<%init> my $curuser = $FS::CurrentUser::CurrentUser; $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum"; my $svcnum = $1; my $svc_acct = FS::svc_acct->by_key($svcnum) or die "svc_acct $svcnum not found"; my $part_svc = $svc_acct->part_svc; die "access denied" unless ( $curuser->access_right('Provision customer service') or ( $curuser->access_right('Edit password') and ! $part_svc->restrict_edit_password ) ); my $newpass = $cgi->param('password'); my $error = $svc_acct->is_password_allowed($newpass) || $svc_acct->set_password($newpass) || $svc_acct->replace; # annoyingly specific to view/svc_acct.cgi, for now... $cgi->delete('password'); % if ( $error ) { % $cgi->param('svcnum', $svcnum); % $cgi->param("changepw${svcnum}_error", $error); % } else { % $cgi->query_string($svcnum); % } <% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>