X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_pkg.cgi;h=82a9e23753800c134388e4a2e2f819a8eae93d15;hp=272ddcc47158b2794ba523d936ece9844f40956f;hb=3f2a7b01b59902faed5767d81e2959e131bdbdfd;hpb=baaf20963687533353e65917554ebf968dbc0f8b

diff --git a/httemplate/edit/process/cust_pkg.cgi b/httemplate/edit/process/cust_pkg.cgi
index 272ddcc47..82a9e2375 100755
--- a/httemplate/edit/process/cust_pkg.cgi
+++ b/httemplate/edit/process/cust_pkg.cgi
@@ -1,75 +1,65 @@
 % if ($error) {
 %   $cgi->param('error', $error);
-%   $cgi->redirect(popurl(3). $error_redirect. '?'. $cgi->query_string );
-% } elsif ( $action eq 'change' ) {
-
-    <% header("Package changed") %>
-      <SCRIPT TYPE="text/javascript">
-        window.top.location.reload();
-      </SCRIPT>
-    </BODY>
-    </HTML>
-
-% } elsif ( $action eq 'bulk' ) {
-<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum") %>
+%   $cgi->redirect(popurl(3). 'edit/cust_pkg.cgi?'. $cgi->query_string );
 % } else {
-%   die "guru exception #5: action is neither change nor bulk!";
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum") %>
 % }
 <%init>
+use Data::Dumper;
+my $DEBUG = 0;
+my $curuser = $FS::CurrentUser::CurrentUser;
 
-my $error = '';
+die "access denied"
+  unless $curuser->access_right('Bulk change customer packages');
 
-#untaint custnum
-$cgi->param('custnum') =~ /^(\d+)$/;
-my $custnum = $1;
+my $error = '';
+my %param = $cgi->Vars;
 
-my @remove_pkgnums = map {
-  /^(\d+)$/ or die "Illegal remove_pkg value!";
-  $1;
-} $cgi->param('remove_pkg');
+my $custnum = $param{custnum};
+$error = "Invalid custnum ($custnum)" if $custnum =~ /\D/;
 
-my $curuser = $FS::CurrentUser::CurrentUser;
+my $locationnum = $param{locationnum};
+$error = "Invalid locationnum ($locationnum)" if $locationnum =~ /\D/;
 
-my( $action, $error_redirect ) = ( '', '' );
-my @pkgparts = ();
-if ( $cgi->param('action') eq 'change' ) { #came from misc/change_pkg.cgi
+my @remove_pkgnum =
+  map { $_ =~ /remove_cust_pkg\[(\d+)\]/ ? $1 : () }
+  keys %param;
 
-  $action = 'change';
-  $error_redirect = "misc/change_pkg.cgi";
+my @pkgparts;
+for my $k ( keys %param ) {
+  next unless $k =~ /qty_part_pkg\[(\d+)\]/;
+  my $pkgpart = $1;
+  my $qty     = $param{$k};
+  $qty =~ s/(^\s+|\s+$)//g;
 
-  die "access denied"
-    unless $curuser->access_right('Change customer package');
+  warn "k($k) param{k}($param{$k}) pkgpart($pkgpart) qty($qty)\n"
+    if $DEBUG;
 
-  if ( $cgi->param('new_pkgpart') =~ /^(\d+)$/ ) {
-    @pkgparts = ($1);
-  } else {
-    $error = 'Select a new package';
+  if ( $qty =~ /\D/ ) {
+    $error = "Invalid quantity $qty for pkgpart $pkgpart - please use a number";
+    last;
   }
 
-} elsif ( $cgi->param('action') eq 'bulk' ) { #came from edit/cust_pkg.cgi
-
-  $action = 'bulk';
-  $error_redirect = "edit/cust_pkg.cgi";
+  next if $qty == 0;
 
-  die "access denied"
-    unless $curuser->access_right('Bulk change customer packages');
-
-  foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) {
-    if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) {
-      my $num_pkgs = $1;
-      while ( $num_pkgs-- ) {
-        push @pkgparts,$pkgpart;
-      }
-    } else {
-      $error = "Illegal quantity";
-      last;
-    }
-  }
+  push ( @pkgparts, $pkgpart ) for ( 1..$qty );
+}
 
-} else {
-  die "guru exception #5: action is neither change nor bulk!";
+if ( $DEBUG ) {
+  warn Dumper({
+    custnum       => $custnum,
+    locationnum   => $locationnum,
+    remove_pkgnum => \@remove_pkgnum,
+    pkgparts      => \@pkgparts,
+    param         => \%param,
+  });
 }
 
-$error ||= FS::cust_pkg::order($custnum,\@pkgparts,\@remove_pkgnums);
+$error ||= FS::cust_pkg::order({
+  custnum       => $custnum,
+  pkgparts      => \@pkgparts,
+  remove_pkgnum => \@remove_pkgnum,
+  locationnum   => $locationnum,
+});
 
 </%init>