projects / freeside.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
prevent stuff passed from template/user from being used in searches by signup server
[freeside.git] / fs_signup / fs_signup_server
diff --git a/fs_signup/fs_signup_server b/fs_signup/fs_signup_server
index e7b372a..70045e6 100755 (executable)
--- a/fs_signup/fs_signup_server
+++ b/fs_signup/fs_signup_server
@@ -142,9 +142,12 @@ while (1) {
 
     my @invoicing_list = split( /\s*\,\s*/, $signup_data->{'invoicing_list'} );
 
+    $signup_data->{'pkgpart'} =~ /^(\d+)$/ or '' =~ /^()$/;
+    my $pkgpart = $1;
+
     my $part_pkg =
-      qsearchs( 'part_pkg', { 'pkgpart' => $signup_data->{'pkgpart'} } )
-        or $error ||= "WARNING: unknown pkgpart ". $signup_data->{pkgpart};
+      qsearchs( 'part_pkg', { 'pkgpart' => $pkgpart } )
+        or $error ||= "WARNING: unknown pkgpart: $pkgpart";
     my $svcpart = $part_pkg->svcpart unless $error;
 
     my $cust_pkg = new FS::cust_pkg ( {
@@ -188,11 +191,10 @@ while (1) {
         #should check list for errors...
         #$cust_main->suspend;
         $cust_main->cancel;
+        $error = '_decline';
       }
     }
 
-    $error ||= '_decline';
-
     warn "[fs_signup_server] Sending results...\n" if $Debug;
     print $writer $error, "\n";
 
Freeside billing, trouble ticketing, network monitoring and provisioning