X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=3dc69e14231856f2c9bf28c462549ade054b651d;hp=5845122ef5b5fbbcfa438a8f634a8c90c9c36b12;hb=0d4a18f844844d3020f7dc3052baafed44cda564;hpb=ecf67652f26a147ef405659c98832535155325ba
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index 5845122ef..3dc69e142 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -12,8 +12,8 @@ use Date::Format;
use Date::Parse 'str2time';
use Number::Format 1.50;
use FS::SelfService qw(
- access_info login_info login customer_info edit_info invoice
- payment_info process_payment realtime_collect process_prepay
+ access_info login_info login customer_info edit_info insert_payby update_payby
+ invoice payment_info process_payment realtime_collect process_prepay
list_pkgs order_pkg signup_info order_recharge
part_svc_info provision_acct provision_external provision_phone provision_forward
unprovision_svc change_pkg suspend_pkg domainselector
@@ -59,6 +59,10 @@ my @actions = ( qw(
change_bill
change_ship
change_pay
+ change_creditcard_pay
+ change_check_pay
+ process_change_creditcard_pay
+ process_change_check_pay
process_change_bill
process_change_ship
process_change_pay
@@ -95,6 +99,7 @@ my @nologin_actions = (qw(
process_forgot_password
do_process_forgot_password
process_forgot_password_session
+ validate_password_nologin
));
push @actions, @nologin_actions;
my %nologin_actions = map { $_=>1 } @nologin_actions;
@@ -127,7 +132,7 @@ unless ( $nologin_actions{$action} ) {
$cgi->param('password') =~ /^(.{0,$form_max})$/;
my $password = $1;
- if ( $cgi->param('email') =~ /^\s*([a-z0-9_\-\.\@]{1,$form_max})\s*$/i ) {
+ if ( $cgi->param('email') =~ /^\s*([a-z0-9_\-\.\+\@]{1,$form_max})\s*$/i ) {
my $email = $1;
$login_rv = login(
@@ -260,19 +265,30 @@ sub myaccount {
customer_info( 'session_id' => $session_id );
}
-sub change_bill { my $payment_info =
- payment_info( 'session_id' => $session_id );
- return $payment_info if ( $payment_info->{'error'} );
- my $customer_info =
- customer_info( 'session_id' => $session_id );
- return {
- %$payment_info,
- %$customer_info,
- };
- }
+sub change_bill {
+ my $payby = shift;
+ my $payment_info;
+ if ($payby) {
+ $payment_info = payment_info( 'session_id' => $session_id, 'payment_payby' => $payby, );
+ }
+ else {
+ $payment_info = payment_info( 'session_id' => $session_id, );
+ }
+
+ return $payment_info if ( $payment_info->{'error'} );
+ my $customer_info =
+ customer_info( 'session_id' => $session_id );
+ return {
+ %$payment_info,
+ %$customer_info,
+ };
+}
sub change_ship { change_bill(@_); }
sub change_pay { change_bill(@_); }
+sub change_creditcard_pay { change_bill('CARD'); }
+sub change_check_pay { change_bill('CHEK'); }
+
sub _process_change_info {
my ($erroraction, @fields) = @_;
@@ -297,6 +313,56 @@ sub _process_change_info {
}
}
+sub _process_change_payby {
+ my ($erroraction, @fields) = @_;
+
+ my $results = '';
+
+ $results ||= update_payby (
+ 'session_id' => $session_id,
+ map { ($_ => $cgi->param($_)) } grep { defined($cgi->param($_)) } @fields,
+ );
+
+
+ if ( $results->{'error'} ) {
+ no strict 'refs';
+ $action = $erroraction;
+ return {
+ $cgi->Vars,
+ %{&$action()},
+ 'error' => ''. $results->{'error'}. '',
+ };
+ } else {
+ return $results;
+ }
+}
+
+sub _process_insert_payby {
+ my ($erroraction, @fields) = @_;
+
+ my $results = '';
+
+ $results ||= insert_payby (
+ 'session_id' => $session_id,
+ map { ($_ => $cgi->param($_)) } grep { defined($cgi->param($_)) } @fields,
+ );
+
+ ## check error
+
+
+ if ( $results->{'error'} ) {
+ no strict 'refs';
+ $action = $erroraction;
+ return {
+ $cgi->Vars,
+ %{&$action()},
+ 'error' => ''. $results->{'error'}. '',
+ };
+ } else {
+ return $results;
+ }
+}
+
sub process_change_bill {
_process_change_info( 'change_bill',
qw( first last company address1 address2 city state
@@ -341,6 +407,30 @@ sub process_change_pay {
_process_change_info( 'change_pay', @list );
}
+sub process_change_creditcard_pay {
+ my $payby = $cgi->param( 'payby' );
+ $cgi->param('paydate', $cgi->param('year') . '-' . $cgi->param('month') . '-01');
+ my @list =
+ qw( payby payinfo payinfo1 payinfo2 paydate payname custpaybynum
+ address1 address2 city county state zip country auto paytype
+ paystate ss stateid stateid_state invoicing_list
+ );
+ if ($cgi->param( 'custpaybynum' )) { _process_change_payby( 'change_creditcard_pay', @list ); }
+ else { _process_insert_payby( 'change_creditcard_pay', @list ); }
+}
+
+sub process_change_check_pay {
+ my $payby = $cgi->param( 'payby' );
+ #$cgi->param('paydate', '2039-12-01');
+ my @list =
+ qw( payby payinfo payinfo1 payinfo2 paydate payname custpaybynum
+ address1 address2 city county state zip country auto paytype
+ paystate ss stateid stateid_state invoicing_list
+ );
+ if ($cgi->param( 'custpaybynum' )) { _process_change_payby( 'change_check_pay', @list ); }
+ else { _process_insert_payby( 'change_check_pay', @list ); }
+}
+
sub view_invoice {
$cgi->param('invnum') =~ /^(\d+)$/ or die "illegal invnum";
@@ -582,7 +672,7 @@ sub process_order_recharge {
sub make_payment {
- my $payment_info = payment_info( 'session_id' => $session_id );
+ my $payment_info = payment_info( 'session_id' => $session_id, 'payment_payby' => 'CARD' );
my $amount =
($payment_info->{'balance'} && ($payment_info->{'balance'} > 0))
@@ -605,40 +695,40 @@ sub make_payment {
sub payment_results {
- use Business::CreditCard 0.30;
+ use Business::CreditCard 0.35;
#we should only do basic checking here for DoS attacks and things
#that couldn't be constructed by the web form... let process_payment() do
#the rest, it gives better error messages
$cgi->param('amount') =~ /^\s*(\d+(\.\d{2})?)\s*$/
- or die "Illegal amount: ". $cgi->param('amount'); #!!!
+ or return { 'error' => "Illegal amount: ". $cgi->param('amount') }; #!!!
my $amount = $1;
my $payinfo = $cgi->param('payinfo');
$payinfo =~ s/[^\dx]//g;
- $payinfo =~ /^([\dx]{13,16}|[\dx]{8,9})$/
+ $payinfo =~ /^([\dx]{13,19}|[\dx]{8,9})$/
#or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
- or die "illegal card"; #!!!
+ or return { 'error' => "illegal card" }; #!!!
$payinfo = $1;
unless ( $payinfo =~ /x/ ) {
validate($payinfo)
#or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
- or die "invalid card"; #!!!
+ or return { 'error' => "invalid card" }; #!!!
}
if ( $cgi->param('card_type') ) {
cardtype($payinfo) eq $cgi->param('card_type')
#or $error ||= $init_data->{msgcat}{not_a}. $cgi->param('CARD_type');
- or die "not a ". $cgi->param('card_type');
+ or return { 'error' => "not a ". $cgi->param('card_type') };
}
$cgi->param('paycvv') =~ /^\s*(.{0,4})\s*$/ or die "illegal CVV2";
my $paycvv = $1;
- $cgi->param('month') =~ /^(\d{2})$/ or die "illegal month";
+ $cgi->param('month') =~ /^(\d{2})/ or die "illegal month";
my $month = $1;
- $cgi->param('year') =~ /^(\d{4})$/ or die "illegal year";
+ $cgi->param('year') =~ /^(\d{4})/ or die "illegal year";
my $year = $1;
$cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname";
@@ -703,7 +793,7 @@ sub payment_results {
}
sub make_ach_payment {
- payment_info( 'session_id' => $session_id );
+ payment_info( 'session_id' => $session_id, 'payment_payby' => 'CHEK' );
}
sub ach_payment_results {
@@ -997,7 +1087,7 @@ sub delete_svc {
sub view_usage {
my $res = list_svcs(
'session_id' => $session_id,
- 'svcdb' => [ 'svc_acct', 'svc_phone', 'svc_port', 'svc_pbx' ],
+ 'svcdb' => [ 'svc_acct', 'svc_broadband', 'svc_phone', 'svc_port', 'svc_pbx' ],
'ncancelled' => 1,
);
if ($res->{hide_usage}) {
@@ -1132,6 +1222,14 @@ sub validate_password {
)
}
+sub validate_password_nologin {
+ $action = 'validate_password'; #use same landing page
+ validate_passwd(
+ map { $_ => scalar($cgi->param($_)) }
+ qw( fieldid check_password )
+ )
+}
+
#--
sub do_template {
@@ -1227,5 +1325,3 @@ sub include {
);
}
-
-