diff options
author | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
---|---|---|
committer | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
commit | 0930d22ffc440f80c1b222b2e750cadbabd9e8f6 (patch) | |
tree | 59d6738ed4c685cd9bec804e9d3f661f4f37d72c /httemplate/edit/cust_main_note.cgi | |
parent | f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1 (diff) |
ACLs
Diffstat (limited to 'httemplate/edit/cust_main_note.cgi')
-rwxr-xr-x | httemplate/edit/cust_main_note.cgi | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/httemplate/edit/cust_main_note.cgi b/httemplate/edit/cust_main_note.cgi index 58ea779a2..6c6a1a9a0 100755 --- a/httemplate/edit/cust_main_note.cgi +++ b/httemplate/edit/cust_main_note.cgi @@ -20,13 +20,12 @@ </HTML> <%init> -my($custnum, $comment, $notenum, $action); -$comment = ''; +my $comment; +my $notenum = ''; if ( $cgi->param('error') ) { $comment = $cgi->param('comment'); -}elsif ($cgi->param('notenum')) { - $cgi->param('notenum') =~ /^(\d+)$/; +} elsif ( $cgi->param('notenum') =~ /^(\d+)$/ ) { $notenum = $1; die "illegal query ". $cgi->keywords unless $notenum; my $note = qsearchs('cust_main_note', { 'notenum' => $notenum }); @@ -34,15 +33,13 @@ if ( $cgi->param('error') ) { $comment = $note->comments; } -$cgi->param('notenum') =~ /^(\d+)$/; -$notenum = $1; +$cgi->param('custnum') =~ /^(\d+)$/ or die "illeagl custnum"; +my $custnum = $1; -$cgi->param('custnum') =~ /^(\d+)$/; -$custnum = $1; +my $action = $notenum ? 'Edit' : 'Add'; -die "illegal query ". $cgi->keywords unless $custnum; - -$action = $notenum ? 'Edit' : 'Add'; +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right("$action customer note"); </%init> |