X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=fs_selfservice%2FFS-SelfService%2Fcgi%2Fselfservice.cgi;h=d23e6ba68aa680e7951be559c9764943b50efd46;hp=ed1e6a19085e77e0a1aa709ba8b1e8a5a9a3adc6;hb=d7eafc9c9aae2bf47ea19a56cc5bb1380c5874e4;hpb=72a60ae400c253e913728a830e588e209b1a23fe

diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index ed1e6a190..d23e6ba68 100644
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -9,16 +9,16 @@ use Text::Template;
 use HTML::Entities;
 use Date::Format;
 use Number::Format 1.50;
-use FS::SelfService qw( login_info login customer_info edit_info invoice
-                        payment_info process_payment realtime_collect
-                        process_prepay
-                        list_pkgs order_pkg signup_info order_recharge
-                        part_svc_info provision_acct provision_external
-                        unprovision_svc change_pkg domainselector
-                        list_svcs
-                        list_svc_usage list_cdr_usage list_support_usage
-                        myaccount_passwd
-                      );
+use FS::SelfService qw(
+  access_info login_info login customer_info edit_info invoice
+  payment_info process_payment realtime_collect process_prepay
+  list_pkgs order_pkg signup_info order_recharge
+  part_svc_info provision_acct provision_external
+  unprovision_svc change_pkg suspend_pkg domainselector
+  list_svcs list_svc_usage list_cdr_usage list_support_usage
+  myaccount_passwd
+  mason_comp
+);
 
 $template_dir = '.';
 
@@ -29,7 +29,7 @@ $form_max = 255;
 $cgi = new CGI;
 
 unless ( defined $cgi->param('session') ) {
-  my $login_info = login_info();
+  my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) );
 
   do_template('login', $login_info );
   exit;
@@ -55,7 +55,7 @@ if ( $cgi->param('session') eq 'login' ) {
     'password' => $password,
   );
   if ( $rv->{error} ) {
-    my $login_info = login_info();
+    my $login_info = login_info( 'agentnum' => $cgi->param('agentnum') );
     do_template('login', {
       'error'    => $rv->{error},
       'username' => $username,
@@ -73,7 +73,7 @@ $session_id = $cgi->param('session');
 
 #order|pw_list XXX ???
 $cgi->param('action') =~
-    /^(myaccount|view_invoice|make_payment|make_ach_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password)$/
+    /^(myaccount|view_invoice|make_payment|make_ach_payment|make_term_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password|customer_suspend_pkg|process_suspend_pkg)$/
   or die "unknown action ". $cgi->param('action');
 my $action = $1;
 
@@ -99,13 +99,14 @@ warn "processing template $action\n"
 do_template($action, {
   'session_id' => $session_id,
   'action'     => $action, #so the menu knows what tab we're on...
-  %{ payment_info( 'session_id' => $session_id ) },  # cust_paybys for the menu
+  #%{ payment_info( 'session_id' => $session_id ) },  # cust_paybys for the menu
   %{$result}
 });
 
 #--
 
-sub myaccount { customer_info( 'session_id' => $session_id ); }
+use Data::Dumper;
+sub myaccount { my $result = customer_info( 'session_id' => $session_id ); warn Dumper($result); $result;}
 
 sub change_bill { my $payment_info =
                     payment_info( 'session_id' => $session_id );
@@ -165,13 +166,18 @@ sub process_change_ship {
 
 sub process_change_pay {
         my $postal = $cgi->param( 'postal_invoicing' );
+        my $payby  = $cgi->param( 'payby' );
         my @list =
           qw( payby payinfo payinfo1 payinfo2 month year payname
               address1 address2 city county state zip country auto paytype
               paystate ss stateid stateid_state invoicing_list
             );
         push @list, 'postal_invoicing' if $postal;
-        unless ( $postal || $cgi->param( 'invoicing_list' ) ) {
+        unless (    $payby ne 'BILL'
+                 || $postal
+                 || $cgi->param( 'invoicing_list' )
+               )
+        {
           $action = 'change_pay';
           return {
             %{&change_pay()},
@@ -200,11 +206,24 @@ sub customer_order_pkg {
   my $customer_info = customer_info( 'session_id' => $session_id );
   return $customer_info if ( $customer_info->{'error'} );
 
+  my $pkgselect = mason_comp(
+    'session_id' => $session_id,
+    'comp'       => '/edit/cust_main/first_pkg/select-part_pkg.html',
+    'args'       => [ 'password_verify' => 1,
+                      'onchange'        => 'enable_order_pkg()',
+                      'relurls'         => 1,
+                      'empty_label'     => 'Select package',
+                    ],
+  );
+
+  $pkgselect = $pkgselect->{'error'} || $pkgselect->{'output'};
+
   return {
     ( map { $_ => $init_data->{$_} }
           qw( part_pkg security_phrase svc_acct_pop ),
     ),
     %$customer_info,
+    'pkg_selector' => $pkgselect,
   };
 }
 
@@ -230,23 +249,46 @@ sub process_order_pkg {
 
   my $results = '';
 
-  unless ( length($cgi->param('_password')) ) {
-    my $init_data = signup_info( 'customer_session_id' => $session_id );
-    $results = { 'error' => $init_data->{msgcat}{empty_password} };
-    $results = { 'error' => $init_data->{error} } if($init_data->{error});
+  my @params = (qw( custnum pkgpart ));
+  my $svcdb = '';
+  if ( $cgi->param('pkgpart_svcpart') =~ /^(\d+)_(\d+)$/ ) {
+    $cgi->param('pkgpart', $1);
+    $cgi->param('svcpart', $2);
+    push @params, 'svcpart';
+    $svcdb = $cgi->param('svcdb');
+    push @params, 'domsvc' if $svcdb eq 'svc_acct';
+  } else {
+    $svcdb = 'svc_acct';
   }
-  if ( $cgi->param('_password') ne $cgi->param('_password2') ) {
-    my $init_data = signup_info( 'customer_session_id' => $session_id );
-    $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} };
-    $results = { 'error' => $init_data->{error} } if($init_data->{error});
-    $cgi->param('_password', '');
-    $cgi->param('_password2', '');
+
+  if ( $svcdb eq 'svc_acct' ) {
+
+    push @params, qw( username _password _password2 sec_phrase popnum );
+
+    unless ( length($cgi->param('_password')) ) {
+      my $init_data = signup_info( 'customer_session_id' => $session_id );
+      $results = { 'error' => $init_data->{msgcat}{empty_password} };
+      $results = { 'error' => $init_data->{error} } if($init_data->{error});
+    }
+    if ( $cgi->param('_password') ne $cgi->param('_password2') ) {
+      my $init_data = signup_info( 'customer_session_id' => $session_id );
+      $results = { 'error' => $init_data->{msgcat}{passwords_dont_match} };
+      $results = { 'error' => $init_data->{error} } if($init_data->{error});
+      $cgi->param('_password', '');
+      $cgi->param('_password2', '');
+    }
+
+  } elsif ( $svcdb eq 'svc_phone' ) {
+
+    push @params, qw( phonenum sip_password pin phone_name );
+
+  } else {
+    die "$svcdb not handled on process_order_pkg yet";
   }
 
   $results ||= order_pkg (
     'session_id' => $session_id,
-    map { $_ => $cgi->param($_) }
-        qw( custnum pkgpart username _password _password2 sec_phrase popnum )
+    map { $_ => $cgi->param($_) } @params
   );
 
 
@@ -287,6 +329,24 @@ sub process_change_pkg {
 
 }
 
+sub process_suspend_pkg {
+  my $results = '';
+  $results = suspend_pkg (
+    'session_id' => $session_id,
+    map { $_ => $cgi->param($_) } 
+      qw( pkgnum )
+    );
+  if ( $results->{'error'} ) {
+    $action = 'provision';
+    return {
+      'error' => '<FONT COLOR="#FF0000">'. $results->{'error'}. '</FONT>',
+    }
+  }
+  else {
+    return $results;
+  }
+}
+
 sub process_order_recharge {
 
   my $results = '';
@@ -320,7 +380,7 @@ sub make_payment {
 
 sub payment_results {
 
-  use Business::CreditCard;
+  use Business::CreditCard 0.30;
 
   #we should only do basic checking here for DoS attacks and things
   #that couldn't be constructed by the web form...  let process_payment() do
@@ -331,14 +391,16 @@ sub payment_results {
   my $amount = $1;
 
   my $payinfo = $cgi->param('payinfo');
-  $payinfo =~ s/\D//g;
-  $payinfo =~ /^(\d{13,16})$/
+  $payinfo =~ s/[^\dx]//g;
+  $payinfo =~ /^([\dx]{13,16})$/
     #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
     or die "illegal card"; #!!!
   $payinfo = $1;
-  validate($payinfo)
-    #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
-    or die "invalid card"; #!!!
+  unless ( $payinfo =~ /x/ ) {
+    validate($payinfo)
+      #or $error ||= $init_data->{msgcat}{invalid_card}; #. $self->payinfo;
+      or die "invalid card"; #!!!
+  }
 
   if ( $cgi->param('card_type') ) {
     cardtype($payinfo) eq $cgi->param('card_type')
@@ -384,6 +446,10 @@ sub payment_results {
   $cgi->param('paybatch') =~ /^([\w\-\.]+)$/ or die "illegal paybatch";
   my $paybatch = $1;
 
+  $cgi->param('discount_term') =~ /^(\d*)$/ or die "illegal discount_term";
+  my $discount_term = $1;
+
+
   process_payment(
     'session_id' => $session_id,
     'payby'      => 'CARD',
@@ -402,6 +468,7 @@ sub payment_results {
     'save'       => $save,
     'auto'       => $auto,
     'paybatch'   => $paybatch,
+    'discount_term' => $discount_term,
   );
 
 }
@@ -421,14 +488,16 @@ sub ach_payment_results {
   my $amount = $1;
 
   my $payinfo1 = $cgi->param('payinfo1');
-  $payinfo1=~ /^(\d+)$/
+  $payinfo1 =~ s/[^\dx]//g;
+  $payinfo1 =~ /^([\dx]+)$/
     or die "illegal account"; #!!!
-  $payinfo1= $1;
+  $payinfo1 = $1;
 
   my $payinfo2 = $cgi->param('payinfo2');
-  $payinfo2=~ /^(\d+)$/
+  $payinfo2 =~ s/[^\dx]//g;
+  $payinfo2 =~ /^([\dx]+)$/
     or die "illegal ABA/routing code"; #!!!
-  $payinfo2= $1;
+  $payinfo2 = $1;
 
   $cgi->param('payname') =~ /^(.{0,80})$/ or die "illegal payname";
   my $payname = $1;
@@ -484,6 +553,20 @@ sub make_thirdparty_payment {
   realtime_collect( 'session_id' => $session_id, 'method' => $1 );
 }
 
+sub make_term_payment {
+  $cgi->param('amount') =~ /^(\d+\.\d{2})$/
+    or die "illegal payment amount";
+  my $balance = $1;
+  $cgi->param('discount_term') =~ /^(\d+)$/
+    or die "illegal discount term";
+  my $discount_term = $1;
+  $action = 'make_payment';
+  ({ %{payment_info( 'session_id' => $session_id )},
+    'balance' => $balance,
+    'discount_term' => $discount_term,
+  })
+}
+
 sub recharge_prepay {
   customer_info( 'session_id' => $session_id );
 }
@@ -646,6 +729,11 @@ sub do_template {
   $fill_in->{'selfurl'} = $cgi->self_url;
   $fill_in->{'cgi'} = \$cgi;
 
+  my $access_info = $session_id
+                      ? access_info( 'session_id' => $session_id )
+                      : {};
+  $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info;
+
   my $source = "$template_dir/$name.html";
   #warn "creating template for $source\n";
   my $template = new Text::Template( TYPE       => 'FILE',
@@ -671,8 +759,12 @@ use HTML::Entities;
 use FS::SelfService qw(regionselector popselector domainselector location_form);
 
 #false laziness w/agent.cgi
+use vars qw(@INCLUDE_ARGS);
 sub include {
   my $name = shift;
+
+  @INCLUDE_ARGS = @_;
+
   my $template = new Text::Template( TYPE   => 'FILE',
                                      SOURCE => "$main::template_dir/$name.html",
                                      DELIMITERS => [ '<%=', '%>' ],
@@ -686,3 +778,4 @@ sub include {
 
 }
 
+1;