diff options
| author | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
| commit | 0930d22ffc440f80c1b222b2e750cadbabd9e8f6 (patch) | |
| tree | 59d6738ed4c685cd9bec804e9d3f661f4f37d72c /httemplate/edit/process/cust_pay.cgi | |
| parent | f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1 (diff) | |
ACLs
Diffstat (limited to 'httemplate/edit/process/cust_pay.cgi')
| -rwxr-xr-x | httemplate/edit/process/cust_pay.cgi | 61 |
1 files changed, 30 insertions, 31 deletions
diff --git a/httemplate/edit/process/cust_pay.cgi b/httemplate/edit/process/cust_pay.cgi index a34c88aba..647f6fc6c 100755 --- a/httemplate/edit/process/cust_pay.cgi +++ b/httemplate/edit/process/cust_pay.cgi @@ -1,32 +1,8 @@ -% -% -%$cgi->param('linknum') =~ /^(\d+)$/ -% or die "Illegal linknum: ". $cgi->param('linknum'); -%my $linknum = $1; -% -%$cgi->param('link') =~ /^(custnum|invnum|popup)$/ -% or die "Illegal link: ". $cgi->param('link'); -%my $field = my $link = $1; -%$field = 'custnum' if $field eq 'popup'; -% -%my $_date = str2time($cgi->param('_date')); -% -%my $new = new FS::cust_pay ( { -% $field => $linknum, -% _date => $_date, -% map { -% $_, scalar($cgi->param($_)); -% } qw(paid payby payinfo paybatch) -% #} fields('cust_pay') -%} ); -% -%my $error = $new->insert( 'manual' => 1 ); -% %if ($error) { % $cgi->param('error', $error); -% print $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string ); +<% $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string ) %> %} elsif ( $field eq 'invnum' ) { -% print $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum"); +<% $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum") %> %} elsif ( $field eq 'custnum' ) { % if ( $cgi->param('apply') eq 'yes' ) { % my $cust_main = qsearchs('cust_main', { 'custnum' => $linknum }) @@ -34,7 +10,6 @@ % $cust_main->apply_payments; % } % if ( $link eq 'popup' ) { -% % <% header('Payment entered') %> <SCRIPT TYPE="text/javascript"> @@ -43,14 +18,38 @@ </BODY></HTML> % -% % } elsif ( $link eq 'custnum' ) { -% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum"); +<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum") %> % } else { % die "unknown link $link"; % } % %} -% -% +<%init> + +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('Post payment'); + +$cgi->param('linknum') =~ /^(\d+)$/ + or die "Illegal linknum: ". $cgi->param('linknum'); +my $linknum = $1; + +$cgi->param('link') =~ /^(custnum|invnum|popup)$/ + or die "Illegal link: ". $cgi->param('link'); +my $field = my $link = $1; +$field = 'custnum' if $field eq 'popup'; + +my $_date = str2time($cgi->param('_date')); + +my $new = new FS::cust_pay ( { + $field => $linknum, + _date => $_date, + map { + $_, scalar($cgi->param($_)); + } qw(paid payby payinfo paybatch) + #} fields('cust_pay') +} ); + +my $error = $new->insert( 'manual' => 1 ); +</%init> |