diff options
| author | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2008-01-13 21:35:54 +0000 |
| commit | 0930d22ffc440f80c1b222b2e750cadbabd9e8f6 (patch) | |
| tree | 59d6738ed4c685cd9bec804e9d3f661f4f37d72c /httemplate/edit/process/quick-charge.cgi | |
| parent | f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1 (diff) | |
ACLs
Diffstat (limited to 'httemplate/edit/process/quick-charge.cgi')
| -rw-r--r-- | httemplate/edit/process/quick-charge.cgi | 83 |
1 files changed, 43 insertions, 40 deletions
diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi index 4a090f9de..3c7cac51d 100644 --- a/httemplate/edit/process/quick-charge.cgi +++ b/httemplate/edit/process/quick-charge.cgi @@ -1,46 +1,49 @@ -% -% my $error = ''; -% my $param = $cgi->Vars; -% -% my @description = (); -% for ( my $row = 0; exists($param->{"description$row"}); $row++ ) { -% push @description, $param->{"description$row"} -% if ($param->{"description$row"} =~ /\S/); -% } -% -% $param->{"custnum"} =~ /^(\d+)$/ -% or $error .= "Illegal customer number " . $param->{"custnum"} . " "; -% my $custnum = $1; -% -% $param->{"amount"} =~ /^\s*(\d+(\.\d{1,2})?)\s*$/ -% or $error .= "Illegal amount " . $param->{"amount"} . " "; -% my $amount = $1; -% -% if ( $param->{'taxclass'} eq '(select)' ) { -% $error .= "Must select a tax class. "; -% } -% -% unless ( $error ) { -% my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) -% or $error .= "Unknown customer number $custnum. "; -% -% $error ||= $cust_main->charge( { -% 'amount' => $amount, -% 'pkg' => scalar($cgi->param('pkg')), -% 'taxclass' => scalar($cgi->param('taxclass')), -% 'additional' => \@description, -% } ); -% } -% -% if ( $error ) { -% -% $cgi->param('error', $error ); -% +% if ( $error ) { +% $cgi->param('error', $error ); <% $cgi->redirect($p.'quick-charge.html?'. $cgi->query_string) %> -% -% } +% } else { <% header("One-time charge added") %> <SCRIPT TYPE="text/javascript"> window.top.location.reload(); </SCRIPT> </BODY></HTML> +% } +<%init> + +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('One-time charge'); + +my $error = ''; +my $param = $cgi->Vars; + +my @description = (); +for ( my $row = 0; exists($param->{"description$row"}); $row++ ) { + push @description, $param->{"description$row"} + if ($param->{"description$row"} =~ /\S/); +} + +$param->{"custnum"} =~ /^(\d+)$/ + or $error .= "Illegal customer number " . $param->{"custnum"} . " "; +my $custnum = $1; + +$param->{"amount"} =~ /^\s*(\d+(\.\d{1,2})?)\s*$/ + or $error .= "Illegal amount " . $param->{"amount"} . " "; +my $amount = $1; + +if ( $param->{'taxclass'} eq '(select)' ) { + $error .= "Must select a tax class. "; +} + +unless ( $error ) { + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or $error .= "Unknown customer number $custnum. "; + + $error ||= $cust_main->charge( { + 'amount' => $amount, + 'pkg' => scalar($cgi->param('pkg')), + 'taxclass' => scalar($cgi->param('taxclass')), + 'additional' => \@description, + } ); +} + +</%init> |