X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fmisc%2Fxmlhttp-validate_password.html;h=c53abe8830f3f65d54eb3ca331ad083fd8dbc9eb;hp=1efb4aaa3a0c276f9dbe94f1fdbcf467e16dc424;hb=acb5db886076201922167d39d76fd9b3e9e54c9c;hpb=9d0796956b83a47a3258e1d388289f6b59f7444d diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html index 1efb4aaa3..c53abe883 100644 --- a/httemplate/misc/xmlhttp-validate_password.html +++ b/httemplate/misc/xmlhttp-validate_password.html @@ -1,14 +1,13 @@ <%doc> -Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is -only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise -create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet -inserted), and 'fieldid' (for html post-processing, passed along in results -for convenience.) - -Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is -valid), 'error' (error text if password is invalid) or 'syserror' (error text -if password could not be validated.) Only one of these keys will be set. -Will also set 'fieldid' if it was passed. +Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only +acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an +empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in +results for convenience.) + +Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid), +'error' (error text if password is invalid) or 'syserror' (error text if password +could not be validated.) Only one of these keys will be set. Will also set +'fieldid' if it was passed. <% encode_json($result) %> @@ -29,21 +28,33 @@ my $validate_password = sub { $result{'syserror'} = 'Invoked without password' unless $password; return \%result if $result{'syserror'}; - my $svcnum = $arg{'svcnum'}; - $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/; - return \%result if $result{'syserror'}; + if ($arg{'contactnum'} =~ /^\d+$/) { + my $contactnum = $arg{'contactnum'}; + $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/; + return \%result if $result{'syserror'}; - my $pkgnum = $arg{'pkgnum'}; - $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/; - return \%result if $result{'syserror'}; + my $contact = $contactnum + ? qsearchs('contact',{'contactnum' => $contactnum}) + : (new FS::contact {}); - my $svc_acct = $svcnum - ? qsearchs('svc_acct',{'svcnum' => $svcnum}) - : FS::svc_acct->new({ 'pkgnum' => $pkgnum }); - $result{'syserror'} = 'Could not find service' unless $svc_acct; - return \%result if $result{'syserror'}; + $result{'error'} = $contact->is_password_allowed($password); + } + + if ($arg{'svcnum'}) { + my $svcnum = $arg{'svcnum'}; + $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/; + return \%result if $result{'syserror'}; + + my $svc_acct = $svcnum + ? qsearchs('svc_acct',{'svcnum' => $svcnum}) + : (new FS::svc_acct {}); + $result{'syserror'} = 'Could not find service' unless $svc_acct; + return \%result if $result{'syserror'}; + + $result{'error'} = $svc_acct->is_password_allowed($password); + } - $result{'error'} = $svc_acct->is_password_allowed($password); + # $result{'error'} = $svc_acct->is_password_allowed($password); $result{'valid'} = 1 unless $result{'error'}; return \%result; };