diff options
Diffstat (limited to 'httemplate/edit/process/quick-cust_pkg.cgi')
| -rw-r--r-- | httemplate/edit/process/quick-cust_pkg.cgi | 37 |
1 files changed, 16 insertions, 21 deletions
diff --git a/httemplate/edit/process/quick-cust_pkg.cgi b/httemplate/edit/process/quick-cust_pkg.cgi index d03ef2cba..3a7af8ae7 100644 --- a/httemplate/edit/process/quick-cust_pkg.cgi +++ b/httemplate/edit/process/quick-cust_pkg.cgi @@ -1,27 +1,22 @@ -% -% -%#untaint custnum -%$cgi->param('custnum') =~ /^(\d+)$/ -% or die 'illegal custnum '. $cgi->param('custnum'); -%my $custnum = $1; -%$cgi->param('pkgpart') =~ /^(\d+)$/ -% or die 'illegal pkgpart '. $cgi->param('pkgpart'); -%my $pkgpart = $1; -% -%my @cust_pkg = (); -%my $error = FS::cust_pkg::order($custnum, [ $pkgpart ], [], \@cust_pkg, ); -% %if ($error) { -% - -<!-- mason kludge --> -% % errorpage($error); %} else { -% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum". -% "#cust_pkg". $cust_pkg[0]->pkgnum ); +<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum#cust_pkg". $cust_pkg[0]->pkgnum ); %} -% -% +<%init> + +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('Order customer package'); + +#untaint custnum +$cgi->param('custnum') =~ /^(\d+)$/ + or die 'illegal custnum '. $cgi->param('custnum'); +my $custnum = $1; +$cgi->param('pkgpart') =~ /^(\d+)$/ + or die 'illegal pkgpart '. $cgi->param('pkgpart'); +my $pkgpart = $1; +my @cust_pkg = (); +my $error = FS::cust_pkg::order($custnum, [ $pkgpart ], [], \@cust_pkg, ); +</%init> |