From b5d5f7680d0736ff0150b337cd29026135fb2e34 Mon Sep 17 00:00:00 2001
From: Irina Todeva <itodeva@hostgator.com>
Date: Thu, 8 Oct 2015 15:45:09 -0600
Subject: Changes for being consistent in the payment history GUI on void
 credit / payment / invoice links

renamed httemplate/misc/void-cust_credit.html to .cgi
renamed httemplate/misc/void-cust_bill.html to .cgi
---
 httemplate/misc/void-cust_pay.cgi | 70 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 61 insertions(+), 9 deletions(-)

(limited to 'httemplate/misc/void-cust_pay.cgi')

diff --git a/httemplate/misc/void-cust_pay.cgi b/httemplate/misc/void-cust_pay.cgi
index 376fb5652..784bb9a94 100755
--- a/httemplate/misc/void-cust_pay.cgi
+++ b/httemplate/misc/void-cust_pay.cgi
@@ -1,16 +1,52 @@
-%if ( $error ) {
-%  errorpage($error);
+%if ( $success ) {
+<& /elements/header-popup.html, mt("Payment voided") &>
+  <SCRIPT TYPE="text/javascript">
+    window.top.location.reload();
+  </SCRIPT>
+  </BODY>
+</HTML>
 %} else {
-<% $cgi->redirect($p. "view/cust_main.cgi?custnum=". $custnum. ";show=payment_history") %>
+<& /elements/header-popup.html, mt('Void payment')  &>
+
+<& /elements/error.html &>
+
+<P ALIGN="center"><B><% mt('Void this payment?') |h %></B>
+
+<FORM action="<% ${p} %>misc/void-cust_pay.cgi">
+<INPUT TYPE="hidden" NAME="paynum" VALUE="<% $paynum %>">
+
+<TABLE BGCOLOR="#cccccc" BORDER="0" CELLSPACING="2" STYLE="margin-left:auto; margin-right:auto">
+<& /elements/tr-select-reason.html,
+             'field'          => 'reasonnum',
+             'reason_class'   => 'X',
+             'cgi'            => $cgi
+&>
+</TABLE>
+
+<BR>
+<P ALIGN="CENTER">
+<INPUT TYPE="submit" NAME="confirm_void_payment" VALUE="<% mt('Void payment') |h %>"> 
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<INPUT TYPE="BUTTON" VALUE="<% mt("Don't void payment") |h %>" onClick="parent.cClick();"> 
+
+</FORM>
+</BODY>
+</HTML>
+
 %}
 <%init>
 
 #untaint paynum
-my($query) = $cgi->keywords;
-$query =~ /^(\d+)$/ || die "Illegal paynum";
-my $paynum = $1;
+my $paynum = $cgi->param('paynum');
+if ($paynum) {
+  $paynum =~ /^(\d+)$/ || die "Illegal paynum";
+} else {
+  my($query) = $cgi->keywords;
+  $query =~ /^(\d+)/ || die "Illegal paynum";
+  $paynum = $1;
+}
 
-my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum});
+my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum}) || die "Payment not found";
 
 my $right = 'Void payments';
 $right = 'Credit card void' if $cust_pay->payby eq 'CARD';
@@ -19,8 +55,24 @@ $right = 'Echeck void'      if $cust_pay->payby eq 'CHEK';
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right($right);
 
-my $custnum = $cust_pay->custnum;
+my $success = 0;
+if ($cgi->param('confirm_void_payment')) {
+
+  #untaint reasonnum / create new reason
+  my ($reasonnum, $error) = $m->comp('process/elements/reason');
+  if (!$reasonnum) {
+    $error = 'Reason required';
+  } else {
+    my $reason = qsearchs('reason', { 'reasonnum' => $reasonnum })
+      || die "Reason num $reasonnum not found in database";
+	$error = $cust_pay->void($reason) unless $error;
+  }
 
-my $error = $cust_pay->void;
+  if ($error) {
+    $cgi->param('error',$error);
+  } else {
+    $success = 1;
+  }
+}
 
 </%init>
-- 
cgit v1.2.1