protect set_usage and reset_usage here, too

[freeside.git] / httemplate / misc / process / recharge_svc.html

diff --git a/httemplate/misc/process/recharge_svc.html b/httemplate/misc/process/recharge_svc.html
index d9fa207..b56f8a2 100755 (executable)
--- a/httemplate/misc/process/recharge_svc.html
+++ b/httemplate/misc/process/recharge_svc.html
@@ -1,46 +1,92 @@
-%
-%
-%#untaint svcnum
-%my $svcnum = $cgi->param('svcnum');
-%$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
-%$svcnum = $1;
-%
-%#untaint prepaid
-%my $prepaid = $cgi->param('prepaid');
-%$prepaid =~ /^(\w*)$/;
-%$prepaid = $1;
-%
-%my $error = '';
-%my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
-%$error = "Can't recharge service $svcnum. " unless $svc_acct;
-%
-%my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
-%
-%my $oldAutoCommit = $FS::UID::AutoCommit;
-%local $FS::UID::AutoCommit = 0;
-%my $dbh = dbh;
-%
-%
-%unless ($error) {
-%
-%my ($amount, $seconds, $up, $down, $total) = (0, 0, 0, 0, 0);
-%$error = $cust_main->get_prepay($prepaid, \$amount, \$seconds, \$up, \$down, \$total)
-%      || $svc_acct->increment_seconds($seconds)
-%      || $svc_acct->increment_upbytes($up)
-%      || $svc_acct->increment_downbytes($down)
-%      || $svc_acct->increment_totalbytes($total)
-%      || $cust_main->insert_cust_pay_prepay( $amount, $prepaid );
-%}
-%
 %if ($error) {
 %  $cgi->param('error', $error);
-%  $dbh->rollback if $oldAutoCommit;
-%  print $cgi->redirect(popurl(2). "recharge_svc.html?". $cgi->query_string );
-%}
-%
+<% $cgi->redirect(popurl(2). "recharge_svc.html?". $cgi->query_string ) %>
+%} else {
 <% header("Package recharged") %>
   <SCRIPT TYPE="text/javascript">
     window.top.location.reload();
   </SCRIPT>
   </BODY></HTML>
+%}
+<%init>
+
+my $conf = new FS::Conf;
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Recharge customer service');
+
+#untaint svcnum
+my $svcnum = $cgi->param('svcnum');
+$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
+$svcnum = $1;
+
+#untaint prepaid
+my $prepaid = $cgi->param('prepaid');
+$prepaid =~ /^(\w*)$/;
+$prepaid = $1;
+
+#untaint payby
+my $payby = $cgi->param('payby');
+$payby =~ /^([A-Z]*)$/;
+$payby = $1;
+
+my $error = '';
+my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
+$error = "Can't recharge service $svcnum. " unless $svc_acct;
+
+my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
+
+my $oldAutoCommit = $FS::UID::AutoCommit;
+local $FS::UID::AutoCommit = 0;
+my $dbh = dbh;
+
+unless ($error) {
+
+  #should probably use payby.pm but whatever
+  if ($payby eq 'PREP') {
+    $error = $cust_main->recharge_prepay( $prepaid );
+  } elsif ( $payby =~ /^(CARD|DCRD|CHEK|DCHK|LECB|BILL|COMP)$/ ) {
+    my $part_pkg = $svc_acct->cust_svc->cust_pkg->part_pkg;
+    my $amount = $part_pkg->option('recharge_amount', 1);
+    my %rhash = map { $_ =~ /^recharge_(.*)$/; $1, $part_pkg->option($_) }
+      grep { $part_pkg->option($_, 1) }
+      qw ( recharge_seconds recharge_upbytes recharge_downbytes
+           recharge_totalbytes );
+
+    my $description = "Recharge";
+    $description .= " $rhash{seconds}s" if $rhash{seconds};
+    $description .= " $rhash{upbytes} up" if $rhash{upbytes};
+    $description .= " $rhash{downbytes} down" if $rhash{downbytes};
+    $description .= " $rhash{totalbytes} total" if $rhash{totalbytes};
+
+    $error = $cust_main->charge($amount, "Recharge " . $svc_acct->label,
+                                $description, $part_pkg->taxclass);
+
+    $error ||= "invalid $_" foreach grep { $rhash{$_} !~ /^\d*$/ } keys %rhash;
+    if ($part_pkg->option('recharge_reset', 1)) {
+      $error ||= $svc_acct->set_usage(\%rhash, 'null' => 1);
+    }else{
+      $error ||= $svc_acct->recharge(\%rhash);
+    }
+
+    my $old_balance = $cust_main->balance;
+    $error ||= $cust_main->bill;
+    $error ||= $cust_main->apply_payments_and_credits;
+    my $bill_error = $cust_main->collect('realtime' => 1) unless $error;
+    $error ||= "Failed to collect - $bill_error"
+      if $cust_main->balance > $old_balance && $cust_main->balance > 0
+          && $payby ne 'BILL';
+
+  } else {
+    $error = "fatal error - unknown payby: $payby";
+  }
+
+}
+
+if ($error) {
+  $dbh->rollback if $oldAutoCommit;
+} else {
+  $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+}
 
+</%init>