httemplate/edit/process/quick-charge.cgi


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

<%

#untaint custnum
$cgi->param('custnum') =~ /^(\d+)$/
  or die 'illegal custnum '. $cgi->param('custnum');
my $custnum = $1;

$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
  or die 'illegal amount '. $cgi->param('amount');
my $amount = $1;

my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
  or die "unknown custnum $custnum";

my $error = $cust_main->charge( $amount, $cgi->param('pkg') );

if ($error) {
%>
<!-- mason kludge -->
<%
  eidiot($error);
} else {
  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" );
}

%>