X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FClientAPI%2FMyAccount.pm;h=d2b6e045088e5a7496b36b0309be6fd77a420995;hp=c9a74942493782d49d2378b5fae850fe943df173;hb=b563ce9b834e4b8c3b2f0508f6c528d8b881e08d;hpb=7d64a6acdc011b65b495e9ee4288c86be28d6897

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index c9a749424..d2b6e0450 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -9,6 +9,7 @@ use Cache::SharedMemoryCache; #store in db?
 use FS::CGI qw(small_custview); #doh
 use FS::Conf;
 use FS::Record qw(qsearch qsearchs);
+use FS::Msgcat qw(gettext);
 use FS::svc_acct;
 use FS::svc_domain;
 use FS::cust_main;
@@ -20,6 +21,7 @@ use FS::ClientAPI; #hmm
 FS::ClientAPI->register_handlers(
   'MyAccount/login'            => \&login,
   'MyAccount/customer_info'    => \&customer_info,
+  'MyAccount/edit_info'        => \&edit_info,
   'MyAccount/invoice'          => \&invoice,
   'MyAccount/cancel'           => \&cancel,
   'MyAccount/payment_info'     => \&payment_info,
@@ -27,29 +29,36 @@ FS::ClientAPI->register_handlers(
   'MyAccount/list_pkgs'        => \&list_pkgs,
   'MyAccount/order_pkg'        => \&order_pkg,
   'MyAccount/cancel_pkg'       => \&cancel_pkg,
+  'MyAccount/charge'           => \&charge,
+);
+
+use vars qw( @cust_main_editable_fields );
+@cust_main_editable_fields = qw(
+  first last company address1 address2 city
+    county state zip country daytime night fax
+  ship_first ship_last ship_company ship_address1 ship_address2 ship_city
+    ship_state ship_zip ship_country ship_daytime ship_night ship_fax
+  payby payinfo payname
 );
 
 #store in db?
-my $cache = new Cache::SharedMemoryCache();
+my $cache = new Cache::SharedMemoryCache( {
+   'namespace' => 'FS::ClientAPI::MyAccount',
+} );
 
-#false laziness w/FS::ClientAPI::passwd::passwd (needs to handle encrypted pw)
+#false laziness w/FS::ClientAPI::passwd::passwd
 sub login {
   my $p = shift;
 
   my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } )
-    or return { error => "Domain not found" };
-
-  my $svc_acct =
-    ( length($p->{'password'}) < 13
-      && qsearchs( 'svc_acct', { 'username'  => $p->{'username'},
-                                 'domsvc'    => $svc_domain->svcnum,
-                                 '_password' => $p->{'password'}     } )
-    )
-    || qsearchs( 'svc_acct', { 'username'  => $p->{'username'},
-                               'domsvc'    => $svc_domain->svcnum,
-                               '_password' => $p->{'password'}     } );
+    or return { error => 'Domain '. $p->{'domain'}. ' not found' };
 
-  unless ( $svc_acct ) { return { error => 'Incorrect password.' } }
+  my $svc_acct = qsearchs( 'svc_acct', { 'username'  => $p->{'username'},
+                                         'domsvc'    => $svc_domain->svcnum, }
+                         );
+  return { error => 'User not found.' } unless $svc_acct;
+  return { error => 'Incorrect password.' }
+    unless $svc_acct->check_password($p->{'password'});
 
   my $session = {
     'svcnum' => $svc_acct->svcnum,
@@ -104,6 +113,20 @@ sub customer_info {
 
     $return{name} = $cust_main->first. ' '. $cust_main->get('last');
 
+    for (@cust_main_editable_fields) {
+      $return{$_} = $cust_main->get($_);
+    }
+
+    if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) {
+      $return{payinfo} = $cust_main->payinfo_masked;
+      @return{'month', 'year'} = $cust_main->paydate_monthyear;
+    }
+
+    $return{'invoicing_list'} =
+      join(', ', grep { $_ ne 'POST' } $cust_main->invoicing_list );
+    $return{'postal_invoicing'} =
+      0 < ( grep { $_ eq 'POST' } $cust_main->invoicing_list );
+
   } else { #no customer record
 
     my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $session->{'svcnum'} } )
@@ -119,6 +142,46 @@ sub customer_info {
 
 }
 
+sub edit_info {
+  my $p = shift;
+  my $session = $cache->get($p->{'session_id'})
+    or return { 'error' => "Can't resume session" }; #better error message
+
+  my $custnum = $session->{'custnum'}
+    or return { 'error' => "no customer record" };
+
+  my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
+    or return { 'error' => "unknown custnum $custnum" };
+
+  my $new = new FS::cust_main { $cust_main->hash };
+  $new->set( $_ => $p->{$_} )
+    foreach grep { exists $p->{$_} } @cust_main_editable_fields;
+
+  if ( $p->{'payby'} =~ /^(CARD|DCRD)$/ ) {
+    $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01');
+    if ( $new->payinfo eq $cust_main->payinfo_masked ) {
+      $new->payinfo($cust_main->payinfo);
+    } else {
+      $new->paycvv($p->{'paycvv'});
+    }
+  }
+
+  my @invoicing_list;
+  if ( exists $p->{'invoicing_list'} || exists $p->{'postal_invoicing'} ) {
+    #false laziness with httemplate/edit/process/cust_main.cgi
+    @invoicing_list = split( /\s*\,\s*/, $p->{'invoicing_list'} );
+    push @invoicing_list, 'POST' if $p->{'postal_invoicing'};
+  } else {
+    @invoicing_list = $cust_main->invoicing_list;
+  }
+
+  my $error = $new->replace($cust_main, \@invoicing_list);
+  return { 'error' => $error } if $error;
+  #$cust_main = $new;
+  
+  return { 'error' => '' };
+}
+
 sub payment_info {
   my $p = shift;
   my $session = $cache->get($p->{'session_id'})
@@ -141,14 +204,10 @@ sub payment_info {
   $return{payby} = $cust_main->payby;
 
   if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) {
-    warn $return{card_type} = cardtype($cust_main->payinfo);
+    #warn $return{card_type} = cardtype($cust_main->payinfo);
     $return{payinfo} = $cust_main->payinfo;
 
-    if ( $cust_main->paydate  =~ /^(\d{4})-(\d{2})-\d{2}$/ ) { #Pg date format
-      @return{'month', 'year'} = ( $2, $1 );
-    } elsif ( $cust_main->paydate =~ /^(\d{1,2})-(\d{1,2}-)?(\d{4}$)/ ) {
-      @return{'month', 'year'} = ( $1, $3 );
-    }
+    @return{'month', 'year'} = $cust_main->paydate_monthyear;
 
   }
 
@@ -180,7 +239,10 @@ sub payment_info {
 
 };
 
+#some false laziness with httemplate/process/payment.cgi - look there for
+#ACH and CVV support stuff
 sub process_payment {
+
   my $p = shift;
 
   my $session = $cache->get($p->{'session_id'})
@@ -193,6 +255,69 @@ sub process_payment {
   my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
     or return { 'error' => "unknown custnum $custnum" };
 
+  $p->{'payname'} =~ /^([\w \,\.\-\']+)$/
+    or return { 'error' => gettext('illegal_name'). " payname: ". $p->{'payname'} };
+  my $payname = $1;
+
+  $p->{'paybatch'} =~ /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=]*)$/
+    or return { 'error' => gettext('illegal_text'). " paybatch: ". $p->{'paybatch'} };
+  my $paybatch = $1;
+
+  my $payinfo;
+  my $paycvv = '';
+  #if ( $payby eq 'CHEK' ) {
+  #
+  #  $p->{'payinfo1'} =~ /^(\d+)$/
+  #    or return { 'error' => "illegal account number ". $p->{'payinfo1'} };
+  #  my $payinfo1 = $1;
+  #   $p->{'payinfo2'} =~ /^(\d+)$/
+  #    or return { 'error' => "illegal ABA/routing number ". $p->{'payinfo2'} };
+  #  my $payinfo2 = $1;
+  #  $payinfo = $payinfo1. '@'. $payinfo2;
+  # 
+  #} elsif ( $payby eq 'CARD' ) {
+   
+    $payinfo = $p->{'payinfo'};
+    $payinfo =~ s/\D//g;
+    $payinfo =~ /^(\d{13,16})$/
+      or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo
+    $payinfo = $1;
+    validate($payinfo)
+      or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo
+    return { 'error' => gettext('unknown_card_type') }
+      if cardtype($payinfo) eq "Unknown";
+
+    if ( defined $cust_main->dbdef_table->column('paycvv') ) {
+      if ( length($p->{'paycvv'} ) ) {
+        if ( cardtype($payinfo) eq 'American Express card' ) {
+          $p->{'paycvv'} =~ /^(\d{4})$/
+            or return { 'error' => "CVV2 (CID) for American Express cards is four digits." };
+          $paycvv = $1;
+        } else {
+          $p->{'paycvv'} =~ /^(\d{3})$/
+            or return { 'error' => "CVV2 (CVC2/CID) is three digits." };
+          $paycvv = $1;
+        }
+      }
+    }
+  
+  #} else {
+  #  die "unknown payby $payby";
+  #}
+
+  my $error = $cust_main->realtime_bop( 'CC', $p->{'amount'},
+    'quiet'    => 1,
+    'payinfo'  => $payinfo,
+    'paydate'  => $p->{'year'}. '-'. $p->{'month'}. '-01',
+    'payname'  => $payname,
+    'paybatch' => $paybatch,
+    'paycvv'   => $paycvv,
+    map { $_ => $p->{$_} } qw( address1 address2 city state zip )
+  );
+  return { 'error' => $error } if $error;
+
+  $cust_main->apply_payments;
+
   if ( $p->{'save'} ) {
     my $new = new FS::cust_main { $cust_main->hash };
     $new->set( $_ => $p->{$_} )
@@ -204,15 +329,6 @@ sub process_payment {
     $cust_main = $new;
   }
 
-  my $error = $cust_main->realtime_bop( 'CC', $p->{'amount'}, quiet=>1,
-    'paydate' => $p->{'year'}. '-'. $p->{'month'}. '-01',
-    map { $_ => $p->{$_} }
-      qw( payname address1 address2 city state zip payinfo paybatch )
-  );
-  return { 'error' => $error } if $error;
-
-  $cust_main->apply_payments;
-
   return { 'error' => '' };
 
 }