYPE="hidden" NAME="prepaid_shortform" VALUE="<%= encode_entities($prepaid_shortform) %>">
<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_signup">
<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>">
<INPUT TYPE="hidden" NAME="referral_custnum" VALUE="<%= $referral_custnum %>">
<INPUT TYPE="hidden" NAME="ss" VALUE="">
<input type="hidden" name="payby">
<%=
  $OUT = join("\n",
           map {
             my $method = $_ ;
             map { qq|<input type="hidden" name="${method}_$_" />| }
               qw( payinfo payinfo1 payinfo2 payname paystate paytype paycvv
                   month year type )
           } @payby
         );
%>

<%=
  $OUT = join("\n",
           map { qq|<input type="hidden" name="$_" />| }
             qw( promo_code reg_code pkgpart username _password _password2
                 sec_phrase popnum domsvc mac_addr countrycode phonenum
                 sip_password pin ),
             map { ( "tax_$_", "tax_${_}_num" ) } @exempt_groups
         );
%>

<%=
  if ($override_ban_warn) {
    $OUT .= 'Are you sure you want to sign up again? <SELECT NAME="override_ban_warn"><OPTION VALUE="0">No<OPTION VALUE="1">Yes</SELECT><BR><BR>';
  } else {
    $OUT .= '';
  }
%>

Where did you hear about our service? <SELECT NAME="refnum">
<%=
  $OUT .= '<OPTION VALUE="">' unless $refnum;
  foreach my $part_referral ( @part_referral ) {
    $OUT .= '<OPTION VALUE="'. $part_referral->{'refnum'}. '"';
    $OUT .= ' SELECTED' if $part_referral->{'refnum'} == $refnum;
    $OUT .= '>'. $part_referral->{'referral'};
  }
%>
</SELECT><BR><BR>

<%= unless ( $prepaid_template_custnum && $prepaid_shortform  ) {

my $bgcolor = $box_bgcolor || '#c0c0c0';
$OUT .= qq!
<FONT SIZE="+1"><B>Contact Information</B></FONT>
<TABLE BGCOLOR="$bgcolor" BORDER=0 CELLSPACING=0 WIDTH="100%">
<TR>
  <TH ALIGN="right"><font color="#ff0000">*</font>Contact name<BR>(last, first)</TH>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="last" VALUE="$last">,
                <INPUT TYPE="text" NAME="first" VALUE="$first"></TD>
</TR>
<TR>
  <TD ALIGN="right">Company</TD>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="company" SIZE=70 VALUE="$company"></TD>
</TR>
<TR>
  <TH ALIGN="right"><font color="#ff0000">*</font>Address</TH>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="address1" SIZE=70 VALUE="$address1"></TD>
</TR>
<TR>
  <TD ALIGN="right">&nbsp;</TD>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="address2" SIZE=70 VALUE="$address2"></TD>
</TR>
<TR>
  <TH ALIGN="right"><font color="#ff0000">*</font>City</TH>
  <TD><INPUT TYPE="text" NAME="city" VALUE="$city"></TD> !;

        my ($county_html, $state_html, $country_html) =
          regionselector( {
            selected_county  => $county,
            selected_state   => $state,
            selected_country => $country,
            default_state    => $statedefault,
            default_country  => $countrydefault,
            locales          => \@cust_main_county,
          } );
 
$county_out = ($county_html =~ /SELECT/) ? 'County/State' : 'State';
$OUT .= qq!<TH ALIGN="right"><font color="#ff0000">*</font> $county_out </TH>
  <TD>
    $county_html $state_html
  </TD>
  <TH><font color="#ff0000">*</font>Zip</TH>
  <TD><INPUT TYPE="text" NAME="zip" SIZE=10 VALUE="$zip"></TD>
</TR>
<TR>
  <TH ALIGN="right"><font color="#ff0000">*</font>Country</TH>
  <TD>$country_html</TD>
<TR>
  <TD ALIGN="right">Day Phone</TD>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="daytime" VALUE="$daytime" SIZE=18></TD>
</TR>
<TR>
  <TD ALIGN="right">Night Phone</TD>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="night" VALUE="$night" SIZE=18></TD>
</TR>
<TR>
  <TD ALIGN="right">Fax</TD>
  <TD COLSPAN=5><INPUT TYPE="text" NAME="fax" VALUE="$fax" SIZE=12></TD>
</TR>
!;
  if ( $stateid_enabled ) {
    my ($county_html, $state_html, $country_html) =
      regionselector( {
        prefix           => 'stateid_',
        default_state    => $statedefault,
        default_country  => $countrydefault,
        locales          => \@cust_main_county,
      } );
    $OUT .= qq!<TR><TD ALIGN="right">!. $label{stateid}.'</TD>';
    $OUT .= qq!<TD><INPUT TYPE="text" NAME="stateid" VALUE="$stateid" SIZE=12></TD>!;
    $OUT .= qq!<TD ALIGN="right">!. $label{stateid_state} .'</TD>';
    $OUT .="<TD COLSPAN=3>$county_html $state_html</TD></TR>";
  }
$OUT .= qq!
</TABLE><font color="#ff0000">*</font> required fields<BR>
!;

}
else {
    @payby = ('PREPAY');
}
'';
%>

<BR><FONT SIZE="+1"><B>Billing information</B></FONT>
<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=0 WIDTH="100%">
<TR><TD>

  <%=
    $OUT ='';
    unless ( $emailinvoiceonly ) { 
    $OUT .= '<INPUT TYPE="checkbox" NAME="invoicing_list_POST" VALUE="POST"';
    my @invoicing_list = split(', ', $invoicing_list );
    $OUT .= ' CHECKED'
      if ! @invoicing_list || grep { $_ eq 'POST' } @invoicing_list;
    $OUT .= '>   Postal mail invoice'; } 
  %>


</TD></TR>
<TR><TD><%= $OUT = ( $emailinvoiceonly ? q|<font color="#ff0000">*</font>| : q|| ) %> Email invoice <INPUT TYPE="text" NAME="invoicing_list" VALUE="<%= join(', ', grep { $_ ne 'POST' } split(', ', $invoicing_list ) ) %>">
</TD></TR>
<%= ( scalar(@payby) > 1 or 1 ) ? '<TR><TD>Billing type ' : '' %>
<!--</TABLE>
<TABLE BGCOLOR="#c0c0c0" BORDER=1 WIDTH="100%">
<TR>-->

  <%=

    my $cardselect = '<SELECT NAME="CARD_type"><OPTION></OPTION>';
    foreach ( keys %card_types ) {
      $selected = $CARD_type eq $card_types{$_} ? 'SELECTED' : '';
      $cardselect .= qq!<OPTION $selected VALUE="$card_types{$_}">$_</OPTION>!;
    }
    $cardselect .= '</SELECT>';

    my $table = '<TABLE BGCOLOR="'. ( $box_bgcolor || '#c0c0c0' ). '" BORDER=0 CELLSPACING=0 WIDTH="100%">';
  
    my %payby = (
      'CARD' => qq!$table<TR><TD ALIGN="right"><font color="#ff0000">*</font> Card type</TD><TD>$cardselect</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Card number</TD><TD><INPUT TYPE="text" NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19></TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Expiration</TD><TD>!. expselect("CARD"). qq!</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Name on card</TD><TD><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname"></TD></TR>!,
      'DCRD' => qq!$table<TR><TD ALIGN="right"><font color="#ff0000">*</font> Card type</TD><TD>$cardselect</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Card number</TD><TD><INPUT TYPE="text" NAME="DCRD_payinfo" VALUE="$payinfo" MAXLENGTH=19></TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Expiration</TD><TD>!. expselect("DCRD"). qq!</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Name on card</TD><TD><INPUT TYPE="text" NAME="DCRD_payname" VALUE="$payname"></TD></TR>!,
      'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT TYPE="text" NAME="CHEK_payinfo1" VALUE="" MAXLENGTH=10><BR>${r}ABA/Routing code <INPUT TYPE="text" NAME="CHEK_payinfo2" VALUE="" SIZE=10 MAXLENGTH=9> Type <SELECT NAME="CHEK_paytype">!. join('', map {qq!<OPTION VALUE="$_">$_</OPTION>!} @paytypes). qq!</SELECT><BR>{$r}Bank State <INPUT TYPE="text" NAME="CHEK_paystate" VALUE="" SIZE=5 MAXLENGTH=4><INPUT TYPE="hidden" NAME="CHEK_month" VALUE="12"><INPUT TYPE="hidden" NAME="CHEK_year" VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text" NAME="CHEK_payname" VALUE="">!,
      'DCHK' => qq!Electronic check<BR>${r}Account number <INPUT TYPE="text" NAME="DCHK_payinfo1" VALUE="" MAXLENGTH=10> Type <SELECT NAME="DCHK_paytype">!. join('', map {qq!<OPTION VALUE="$_">$_</OPTION>!} @paytypes). qq!</SELECT><BR>${r}ABA/Routing code <INPUT TYPE="text" NAME="DCHK_payinfo2" VALUE="" SIZE=10 MAXLENGTH=9><BR>{$r}Bank State <INPUT TYPE="text" NAME="DCHK_paystate" VALUE="" SIZE=5 MAXLENGTH=4><INPUT TYPE="hidden" NAME="DCHK_month" VALUE="12"><INPUT TYPE="hidden" NAME="DCHK_year" VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text" NAME="DCHK_payname" VALUE="">!,
      'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT TYPE="text" NAME="LECB_payinfo" VALUE="" MAXLENGTH=15 SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden" NAME="LECB_payname" VALUE="">!,
      'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text" NAME="BILL_payinfo" VALUE=""><BR><INPUT TYPE="hidden" NAME="BILL_month" VALUE="12"><INPUT TYPE="hidden" NAME="BILL_year" VALUE="2037">Attention<INPUT TYPE="text" NAME="BILL_payname" VALUE="Accounts Payable">!,
      'COMP' => qq!Complimentary<BR><font color="#ff0000">*</font>Approved by<INPUT TYPE="text" NAME="COMP_payinfo" VALUE=""><BR><font color="#ff0000">*</font>Exp !. expselect("COMP"),
      'PREPAY' => qq!Prepaid card<BR><font color="#ff0000">*</font><INPUT TYPE="text" NAME="PREPAY_payinfo" VALUE="" MAXLENGTH=80>!,
    );

    if ( $cvv_enabled ) {
      foreach my $payby ( grep { exists $payby{$_} } qw(CARD DCRD) ) { #1.4/1.5
        my $cvv_r = $require_cvv ? '<font color="#ff0000">*</font> ' : '';
        $payby{$payby} .= qq!<TR><TD ALIGN="right">${cvv_r}CVV2&nbsp;(<A HREF="javascript:myopen('cvv2.html','cvv2','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=480,height=288')">help</A>)</TD><TD><INPUT TYPE="text" NAME=${payby}_paycvv VALUE="" SIZE=4 MAXLENGTH=4></TD></TR>!;
      }
    }
    if ( $paystate_enabled ) {
      foreach my $payby ( grep { exists $payby{$_} } qw(CHEK DCHK) ) { 
        my ($county_html, $state_html, $country_html) =
          regionselector( {
            prefix           => "${payby}_pay",
            default_state    => $statedefault,
            default_country  => $countrydefault,
            locales          => \@cust_main_county,
          } );
        $payby{$payby} .= "<BR>${r}Bank state $county_html $state_html";
      }
    }

    my( $account, $aba ) = split('@', $payinfo);
    my %paybychecked = (
      'CARD' => qq!$table<TR><TD ALIGN="right"><font color="#ff0000">*</font> Card type</TD><TD>$cardselect</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Card number</TD><TD><INPUT TYPE="text" NAME="CARD_payinfo" VALUE="$payinfo" MAXLENGTH=19></TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Expiration</TD><TD>!. expselect("CARD", $paydate). qq!</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Name on card</TD><TD><INPUT TYPE="text" NAME="CARD_payname" VALUE="$payname"></TD></TR>!,
      'DCRD' => qq!$table<TR><TD ALIGN="right"><font color="#ff0000">*</font> Card type</TD><TD>$cardselect</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Card number</TD><TD><INPUT TYPE="text" NAME="DCRD_payinfo" VALUE="$payinfo" MAXLENGTH=19></TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Expiration</TD><TD>!. expselect("DCRD", $paydate). qq!</TD></TR><TR><TD ALIGN="right"><font color="#ff0000">*</font> Name on card</TD><TD><INPUT TYPE="text" NAME="DCRD_payname" VALUE="$payname"></TD></TR>!,
      'CHEK' => qq!Electronic check<BR>${r}Account number <INPUT TYPE="text" NAME="CHEK_payinfo1" VALUE="$account" MAXLENGTH=10> Type <SELECT NAME="CHEK_paytype">!. join('', map {qq!<OPTION VALUE="$_"!.($paytype eq $_ ? ' SELECTED' : '').">$_</OPTION>"} @paytypes). qq!</SELECT><BR>${r}ABA/Routing code <INPUT TYPE="text" NAME="CHEK_payinfo2" VALUE="$aba" SIZE=10 MAXLENGTH=9><INPUT TYPE="hidden" NAME="CHEK_month" VALUE="12"><INPUT TYPE="hidden" NAME="CHEK_year" VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text" NAME="CHEK_payname" VALUE="$payname">!,
      'DCHK' => qq!Electronic check<BR>${r}Account number <INPUT TYPE="text" NAME="DCHK_payinfo1" VALUE="$account" MAXLENGTH=10> Type <SELECT NAME="DCHK_paytype">!. join('', map {qq!<OPTION VALUE="$_"!.($paytype eq $_ ? ' SELECTED' : '').">$_</OPTION>"} @paytypes). qq!</SELECT><BR>${r}ABA/Routing code <INPUT TYPE="text" NAME="DCHK_payinfo2" VALUE="$aba" SIZE=10 MAXLENGTH=9><INPUT TYPE="hidden" NAME="DCHK_month" VALUE="12"><INPUT TYPE="hidden" NAME="DCHK_year" VALUE="2037"><BR>${r}Bank name <INPUT TYPE="text" NAME="DCHK_payname" VALUE="">!,
      'LECB' => qq!Phone bill billing<BR>${r}Phone number <INPUT TYPE="text" BANE="LECB_payinfo" VALUE="$payinfo" MAXLENGTH=15 SIZE=16><INPUT TYPE="hidden" NAME="LECB_month" VALUE="12"><INPUT TYPE="hidden" NAME="LECB_year" VALUE="2037"><INPUT TYPE="hidden" NAME="LECB_payname" VALUE="">!,
      'BILL' => qq!Billing<BR>P.O. <INPUT TYPE="text" NAME="BILL_payinfo" VALUE="$payinfo"><BR><INPUT TYPE="hidden" NAME="BILL_month" VALUE="12"><INPUT TYPE="hidden" NAME="BILL_year" VALUE="2037">Attention<INPUT TYPE="text" NAME="BILL_payname" VALUE="$payname">!,
      'COMP' => qq!Complimentary<BR><font color="#ff0000">*</font>Approved by<INPUT TYPE="text" NAME="COMP_payinfo" VALUE="$payinfo"><BR><font color="#ff0000">*</font>Exp !. expselect("COMP", $paydate),
      'PREPAY' => qq!Prepaid card<BR><font color="#ff0000">*</font><INPUT TYPE="text" NAME="PREPAY_payinfo" VALUE="$payinfo" MAXLENGTH=80>!,
    );

    if ( $cvv_enabled ) {
      foreach my $payby ( grep { exists $payby{$_} } qw(CARD DCRD) ) { #1.4/1.5
        my $cvv_r = $require_cvv ? '<font color="#ff0000">*</font> ' : '';
        $paybychecked{$payby} .= qq!<TR><TD ALIGN="right">${cvv_r}CVV2&nbsp;(<A HREF="javascript:myopen('cvv2.html','cvv2','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=480,height=288')">help</A>)</TD><TD><INPUT TYPE="text" NAME=${payby}_paycvv VALUE="$paycvv" SIZE=4 MAXLENGTH=4></TD></TR>!;
      }
    }
    if ( $paystate_enabled ) {
      foreach my $payby ( grep { exists $payby{$_} } qw(CHEK DCHK) ) { 
        my ($county_html, $state_html, $country_html) =
          regionselector( {
            prefix           => "${payby}_pay",
            selected_county  => $county,
            selected_state   => $state,
            selected_country => $country,
            default_state    => $statedefault,
            default_country  => $countrydefault,
            locales          => \@cust_main_county,
          } );
        $paybychecked{$payby} .= "<BR>${r}Bank state $county_html $state_html";
      }
    }

  my %payby_index = ( 'CARD'   => qq/Credit Card/,
                      'DCRD'   => qq/Credit Card (no auto-charge)/,
                      'CHEK'   => qq/Check/,
                      'DCHK'   => qq/Check (no auto-charge)/,
                      'LECB'   => qq/Phone Bill Billing/,
                      'BILL'   => qq/Billing/,
                      'COMP'   => qq/Complimentary/,
                      'PREPAY' => qq/Prepaid Card/,
                    );
  

tie my %options, 'Tie::IxHash', ();

foreach my $payby_option ( @payby ) {
  $options{$payby_option} = $payby_index{$payby_option};
}

my $selected_layer = ( grep { $_ eq 'CARD' } @payby ) ? 'CARD' : $payby[0];

HTML::Widgets::SelectLayers->new(
  options => \%options,
  selected_layer => $selected_layer,
  form_name => 'dummy',
  html_between => '</table>',
  form_action => 'dummy.cgi',
  layer_callback => sub { my $layer = shift; return ( shift @hide_payment_fields ? '' : $paybychecked{$layer} ) . '</TABLE>'; },
)->html;


  %>

</TABLE>

<FORM NAME="TaxForm" STYLE="margin:0">

<SCRIPT TYPE="text/javascript">
    function tax_changed(what) {
      var num = document.getElementById(what.id + '_num'); 
      if ( what.checked ) {
        num.disabled = false;
      } else {
        num.disabled = true;
      }
    }
</SCRIPT> 

<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=0 WIDTH="100%">
<%=
  foreach my $exempt_group ( @exempt_groups ) {
    no strict 'refs';
    my $checked = ${"tax_$exempt_group"} ? 'CHECKED' : '';
    my $disabled = $checked ? '' : 'DISABLED';
     
    $OUT .= qq!
      <TR><TD><INPUT TYPE="checkbox" NAME="tax_$exempt_group" ID="tax_$exempt_group" VALUE="Y" $checked onChange="tax_changed(this)"> Tax Exempt ($exempt_group taxes)
          - Exemption number <INPUT TYPE="text" NAME="tax_${exempt_group}_num" ID="tax_${exempt_group}_num" VALUE="${"tax_${exempt_group}_num"}" $disabled></TD>
        </TR>
    !;
  }
%>


</TABLE><font color="#ff0000">*</font> required fields

</FORM>

<FORM name="signup_form" action="<%= $self_url %>" METHOD="POST" onsubmit="return fixup_form();"><BR><FONT SIZE="+1"><B>First package</B></FONT>
<INPUT TYPE="hidden" NAME="promo_code" VALUE="<%= $promo_code %>">
<INPUT TYPE="hidden" NAME="reg_code" VALUE="<%= $reg_code %>">
<DIV STYLE="background: <%= $box_bgcolor %>; width: 100%">
<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=0>
<TR>
  <TD COLSPAN=2><SELECT NAME="pkgpart">

  <%=
    $OUT .= '<OPTION VALUE="">(none)'
      unless scalar(@part_pkg) == 1 or $default_pkgpart;
    foreach my $part_pkg ( @part_pkg ) {
      $OUT .= '<OPTION VALUE="'. $part_pkg->{'pkgpart'}. '"';
      $OUT .= ' SELECTED' if $pkgpart && $part_pkg->{'pkgpart'} == $pkgpart;
      $OUT .= '>'. $part_pkg->{'pkg'};
    }
  %>

  </SELECT></TD>
</TR>
<%=
  if ( $signup_service eq 'svc_phone' ) {

    $OUT .= '<TR><TD ALIGN="right">Phone number</TD><TD>'.
            didselector( 'field'   => 'phonenum',
                         'svcpart' => $default_svcpart,
                       ).
            '</TD></TR>';

    $OUT .= <<ENDOUT;
<TR>
  <TD ALIGN="right">Voicemail PIN</TD>
  <TD><INPUT TYPE="pin" NAME="pin" VALUE="$pin"></TD>
</TR>
ENDOUT

  } else {

    $OUT .= <<ENDOUT;
<TR>
  <TD ALIGN="right">Username</TD>
  <TD><INPUT TYPE="text" NAME="username" VALUE="$username"></TD>
</TR>
ENDOUT

  $OUT .= domainselector( svcpart=>$default_svcpart, domsvc=>$default_domsvc )
    if $default_svcpart;

    $OUT .= <<ENDOUT;
<TR>
  <TD ALIGN="right">Password</TD>
  <TD>
    <INPUT ID="new_password" TYPE="password" NAME="_password" VALUE="$_password">
    <SPAN ID="new_password_result"></SPAN>
    <SCRIPT SRC="send_xmlhttp.js"></SCRIPT>
    <SCRIPT SRC="add_password_validation.js"></SCRIPT>
    <SCRIPT>
    add_password_validation('new_password',true);
    </SCRIPT>
  </TD>
</TR>
<TR>
  <TD ALIGN="right">Re-enter Password</TD>
  <TD><INPUT TYPE="password" NAME="_password2" VALUE="$_password2"></TD>
</TR>
ENDOUT

    if ( $security_phrase ) {
      $OUT .= <<SECPHRASE;
<TR>
  <TD ALIGN="right">Security Phrase</TD>
  <TD><INPUT TYPE="text" NAME="sec_phrase" VALUE="$sec_phrase">
  </TD>
</TR>
SECPHRASE
    } else {
      $OUT .= '<INPUT TYPE="hidden" NAME="sec_phrase" VALUE="">';
    }

    if ( $nomadix ) {

      warn $mac_addr;
      $mac_addr ||= $MA;
      warn $mac_addr;

      $OUT .= <<NOMADIX;
        <INPUT TYPE="hidden" NAME="mac_addr" VALUE="$mac_addr">
NOMADIX

    }

  }

  if ( @svc_acct_pop ) {
    $OUT .= '<TR><TD ALIGN="right">Access number</TD><TD>'.
            popselector( 'popnum'        => $popnum,
                         'pops'          => \@svc_acct_pop,
                         'init_popstate' => $init_popstate,
                         'popac'         => $popac,
                         'acstate'       => $acstate,
                       ).
            '</TD></TR>';
  } else {
    $OUT .= popselector(popnum=>$popnum, pops=>\@svc_acct_pop);
  }

%>

</TABLE>
</DIV>

<%= 
if ( @optional_packages ) { 
  my @html;
  foreach my $ii ( 0 .. $#optional_packages) {
  my $friendly_index = $ii + 1; 
  if ($optional_packages[$ii]) {
    push @html, qq|<BR>Optional Package #$friendly_index <br />|,'<table bgcolor="#c0c0c0"><tr><td>';

    push @html, qq|<select name="optional_package${ii}">|;
    push @html, qq|<option value="none"></option>|;
    push @html, map { qq|<option value="$_->{pkgpart}">$_->{pkg}</option>| } @{$optional_packages[$ii]};
    push @html, q|</select>|;
    
    push @html, '</td></tr></table>';
    }
    $OUT = join("\n", @html);
  }  
} else {
$OUT = ''
}
%>
<%=
  if ( $terms_of_service =~ /\S/ ) {
    my $title = 'Terms of Service'; #config?
    my $onclick = qq[overlib( terms_content, CAPTION, "$title", STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK, CLOSETEXT, "Close" );];
    # Container for $terms_of_service to avoid nasty escaping.
    $OUT .= qq[
<BR>
<DIV id="div_terms" style="display:none">$terms_of_service</DIV>
<SCRIPT type="text/javascript">
function agree_to_terms (val) {
  document.getElementById("signup").disabled = !val;
}
function show_terms () {
  overlib( document.getElementById('div_terms').innerHTML,
    CAPTION, '$title', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE,
    CLOSECLICK, CLOSETEXT, 'Close' );
}
</SCRIPT>
<INPUT TYPE="checkbox" onchange="agree_to_terms(this.checked)">&nbsp;
I agree to the <a href="javascript:void(0);" onclick="show_terms();">Terms of Service</a>.
];
  }
%>
<BR><INPUT TYPE="submit" ID="signup" NAME="signup" VALUE="Signup">
<script language="javascript">
<%= length($terms_of_service) ? 'agree_to_terms(false)' : '' %>

function fixup_form() {

    // copy payment method data up to OneTrueForm
    
    var payment_method_elements = new Array( 'payinfo', 'payinfo1', 'payinfo2', 'payname', 'paycvv' , 'paystate', 'paytype', 'month', 'year', 'type' );

    var payment_method_form_name = document.OneTrueForm.select.options[document.OneTrueForm.select.selectedIndex].value;
    document.OneTrueForm.elements['payby'].value = payment_method_form_name;
    var payment_method_form = document.forms[payment_method_form_name];

    for ( ii = 0 ; ii < payment_method_elements.length ; ii++ ) {
        var true_element_name = payment_method_form_name + '_' + payment_method_elements[ii];
        copyelement ( payment_method_form.elements[true_element_name],
                      document.OneTrueForm.elements[true_element_name] );
    }


    // copy tax exempt data up to OneTrueForm

    var tax_elements = new Array(
      <%= join(', ', map "'tax_$_', 'tax_${_}_num'", @exempt_groups ) %>
    );

    for ( ii = 0 ; ii < tax_elements.length ; ii++ ) {
        copyelement ( document.TaxForm.elements[tax_elements[ii]],
                      document.OneTrueForm.elements[tax_elements[ii]] );
    }


    // Copy signup details to OneTrueForm
    
    var signup_elements = new Array (
      'promo_code', 'reg_code', 'pkgpart',
      'username', '_password', '_password2', 'sec_phrase', 'popnum', 'domsvc',
      'mac_addr',
      'countrycode', 'phonenum', 'sip_password', 'pin'
    );

    for ( ii = 0 ; ii < signup_elements.length ; ii ++ ) {
        copyelement ( document.signup_form.elements[signup_elements[ii]],
                      document.OneTrueForm.elements[signup_elements[ii]]);
    }

    document.OneTrueForm.submit();
    return false;
}

function copyelement(from, to) {
    
    if ( from == undefined ) {
        to.value = '';
    } else { 
        if ( from.type == 'select-one' ) {
            to.value = from.options[from.selectedIndex].value;
        } else if ( from.type == 'checkbox' ) {
            if ( from.checked ) {
                to.value = from.value;
            } else {
                to.value = '';
            }
        } else {
            if ( from.value == undefined ) {
                to.value = '';
            } else {
                to.value = from.value;
            }
        }
        //alert(from.name + " (" + from.type + "): " + to.name + " => " + to.value);
    }
}

</script>
</FORM>
<%= $OUT .= $body_footer %>
</BODY>
</HTML>