contacts can be shared among customers / "duplicate contact emails", RT#27943

[freeside.git] / fs_selfservice / FS-SelfService / cgi / selfservice.cgi
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi

index 2b4bb43..2337fb5 100755 (executable)
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -1,7 +1,7 @@
  #!/usr/bin/perl -w
  
  use strict;
-use vars qw($DEBUG $cgi $session_id $form_max $template_dir);
+use vars qw($DEBUG $cgi $session_id $pw_session_id $form_max $template_dir);
  use subs qw(do_template);
  use CGI;
  use CGI::Carp qw(fatalsToBrowser);
@@ -81,6 +81,7 @@ my @actions = ( qw(
    process_change_password
    customer_suspend_pkg
    process_suspend_pkg
+  switch_cust
  ));
  
  my @nologin_actions = (qw(
@@ -88,12 +89,17 @@ my @nologin_actions = (qw(
    do_forgot_password
    process_forgot_password
    do_process_forgot_password
+  process_forgot_password_session
  ));
  push @actions, @nologin_actions;
  my %nologin_actions = map { $_=>1 } @nologin_actions;
  
  my $action = 'myaccount'; # sensible default
-if ( $cgi->param('action') =~ /^(\w+)$/ ) {
+
+if ( $cgi->param('action') =~ /^process_forgot_password_session_(\w+)$/ ) {
+  $action = 'process_forgot_password_session';
+  $pw_session_id = $1;
+} elsif ( $cgi->param('action') =~ /^(\w+)$/ ) {
    if (grep {$_ eq $1} @actions) {
      $action = $1;
    } else {
@@ -124,7 +130,15 @@ unless ( $nologin_actions{$action} ) {
            'email'    => $email,
            'password' => $password
          );
-        $session_id = $login_rv->{'session_id'};
+
+       if ( $login_rv->{'error'} ) {
+         my $ip = $cgi->remote_addr();
+         warn("login failure [email $email] [ip $ip] [error $login_rv->{error}]");
+       } else {
+         #successful login
+       }
+
+       $session_id = $login_rv->{'session_id'};
  
        } else {
  
@@ -191,6 +205,12 @@ unless ( $nologin_actions{$action} ) {
  
    # at this point $session_id is a real session
  
+  if ( ! $login_rv->{'custnum'} && ! $login_rv->{'svcnum'} && $login_rv->{'customers'} ) {
+    #select a customer if we're a multi-contact customer
+    do_template('select_cust', { %$login_rv } );
+    exit;
+  }
+
  }
  
  warn "calling $action sub\n"
@@ -199,6 +219,7 @@ $FS::SelfService::DEBUG = $DEBUG;
  my $result = eval "&$action();";
  die $@ if $@;
  
+use Data::Dumper;
  warn Dumper($result) if $DEBUG;
  
  if ( $result->{error} && ( $result->{error} eq "Can't resume session"
@@ -224,7 +245,13 @@ do_template($action, {
  
  #--
  
-use Data::Dumper;
+sub switch_cust {
+  $action = 'myaccount';
+  FS::SelfService::switch_cust( 'session_id' => $session_id,
+                                'custnum'    => scalar($cgi->param('custnum')),
+                              );
+}
+
  sub myaccount { 
    customer_info( 'session_id' => $session_id ); 
  }
@@ -306,6 +333,7 @@ sub process_change_pay {
              'error' => '<FONT COLOR="#FF0000">Postal or email required.</FONT>',
            };
          }
+
          _process_change_info( 'change_pay', @list );
  }
  
@@ -927,11 +955,17 @@ sub delete_svc {
  }
  
  sub view_usage {
-  list_svcs(
+  my $res = list_svcs(
      'session_id'  => $session_id,
      'svcdb'       => [ 'svc_acct', 'svc_phone', 'svc_port', ],
      'ncancelled'  => 1,
    );
+  if ($res->{hide_usage}) {
+    $action = 'myaccount';
+    return myaccount();
+  } else {
+    return $res;
+  }
  }
  
  sub real_port_graph {
@@ -1036,6 +1070,13 @@ sub process_forgot_password {
    );
  }
  
+sub process_forgot_password_session {
+  $action = 'process_forgot_password';
+  check_reset_passwd(
+    'session_id' => $pw_session_id,
+  );
+}
+
  sub do_process_forgot_password {
    process_reset_passwd(
      map { $_ => scalar($cgi->param($_)) }