From: ivan <ivan>
Date: Sat, 6 Apr 2002 21:39:22 +0000 (+0000)
Subject: closes: bug#384 - adds security phrase to signup server also
X-Git-Tag: freeside_1_4_0_pre12~104
X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=4fa13bb706c06379b76b085c5f4acdea42902f4f

closes: bug#384 - adds security phrase to signup server also
(already in regular interface)
---

diff --git a/fs_signup/FS-SignupClient/SignupClient.pm b/fs_signup/FS-SignupClient/SignupClient.pm
index 3933703ae..7c9d46d9e 100644
--- a/fs_signup/FS-SignupClient/SignupClient.pm
+++ b/fs_signup/FS-SignupClient/SignupClient.pm
@@ -8,7 +8,7 @@ use FileHandle;
 use IO::Handle;
 use Storable qw(nstore_fd fd_retrieve);
 
-$VERSION = '0.02';
+$VERSION = '0.03';
 
 @ISA = qw( Exporter );
 @EXPORT_OK = qw( signup_info new_customer );
@@ -98,6 +98,8 @@ Each hash reference has the following keys:
   ac
   exch
 
+(Future expansion: fourth argument is the $init_data hash reference)
+
 =cut
 
 sub signup_info {
@@ -141,6 +143,7 @@ a paramater with the following keys:
   pkgpart
   username
   _password
+  sec_phrase
   popnum
 
 Returns a scalar error message, or the empty string for success.
@@ -150,12 +153,6 @@ Returns a scalar error message, or the empty string for success.
 sub new_customer {
   my $hashref = shift;
 
-  #things that aren't necessary in base class, but are for signup server
-#  return "Passwords don't match"
-#    if $hashref->{'_password'} ne $hashref->{'_password2'}
-  return "Empty password" unless $hashref->{'_password'};
-  return "No POP selected" unless $hashref->{'popnum'};
-
   socket(SOCK, PF_UNIX, SOCK_STREAM, 0) or die "socket: $!";
   connect(SOCK, sockaddr_un($fs_signupd_socket)) or die "connect: $!";
   print SOCK "new_customer\n";
@@ -163,10 +160,9 @@ sub new_customer {
   my $signup_data = { map { $_ => $hashref->{$_} } qw(
     first last ss company address1 address2 city county state zip country
     daytime night fax payby payinfo paydate payname invoicing_list
-    referral_custnum pkgpart username _password popnum
+    referral_custnum pkgpart username _password sec_phrase popnum
   ) };
 
-  #
   nstore_fd($signup_data, \*SOCK) or die "can't send customer signup: $!";
   SOCK->flush;
 
diff --git a/fs_signup/FS-SignupClient/cgi/signup.cgi b/fs_signup/FS-SignupClient/cgi/signup.cgi
index d44782f9c..0b2370aa6 100755
--- a/fs_signup/FS-SignupClient/cgi/signup.cgi
+++ b/fs_signup/FS-SignupClient/cgi/signup.cgi
@@ -1,13 +1,13 @@
 #!/usr/bin/perl -Tw
 #
-# $Id: signup.cgi,v 1.16 2002-04-06 20:37:38 ivan Exp $
+# $Id: signup.cgi,v 1.17 2002-04-06 21:39:22 ivan Exp $
 
 use strict;
-use vars qw( @payby $cgi $locales $packages $pops $error
+use vars qw( @payby $cgi $locales $packages $pops $init_data $error
              $last $first $ss $company $address1 $address2 $city $state $county
              $country $zip $daytime $night $fax $invoicing_list $payby $payinfo
              $paydate $payname $referral_custnum
-             $pkgpart $username $password $password2 $popnum
+             $pkgpart $username $password $password2 $sec_phrase $popnum
              $ieak_file $ieak_template $cck_file $cck_template
              $signup_html $signup_template $success_html $success_template
              $ac $exch $loc
@@ -17,7 +17,7 @@ use subs qw( print_form print_okay expselect signup_default success_default );
 use CGI;
 use CGI::Carp qw(fatalsToBrowser);
 use HTTP::Headers::UserAgent 2.00;
-use FS::SignupClient 0.02 qw( signup_info new_customer );
+use FS::SignupClient 0.03 qw( signup_info new_customer );
 use Text::Template;
 
 #acceptable payment methods
@@ -90,7 +90,7 @@ if ( -e $success_html ) {
     or die $Text::Template::ERROR;
 }
 
-( $locales, $packages, $pops ) = signup_info();
+( $locales, $packages, $pops, $init_data ) = signup_info();
 
 $cgi = new CGI;
 
@@ -147,6 +147,7 @@ if ( defined $cgi->param('magic') ) {
         'referral_custnum' => $referral_custnum = $cgi->param('ref'),
         'pkgpart'          => $pkgpart          = $cgi->param('pkgpart'),
         'username'         => $username         = $cgi->param('username'),
+        'sec_phrase'       => $sec_phrase       = $cgi->param('sec_phrase'),
         '_password'        => $password         = $cgi->param('_password'),
         'popnum'           => $popnum           = $cgi->param('popnum'),
       } );
@@ -187,6 +188,7 @@ if ( defined $cgi->param('magic') ) {
   $username = '';
   $password = '';
   $password2 = '';
+  $sec_phrase = '';
   $popnum = '';
   $referral_custnum = $cgi->param('ref') || '';
   print_form;
@@ -485,6 +487,19 @@ Contact Information
   <TD><INPUT TYPE="password" NAME="_password2" VALUE="<%= $password2 %>">
   </TD>
 </TR>
+<%=
+  if ( $init_data->{'security_phrase'} ) {
+    $OUT .= <<ENDOUT;
+<TR>
+  <TD ALIGN="right">Security Phrase</TD>
+  <TD><INPUT TYPE="text" NAME="sec_phrase" VALUE="$sec_phrase">
+  </TD>
+</TR>
+ENDOUT
+  } else {
+    $OUT .= '<INPUT TYPE="hidden" NAME="sec_phrase" VALUE="">';
+  }
+%>
 <TR>
   <TD ALIGN="right">Access number</TD>
   <TD><%= popselector($popnum) %></TD>
diff --git a/fs_signup/FS-SignupClient/cgi/signup.html b/fs_signup/FS-SignupClient/cgi/signup.html
index 909d1fe5b..b97511e97 100755
--- a/fs_signup/FS-SignupClient/cgi/signup.html
+++ b/fs_signup/FS-SignupClient/cgi/signup.html
@@ -134,6 +134,19 @@ Contact Information
   <TD><INPUT TYPE="password" NAME="_password2" VALUE="<%= $password2 %>">
   </TD>
 </TR>
+<%=
+  if ( $init_data->{'security_phrase'} ) {
+    $OUT .= <<ENDOUT;
+<TR>
+  <TD ALIGN="right">Security Phrase</TD>
+  <TD><INPUT TYPE="text" NAME="sec_phrase" VALUE="$sec_phrase">
+  </TD>
+</TR>
+ENDOUT
+  } else {
+    $OUT .= '<INPUT TYPE="hidden" NAME="sec_phrase" VALUE="">';
+  }
+%>
 <TR>
   <TD ALIGN="right">Access number</TD>
   <TD><%= popselector($popnum) %></TD>
diff --git a/fs_signup/fs_signup_server b/fs_signup/fs_signup_server
index 77f7f3056..4c06946c6 100755
--- a/fs_signup/fs_signup_server
+++ b/fs_signup/fs_signup_server
@@ -9,6 +9,7 @@ use Storable qw(nstore_fd fd_retrieve);
 use Tie::RefHash;
 use Net::SSH qw(sshopen2);
 use FS::UID qw(adminsuidsetup);
+use FS::Conf;
 use FS::Record qw( qsearch qsearchs );
 use FS::cust_main_county;
 use FS::cust_main;
@@ -22,6 +23,8 @@ my @payby = qw(CARD PREPAY);
 my $user = shift or die &usage;
 &adminsuidsetup( $user ); 
 
+my $conf = new FS::Conf;
+
 my $machine = shift or die &usage;
 
 my $agentnum = shift or die &usage;
@@ -59,6 +62,8 @@ while (1) {
 
     'svc_acct_pop' => [ map { $_->hashref } qsearch ('svc_acct_pop',{} ) ],
 
+    'security_phrase' => $conf->exists('security_phrase'),
+
   };
 
   warn "[fs_signup_server] Sending init data...\n" if $Debug;
@@ -79,6 +84,12 @@ while (1) {
 
     my $error = '';
 
+    #things that aren't necessary in base class, but are for signup server
+      #return "Passwords don't match"
+      #  if $hashref->{'_password'} ne $hashref->{'_password2'}
+    $error ||= "Empty password" unless $signup_data->{'_password'};
+    $error ||= "No POP selected" unless $signup_data->{'popnum'};
+
     #shares some stuff with htdocs/edit/process/cust_main.cgi... take any
     # common that are still here and library them.
     my $cust_main = new FS::cust_main ( {
@@ -93,7 +104,7 @@ while (1) {
 
     } );
 
-    $error = "Illegal payment type"
+    $error ||= "Illegal payment type"
       unless grep { $_ eq $signup_data->{'payby'} } @payby;
 
     my @invoicing_list = split( /\s*\,\s*/, $signup_data->{'invoicing_list'} );
@@ -118,7 +129,8 @@ while (1) {
 
     my $svc_acct = new FS::svc_acct ( {
       'svcpart'   => $svcpart,
-      map { $_ => $signup_data->{$_} } qw( username _password popnum ),
+      map { $_ => $signup_data->{$_} }
+        qw( username _password sec_phrase popnum ),
     } );
 
     my $y = $svc_acct->setdefault; # arguably should be in new method