X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=3915dca28d93d5b274eef88033185fc68a46ee6d;hp=0e60791ba60088556ef65015f3b1e04b8b408248;hb=d61cf1825f89216eebc83da5510c34b330b55abb;hpb=3846acae1c2a7ecb275e400cf3802ada6bc89ed2

diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index 0e60791ba..3915dca28 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -23,6 +23,8 @@ use FS::SelfService qw(
   mason_comp port_graph
   start_thirdparty finish_thirdparty
   reset_passwd check_reset_passwd process_reset_passwd
+  validate_passwd
+  billing_history
 );
 
 $template_dir = '.';
@@ -83,6 +85,8 @@ my @actions = ( qw(
   customer_suspend_pkg
   process_suspend_pkg
   switch_cust
+  history
+  validate_password
 ));
 
 my @nologin_actions = (qw(
@@ -91,6 +95,7 @@ my @nologin_actions = (qw(
   process_forgot_password
   do_process_forgot_password
   process_forgot_password_session
+  validate_password_nologin
 ));
 push @actions, @nologin_actions;
 my %nologin_actions = map { $_=>1 } @nologin_actions;
@@ -107,7 +112,6 @@ if ( $cgi->param('action') =~ /^process_forgot_password_session_(\w+)$/ ) {
     warn "WARNING: unrecognized action '$1'\n";
   }
 }
-
 unless ( $nologin_actions{$action} ) {
 
   my %cookies = CGI::Cookie->fetch;
@@ -353,6 +357,10 @@ sub invoices {
   list_invoices( 'session_id' => $session_id, );
 }
 
+sub history {
+  billing_history( 'session_id' => $session_id, );
+}
+
 sub tktcreate {
   my $customer_info = customer_info( 'session_id' => $session_id );
   return $customer_info if ( $customer_info->{'error'} );
@@ -575,12 +583,17 @@ sub process_order_recharge {
 
 sub make_payment {
 
-  my $payment_info = payment_info( 'session_id' => $session_id );
+  my $payment_info = payment_info( 'session_id' => $session_id, 'payment_payby' => 'CARD' );
+
+  my $amount = 
+    ($payment_info->{'balance'} && ($payment_info->{'balance'} > 0))
+    ? $payment_info->{'balance'}
+    : '';
 
   my $tr_amount_fee = mason_comp(
     'session_id' => $session_id,
     'comp'       => '/elements/tr-amount_fee.html',
-    'args'       => [ 'amount' => $payment_info->{'balance'},
+    'args'       => [ 'amount' => $amount,
                     ],
   );
 
@@ -593,32 +606,32 @@ sub make_payment {
 
 sub payment_results {
 
-  use Business::CreditCard 0.30;
+  use Business::CreditCard 0.35;
 
   #we should only do basic checking here for DoS attacks and things
   #that couldn't be constructed by the web form...  let process_payment() do
   #the rest, it gives better error messages
 
   $cgi->param('amount') =~ /^\s*(\d+(\.\d{2})?)\s*$/
-    or die "Illegal amount: ". $cgi->param('amount'); #!!!
+    or return { 'error' => "Illegal amount: ". $cgi->param('amount') }; #!!!
   my $amount = $1;
 
   my $payinfo = $cgi->param('payinfo');
   $payinfo =~ s/[^\dx]//g;
-  $payinfo =~ /^([\dx]{13,16}|[\dx]{8,9})$/
+  $payinfo =~ /^([\dx]{13,19}|[\dx]{8,9})$/
     #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
-    or die "illegal card"; #!!!
+    or return { 'error' => "illegal card" }; #!!!
   $payinfo = $1;
   unless ( $payinfo =~ /x/ ) {
     validate($payinfo)
       #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
-      or die "invalid card"; #!!!
+      or return { 'error' => "invalid card" }; #!!!
   }
 
   if ( $cgi->param('card_type') ) {
     cardtype($payinfo) eq $cgi->param('card_type')
       #or $error ||= $init_data->{msgcat}{not_a}. $cgi->param('CARD_type');
-      or die "not a ". $cgi->param('card_type');
+      or return { 'error' => "not a ". $cgi->param('card_type') };
   }
 
   $cgi->param('paycvv') =~ /^\s*(.{0,4})\s*$/ or die "illegal CVV2";
@@ -691,7 +704,7 @@ sub payment_results {
 }
 
 sub make_ach_payment {
-  payment_info( 'session_id' => $session_id );
+  payment_info( 'session_id' => $session_id, 'payment_payby' => 'CHEK' );
 }
 
 sub ach_payment_results {
@@ -985,7 +998,7 @@ sub delete_svc {
 sub view_usage {
   my $res = list_svcs(
     'session_id'  => $session_id,
-    'svcdb'       => [ 'svc_acct', 'svc_phone', 'svc_port', 'svc_pbx' ],
+    'svcdb'       => [ 'svc_acct', 'svc_broadband', 'svc_phone', 'svc_port', 'svc_pbx' ],
     'ncancelled'  => 1,
   );
   if ($res->{hide_usage}) {
@@ -1112,6 +1125,22 @@ sub do_process_forgot_password {
   );
 }
 
+sub validate_password {
+  validate_passwd(
+    'session_id' => $session_id,
+    map { $_ => scalar($cgi->param($_)) }
+      qw( fieldid svcnum check_password )
+  )
+}
+
+sub validate_password_nologin {
+  $action = 'validate_password'; #use same landing page
+  validate_passwd(
+    map { $_ => scalar($cgi->param($_)) }
+      qw( fieldid check_password )
+  )
+}
+
 #--
 
 sub do_template {