$conf->exists('ticket_system-selfservice_edit_subject') &&
$cust_main->edit_subject;
+ $info->{'timeout'} = $conf->config('selfservice-timeout') || 3600;
+
return { %$info,
'custnum' => $custnum,
'access_pkgnum' => $session->{'pkgnum'},
'save_unchecked' => $conf->exists('selfservice-save_unchecked'),
- 'credit_card_surcharge_percentage' => $conf->config('credit-card-surcharge-percentage'),
+ 'credit_card_surcharge_percentage' => scalar($conf->config('credit-card-surcharge-percentage')),
};
}
return { 'error' => '', amount => $amount, %$error };
}
+sub start_thirdparty {
+ my $p = shift;
+ my $session = _cache->get($p->{'session_id'})
+ or return { 'error' => "Can't resume session" }; #better error message
+ my $custnum = $session->{'custnum'};
+ my $cust_main = FS::cust_main->by_key($custnum);
+
+ my $amount = $p->{'amount'}
+ or return { error => 'no amount' };
+
+ my $result = $cust_main->create_payment(
+ 'method' => $p->{'method'},
+ 'amount' => $p->{'amount'},
+ 'pkgnum' => $session->{'pkgnum'},
+ 'session_id' => $p->{'session_id'},
+ );
+
+ if ( ref($result) ) { # hashref or error
+ return $result;
+ } else {
+ return { error => $result };
+ }
+}
+
+sub finish_thirdparty {
+ my $p = shift;
+ my $session_id = delete $p->{'session_id'};
+ my $session = _cache->get($session_id)
+ or return { 'error' => "Can't resume session" };
+ my $custnum = $session->{'custnum'};
+ my $cust_main = FS::cust_main->by_key($custnum);
+
+ if ( $p->{_cancel} ) {
+ # customer backed out of making a payment
+ return $cust_main->cancel_payment( $session_id );
+ }
+ my $result = $cust_main->execute_payment( $session_id, %$p );
+ if ( ref($result) ) {
+ return $result;
+ } else {
+ return { error => $result };
+ }
+}
+
sub process_payment_order_pkg {
my $p = shift;
},
{
+ 'key' => 'selfservice-timeout',
+ 'section' => 'self-service',
+ 'description' => 'Timeout for the self-service login cookie, in seconds. Defaults to 1 hour.',
+ },
+
+ {
'key' => 'backend-realtime',
'section' => 'billing',
'description' => 'Run billing for backend signups immediately.',
#'cust_balance', @money_type, '', '',
'paynum', 'int', 'NULL', '', '', '',
'jobnum', 'bigint', 'NULL', '', '', '',
+ 'invnum', 'int', 'NULL', '', '', '',
+ 'manual', 'char', 'NULL', 1, '', '',
+ 'discount_term','int', 'NULL', '', '', '',
],
'primary_key' => 'paypendingnum',
'unique' => [ [ 'payunique' ] ],
Returns a payment gateway object (see L<FS::payment_gateway>) for this agent.
-Currently available options are I<nofatal>, I<invnum>, I<method>, and I<payinfo>.
+Currently available options are I<nofatal>, I<invnum>, I<method>,
+I<payinfo>, and I<thirdparty>.
If I<nofatal> is set, and no gateway is available, then the empty string
will be returned instead of throwing a fatal exception.
When the I<method> is 'CC' then the card number in I<payinfo> can direct
this routine to route to a gateway suited for that type of card.
+If I<thirdparty> is set, the defined self-service payment gateway will
+be returned.
+
=cut
sub payment_gateway {
my ( $self, %options ) = @_;
+
+ my $conf = new FS::Conf;
+
+ if ( $options{thirdparty} ) {
+ # still a kludge, but it gets the job done
+ # and the 'cardtype' semantics don't really apply to thirdparty
+ # gateways because we have to choose a gateway without ever
+ # seeing the card number
+ my $gatewaynum =
+ $conf->config('selfservice-payment_gateway', $self->agentnum);
+ my $gateway = FS::payment_gateway->by_key($gatewaynum)
+ if $gatewaynum;
+
+ if ( $gateway ) {
+ return $gateway;
+ } elsif ( $options{'nofatal'} ) {
+ return '';
+ } else {
+ die "no third-party gateway configured\n";
+ }
+ }
my $taxclass = '';
if ( $options{invnum} ) {
$cardtype = cardtype($options{payinfo});
} elsif ( $options{method} eq 'ECHECK' ) {
$cardtype = 'ACH';
- } elsif ( $options{method} eq 'PAYPAL' ) {
- $cardtype = 'PayPal';
} else {
$cardtype = $options{method}
}
taxclass => '', } );
my $payment_gateway;
- my $conf = new FS::Conf;
if ( $override ) { #use a payment gateway override
$payment_gateway = $override->payment_gateway;
FS::cust_main::NationalID
FS::cust_main::Billing FS::cust_main::Billing_Realtime
FS::cust_main::Billing_Discount
+ FS::cust_main::Billing_ThirdParty
FS::cust_main::Location
FS::otaker_Mixin FS::payinfo_Mixin FS::cust_main_Mixin
FS::geocode_Mixin FS::Quotable_Mixin
If true, a payment receipt is sent instead of a statement when
'payment_receipt_email' configuration option is set.
+About the "manual" flag: Normally, if the 'payment_receipt' config option
+is set, and the customer has an invoice email address, inserting a payment
+causes a I<statement> to be emailed to the customer. If the payment is
+considered "manual" (or if the customer has no invoices), then it will
+instead send a I<payment receipt>. "manual" should be true whenever a
+payment is created directly from the web interface, from a user-initiated
+realtime payment, or from a third-party payment via self-service. It should
+be I<false> when creating a payment from a billing event or from a batch.
+
=cut
sub insert {
L<FS::payment_gateway> id.
-=item paynum -
+=item paynum
+Payment number (L<FS::cust_pay>) of the completed payment.
+
+=item invnum
+
+Invoice number (L<FS::cust_bill>) to try to apply this payment to.
+
+=item manual
+
+Flag for whether this is a "manual" payment (i.e. initiated through
+self-service or the back-office web interface, rather than from an event
+or a payment batch). "Manual" payments will cause the customer to be
+sent a payment receipt rather than a statement.
+
+=item discount_term
+
+Number of months the customer tried to prepay for.
=back
|| $self->ut_hexn('session_id')
|| $self->ut_foreign_keyn('paynum', 'cust_pay', 'paynum' )
|| $self->ut_foreign_keyn('pkgnum', 'cust_pkg', 'pkgnum')
+ || $self->ut_foreign_keyn('invnum', 'cust_bill', 'invnum')
+ || $self->ut_flag('manual')
+ || $self->ut_numbern('discount_term')
|| $self->payinfo_check() #payby/payinfo/paymask/paydate
;
return $error if $error;
}
+=item approve OPTIONS
+
+Sets the status of this pending payment to "done" and creates a completed
+payment (L<FS::cust_pay>). This should be called when a realtime or
+third-party payment has been approved.
+
+OPTIONS may include any of 'processor', 'payinfo', 'discount_term', 'auth',
+and 'order_number' to set those fields on the completed payment, as well as
+'apply' to apply payments for this customer after inserting the new payment.
+
+=cut
+
+sub approve {
+ my $self = shift;
+ my %opt = @_;
+
+ my $dbh = dbh;
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+
+ my $cust_pay = FS::cust_pay->new({
+ 'custnum' => $self->custnum,
+ 'invnum' => $self->invnum,
+ 'pkgnum' => $self->pkgnum,
+ 'paid' => $self->paid,
+ '_date' => '',
+ 'payby' => $self->payby,
+ 'payinfo' => $self->payinfo,
+ 'gatewaynum' => $self->gatewaynum,
+ });
+ foreach my $opt_field (qw(processor payinfo auth order_number))
+ {
+ $cust_pay->set($opt_field, $opt{$opt_field}) if exists $opt{$opt_field};
+ }
+
+ my %insert_opt = (
+ 'manual' => $self->manual,
+ 'discount_term' => $self->discount_term,
+ );
+ my $error = $cust_pay->insert( %insert_opt );
+ if ( $error ) {
+ # try it again without invnum or discount
+ # (both of those can make payments fail to insert, and at this point
+ # the payment is a done deal and MUST be recorded)
+ $self->invnum('');
+ my $error2 = $cust_pay->insert('manual' => $self->manual);
+ if ( $error2 ) {
+ # attempt to void the payment?
+ # no, we'll just stop digging at this point.
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ my $e = "WARNING: payment captured but not recorded - error inserting ".
+ "payment (". ($opt{processor} || $self->payby) .
+ ": $error2\n(previously tried insert with invnum#".$self->invnum.
+ ": $error)\npending payment saved as paypendingnum#".
+ $self->paypendingnum."\n\n";
+ warn $e;
+ return $e;
+ }
+ }
+ if ( my $jobnum = $self->jobnum ) {
+ my $placeholder = FS::queue->by_key($jobnum);
+ my $error;
+ if (!$placeholder) {
+ $error = "not found";
+ } else {
+ $error = $placeholder->delete;
+ }
+
+ if ($error) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ my $e = "WARNING: payment captured but could not delete job $jobnum ".
+ "for paypendingnum #" . $self->paypendingnum . ": $error\n\n";
+ warn $e;
+ return $e;
+ }
+ }
+
+ if ( $opt{'paynum_ref'} ) {
+ ${ $opt{'paynum_ref'} } = $cust_pay->paynum;
+ }
+
+ $self->status('done');
+ $self->statustext('captured');
+ $self->paynum($cust_pay->paynum);
+ my $cpp_done_err = $self->replace;
+
+ if ( $cpp_done_err ) {
+
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ my $e = "WARNING: payment captured but could not update pending status ".
+ "for paypendingnum ".$self->paypendingnum.": $cpp_done_err \n\n";
+ warn $e;
+ return $e;
+
+ } else {
+
+ # commit at this stage--we don't want to roll back if applying
+ # payments fails
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+
+ if ( $opt{'apply'} ) {
+ my $apply_error = $self->apply_payments_and_credits;
+ if ( $apply_error ) {
+ warn "WARNING: error applying payment: $apply_error\n\n";
+ }
+ }
+ }
+ '';
+}
+
=item decline [ STATUSTEXT ]
Sets the status of this pending payment to "done" (with statustext
=item gateway_callback_url - For ThirdPartyPayment only, set to the URL that
the user should be redirected to on a successful payment. This will be sent
-as a transaction parameter (named "callback_url").
+as a transaction parameter named "return_url".
=item gateway_cancel_url - For ThirdPartyPayment only, set to the URL that
-the user should be redirected to if they cancel the transaction. PayPal
-requires this; other gateways ignore it.
+the user should be redirected to if they cancel the transaction. This will
+be sent as a transaction parameter named "cancel_url".
=item auto_resolve_status - For BatchPayment only, set to 'approve' to
auto-approve unresolved payments after some number of days, 'reject' to
eval "use Business::BatchPayment;";
die "couldn't load Business::BatchPayment: $@" if $@;
- my $conf = new FS::Conf;
- my $test_mode = $conf->exists('business-batchpayment-test_transaction');
- $opt{'test_mode'} = 1 if $test_mode;
-
my $module = $self->gateway_module;
my $processor = eval {
Business::BatchPayment->create($module, $self->options, %opt)
if $@;
die "$module does not support test mode"
- if $test_mode and not $processor->does('Business::BatchPayment::TestMode');
+ if $opt{'test_mode'}
+ and not $processor->does('Business::BatchPayment::TestMode');
return $processor;
}
+=item processor OPTIONS
+
+Loads the module for the processor and returns an instance of it.
+
+=cut
+
+sub processor {
+ local $@;
+ my $self = shift;
+ my %opt = @_;
+ foreach (qw(action username password)) {
+ if (length($self->get("gateway_$_"))) {
+ $opt{$_} = $self->get("gateway_$_");
+ }
+ }
+ $opt{'return_url'} = $self->gateway_callback_url;
+ $opt{'cancel_url'} = $self->gateway_cancel_url;
+
+ my $conf = new FS::Conf;
+ my $test_mode = $conf->exists('business-batchpayment-test_transaction');
+ $opt{'test_mode'} = 1 if $test_mode;
+
+ my $namespace = $self->gateway_namespace;
+ eval "use $namespace";
+ die "couldn't load $namespace: $@" if $@;
+
+ if ( $namespace eq 'Business::BatchPayment' ) {
+ # at some point we can merge these, but there's enough special behavior...
+ return $self->batch_processor(%opt);
+ } else {
+ return $namespace->new( $self->gateway_module, $self->options, %opt );
+ }
+}
+
# _upgrade_data
#
# Used by FS::Upgrade to migrate to a new database.
'call_time' => 'PrepaidPhone/call_time',
'call_time_nanpa' => 'PrepaidPhone/call_time_nanpa',
'phonenum_balance' => 'PrepaidPhone/phonenum_balance',
+
+ 'start_thirdparty' => 'MyAccount/start_thirdparty',
+ 'finish_thirdparty' => 'MyAccount/finish_thirdparty',
);
@EXPORT_OK = (
keys(%autoload),
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Payment results') %>
<%= if ( $error ) {
-<%= $url = "$selfurl?session=$session_id;custnum=$custnum;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<TD VALIGN="top" HEIGHT=384 BGCOLOR="#dddddd">
<A HREF="<%= $url %>agent_provision">Setup services</A><BR><BR>
<A HREF="<%= $url %>agent_order_pkg">Purchase additional package</A><BR><BR>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Edit billing address') %>
<%= if ( $error ) {
} ''; %>
<FORM NAME="ChangeBillForm" ACTION="<%= $selfurl %>" METHOD=POST onSubmit="document.bottomform.submit.disabled=true;">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_change_bill">
<TABLE BGCOLOR="#cccccc" BORDER=0 CELLSPACING=0>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Change password') %>
<%= if ( $error ) {
} ''; %>
<FORM ACTION="<%= $selfurl %>" METHOD="POST">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_change_password">
<TABLE BGCOLOR="#cccccc">
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Change payment information') %>
<%= if ( $error ) {
my $preauto = '<TR><TD COLSPAN=3><INPUT TYPE="checkbox" NAME="auto" VALUE="1"';
my $postauto = '>Charge future payments to this card automatically</TD></TR>';
- my $tail = qq(</TABLE><INPUT TYPE="hidden" NAME="session" VALUE="$session_id">).
+ my $tail = qq(</TABLE>).
qq(<INPUT TYPE="hidden" NAME="action" VALUE="process_change_pay">).
qq(<BR>).
qq(<INPUT TYPE="submit" NAME="process" ).
$OUT .= qq!<FONT SIZE="+1" COLOR="#ff0000">$error</FONT><BR><BR>!;
} ''; %>
<FORM NAME="ChangePkgForm" ACTION="<%= $selfurl %>" METHOD=POST>
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_change_pkg">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<%= encode_entities($pkgnum) %>">
<INPUT TYPE="hidden" NAME="pkg" VALUE="<%= encode_entities($pkg) %>">
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Edit service address') %>
<%= if ( $error ) {
} ''; %>
<FORM NAME="OneTrueForm" ACTION="<%= $selfurl %>" METHOD=POST onSubmit="document.bottomform.submit.disabled=true;">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_change_ship">
<TABLE BGCOLOR="#cccccc" BORDER=0 CELLSPACING=0>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Change package') %>
<%= include('change_pkg') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Purchase additional package') %>
<%= include('order_pkg') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Remove service') %>
<%= if ( $error ) {
--- /dev/null
+<%= include('header', 'Payment confirmation') %>
+
+<TABLE BGCOLOR="#cccccc">
+<%= if ( $error ) {
+ $OUT .= '<FONT SIZE=+1><B>Payment processing error</B></FONT><BR>'.$error;
+} else {
+ $OUT .= '
+<TR><TH COLSPAN=2><FONT SIZE=+1><B>Your payment details</B></FONT></TH></TR>
+<TR>
+ <TD ALIGN="right">Payment #</TD>
+ <TD BGCOLOR="#ffffff"><B>' . $paynum . '</B></TD>
+</TR>
+<TR>
+ <TD ALIGN="right">Payment amount</TH>
+ <TD BGCOLOR="#ffffff"><B>' . sprintf('$%.2f', $paid) . '</B></TD>
+</TR>
+<TR>
+ <TD ALIGN="right">Processing #</TD>
+ <TD BGCOLOR="#ffffff"><B>' . $order_number . '</B></TD>
+</TR>';
+} %>
+<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<%= include('header', 'All Invoices') %>
<%=
<HTML><HEAD><TITLE>Reseller</TITLE></HEAD>
<BODY BGCOLOR="#eeeeee"><FONT SIZE=5>Reseller</FONT><BR><BR>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<TABLE BORDER=0 CELLPADDING=4><TR>
<%= include('agent_menu') %>
<TD VALIGN="top">
<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
<FORM ACTION="<%= $self_url %>" METHOD=POST>
-<INPUT TYPE="hidden" NAME="session" VALUE="login">
+<INPUT TYPE="hidden" NAME="action" VALUE="myaccount">
<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>">
<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0>
<B>OR</B><BR><BR>
<FORM ACTION="$self_url" METHOD=POST>
- <INPUT TYPE="hidden" NAME="session" VALUE="login">
<TABLE BGCOLOR="$box_bgcolor" BORDER=0 CELLSPACING=2 CELLPADDING=0>
<TR>
<TH ALIGN="right">Phone number </TH>
<HTML>
<HEAD>
+ <META HTTP-EQUIV="refresh" CONTENT="5;URL=<%= $cgi->url(-absolute => 1) %>">
<TITLE>MyAccount</TITLE>
<%= $head %>
</HEAD>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Make a payment') %>
<FORM NAME="OneTrueForm" METHOD="POST" ACTION="<%=$selfurl%>" onSubmit="document.OneTrueForm.process.disabled=true">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%=$session_id%>">
<INPUT TYPE="hidden" NAME="action" VALUE="ach_payment_results">
<TABLE BGCOLOR="#cccccc">
<TR>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Make a payment') %>
<FORM NAME="OneTrueForm" METHOD="POST" ACTION="<%=$selfurl%>" onSubmit="document.OneTrueForm.process.disabled=true">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%=$session_id%>">
<INPUT TYPE="hidden" NAME="action" VALUE="payment_results">
<TABLE BGCOLOR="#cccccc">
<TR>
-<%= $url = "$selfurl?session=$session_id;action=";
- $cgi = new CGI;
- ''; %>
<%= include('header', 'Make a payment') %>
+<%= if ( $error ) {
+ $OUT .= qq!<FONT SIZE="+1" COLOR="#ff0000">$error</FONT><BR><BR>!;
+} ''; %>
<FORM NAME="OneTrueForm" METHOD="POST" ACTION="<%=$selfurl%>"
onSubmit="document.OneTrueForm.process.disabled=true">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%=$session_id%>">
<INPUT TYPE="hidden" NAME="action" VALUE="post_thirdparty_payment">
-<INPUT TYPE="hidden" NAME="payby_method" VALUE="<%=
-$cgi->param('payby_method') =~ /(CC|ECHECK|PAYPAL)/;
-$1 %>">
+<INPUT TYPE="hidden" NAME="payby_method" VALUE="<%= $payby_method %>">
<TABLE BGCOLOR="#cccccc">
<TR>
<TH ALIGN="right">Balance due</TH>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<%= include('header', 'My Account') %>
Hello <%= $name %>!<BR><BR>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<TABLE BORDER=0><TR>
<TD VALIGN="top" BGCOLOR="<%= $menu_bgcolor || $box_bgcolor || '#c0c0c0' %>">
$OUT .= qq!<FONT SIZE="+1" COLOR="#ff0000">$error</FONT><BR><BR>!;
} ''; %>
<FORM NAME="OrderPkgForm" ACTION="<%= $selfurl %>" METHOD=POST>
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_order_pkg">
<INPUT TYPE="hidden" NAME="custnum" VALUE="<%= $custnum %>">
<TABLE BGCOLOR="#cccccc" BORDER=0 CELLSPACING=0>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Payment results') %>
<%= if ( $error ) {
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
-<%= include('header', 'Pay now') %>
-
-<SCRIPT TYPE="text/javascript" SRC="overlibmws.js"></SCRIPT>
-<SCRIPT TYPE="text/javascript" SRC="overlibmws_iframe.js"></SCRIPT>
-<SCRIPT TYPE="text/javascript" SRC="overlibmws_draggable.js"></SCRIPT>
-<SCRIPT TYPE="text/javascript" SRC="overlibmws_crossframe.js"></SCRIPT>
-<SCRIPT TYPE="text/javascript" SRC="iframecontentmws.js"></SCRIPT>
-
-<%= if ( $error ) {
- $OUT .= qq!<FONT SIZE="+1" COLOR="#ff0000">$error</FONT><BR><BR>!;
-}else{
- $OUT .= <<EOF;
- You are about to contact our payment processor to pay $amount.<BR><BR>
- Your transaction reference number is $reference <BR><BR>
- <FORM METHOD="POST" ACTION="$popup_url">
-EOF
-
-#<FORM NAME="collect_popper" method="post" action="javascript:void(0)" onSubmit="popcollect()">
- my %itemhash = @collectitems;
-# my $query = join(';',
-# map { uri_escape($_) . '=' . uri_escape($itemhash{$_}) }
-# keys(%itemhash)
-# );
- foreach my $input (keys(%itemhash)) {
- $OUT .= qq!<INPUT NAME="$input" TYPE="hidden" VALUE="$itemhash{$input}">\n!;
- }
- $OUT .= qq!<INPUT NAME="submit" TYPE="submit" VALUE="Pay now"></FORM>!
+<HTML>
+ <HEAD>
+ <TITLE>Redirecting to payment processor...</TITLE>
+ </HEAD>
+ <BODY>
+ <H1>Redirecting to payment processor...</H1>
+ <FORM ID="autoform" ENCTYPE="multipart/form-data" ACTION="<%= $url %>" METHOD="POST" STYLE="display:none">
+<%= foreach my $name (keys %post_params) {
+ my $value = encode_entities($post_params{$name});
+ $OUT .= '
+ <INPUT NAME="' . $name . '" TYPE="hidden" VALUE="' . $value . '">';
+} %>
+ <INPUT TYPE="submit" VALUE="submit">
+ </FORM>
+ <SCRIPT TYPE="text/javascript">
+window.onload = function() {
+ document.getElementById('autoform').submit();
}
-%>
-
-<%=
-#<SCRIPT TYPE="text/javascript">
-# function popcollect() {
-# overlib( OLiframeContent('<%= $popup_url %>', 336, 550, 'Secure Payment Area', 0, 'auto' ), CAPTION, 'Pay now', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK, BGCOLOR, '#333399', CGCOLOR, '#333399', CLOSETEXT, 'Close' );
-# overlib( OLpostAJAX('<%= $popup_url %>',
-# return false;
-# }
-#</SCRIPT>
-%>
-
-<%= include('footer') %>
+ </SCRIPT>
+ </BODY>
+</HTML>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Information updated successfully') %>
<FONT SIZE=4>Information updated successfully.</FONT>
<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "Password changed" ) %>
<FONT SIZE=4>Password changed for <%= $value %> <%= $label %>.</FONT>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Information updated successfully' ) %>
<FONT SIZE=4>Information updated successfully.</FONT>
<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Package change successful') %>
<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Information updated successfully') %>
<FONT SIZE=4>Information updated successfully.</FONT>
<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Package order successful') %>
<FONT SIZE=4>Package order successful.</FONT>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "$svc recharged successfully") %>
<FONT SIZE=4><%= $svc %> recharged successfully.</FONT>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Package suspended') %>
<%= include('footer') %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "$svc setup successfully") %>
<FONT SIZE=4><%= $svc %> setup successfully.</FONT>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "$svc setup successfully") %>
<FONT SIZE=4><%= $svc %> setup successfully.</FONT>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "$svc setup successfully") %>
<FONT SIZE=4><%= $svc %> setup successfully.</FONT>
-<%= $url = "$selfurl?session=$session_id;action=";
- $heading1 = "Setup my services";
+<%= $heading1 = "Setup my services";
$heading1 = "Package list" if $wholesale_view;
$provision_list = "provision_list";
$provision_list = "ws_list" if $wholesale_view;
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Setup account') %>
<%= include('svc_acct') %>
-<%= $url = "$selfurl?session=$session_id;action=";
- $heading2 = $lnp ? "Port-In Number" : "Setup phone number";
+<%= $heading2 = $lnp ? "Port-In Number" : "Setup phone number";
'';
%>
<%= include('header', $heading2) %>
}
%>
-<FORM name="OneTrueForm" action="<%= $url %>" METHOD="POST">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
+<FORM name="OneTrueForm" action="<%= $selfurl %>" METHOD="POST">
<INPUT TYPE="hidden" NAME="action" VALUE="process_svc_phone">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<%= $pkgnum %>">
<INPUT TYPE="hidden" NAME="svcpart" VALUE="<%= $svcpart %>">
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Recharge with prepaid card') %>
<FORM NAME="OneTrueForm" METHOD="POST" ACTION="<%=$selfurl%>" onSubmit="document.OneTrueForm.process.disabled=true">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%=$session_id%>">
<INPUT TYPE="hidden" NAME="action" VALUE="recharge_results">
<TABLE BGCOLOR="#cccccc">
<!--
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Recharge results') %>
<%= if ( $error ) {
-#!/usr/bin/perl -Tw
+#!/usr/bin/perl -w
use strict;
use vars qw($DEBUG $cgi $session_id $form_max $template_dir);
use subs qw(do_template);
use CGI;
use CGI::Carp qw(fatalsToBrowser);
+use CGI::Cookie;
use Text::Template;
use HTML::Entities;
use Date::Format;
myaccount_passwd list_invoices create_ticket get_ticket did_report
adjust_ticket_priority
mason_comp port_graph
+ start_thirdparty finish_thirdparty
);
$template_dir = '.';
$form_max = 255;
$cgi = new CGI;
+my %cookies = CGI::Cookie->fetch;
-unless ( defined $cgi->param('session') ) {
- my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) );
+my $login_rv;
- do_template('login', $login_info );
- exit;
-}
+if ( exists($cookies{'session'}) ) {
-if ( $cgi->param('session') eq 'login' ) {
+ $session_id = $cookies{'session'}->value;
- $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i
- or die "illegal username";
- my $username = $1;
+ if ( $session_id eq 'login' ) {
+ # then we've just come back from the login page
- $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/
- or die "illegal domain";
- my $domain = $1;
+ $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i;
+ my $username = $1;
- $cgi->param('password') =~ /^(.{0,$form_max})$/
- or die "illegal password";
- my $password = $1;
+ $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/;
+ my $domain = $1;
- my $rv = login(
- 'username' => $username,
- 'domain' => $domain,
- 'password' => $password,
- );
- if ( $rv->{error} ) {
- my $login_info = login_info( 'agentnum' => $cgi->param('agentnum') );
- do_template('login', {
- 'error' => $rv->{error},
- 'username' => $username,
- 'domain' => $domain,
- %$login_info,
- } );
- exit;
- } else {
- $cgi->param('session' => $rv->{session_id} );
- $cgi->param('action' => 'myaccount' );
- }
+ $cgi->param('password') =~ /^(.{0,$form_max})$/;
+ my $password = $1;
+
+ if ( $username and $domain and $password ) {
+
+ # authenticate
+ $login_rv = login(
+ 'username' => $username,
+ 'domain' => $domain,
+ 'password' => $password,
+ );
+ $session_id = $login_rv->{'session_id'};
+
+ } elsif ( $username or $domain or $password ) {
+
+ my $error = 'Illegal '; #XXX localization...
+ my $count = 0;
+ if ( !$username ) {
+ $error .= 'username';
+ $count++;
+ }
+ if ( !$domain ) {
+ $error .= ', ' if $count;
+ $error .= 'domain';
+ $count++;
+ }
+ if ( !$password ) {
+ $error .= ', ' if $count;
+ $error .= 'and ' if $count > 1;
+ $error .= 'password';
+ $count++;
+ }
+ $error .= '.';
+ $login_rv = {
+ 'username' => $username,
+ 'domain' => $domain,
+ 'password' => $password,
+ 'error' => $error,
+ };
+ $session_id = undef; # attempt login again
+
+ } # else there was no input, so show no error message
+ } # else session_id ne 'login'
+
+} else {
+ # there is no session cookie
+ $login_rv = {};
}
-$session_id = $cgi->param('session');
+if ( !$session_id ) {
+ # XXX why are we getting agentnum from a CGI param? surely it should
+ # be some kind of configuration option.
+ #
+ # show the login page
+ $session_id = 'login'; # set state
+ my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) );
+
+ do_template('login', { %$login_rv, %$login_info });
+ exit;
+}
+
+# at this point $session_id is a real session
#order|pw_list XXX ???
my @actions = ( qw(
make_term_payment
make_thirdparty_payment
post_thirdparty_payment
+ finish_thirdparty_payment
+ cancel_thirdparty_payment
payment_results
ach_payment_results
recharge_prepay
customer_suspend_pkg
process_suspend_pkg
));
-
-$cgi->param('action') =~ ( '^(' . join('|', @actions) . ')$' )
- or die "unknown action ". $cgi->param('action');
-my $action = $1;
+
+my $action = 'myaccount'; # sensible default
+if ( $cgi->param('action') =~ /^(\w+)$/ ) {
+ if (grep {$_ eq $1} @actions) {
+ $action = $1;
+ } else {
+ warn "WARNING: unrecognized action '$1'\n";
+ }
+}
warn "calling $action sub\n"
if $DEBUG;
if ( $result->{error} && ( $result->{error} eq "Can't resume session"
|| $result->{error} eq "Expired session") ) { #ick
+ $session_id = 'login';
my $login_info = login_info();
do_template('login', $login_info);
exit;
}
sub make_thirdparty_payment {
- payment_info('session_id' => $session_id);
+ my $payment_info = payment_info('session_id' => $session_id);
+ $cgi->param('payby_method') =~ /^(CC|ECHECK|PAYPAL)$/
+ or die "illegal payby method";
+ $payment_info->{'payby_method'} = $1;
+ $payment_info->{'error'} = $cgi->param('error');
+
+ $payment_info;
}
sub post_thirdparty_payment {
$cgi->param('amount') =~ /^(\d+(\.\d*)?)$/
or die "illegal amount";
my $amount = $1;
- # realtime_collect() returns the result from FS::cust_main->realtime_collect
- # which returns realtime_bop()
- # which returns a hashref of popup_url, collectitems, and reference
- my $result = realtime_collect(
+ my $result = start_thirdparty(
'session_id' => $session_id,
'method' => $method,
'amount' => $amount,
);
+ if ( $result->{error} ) {
+ $cgi->param('action', 'make_thirdparty_payment');
+ $cgi->param('error', $result->{error});
+ print $cgi->redirect( $cgi->self_url );
+ exit;
+ }
+
$result;
}
+sub finish_thirdparty_payment {
+ my %param = $cgi->Vars;
+ finish_thirdparty( 'session_id' => $session_id, %param );
+ # result contains either 'error' => error message, or the payment details
+}
+
+sub cancel_thirdparty_payment {
+ $action = 'make_thirdparty_payment';
+ finish_thirdparty( 'session_id' => $session_id, '_cancel' => 1 );
+}
+
sub make_term_payment {
$cgi->param('amount') =~ /^(\d+\.\d{2})$/
or die "illegal payment amount";
$cgi->delete_all();
$fill_in->{'selfurl'} = $cgi->self_url;
$fill_in->{'cgi'} = \$cgi;
+ $fill_in->{'error'} = $cgi->param('error') if $cgi->param('error');
- my $access_info = $session_id
+ my $access_info = ($session_id and $session_id ne 'login')
? access_info( 'session_id' => $session_id )
: {};
$fill_in->{$_} = $access_info->{$_} foreach keys %$access_info;
-
- if($result && ref($result) && $result->{'format'} && $result->{'content'}
- && $result->{'format'} eq 'csv') {
- print $cgi->header('-expires' => 'now',
- '-Content-Type' => 'text/csv',
- '-Content-Disposition' => "attachment;filename=output.csv",
- ),
- $result->{'content'};
- }
- elsif($result && ref($result) && $result->{'format'} && $result->{'content'}
- && $result->{'format'} eq 'xls') {
- print $cgi->header('-expires' => 'now',
- '-Content-Type' => 'application/vnd.ms-excel',
- '-Content-Disposition' => "attachment;filename=output.xls",
- '-Content-Length' => length($result->{'content'}),
- ),
- $result->{'content'};
- }
- elsif($result && ref($result) && $result->{'format'} && $result->{'content'}
- && $result->{'format'} eq 'png') {
- print $cgi->header('-expires' => 'now',
- '-Content-Type' => 'image/png',
- ),
- $result->{'content'};
- }
- else {
- my $source = "$template_dir/$name.html";
- my $template = new Text::Template( TYPE => 'FILE',
- SOURCE => $source,
- DELIMITERS => [ '<%=', '%>' ],
- UNTAINT => 1,
- )
- or die $Text::Template::ERROR;
-
- my $data = $template->fill_in(
- PACKAGE => 'FS::SelfService::_selfservicecgi',
- HASH => $fill_in,
- ) || "Error processing template $source"; # at least print _something_
- print $cgi->header( '-expires' => 'now' );
- print $data;
+ # update the user's authentication
+ my $timeout = $access_info->{'timeout'} || '60';
+ my $cookie = CGI::Cookie->new('-name' => 'session',
+ '-value' => $session_id,
+ '-expires' => '+'.$timeout,
+ #'-secure' => 1, # would be a good idea...
+ );
+ if ( $name eq 'logout' ) {
+ $cookie->expires(0);
+ }
+
+ if ( $fill_in->{'format'} ) {
+ # then override content-type, and return $fill_in->{'content'} instead
+ # of filling in a template
+ if ( $fill_in->{'format'} eq 'csv') {
+ print $cgi->header('-expires' => 'now',
+ '-Content-Type' => 'text/csv',
+ '-Content-Disposition' => "attachment;filename=output.csv",
+ );
+ } elsif ( $fill_in->{'format'} eq 'xls' ) {
+ print $cgi->header('-expires' => 'now',
+ '-Content-Type' => 'application/vnd.ms-excel',
+ '-Content-Disposition' => "attachment;filename=output.xls",
+ '-Content-Length' => length($fill_in->{'content'}),
+ );
+ } elsif ( $fill_in->{'format'} eq 'png' ) {
+ print $cgi->header('-expires' => 'now',
+ '-Content-Type' => 'image/png',
+ );
}
- }
+ print $fill_in->{'content'};
+ } else { # the usual case
+ my $source = "$template_dir/$name.html";
+ my $template = new Text::Template(
+ TYPE => 'FILE',
+ SOURCE => $source,
+ DELIMITERS => [ '<%=', '%>' ],
+ UNTAINT => 1,
+ )
+ or die $Text::Template::ERROR;
+
+ my $data = $template->fill_in(
+ PACKAGE => 'FS::SelfService::_selfservicecgi',
+ HASH => $fill_in,
+ ) || "Error processing template $source"; # at least print _something_
+ print $cgi->header( '-cookie' => $cookie,
+ '-expires' => 'now' );
+ print $data;
+ }
+}
#*FS::SelfService::_selfservicecgi::include = \&Text::Template::fill_in_file;
}
-1;
+
'</FONT><BR><BR>';
} ''; %>
<FORM ACTION="<%= $selfurl %>" METHOD=POST>
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
<INPUT TYPE="hidden" NAME="action" VALUE="process_svc_acct">
<INPUT TYPE="hidden" NAME="custnum" VALUE="<%= $custnum %>">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<%= $pkgnum %>">
if ( $can_set_priority ) {
$OUT .= qq!<FORM ACTION="$selfurl" METHOD="POST">! .
- qq!<INPUT TYPE="hidden" NAME="session" VALUE="$session_id">! .
qq!<INPUT TYPE="hidden" NAME="action" VALUE="ticket_priority">!;
}
$date_format ||= '%Y-%m-%d';
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Create a ticket') %>
<%=
Please fill in both the subject and message
<br><br>
<FORM ACTION="$selfurl" METHOD=POST>
- <input type="hidden" name="session" value="$session_id">
<input type="hidden" name="action" value="tktcreate">
<table>
<tr>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', "View ticket #$ticket_id") %>
<%=
%>
<BR><BR><BR>
<FORM ACTION="<%=$selfurl%>" METHOD=POST>
- <input type="hidden" name="session" value="<%=$session_id%>">
<input type="hidden" name="ticket_id" value="<%=$ticket_id%>">
<%= if ( $edit_ticket_subject ) { $OUT .= '
Subject:<BR><input type="text" name="subject" value="' .
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', ($inbound ? 'Received calls' : 'Dialed calls' ) .
' for '.
Date::Format::time2str('%b %o %Y', $beginning).
<HTML><HEAD><TITLE>Reseller</TITLE></HEAD>
<BODY BGCOLOR="#eeeeee"><FONT SIZE=5>Reseller</FONT><BR><BR>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<TABLE BORDER=0 CELLPADDING=4><TR>
<%= include('agent_menu') %>
<TD VALIGN="top">
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
<%= include('header', 'Invoice') %>
<%= $invoice_html %>
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<%= include('header', "Service usage details for $start - $end") %>
<%= if ( $error ) {
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?action="; ''; %>
<%= include('header', 'Usage details') %>
<FONT SIZE=4>Support usage details for
-<%= $url = "$selfurl?session=$session_id;action=";
+<%= $url = "$selfurl?action=";
%by_pkg_label = (); # not used yet, but I'm sure it will be...
@svc_acct = ();
@svc_phone = ();
$OUT .= '<TR><TD>'. $svc_port->{'label'}. ': '. $svc_port->{'value'}.'</TD>';
$OUT .= qq! <TD><FORM ACTION="$url" METHOD="GET">
<INPUT TYPE="hidden" name="svcnum" value="$svcnum">
- <INPUT TYPE="hidden" name="action" value="view_port_graph">
- <INPUT TYPE="hidden" name="session" value="$session_id"> !;
+ <INPUT TYPE="hidden" name="action" value="view_port_graph"> !;
$OUT .= preset_range($default_start,$default_end,'Last Day',$date_format,$svcnum)
.' | '.preset_range($default_end-86400*7,$default_end,'Last Week',$date_format,$svcnum)
.' | '.preset_range($default_end-86400*30,$default_end,'Last Month',$date_format,$svcnum)
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
+<%= $url = "$selfurl?;action="; ''; %>
<%= include('header', 'Service usage details for '.
Date::Format::time2str('%b %o %Y', $beginning).
' - '.
'WorldPay',
],
'Business::OnlineThirdPartyPayment' => [
- 'eWayShared',
- 'Interswitchng',
+ #'eWayShared', support currently broken
+ #'Interswitchng',
'PayPal',
+ 'FCMB',
],
'Business::BatchPayment' => [
'KeyBank',
projects / freeside.git / commitdiff