working one-time charges

2 files changed, 29 insertions, 2 deletions

diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi
new file mode 100644
index 000000000..49175d848
--- /dev/null
+++ b/httemplate/edit/process/quick-charge.cgi
@@ -0,0 +1,27 @@
+<%
+
+#untaint custnum
+$cgi->param('custnum') =~ /^(\d+)$/
+  or die 'illegal custnum '. $cgi->param('custnum');
+my $custnum = $1;
+
+$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
+  or die 'illegal amount '. $cgi->param('amount');
+my $amount = $1;
+
+my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
+  or die "unknown custnum $custnum";
+
+my $error = $cust_main->charge( $amount, $cgi->param('pkg') );
+
+if ($error) {
+%>
+<!-- mason kludge -->
+<%
+  eidiot($error);
+} else {
+  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" );
+}
+
+%>
+
diff --git a/httemplate/edit/process/quick-cust_pkg.cgi b/httemplate/edit/process/quick-cust_pkg.cgi
index c663dce32..a8f5b1453 100644
--- a/httemplate/edit/process/quick-cust_pkg.cgi
+++ b/httemplate/edit/process/quick-cust_pkg.cgi
@@ -2,10 +2,10 @@
 
 #untaint custnum
 $cgi->param('custnum') =~ /^(\d+)$/
-  or eidiot 'illegal custnum '. $cgi->param('custnum');
+  or die 'illegal custnum '. $cgi->param('custnum');
 my $custnum = $1;
 $cgi->param('pkgpart') =~ /^(\d+)$/
-  or eidiot 'illegal pkgpart '. $cgi->param('pkgpart');
+  or die 'illegal pkgpart '. $cgi->param('pkgpart');
 my $pkgpart = $1;
 
 my @cust_pkg = ();