%
%
%#untaint method
%my $method = $cgi->param('method');
%$method =~ /^(cancel|expire|suspend)$/ || die "Illegal method";
%$method = $1;

%#untaint pkgnum
%my $pkgnum = $cgi->param('pkgnum');
%$pkgnum =~ /^(\d+)$/ || die "Illegal pkgnum";
%$pkgnum = $1;
%
%#untaint reasonnum
%my $reasonnum = $cgi->param('reasonnum');
%$reasonnum =~ /^(-?\d+)$/ || die "Illegal reasonnum";
%$reasonnum = $1;
%
%my $date = time;
%if ($method eq 'expire'){
%  #untaint date
%  $date = $cgi->param('date');
%  str2time($cgi->param('date')) =~ /^(\d+)$/ || die "Illegal date";
%  $date = $1;
%}
%
%my $cust_pkg = qsearchs( 'cust_pkg', {'pkgnum'=>$pkgnum} );
%
%
%my $oldAutoCommit = $FS::UID::AutoCommit;
%local $FS::UID::AutoCommit = 0;
%my $dbh = dbh;
%
%my $otaker = $FS::CurrentUser::CurrentUser->name;
%$otaker = $FS::CurrentUser::CurrentUser->username
%  if ($otaker eq "User, Legacy");
%
%my $error;
%if ($reasonnum == -1) {
%  #untaint new reason
%  my $nr = $cgi->param('newreasonnum');
%  $nr =~ /^([\w\s]+)$/ || die "Illegal new reason";
%  $nr = $1;
%
%  #untaint new reason type
%  my $nrtype = $cgi->param('newreasonnumT');
%  $nrtype =~ /^(\d+)$/ || die "Illegal new reason type";
%  $nrtype = $1;
%
%  my $reason = new FS::reason({ 'reason_type' => $nrtype,
%                                'reason'      => $nr,
%                              });
%  $error = $reason->insert;
%  $reasonnum = $reason->reasonnum
%    unless $error;
%}
%
%unless ($error) {
%  if ($method eq 'expire'){
%    my %hash = $cust_pkg->hash;
%    $hash{'expire'}=$date;
%    my $new = new FS::cust_pkg (\%hash);
%    $error = $new->replace($cust_pkg, 'reason' => $reasonnum);
%  }else{
%    $error = $cust_pkg->$method( 'reason' => $reasonnum );
%  }
%}
%
%if ($error) {
%  $cgi->param('error', $error);
%  $dbh->rollback if $oldAutoCommit;
%  print $cgi->redirect(popurl(2). "cancel_pkg.html?". $cgi->query_string );
%}
%
%$dbh->commit or die $dbh->errstr if $oldAutoCommit;
%
% my %past = ( 'cancel'  => 'cancelled',
%              'expire'  => 'expired',
%              'suspend' => 'suspended',
%            );
<% header("Package $past{$method}") %>
  <SCRIPT TYPE="text/javascript">
    window.top.location.reload();
  </SCRIPT>
  </BODY></HTML>