summaryrefslogtreecommitdiff
path: root/httemplate/misc/inventory_item-import.html
diff options
context:
space:
mode:
Diffstat (limited to 'httemplate/misc/inventory_item-import.html')
-rw-r--r--httemplate/misc/inventory_item-import.html18
1 files changed, 10 insertions, 8 deletions
diff --git a/httemplate/misc/inventory_item-import.html b/httemplate/misc/inventory_item-import.html
index 363623806..423d0d672 100644
--- a/httemplate/misc/inventory_item-import.html
+++ b/httemplate/misc/inventory_item-import.html
@@ -1,11 +1,3 @@
-%
-%
-%my $classnum = $cgi->param('classnum');
-%$classnum =~ /^(\d+)$/ or errorpage("illegal classnum $classnum");
-%$classnum = $1;
-%my $inventory_class = qsearchs('inventory_class', { 'classnum' => $classnum } );
-%
-%
<% include("/elements/header.html", $inventory_class->classname. 's') %>
<FORM ACTION="process/inventory_item-import.html" METHOD="POST" ENCTYPE="multipart/form-data">
@@ -19,3 +11,13 @@ Filename: <INPUT TYPE="file" NAME="filename"><BR><BR>
<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+$cgi->param =~ /^(\d+)$/ or errorpage("illegal classnum $classnum");
+my $classnum = $1;
+my $inventory_class = qsearchs('inventory_class', { 'classnum' => $classnum } );
+
+</%init>
generated by cgit v1.2.1 (git 2.18.0) at 2025-08-10 13:18:09 +0000