From ddb53fcc9fc80561354b97e4e7803004990138d0 Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Sun, 10 Feb 2002 18:56:49 +0000
Subject: use unique tokens to prevent double-submission of payments in the web
 UI (closes: Bug#320)

---
 FS/FS/cust_pay.pm | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'FS')

diff --git a/FS/FS/cust_pay.pm b/FS/FS/cust_pay.pm
index 839571a95..6156eadeb 100644
--- a/FS/FS/cust_pay.pm
+++ b/FS/FS/cust_pay.pm
@@ -136,6 +136,17 @@ sub insert {
     }
   }
 
+  if ( $self->paybatch =~ /^webui-/ ) {
+    my @cust_pay = qsearch('cust_pay', {
+      'custnum' => $self->custnum,
+      'paybatch' => $self->paybatch,
+    } );
+    if ( scalar(@cust_pay) > 1 ) {
+      $dbh->rollback if $oldAutoCommit;
+      return "a payment with webui token ". $self->paybatch. " already exists";
+    }
+  }
+
   $dbh->commit or die $dbh->errstr if $oldAutoCommit;
 
   #false laziness w/ cust_credit::insert
@@ -348,7 +359,7 @@ sub unapplied {
 
 =head1 VERSION
 
-$Id: cust_pay.pm,v 1.16 2002-02-07 22:29:34 ivan Exp $
+$Id: cust_pay.pm,v 1.17 2002-02-10 18:56:49 ivan Exp $
 
 =head1 BUGS
 
-- 
cgit v1.2.1