From 1e34f4a5d142bd58f5918219db0931e81ad0418e Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Thu, 20 Aug 2009 09:47:05 +0000
Subject: email statements, RT#4860

---
 httemplate/view/cust_statement-pdf.cgi | 28 ++++++++++++++++++++++++++++
 httemplate/view/cust_statement.html    | 13 ++++++++-----
 2 files changed, 36 insertions(+), 5 deletions(-)
 create mode 100755 httemplate/view/cust_statement-pdf.cgi

(limited to 'httemplate/view')

diff --git a/httemplate/view/cust_statement-pdf.cgi b/httemplate/view/cust_statement-pdf.cgi
new file mode 100755
index 000000000..a1739e04c
--- /dev/null
+++ b/httemplate/view/cust_statement-pdf.cgi
@@ -0,0 +1,28 @@
+<% $pdf %>
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint statementnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)(.pdf)?$/;
+my $templatename = $2 || 'statement'; #XXX configure... via event??  eh..
+my $statementnum = $3;
+
+my $cust_statement = qsearchs({
+  'select'    => 'cust_statement.*',
+  'table'     => 'cust_statement',
+  'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+  'hashref'   => { 'statementnum' => $statementnum },
+  'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Statement #$statementnum not found!" unless $cust_statement;
+
+my $pdf = $cust_statement->print_pdf( '', $templatename);
+
+http_header('Content-Type' => 'application/pdf' );
+http_header('Content-Length' => length($pdf) );
+http_header('Cache-control' => 'max-age=60' );
+
+</%init>
diff --git a/httemplate/view/cust_statement.html b/httemplate/view/cust_statement.html
index ec4ee9ebd..b078c9d07 100755
--- a/httemplate/view/cust_statement.html
+++ b/httemplate/view/cust_statement.html
@@ -4,13 +4,15 @@
 
 % if ( $FS::CurrentUser::CurrentUser->access_right('Resend invoices') ) {
 
-    <A HREF="<% $p %>misc/print-invoice.cgi?<% $link %>">Re-print this statement</A>
+%#    <A HREF="<% $p %>misc/print-invoice.cgi?<% $link %>">Re-print this statement</A>
 
 %   if ( grep { $_ ne 'POST' } $cust_statement->cust_main->invoicing_list ) { 
-        | <A HREF="<% $p %>misc/email-invoice.cgi?<% $link %>">Re-email this statement</A>
+%#        |
+        <A HREF="<% $p %>misc/email-invoice.cgi?<% $link %>">Re-email this statement</A>
 %   } 
 
-%   if ( $conf->exists('hylafax') && length($cust_statement->cust_main->fax) ) { 
+%   if ( 0 ) {
+%   #if ( $conf->exists('hylafax') && length($cust_statement->cust_main->fax) ) { 
         | <A HREF="<% $p %>misc/fax-invoice.cgi?<% $link %>">Re-fax this statement</A>
 %   } 
 
@@ -19,7 +21,8 @@
 % } 
 
 
-% if ( $conf->exists('invoice_latex') ) { 
+% #if ( $conf->exists('invoice_latex') ) { 
+% if ( 0 ) { #broken???
 
   <A HREF="<% $p %>view/cust_statement-pdf.cgi?<% $link %>.pdf">View typeset statement</A>
   <BR><BR>
@@ -47,7 +50,7 @@ die "access denied"
 #untaint statement
 my($query) = $cgi->keywords;
 $query =~ /^((.+)-)?(\d+)$/;
-my $templatename = $2;
+my $templatename = $2 || 'statement'; #XXX configure... via event??  eh..
 my $statementnum = $3;
 
 my $conf = new FS::Conf;
-- 
cgit v1.2.1