diff options
Diffstat (limited to 'httemplate/edit')
| -rwxr-xr-x | httemplate/edit/cust_main_attach.cgi | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/httemplate/edit/cust_main_attach.cgi b/httemplate/edit/cust_main_attach.cgi index 5e9b16c99..a00731050 100755 --- a/httemplate/edit/cust_main_attach.cgi +++ b/httemplate/edit/cust_main_attach.cgi @@ -44,6 +44,7 @@ onclick="return(confirm('Delete this file?'));"> <%init> my $curuser = $FS::CurrentUser::CurrentUser; +die "access denied" if !$curuser->access_right('View attachments'); my $attachnum = ''; my $attach; if ( $cgi->param('error') ) { |