diff options
author | ivan <ivan> | 2008-01-13 21:14:19 +0000 |
---|---|---|
committer | ivan <ivan> | 2008-01-13 21:14:19 +0000 |
commit | f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1 (patch) | |
tree | 2104b5d1a05433756d3b91ee436cfaa8c24ab464 /httemplate/misc/delete-cust_refund.cgi | |
parent | 2d53d2ebdce80d0f0dc7f75ccf506a06c2f852f9 (diff) |
ACLs
Diffstat (limited to 'httemplate/misc/delete-cust_refund.cgi')
-rwxr-xr-x | httemplate/misc/delete-cust_refund.cgi | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/httemplate/misc/delete-cust_refund.cgi b/httemplate/misc/delete-cust_refund.cgi index f3ac589aa..983a79da5 100755 --- a/httemplate/misc/delete-cust_refund.cgi +++ b/httemplate/misc/delete-cust_refund.cgi @@ -1,17 +1,21 @@ -% -% -%#untaint refundnum -%my($query) = $cgi->keywords; -%$query =~ /^(\d+)$/ || die "Illegal refundnum"; -%my $refundnum = $1; -% -%my $cust_refund = qsearchs('cust_refund',{'refundnum'=>$refundnum}); -%my $custnum = $cust_refund->custnum; -% -%my $error = $cust_refund->delete; -%errorpage($error) if $error; -% -%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum); -% -% +% if ( $error ) { +% errorpage($error); +% } else { +<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %> +% } +<%init> +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('Delete refund'); + +#untaint refundnum +my($query) = $cgi->keywords; +$query =~ /^(\d+)$/ || die "Illegal refundnum"; +my $refundnum = $1; + +my $cust_refund = qsearchs('cust_refund',{'refundnum'=>$refundnum}); +my $custnum = $cust_refund->custnum; + +my $error = $cust_refund->delete; + +</%init> |