From f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1 Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Sun, 13 Jan 2008 21:14:19 +0000
Subject: ACLs

---
 httemplate/misc/unvoid-cust_pay_void.cgi | 36 ++++++++++++++++++--------------
 1 file changed, 20 insertions(+), 16 deletions(-)

(limited to 'httemplate/misc/unvoid-cust_pay_void.cgi')

diff --git a/httemplate/misc/unvoid-cust_pay_void.cgi b/httemplate/misc/unvoid-cust_pay_void.cgi
index 625431a57..91fe1c223 100755
--- a/httemplate/misc/unvoid-cust_pay_void.cgi
+++ b/httemplate/misc/unvoid-cust_pay_void.cgi
@@ -1,17 +1,21 @@
-%
-%
-%#untaint paynum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal paynum";
-%my $paynum = $1;
-%
-%my $cust_pay_void = qsearchs('cust_pay_void', { 'paynum' => $paynum } );
-%my $custnum = $cust_pay_void->custnum;
-%
-%my $error = $cust_pay_void->unvoid;
-%errorpage($error) if $error;
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+%if ( $error ) {
+%  errorpage($error);
+%} else {
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+%}
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unvoid');
+
+#untaint paynum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal paynum";
+my $paynum = $1;
+
+my $cust_pay_void = qsearchs('cust_pay_void', { 'paynum' => $paynum } );
+my $custnum = $cust_pay_void->custnum;
+
+my $error = $cust_pay_void->unvoid;
+
+</%init>
-- 
cgit v1.2.1