X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fxmlhttp-validate_password.html;h=b340170f8ace9eca74841e003bd5c1c917a170d5;hb=6016bc83d369186275044bd8539f66a3cb03c4cb;hp=28dbf646031639218f13747c0eb61216a647c48c;hpb=0375336c45591cb3354daafa2be5fdf8e905a3ea;p=freeside.git diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html index 28dbf6460..b340170f8 100644 --- a/httemplate/misc/xmlhttp-validate_password.html +++ b/httemplate/misc/xmlhttp-validate_password.html @@ -1,13 +1,14 @@ <%doc> -Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only -acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an -empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in -results for convenience.) - -Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid), -'error' (error text if password is invalid) or 'syserror' (error text if password -could not be validated.) Only one of these keys will be set. Will also set -'fieldid' if it was passed. +Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is +only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise +create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet +inserted), and 'fieldid' (for html post-processing, passed along in results +for convenience.) + +Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is +valid), 'error' (error text if password is invalid) or 'syserror' (error text +if password could not be validated.) Only one of these keys will be set. +Will also set 'fieldid' if it was passed. <% encode_json($result) %> @@ -28,17 +29,37 @@ my $validate_password = sub { $result{'syserror'} = 'Invoked without password' unless $password; return \%result if $result{'syserror'}; - my $svcnum = $arg{'svcnum'}; - $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/; - return \%result if $result{'syserror'}; + if ($arg{'contactnum'}) { + my $contactnum = $arg{'contactnum'}; + $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/; + return \%result if $result{'syserror'}; - my $svc_acct = $svcnum - ? qsearchs('svc_acct',{'svcnum' => $svcnum}) - : (new FS::svc_acct {}); - $result{'syserror'} = 'Could not find service' unless $svc_acct; - return \%result if $result{'syserror'}; + my $contact = $contactnum + ? qsearchs('contact',{'contactnum' => $contactnum}) + : ''; + + $result{'error'} = $contact->is_password_allowed($password); + } + + if ($arg{'svcnum'}) { + my $pkgnum = $arg{'pkgnum'}; + $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/; + return \%result if $result{'syserror'}; + + my $svcnum = $arg{'svcnum'}; + $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/; + return \%result if $result{'syserror'}; + + my $svc_acct = $svcnum + ? qsearchs('svc_acct',{'svcnum' => $svcnum}) + : FS::svc_acct->new({ 'pkgnum' => $pkgnum }); + $result{'syserror'} = 'Could not find service' unless $svc_acct; + return \%result if $result{'syserror'}; + + $result{'error'} = $svc_acct->is_password_allowed($password); + } - $result{'error'} = $svc_acct->is_password_allowed($password); + # $result{'error'} = $svc_acct->is_password_allowed($password); $result{'valid'} = 1 unless $result{'error'}; return \%result; };