X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=8f1c4a568910b2d2230634e291af6fecabbe6f49;hp=7c5ad839cb1ca83987a8c4ddeac06b83c4782b98;hb=5d5e7f7248d786938c08c867c9ad8f855f92c532;hpb=a85e7c8a0f6b9bd281a761c34ac34b30dcf7663a diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 7c5ad839c..8f1c4a568 100644 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -8,28 +8,30 @@ use CGI::Carp qw(fatalsToBrowser); use Text::Template; use HTML::Entities; use Date::Format; +use Date::Parse 'str2time'; use Number::Format 1.50; use FS::SelfService qw( access_info login_info login customer_info edit_info invoice payment_info process_payment realtime_collect process_prepay list_pkgs order_pkg signup_info order_recharge - part_svc_info provision_acct provision_external - unprovision_svc change_pkg domainselector + part_svc_info provision_acct provision_external provision_phone + unprovision_svc change_pkg suspend_pkg domainselector list_svcs list_svc_usage list_cdr_usage list_support_usage - myaccount_passwd - mason_comp + myaccount_passwd list_invoices create_ticket get_ticket did_report + adjust_ticket_priority + mason_comp port_graph ); $template_dir = '.'; -$DEBUG = 1; +$DEBUG = 0; $form_max = 255; $cgi = new CGI; unless ( defined $cgi->param('session') ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) ); do_template('login', $login_info ); exit; @@ -55,7 +57,7 @@ if ( $cgi->param('session') eq 'login' ) { 'password' => $password, ); if ( $rv->{error} ) { - my $login_info = login_info(); + my $login_info = login_info( 'agentnum' => $cgi->param('agentnum') ); do_template('login', { 'error' => $rv->{error}, 'username' => $username, @@ -72,8 +74,54 @@ if ( $cgi->param('session') eq 'login' ) { $session_id = $cgi->param('session'); #order|pw_list XXX ??? -$cgi->param('action') =~ - /^(myaccount|view_invoice|make_payment|make_ach_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password)$/ +my @actions = ( qw( + myaccount + tktcreate + tktview + ticket_priority + didreport + invoices + view_invoice + make_payment + make_ach_payment + make_term_payment + make_thirdparty_payment + post_thirdparty_payment + payment_results + ach_payment_results + recharge_prepay + recharge_results + logout + change_bill + change_ship + change_pay + process_change_bill + process_change_ship + process_change_pay + customer_order_pkg + process_order_pkg + customer_change_pkg + process_change_pkg + process_order_recharge + provision + provision_svc + process_svc_acct + process_svc_phone + process_svc_external + delete_svc + view_usage + view_usage_details + view_cdr_details + view_support_details + view_port_graph + real_port_graph + change_password + process_change_password + customer_suspend_pkg + process_suspend_pkg +)); + +$cgi->param('action') =~ ( '^(' . join('|', @actions) . ')$' ) or die "unknown action ". $cgi->param('action'); my $action = $1; @@ -83,8 +131,10 @@ $FS::SelfService::DEBUG = $DEBUG; my $result = eval "&$action();"; die $@ if $@; -if ( $result->{error} eq "Can't resume session" - || $result->{error} eq "Expired session" ) { #ick +warn Dumper($result) if $DEBUG; + +if ( $result->{error} && ( $result->{error} eq "Can't resume session" + || $result->{error} eq "Expired session") ) { #ick my $login_info = login_info(); do_template('login', $login_info); @@ -105,7 +155,10 @@ do_template($action, { #-- -sub myaccount { customer_info( 'session_id' => $session_id ); } +use Data::Dumper; +sub myaccount { + customer_info( 'session_id' => $session_id ); +} sub change_bill { my $payment_info = payment_info( 'session_id' => $session_id ); @@ -198,6 +251,55 @@ sub view_invoice { } +sub invoices { + list_invoices( 'session_id' => $session_id, ); +} + +sub tktcreate { + my $customer_info = customer_info( 'session_id' => $session_id ); + return $customer_info if ( $customer_info->{'error'} ); + + my $requestor = ""; + if ( $customer_info->{'invoicing_list'} ) { + my @requestor = split( /\s*\,\s*/, $customer_info->{'invoicing_list'} ); + $requestor = $requestor[0] if scalar(@requestor); + } + + return { 'requestor' => $requestor } + unless ($cgi->param('subject') && $cgi->param('message') && + length($cgi->param('subject')) && length($cgi->param('message'))); + + create_ticket( 'session_id' => $session_id, + 'subject' => $cgi->param('subject'), + 'message' => $cgi->param('message'), + 'requestor' => $requestor, + ); +} + +sub tktview { + get_ticket( 'session_id' => $session_id, + 'ticket_id' => ($cgi->param('ticket_id') || ''), + 'subject' => ($cgi->param('subject') || ''), + 'reply' => ($cgi->param('reply') || ''), + ); +} + +sub ticket_priority { + my %values; + foreach ( $cgi->param ) { + if ( /^ticket(\d+)$/ ) { + # a 'ticket1001' param implies the existence of a 'priority1001' param + # but if that's empty, we need to send it as empty rather than forget + # it. + $values{$1} = $cgi->param("priority$1") || ''; + } + } + $action = 'myaccount'; + # this returns an updated customer_info for myaccount + adjust_ticket_priority( 'session_id' => $session_id, + 'values' => \%values ); +} + sub customer_order_pkg { my $init_data = signup_info( 'customer_session_id' => $session_id ); return $init_data if ( $init_data->{'error'} ); @@ -328,6 +430,24 @@ sub process_change_pkg { } +sub process_suspend_pkg { + my $results = ''; + $results = suspend_pkg ( + 'session_id' => $session_id, + map { $_ => $cgi->param($_) } + qw( pkgnum ) + ); + if ( $results->{'error'} ) { + $action = 'provision'; + return { + 'error' => ''. $results->{'error'}. '', + } + } + else { + return $results; + } +} + sub process_order_recharge { my $results = ''; @@ -361,7 +481,7 @@ sub make_payment { sub payment_results { - use Business::CreditCard; + use Business::CreditCard 0.30; #we should only do basic checking here for DoS attacks and things #that couldn't be constructed by the web form... let process_payment() do @@ -372,14 +492,16 @@ sub payment_results { my $amount = $1; my $payinfo = $cgi->param('payinfo'); - $payinfo =~ s/\D//g; - $payinfo =~ /^(\d{13,16})$/ + $payinfo =~ s/[^\dx]//g; + $payinfo =~ /^([\dx]{13,16})$/ #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; or die "illegal card"; #!!! $payinfo = $1; - validate($payinfo) - #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; - or die "invalid card"; #!!! + unless ( $payinfo =~ /x/ ) { + validate($payinfo) + #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo; + or die "invalid card"; #!!! + } if ( $cgi->param('card_type') ) { cardtype($payinfo) eq $cgi->param('card_type') @@ -425,6 +547,10 @@ sub payment_results { $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch"; my $paybatch = $1; + $cgi->param('discount_term') =~ /^(\d*)$/ or die "illegal discount_term"; + my $discount_term = $1; + + process_payment( 'session_id' => $session_id, 'payby' => 'CARD', @@ -443,6 +569,7 @@ sub payment_results { 'save' => $save, 'auto' => $auto, 'paybatch' => $paybatch, + 'discount_term' => $discount_term, ); } @@ -462,14 +589,16 @@ sub ach_payment_results { my $amount = $1; my $payinfo1 = $cgi->param('payinfo1'); - $payinfo1=~ /^(\d+)$/ + $payinfo1 =~ s/[^\dx]//g; + $payinfo1 =~ /^([\dx]+)$/ or die "illegal account"; #!!! - $payinfo1= $1; + $payinfo1 = $1; my $payinfo2 = $cgi->param('payinfo2'); - $payinfo2=~ /^(\d+)$/ + $payinfo2 =~ s/[^\dx]//g; + $payinfo2 =~ /^([\dx]+)$/ or die "illegal ABA/routing code"; #!!! - $payinfo2= $1; + $payinfo2 = $1; $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname"; my $payname = $1; @@ -520,9 +649,36 @@ sub ach_payment_results { } sub make_thirdparty_payment { + payment_info('session_id' => $session_id); +} + +sub post_thirdparty_payment { $cgi->param('payby_method') =~ /^(CC|ECHECK)$/ or die "illegal payby method"; - realtime_collect( 'session_id' => $session_id, 'method' => $1 ); + my $method = $1; + $cgi->param('amount') =~ /^(\d+(\.\d*)?)$/ + or die "illegal amount"; + my $amount = $1; + my $result = realtime_collect( + 'session_id' => $session_id, + 'method' => $method, + 'amount' => $amount, + ); + $result; +} + +sub make_term_payment { + $cgi->param('amount') =~ /^(\d+\.\d{2})$/ + or die "illegal payment amount"; + my $balance = $1; + $cgi->param('discount_term') =~ /^(\d+)$/ + or die "illegal discount term"; + my $discount_term = $1; + $action = 'make_payment'; + ({ %{payment_info( 'session_id' => $session_id )}, + 'balance' => $balance, + 'discount_term' => $discount_term, + }) } sub recharge_prepay { @@ -545,9 +701,20 @@ sub logout { FS::SelfService::logout( 'session_id' => $session_id ); } +sub didreport { + my $result = did_report( 'session_id' => $session_id, + 'format' => $cgi->param('type'), + 'recentonly' => $cgi->param('recentonly'), + ); + die $result->{'error'} if exists $result->{'error'} && $result->{'error'}; + $result; +} + sub provision { my $result = list_pkgs( 'session_id' => $session_id ); die $result->{'error'} if exists $result->{'error'} && $result->{'error'}; + $result->{'pkgpart'} = $cgi->param('pkgpart') if $cgi->param('pkgpart'); + $result->{'filter'} = $cgi->param('filter') if $cgi->param('filter'); $result; } @@ -555,7 +722,7 @@ sub provision_svc { my $result = part_svc_info( 'session_id' => $session_id, - map { $_ => $cgi->param($_) } qw( pkgnum svcpart ), + map { $_ => $cgi->param($_) } qw( pkgnum svcpart svcnum ), ); die $result->{'error'} if exists $result->{'error'} && $result->{'error'}; @@ -564,6 +731,47 @@ sub provision_svc { or die 'Unknown svcdb '. $result->{'svcdb'}; $action .= "_$1"; + $result->{'numavail'} = $cgi->param('numavail'); + $result->{'lnp'} = $cgi->param('lnp'); + + $result; +} + +sub process_svc_phone { + my @bulkdid = $cgi->param('bulkdid'); + my $phonenum = $cgi->param('phonenum'); + my $lnp = $cgi->param('lnp'); + + my $result; + if($lnp) { + $result = provision_phone ( + 'session_id' => $session_id, + 'countrycode' => '1', + map { $_ => $cgi->param($_) } qw( pkgnum svcpart phonenum + lnp_desired_due_date lnp_other_provider + lnp_other_provider_account ) + ); + } else { + $result = provision_phone ( + 'session_id' => $session_id, + 'bulkdid' => [ @bulkdid ], + 'countrycode' => '1', + map { $_ => $cgi->param($_) } qw( pkgnum svcpart phonenum svcnum email forwarddst ) + ); + } + + if ( exists $result->{'error'} && $result->{'error'} ) { + $action = 'provision_svc_phone'; + return { + $cgi->Vars, + %{ part_svc_info( 'session_id' => $session_id, + map { $_ => $cgi->param($_) } qw( pkgnum svcpart svcnum ) + ) + }, + 'error' => $result->{'error'}, + }; + } + $result; } @@ -610,18 +818,39 @@ sub delete_svc { sub view_usage { list_svcs( 'session_id' => $session_id, - 'svcdb' => [ 'svc_acct', 'svc_phone' ], + 'svcdb' => [ 'svc_acct', 'svc_phone', 'svc_port', ], 'ncancelled' => 1, ); } +sub real_port_graph { + my $svcnum = $cgi->param('svcnum'); + my $res = port_graph( + 'session_id' => $session_id, + 'svcnum' => $svcnum, + 'beginning' => str2time($cgi->param('start')." 00:00:00"), + 'ending' => str2time($cgi->param('end')." 23:59:59"), + ); + my @usage = @{$res->{'usage'}}; + my $png = $usage[0]->{'png'}; + { 'content' => $png, 'format' => 'png' }; +} + +sub view_port_graph { + my $svcnum = $cgi->param('svcnum'); + { 'svcnum' => $svcnum, + 'start' => $cgi->param($svcnum.'_start'), + 'end' => $cgi->param($svcnum.'_end'), + } +} + sub view_usage_details { - list_svc_usage( - 'session_id' => $session_id, - 'svcnum' => $cgi->param('svcnum'), - 'beginning' => $cgi->param('beginning') || '', - 'ending' => $cgi->param('ending') || '', - ); + list_svc_usage( + 'session_id' => $session_id, + 'svcnum' => $cgi->param('svcnum'), + 'beginning' => $cgi->param('beginning') || '', + 'ending' => $cgi->param('ending') || '', + ); } sub view_cdr_details { @@ -692,33 +921,65 @@ sub do_template { : {}; $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info; - my $source = "$template_dir/$name.html"; - #warn "creating template for $source\n"; - my $template = new Text::Template( TYPE => 'FILE', - SOURCE => $source, - DELIMITERS => [ '<%=', '%>' ], - UNTAINT => 1, - ) - or die $Text::Template::ERROR; - - #warn "filling in $template with $fill_in\n"; - print $cgi->header( '-expires' => 'now' ), - $template->fill_in( PACKAGE => 'FS::SelfService::_selfservicecgi', - HASH => $fill_in - ); -} + + if($result && ref($result) && $result->{'format'} && $result->{'content'} + && $result->{'format'} eq 'csv') { + print $cgi->header('-expires' => 'now', + '-Content-Type' => 'text/csv', + '-Content-Disposition' => "attachment;filename=output.csv", + ), + $result->{'content'}; + } + elsif($result && ref($result) && $result->{'format'} && $result->{'content'} + && $result->{'format'} eq 'xls') { + print $cgi->header('-expires' => 'now', + '-Content-Type' => 'application/vnd.ms-excel', + '-Content-Disposition' => "attachment;filename=output.xls", + '-Content-Length' => length($result->{'content'}), + ), + $result->{'content'}; + } + elsif($result && ref($result) && $result->{'format'} && $result->{'content'} + && $result->{'format'} eq 'png') { + print $cgi->header('-expires' => 'now', + '-Content-Type' => 'image/png', + ), + $result->{'content'}; + } + else { + my $source = "$template_dir/$name.html"; + my $template = new Text::Template( TYPE => 'FILE', + SOURCE => $source, + DELIMITERS => [ '<%=', '%>' ], + UNTAINT => 1, + ) + or die $Text::Template::ERROR; + + my $data = $template->fill_in( + PACKAGE => 'FS::SelfService::_selfservicecgi', + HASH => $fill_in, + ) || "Error processing template $source"; # at least print _something_ + print $cgi->header( '-expires' => 'now' ); + print $data; + } + } #*FS::SelfService::_selfservicecgi::include = \&Text::Template::fill_in_file; package FS::SelfService::_selfservicecgi; -#use FS::SelfService qw(regionselector expselect popselector); use HTML::Entities; -use FS::SelfService qw(regionselector popselector domainselector location_form); +use FS::SelfService qw( + regionselector popselector domainselector location_form didselector +); #false laziness w/agent.cgi +use vars qw(@INCLUDE_ARGS); sub include { my $name = shift; + + @INCLUDE_ARGS = @_; + my $template = new Text::Template( TYPE => 'FILE', SOURCE => "$main::template_dir/$name.html", DELIMITERS => [ '<%=', '%>' ], @@ -732,3 +993,4 @@ sub include { } +1;