X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fmisc%2Fprocess%2Fcancel_pkg.html;h=e17872c066e03fd61eee1883d694e7ac564755e2;hp=dfe1317f48aa24276644866a532550b2353b1ba6;hb=2ab068f449eb97a10e18d20e9dab5ab9faa017e7;hpb=d5aaf28009ff269858f6b0532541da55b4968e6e

diff --git a/httemplate/misc/process/cancel_pkg.html b/httemplate/misc/process/cancel_pkg.html
index dfe1317f4..e17872c06 100755
--- a/httemplate/misc/process/cancel_pkg.html
+++ b/httemplate/misc/process/cancel_pkg.html
@@ -1,79 +1,72 @@
-%
-%
-%#untaint method
-%my $method = $cgi->param('method');
-%$method =~ /^(cancel|expire|suspend)$/ || die "Illegal method";
-%$method = $1;
-
-%#untaint pkgnum
-%my $pkgnum = $cgi->param('pkgnum');
-%$pkgnum =~ /^(\d+)$/ || die "Illegal pkgnum";
-%$pkgnum = $1;
-%
-%#untaint reasonnum
-%my $reasonnum = $cgi->param('reasonnum');
-%$reasonnum =~ /^(-?\d+)$/ || die "Illegal reasonnum";
-%$reasonnum = $1;
-%
-%my $date = time;
-%if ($method eq 'expire'){
-%  #untaint date
-%  $date = $cgi->param('date');
-%  str2time($cgi->param('date')) =~ /^(\d+)$/ || die "Illegal date";
-%  $date = $1;
-%}
-%
-%my $cust_pkg = qsearchs( 'cust_pkg', {'pkgnum'=>$pkgnum} );
-%
-%
-%my $oldAutoCommit = $FS::UID::AutoCommit;
-%local $FS::UID::AutoCommit = 0;
-%my $dbh = dbh;
-%
-%my $otaker = $FS::CurrentUser::CurrentUser->name;
-%$otaker = $FS::CurrentUser::CurrentUser->username
-%  if ($otaker eq "User, Legacy");
-%
-%my $error = '';
-%if ($reasonnum == -1) {
-%
-%  $error = 'Enter a new reason (or select an existing oen)'
-%    unless $cgi->param('newreasonnum') !~ /^\s*$/;
-%
-%  my $reason = new FS::reason({ 'reason_type' => $cgi->param('newreasonnumT'),
-%                                'reason'      => $cgi->param('newreasonnum'),
-%                              });
-%  $error ||= $reason->insert;
-%  $reasonnum = $reason->reasonnum
-%    unless $error;
-%}
-%
-%unless ($error) {
-%  if ($method eq 'expire'){
-%    my %hash = $cust_pkg->hash;
-%    $hash{'expire'}=$date;
-%    my $new = new FS::cust_pkg (\%hash);
-%    $error = $new->replace($cust_pkg, 'reason' => $reasonnum);
-%  }else{
-%    $error = $cust_pkg->$method( 'reason' => $reasonnum );
-%  }
-%}
-%
-%if ($error) {
-%  $cgi->param('error', $error);
-%  $dbh->rollback if $oldAutoCommit;
-%  print $cgi->redirect(popurl(2). "cancel_pkg.html?". $cgi->query_string );
-%}
-%
-%$dbh->commit or die $dbh->errstr if $oldAutoCommit;
-%
-% my %past = ( 'cancel'  => 'cancelled',
-%              'expire'  => 'expired',
-%              'suspend' => 'suspended',
-%            );
 <% header("Package $past{$method}") %>
   <SCRIPT TYPE="text/javascript">
     window.top.location.reload();
   </SCRIPT>
-  </BODY></HTML>
+  </BODY>
+</HTML>
+<%once>
+
+my %past = ( 'cancel'  => 'cancelled',
+             'expire'  => 'expired',
+             'suspend' => 'suspended',
+             'adjourn' => 'adjourned',
+           );
+
+#i'm sure this is false laziness with somewhere, at least w/misc/cancel_pkg.html
+my %right = ( 'cancel'  => 'Cancel customer package immediately',
+              'expire'  => 'Cancel customer package later',
+              'suspend' => 'Suspend customer package',
+              'adjourn' => 'Suspend customer package later',
+            );
+
+</%once>
+<%init>
+
+#untaint method
+my $method = $cgi->param('method');
+$method =~ /^(cancel|expire|suspend|adjourn)$/ or die "Illegal method";
+$method = $1;
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right($right{$method});
+
+#untaint pkgnum
+my $pkgnum = $cgi->param('pkgnum');
+$pkgnum =~ /^(\d+)$/ or die "Illegal pkgnum";
+$pkgnum = $1;
+
+#untaint reasonnum
+my $reasonnum = $cgi->param('reasonnum');
+$reasonnum =~ /^(-?\d+)$/ or die "Illegal reasonnum";
+$reasonnum = $1;
+
+my $date = time;
+if ($method eq 'expire' || $method eq 'adjourn'){
+  #untaint date
+  $date = $cgi->param('date');
+  parse_datetime($cgi->param('date')) =~ /^(\d+)$/ or die "Illegal date";
+  $date = $1;
+  $method = ($method eq 'expire') ? 'cancel' : 'suspend';
+}
+
+my $cust_pkg = qsearchs( 'cust_pkg', {'pkgnum'=>$pkgnum} );
+
+#my $otaker = $FS::CurrentUser::CurrentUser->name;
+#$otaker = $FS::CurrentUser::CurrentUser->username
+#  if ($otaker eq "User, Legacy");
+
+if ($reasonnum == -1) {
+  $reasonnum = {
+    'typenum' => scalar( $cgi->param('newreasonnumT') ),
+    'reason'  => scalar( $cgi->param('newreasonnum' ) ),
+  };
+}
+
+my $error = $cust_pkg->$method( 'reason' => $reasonnum, 'date' => $date );
+
+if ($error) {
+  $cgi->param('error', $error);
+  print $cgi->redirect(popurl(2). "cancel_pkg.html?". $cgi->query_string );
+}
 
+</%init>