blob: 43d2e292816d29d49317f3cbf063f44907cfc1f7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
<% include('/elements/header-popup.html', "$action File Attachment") %>
<% include('/elements/error.html') %>
<FORM ACTION="<% popurl(1) %>process/cust_main_attach.cgi" METHOD=POST ENCTYPE="multipart/form-data">
<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
<INPUT TYPE="hidden" NAME="attachnum" VALUE="<% $attachnum %>">
<BR><BR>
% if(defined $attach) {
Filename <INPUT TYPE="text" NAME="filename" VALUE="<% $attach->filename %>"><BR>
MIME type <INPUT TYPE="text" NAME="mime_type" VALUE="<% $attach->mime_type %>"<BR>
Size: <% $attach->size %><BR>
% }
% else { # !defined $attach
Filename <INPUT TYPE="file" NAME="file"><BR>
% }
<BR>
<INPUT TYPE="submit" NAME="submit"
VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>">
% if(defined $attach and $curuser->access_right('Delete attachment')) {
<BR>
<INPUT TYPE="submit" NAME="delete" value="Delete File">
% }
</FORM>
</BODY>
</HTML>
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
my $attachnum = '';
my $attach;
if ( $cgi->param('error') ) {
#$comment = $cgi->param('comment');
} elsif ( $cgi->param('attachnum') =~ /^(\d+)$/ ) {
$attachnum = $1;
die "illegal query ". $cgi->keywords unless $attachnum;
$attach = qsearchs('cust_attachment', { 'attachnum' => $attachnum });
die "no such attachment: ". $attachnum unless $attach;
}
$cgi->param('custnum') =~ /^(\d+)$/ or die "illegal custnum";
my $custnum = $1;
my $action = $attachnum ? 'Edit' : 'Add';
die "access denied"
unless $curuser->access_right("$action attachment");
</%init>
|
