httemplate/edit/process/quick-charge.cgi


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

<%

#untaint custnum
$cgi->param('custnum') =~ /^(\d+)$/
  or die 'illegal custnum '. $cgi->param('custnum');
my $custnum = $1;

$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
  or die 'illegal amount '. $cgi->param('amount');
my $amount = $1;

my( $error, $cust_main);
if ( $cgi->param('taxclass') eq '(select)' ) {


 $error = 'Must select a tax class';
} else {

  my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
    or die "unknown custnum $custnum";

  $error = $cust_main->charge(
    $amount,
    $cgi->param('pkg'),
    '$'. sprintf("%.2f",$amount),
    $cgi->param('taxclass')
  );

}

if ($error) {
%>
<!-- mason kludge -->
<%
  eidiot($error);
} else {
  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" );
}

%>