Суть - при установке галки пользователь не может выбрать данный пакет (ибо отсутствует в списке), + отключается авто-активация (если соответствующий патч наложен); но пользователь может спокойно выбирать другие пакеты из группы.
Заодно прикрыл одну дыру - пользователь (не через вебку ессно) мог выбирать любой пакет из доступных, отослав его ID при запросе на смену пакета - соответствие групп действующего и нового пакета не проверялось.
Собссно код:
Код: Выделить всё
diff -aur abills-curr/Abills/modules/Dv/webinterface /usr/abills/Abills/modules/Dv/webinterface
--- abills-curr/Abills/modules/Dv/webinterface 2010-01-02 15:04:23.000000000 +0200
+++ /usr/abills/Abills/modules/Dv/webinterface 2010-01-02 17:24:27.000000000 +0200
@@ -672,6 +672,7 @@
$tarif_info->{POSTPAID_MONTH_FEE}= ($tarif_info->{POSTPAID_MONTH_FEE})? 'checked' : '';
$tarif_info->{PERIOD_ALIGNMENT} = ($tarif_info->{PERIOD_ALIGNMENT}) ? 'checked' : '';
$tarif_info->{ABON_DISTRIBUTION} = ($tarif_info->{ABON_DISTRIBUTION}) ? 'checked' : '';
+$tarif_info->{NO_USER_CHANGE} = ($tarif_info->{NO_USER_CHANGE}) ? 'checked' : '';
if ($conf{EXT_BILL_ACCOUNT}) {
@@ -2836,6 +2837,12 @@
if ($FORM{set}) {
use POSIX;
+
+ $tariffs->info($FORM{TP_ID});
+ if (($tariffs->{TP_GID} != $Dv->{TP_GID}) || ($tariffs->{NO_USER_CHANGE})) {
+ $html->message('err', $_ERROR, "$_NOT_ALLOW");
+ return 0;
+ }
if ($conf{DV_USER_CHG_TP_NPERIOD}) {
# Get next month
@@ -3040,7 +3047,7 @@
$tariffs->{TARIF_PLAN_SEL}=$html->form_select('TP_ID',
{
SELECTED => $Dv->{TP_ID},
- SEL_MULTI_ARRAY => $tariffs->list({ TP_GID => $Dv->{TP_GID} }),
+ SEL_MULTI_ARRAY => $tariffs->list({ TP_GID => $Dv->{TP_GID}, NO_USER_CHANGE => 0 }),
MULTI_ARRAY_KEY => 0,
MULTI_ARRAY_VALUE => 1,
});
diff -aur abills-curr/Abills/mysql/Tariffs.pm /usr/abills/Abills/mysql/Tariffs.pm
--- abills-curr/Abills/mysql/Tariffs.pm 2010-01-02 15:17:48.000000000 +0200
+++ /usr/abills/Abills/mysql/Tariffs.pm 2010-01-02 16:47:50.000000000 +0200
@@ -55,7 +55,8 @@
IPPOOL => 'ippool',
PERIOD_ALIGNMENT => 'period_alignment',
MIN_USE => 'min_use',
- ABON_DISTRIBUTION=> 'abon_distribution'
+ ABON_DISTRIBUTION=> 'abon_distribution',
+ NO_USER_CHANGE => 'no_user_change'
);
@@ -397,7 +398,8 @@
IPPOOL => '0',
PERIOD_ALIGNMENT => '0',
MIN_USE => '0.00',
- ABON_DISTRIBUTION=> 0
+ ABON_DISTRIBUTION=> 0,
+ NO_USER_CHANGE => 0
);
@@ -429,7 +431,8 @@
ippool,
period_alignment,
min_use,
- abon_distribution
+ abon_distribution,
+ no_user_change
)
values ('$DATA{TP_ID}', '$DATA{TIME_TARIF}', '$DATA{ALERT}', \"$DATA{NAME}\",
'$DATA{MONTH_FEE}', '$DATA{DAY_FEE}', '$DATA{REDUCTION_FEE}',
@@ -449,7 +452,8 @@
'$DATA{IPPOOL}',
'$DATA{PERIOD_ALIGNMENT}',
'$DATA{MIN_USE}',
- '$DATA{ABON_DISTRIBUTION}'
+ '$DATA{ABON_DISTRIBUTION}',
+ '$DATA{NO_USER_CHANGE}'
);", 'do' );
@@ -477,6 +481,7 @@
$attr->{EXT_BILL_ACCOUNT}=0 if (! $attr->{EXT_BILL_ACCOUNT});
$attr->{PERIOD_ALIGNMENT}=0 if (! $attr->{PERIOD_ALIGNMENT});
$attr->{ABON_DISTRIBUTION}=0 if (! $attr->{ABON_DISTRIBUTION});
+ $attr->{NO_USER_CHANGE}=0 if (! $attr->{NO_USER_CHANGE});
$self->changes($admin, { CHANGE_PARAM => 'TP_ID',
TABLE => 'tarif_plans',
@@ -557,6 +562,7 @@
period_alignment,
min_use,
abon_distribution,
+ no_user_change,
tp_id
FROM tarif_plans
WHERE id='$id'$WHERE;");
@@ -603,6 +609,7 @@
$self->{PERIOD_ALIGNMENT},
$self->{MIN_USE},
$self->{ABON_DISTRIBUTION},
+ $self->{NO_USER_CHANGE},
$self->{ID}
) = @{ $self->{list}->[0] };
@@ -641,6 +648,9 @@
push @WHERE_RULES, @{ $self->search_expr($attr->{MIN_USE}, 'INT', 'tp.min_use') };
}
+ if (defined($attr->{NO_USER_CHANGE})) {
+ push @WHERE_RULES, @{ $self->search_expr($attr->{NO_USER_CHANGE}, 'INT', 'tp.no_user_change') };
+ }
my $WHERE = ($#WHERE_RULES > -1) ? "WHERE " . join(' and ', @WHERE_RULES) : '';
Код: Выделить всё
diff -aur abills-curr/Abills/mysql/Auth.pm /usr/abills/Abills/mysql/Auth.pm
--- abills-curr/Abills/mysql/Auth.pm 2009-10-24 20:18:52.000000000 +0300
+++ /usr/abills/Abills/mysql/Auth.pm 2010-01-02 17:35:27.000000000 +0200
@@ -958,7 +958,8 @@
$self->query($db, "select dv.tp_id,
tp.activate_price,
- tp.age
+ tp.age,
+ tp.no_user_change
FROM (dv_main dv, tarif_plans tp)
WHERE dv.tp_id=tp.id
@@ -966,18 +967,24 @@
GROUP BY dv.uid;");
if ($self->{TOTAL} < 1) {
- $RAD_PAIRS{'Reply-Message'}="No TP used during auto-change";
+ $RAD_PAIRS{'Reply-Message'}="No TP used during auto-activate";
return 1, \%RAD_PAIRS;
}
($self->{TP_ID},
$self->{TP_ACT_PRICE},
$self->{TP_AGE},
+ $self->{TP_NO_USER_CHANGE},
) = @{ $self->{list}->[0] };
+ if ($self->{TP_NO_USER_CHANGE}) {
+ $RAD_PAIRS{'Reply-Message'}="TP re-activation forbidden for $self->{TP_ID}";
+ return 1, \%RAD_PAIRS;
+ }
+
my $admin = $CONF->{SYSTEM_ADMIN_ID};
if($self->{TP_ACT_PRICE} > 0) {
-
+
if ($self->{DEPOSIT} + $self->{CREDIT} < $self->{TP_ACT_PRICE}) {
$RAD_PAIRS{'Reply-Message'}="Not enough money for re-activate";
return 1, \%RAD_PAIRS;
Код: Выделить всё
alter table tarif_plans add column `no_user_change` tinyint(1) unsigned NOT NULL default '0';