[freeside-commits] branch master updated. 8df787434943b1004b478ef594cfa106a719e6f0
Christopher Burger
burgerc at 420.am
Thu Jun 8 12:53:20 PDT 2017
The branch, master has been updated
via 8df787434943b1004b478ef594cfa106a719e6f0 (commit)
from 6e0f9bf522acce334318adea8ea0b003781f8272 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8df787434943b1004b478ef594cfa106a719e6f0
Author: Christopher Burger <burgerc at freeside.biz>
Date: Thu Jun 8 15:52:50 2017 -0400
RT# 73993 - updated ng_selfservice/services.php and ng_selfservice/packages_change.php to only pass one cgi param pkgnum and escaped pkg_label
diff --git a/ng_selfservice/packages_change.php b/ng_selfservice/packages_change.php
index 876f6cd..20685e8 100644
--- a/ng_selfservice/packages_change.php
+++ b/ng_selfservice/packages_change.php
@@ -2,24 +2,39 @@
<? $current_menu = 'services.php'; include('elements/menu.php'); ?>
<?
+$get_params = array( 'pkgnum' );
+foreach ( $get_params AS $param ) {
+ $params[$param] = $_GET[$param];
+}
+
$customer_info = $freeside->customer_info_short( array(
'session_id' => $_COOKIE['session_id'],
) );
-foreach ( $cust_pkg AS $pkg ) {
- $part_pkg .= $pkg[pkgpart];
- $class_num .= $pkg[classnum];
+$list_pkgs = $freeside->list_pkgs( array(
+ 'session_id' => $_COOKIE['session_id'],
+) );
+
+if ( isset($list_pkgs['error']) && $list_pkgs['error'] ) {
+ $error = $list_pkgs['error'];
+ header('Location:index.php?error='. urlencode($error));
+ die();
}
-$get_params = array( 'pkgnum', 'pkg', 'classnum', 'pkgpart' );
-foreach ( $get_params AS $param ) {
- $params[$param] = $_GET[$param];
+extract($list_pkgs);
+
+foreach ( $cust_pkg AS $pkg ) {
+ if ( $pkg['pkgnum'] == $params['pkgnum'] ) {
+ $pkg_label = $pkg['pkg_label'];
+ $pkg_part = $pkg['pkgpart'];
+ $class_num = $pkg['classnum'];
+ }
}
$pkgselect = $freeside->mason_comp( array(
'session_id' => $_COOKIE['session_id'],
'comp' => '/elements/select-part_pkg.html',
- 'args' => [ 'classnum', $params['classnum'], 'curr_value', $params['pkgpart'], ],
+ 'args' => [ 'classnum', $class_num, 'curr_value', $pkg_part, ],
)
);
@@ -41,7 +56,7 @@ function enable_change_pkg () {
}
</SCRIPT>
-<FONT SIZE=4>Purchase replacement package for "<? echo $params['pkg']; ?>"</FONT><BR><BR>
+<FONT SIZE=4>Purchase replacement package for "<? echo htmlspecialchars($pkg_label); ?>"</FONT><BR><BR>
<? include('elements/error.php'); ?>
diff --git a/ng_selfservice/services.php b/ng_selfservice/services.php
index 987e582..b81f558 100644
--- a/ng_selfservice/services.php
+++ b/ng_selfservice/services.php
@@ -33,7 +33,7 @@ extract($list_pkgs);
$change_link = '';
if ( in_array("Change packages", $menu_disable) == 0) {
- $change_link = '<a href="packages_change.php?pkgnum=' . $pkg['pkgnum'] . '&pkg=' . $pkg['pkg_label'] . '&pkgpart=' . $pkg['pkgpart'] . '&classnum=' . $pkg['classnum'] . '">[change]</a>';
+ $change_link = '<a href="packages_change.php?pkgnum=' . $pkg['pkgnum'] . '">[change]</a>';
}
?>
<TR>
@@ -41,7 +41,7 @@ extract($list_pkgs);
</TR>
<TR>
<? echo $td ?><? echo $change_link ?> </TD>
- <? echo $td ?><? echo $pkg['pkg_label']; ?></TD>
+ <? echo $td ?><? echo htmlspecialchars($pkg['pkg_label']); ?></TD>
<? echo $td ?>
<FONT COLOR="#<? echo $pkg['statuscolor'] ?>"><B>
<? echo ucfirst($pkg['status']); ?>
-----------------------------------------------------------------------
Summary of changes:
ng_selfservice/packages_change.php | 31 +++++++++++++++++++++++--------
ng_selfservice/services.php | 4 ++--
2 files changed, 25 insertions(+), 10 deletions(-)
More information about the freeside-commits
mailing list