X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=3f0562a818ca4ea25358e57b4edfc0ca0cdfddc6;hp=4c7b1d86a010aff08d8914abed9a4b229b656096;hb=d6741df87df9e3352d7ae47a02d0e3f46154fef9;hpb=d6b6f81e383f9d876e67e9704914e887a331012e diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 4c7b1d86a..3f0562a81 100644 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -9,27 +9,27 @@ use Text::Template; use HTML::Entities; use Date::Format; use Number::Format 1.50; -use FS::SelfService qw( login_info login customer_info edit_info invoice - payment_info process_payment realtime_collect - process_prepay - list_pkgs order_pkg signup_info order_recharge - part_svc_info provision_acct provision_external - unprovision_svc change_pkg domainselector - list_svcs - list_svc_usage list_cdr_usage list_support_usage - myaccount_passwd - ); +use FS::SelfService qw( + access_info login_info login customer_info edit_info invoice + payment_info process_payment realtime_collect process_prepay + list_pkgs order_pkg signup_info order_recharge + part_svc_info provision_acct provision_external provision_phone + unprovision_svc change_pkg suspend_pkg domainselector + list_svcs list_svc_usage list_cdr_usage list_support_usage + myaccount_passwd list_invoices create_ticket get_ticket + mason_comp +); $template_dir = '.'; -$DEBUG = 1; +$DEBUG = 0; $form_max = 255; $cgi = new CGI; unless ( defined $cgi->param('session') ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) ); do_template('login', $login_info ); exit; @@ -55,7 +55,7 @@ if ( $cgi->param('session') eq 'login' ) { 'password' => $password, ); if ( $rv->{error} ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => $cgi->param('agentnum') ); do_template('login', { 'error' => $rv->{error}, 'username' => $username, @@ -72,8 +72,51 @@ if ( $cgi->param('session') eq 'login' ) { $session_id = $cgi->param('session'); #order|pw_list XXX ??? -$cgi->param('action') =~ - /^(myaccount|view_invoice|make_payment|make_ach_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password)$/ +my @actions = ( qw( + myaccount + tktcreate + tktview + didreport + invoices + view_invoice + make_payment + make_ach_payment + make_term_payment + make_thirdparty_payment + post_thirdparty_payment + payment_results + ach_payment_results + recharge_prepay + recharge_results + logout + change_bill + change_ship + change_pay + process_change_bill + process_change_ship + process_change_pay + customer_order_pkg + process_order_pkg + customer_change_pkg + process_change_pkg + process_order_recharge + provision + provision_svc + process_svc_acct + process_svc_phone + process_svc_external + delete_svc + view_usage + view_usage_details + view_cdr_details + view_support_details + change_password + process_change_password + customer_suspend_pkg + process_suspend_pkg +)); + +$cgi->param('action') =~ ( '^(' . join('|', @actions) . ')$' ) or die "unknown action ". $cgi->param('action'); my $action = $1; @@ -83,6 +126,8 @@ $FS::SelfService::DEBUG = $DEBUG; my $result = eval "&$action();"; die $@ if $@; +warn Dumper($result) if $DEBUG; + if ( $result->{error} eq "Can't resume session" || $result->{error} eq "Expired session" ) { #ick @@ -99,13 +144,16 @@ warn "processing template $action\n" do_template($action, { 'session_id' => $session_id, 'action' => $action, #so the menu knows what tab we're on... - %{ payment_info( 'session_id' => $session_id ) }, # cust_paybys for the menu + #%{ payment_info( 'session_id' => $session_id ) }, # cust_paybys for the menu %{$result} }); #-- -sub myaccount { customer_info( 'session_id' => $session_id ); } +use Data::Dumper; +sub myaccount { + customer_info( 'session_id' => $session_id ); +} sub change_bill { my $payment_info = payment_info( 'session_id' => $session_id ); @@ -165,13 +213,18 @@ sub process_change_ship { sub process_change_pay { my $postal = $cgi->param( 'postal_invoicing' ); + my $payby = $cgi->param( 'payby' ); my @list = qw( payby payinfo payinfo1 payinfo2 month year payname address1 address2 city county state zip country auto paytype paystate ss stateid stateid_state invoicing_list ); push @list, 'postal_invoicing' if $postal; - unless ( $postal || $cgi->param( 'invoicing_list' ) ) { + unless ( $payby ne 'BILL' + || $postal + || $cgi->param( 'invoicing_list' ) + ) + { $action = 'change_pay'; return { %{&change_pay()}, @@ -193,6 +246,38 @@ sub view_invoice { } +sub invoices { + list_invoices( 'session_id' => $session_id, ); +} + +sub tktcreate { + my $customer_info = customer_info( 'session_id' => $session_id ); + return $customer_info if ( $customer_info->{'error'} ); + + my $requestor = ""; + if ( $customer_info->{'invoicing_list'} ) { + my @requestor = split( /\s*\,\s*/, $customer_info->{'invoicing_list'} ); + $requestor = $requestor[0] if scalar(@requestor); + } + + return { 'requestor' => $requestor } + unless ($cgi->param('subject') && $cgi->param('message') && + length($cgi->param('subject')) && length($cgi->param('message'))); + + create_ticket( 'session_id' => $session_id, + 'subject' => $cgi->param('subject'), + 'message' => $cgi->param('message'), + 'requestor' => $requestor, + ); +} + +sub tktview { + get_ticket( 'session_id' => $session_id, + 'ticket_id' => $cgi->param('ticket_id'), + 'reply' => $cgi->param('reply'), + ); +} + sub customer_order_pkg { my $init_data = signup_info( 'customer_session_id' => $session_id ); return $init_data if ( $init_data->{'error'} ); @@ -200,11 +285,24 @@ sub customer_order_pkg { my $customer_info = customer_info( 'session_id' => $session_id ); return $customer_info if ( $customer_info->{'error'} ); + my $pkgselect = mason_comp( + 'session_id' => $session_id, + 'comp' => '/edit/cust_main/first_pkg/select-part_pkg.html', + 'args' => [ 'password_verify' => 1, + 'onchange' => 'enable_order_pkg()', + 'relurls' => 1, + 'empty_label' => 'Select package', + ], + ); + + $pkgselect = $pkgselect->{'error'} || $pkgselect->{'output'}; + return { ( map { $_ => $init_data->{$_} } qw( part_pkg security_phrase svc_acct_pop ), ), %$customer_info, + 'pkg_selector' => $pkgselect, }; } @@ -230,23 +328,46 @@ sub process_order_pkg { my $results = ''; - unless ( length($cgi->param('_password')) ) { - my $init_data = signup_info( 'customer_session_id' => $session_id ); - $results = { 'error' => $init_data->{msgcat}{empty_password} }; - $results = { 'error' => $init_data->{error} } if($init_data->{error}); + my @params = (qw( custnum pkgpart )); + my $svcdb = ''; + if ( $cgi->param('pkgpart_svcpart') =~ /^(\d+)_(\d+)$/ ) { + $cgi->param('pkgpart', $1); + $cgi->param('svcpart', $2); + push @params, 'svcpart'; + $svcdb = $cgi->param('svcdb'); + push @params, 'domsvc' if $svcdb eq 'svc_acct'; + } else { + $svcdb = 'svc_acct'; } - if ( $cgi->param('_password') ne $cgi->param('_password2') ) { - my $init_data = signup_info( 'customer_session_id' => $session_id ); - $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} }; - $results = { 'error' => $init_data->{error} } if($init_data->{error}); - $cgi->param('_password', ''); - $cgi->param('_password2', ''); + + if ( $svcdb eq 'svc_acct' ) { + + push @params, qw( username _password _password2 sec_phrase popnum ); + + unless ( length($cgi->param('_password')) ) { + my $init_data = signup_info( 'customer_session_id' => $session_id ); + $results = { 'error' => $init_data->{msgcat}{empty_password} }; + $results = { 'error' => $init_data->{error} } if($init_data->{error}); + } + if ( $cgi->param('_password') ne $cgi->param('_password2') ) { + my $init_data = signup_info( 'customer_session_id' => $session_id ); + $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} }; + $results = { 'error' => $init_data->{error} } if($init_data->{error}); + $cgi->param('_password', ''); + $cgi->param('_password2', ''); + } + + } elsif ( $svcdb eq 'svc_phone' ) { + + push @params, qw( phonenum sip_password pin phone_name ); + + } else { + die "$svcdb not handled on process_order_pkg yet"; } $results ||= order_pkg ( 'session_id' => $session_id, - map { $_ => $cgi->param($_) } - qw( custnum pkgpart username _password _password2 sec_phrase popnum ) + map { $_ => $cgi->param($_) } @params ); @@ -287,6 +408,24 @@ sub process_change_pkg { } +sub process_suspend_pkg { + my $results = ''; + $results = suspend_pkg ( + 'session_id' => $session_id, + map { $_ => $cgi->param($_) } + qw( pkgnum ) + ); + if ( $results->{'error'} ) { + $action = 'provision'; + return { + 'error' => ''. $results->{'error'}. '', + } + } + else { + return $results; + } +} + sub process_order_recharge { my $results = ''; @@ -320,7 +459,7 @@ sub make_payment { sub payment_results { - use Business::CreditCard; + use Business::CreditCard 0.30; #we should only do basic checking here for DoS attacks and things #that couldn't be constructed by the web form... let process_payment() do @@ -331,14 +470,16 @@ sub payment_results { my $amount = $1; my $payinfo = $cgi->param('payinfo'); - $payinfo =~ s/\D//g; - $payinfo =~ /^(\d{13,16})$/ + $payinfo =~ s/[^\dx]//g; + $payinfo =~ /^([\dx]{13,16})$/ #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; or die "illegal card"; #!!! $payinfo = $1; - validate($payinfo) - #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; - or die "invalid card"; #!!! + unless ( $payinfo =~ /x/ ) { + validate($payinfo) + #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; + or die "invalid card"; #!!! + } if ( $cgi->param('card_type') ) { cardtype($payinfo) eq $cgi->param('card_type') @@ -366,12 +507,15 @@ sub payment_results { $cgi->param('city') =~ /^(.{0,80})$/ or die "illegal city"; my $city = $1; - $cgi->param('state') =~ /^(.{2})$/ or die "illegal state"; + $cgi->param('state') =~ /^(.{0,80})$/ or die "illegal state"; my $state = $1; $cgi->param('zip') =~ /^(.{0,10})$/ or die "illegal zip"; my $zip = $1; + $cgi->param('country') =~ /^(.{0,2})$/ or die "illegal country"; + my $country = $1; + my $save = 0; $save = 1 if $cgi->param('save'); @@ -381,6 +525,10 @@ sub payment_results { $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch"; my $paybatch = $1; + $cgi->param('discount_term') =~ /^(\d*)$/ or die "illegal discount_term"; + my $discount_term = $1; + + process_payment( 'session_id' => $session_id, 'payby' => 'CARD', @@ -395,9 +543,11 @@ sub payment_results { 'city' => $city, 'state' => $state, 'zip' => $zip, + 'country' => $country, 'save' => $save, 'auto' => $auto, 'paybatch' => $paybatch, + 'discount_term' => $discount_term, ); } @@ -417,14 +567,16 @@ sub ach_payment_results { my $amount = $1; my $payinfo1 = $cgi->param('payinfo1'); - $payinfo1=~ /^(\d+)$/ + $payinfo1 =~ s/[^\dx]//g; + $payinfo1 =~ /^([\dx]+)$/ or die "illegal account"; #!!! - $payinfo1= $1; + $payinfo1 = $1; my $payinfo2 = $cgi->param('payinfo2'); - $payinfo2=~ /^(\d+)$/ + $payinfo2 =~ s/[^\dx]//g; + $payinfo2 =~ /^([\dx]+)$/ or die "illegal ABA/routing code"; #!!! - $payinfo2= $1; + $payinfo2 = $1; $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname"; my $payname = $1; @@ -475,9 +627,36 @@ sub ach_payment_results { } sub make_thirdparty_payment { + payment_info('session_id' => $session_id); +} + +sub post_thirdparty_payment { $cgi->param('payby_method') =~ /^(CC|ECHECK)$/ or die "illegal payby method"; - realtime_collect( 'session_id' => $session_id, 'method' => $1 ); + my $method = $1; + $cgi->param('amount') =~ /^(\d+(\.\d*)?)$/ + or die "illegal amount"; + my $amount = $1; + my $result = realtime_collect( + 'session_id' => $session_id, + 'method' => $method, + 'amount' => $amount, + ); + $result; +} + +sub make_term_payment { + $cgi->param('amount') =~ /^(\d+\.\d{2})$/ + or die "illegal payment amount"; + my $balance = $1; + $cgi->param('discount_term') =~ /^(\d+)$/ + or die "illegal discount term"; + my $discount_term = $1; + $action = 'make_payment'; + ({ %{payment_info( 'session_id' => $session_id )}, + 'balance' => $balance, + 'discount_term' => $discount_term, + }) } sub recharge_prepay { @@ -503,6 +682,8 @@ sub logout { sub provision { my $result = list_pkgs( 'session_id' => $session_id ); die $result->{'error'} if exists $result->{'error'} && $result->{'error'}; + $result->{'pkgpart'} = $cgi->param('pkgpart') if $cgi->param('pkgpart'); + $result->{'filter'} = $cgi->param('filter') if $cgi->param('filter'); $result; } @@ -519,6 +700,34 @@ sub provision_svc { or die 'Unknown svcdb '. $result->{'svcdb'}; $action .= "_$1"; + $result->{'numavail'} = $cgi->param('numavail'); + + $result; +} + +sub process_svc_phone { + my @bulkdid = $cgi->param('bulkdid'); + my $phonenum = $cgi->param('phonenum'); + + my $result = provision_phone ( + 'session_id' => $session_id, + 'bulkdid' => [ @bulkdid ], + 'countrycode' => '1', + map { $_ => $cgi->param($_) } qw( pkgnum svcpart phonenum ) + ); + + if ( exists $result->{'error'} && $result->{'error'} ) { + $action = 'provision_svc_phone'; + return { + $cgi->Vars, + %{ part_svc_info( 'session_id' => $session_id, + map { $_ => $cgi->param($_) } qw( pkgnum svcpart ) + ) + }, + 'error' => $result->{'error'}, + }; + } + $result; } @@ -642,6 +851,11 @@ sub do_template { $fill_in->{'selfurl'} = $cgi->self_url; $fill_in->{'cgi'} = \$cgi; + my $access_info = $session_id + ? access_info( 'session_id' => $session_id ) + : {}; + $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info; + my $source = "$template_dir/$name.html"; #warn "creating template for $source\n"; my $template = new Text::Template( TYPE => 'FILE', @@ -652,23 +866,30 @@ sub do_template { or die $Text::Template::ERROR; #warn "filling in $template with $fill_in\n"; - print $cgi->header( '-expires' => 'now' ), - $template->fill_in( PACKAGE => 'FS::SelfService::_selfservicecgi', - HASH => $fill_in - ); + my $data = $template->fill_in( + PACKAGE => 'FS::SelfService::_selfservicecgi', + HASH => $fill_in, + ) || "Error processing template $source"; # at least print _something_ + print $cgi->header( '-expires' => 'now' ); + print $data; } #*FS::SelfService::_selfservicecgi::include = \&Text::Template::fill_in_file; package FS::SelfService::_selfservicecgi; -#use FS::SelfService qw(regionselector expselect popselector); use HTML::Entities; -use FS::SelfService qw(regionselector popselector domainselector location_form); +use FS::SelfService qw( + regionselector popselector domainselector location_form didselector +); #false laziness w/agent.cgi +use vars qw(@INCLUDE_ARGS); sub include { my $name = shift; + + @INCLUDE_ARGS = @_; + my $template = new Text::Template( TYPE => 'FILE', SOURCE => "$main::template_dir/$name.html", DELIMITERS => [ '<%=', '%>' ], @@ -682,3 +903,4 @@ sub include { } +1;