1 <% include('/elements/header-popup.html', "$action File Attachment") %>
3 <% include('/elements/error.html') %>
5 <FORM ACTION="<% popurl(1) %>process/cust_main_attach.cgi" METHOD=POST ENCTYPE="multipart/form-data">
6 <INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
7 <INPUT TYPE="hidden" NAME="attachnum" VALUE="<% $attachnum %>">
11 % if(defined $attach) {
12 Filename <INPUT TYPE="text" NAME="filename" VALUE="<% $attach->filename %>"><BR>
13 MIME type <INPUT TYPE="text" NAME="mime_type" VALUE="<% $attach->mime_type %>"<BR>
14 Size: <% $attach->size %><BR>
17 % else { # !defined $attach
19 Filename <INPUT TYPE="file" NAME="file"><BR>
24 <INPUT TYPE="submit" NAME="submit"
25 VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>">
27 % if(defined $attach and $curuser->access_right('Delete attachment')) {
29 <INPUT TYPE="submit" NAME="delete" value="Delete File">
38 my $curuser = $FS::CurrentUser::CurrentUser;
41 if ( $cgi->param('error') ) {
42 #$comment = $cgi->param('comment');
43 } elsif ( $cgi->param('attachnum') =~ /^(\d+)$/ ) {
45 die "illegal query ". $cgi->keywords unless $attachnum;
46 $attach = qsearchs('cust_attachment', { 'attachnum' => $attachnum });
47 die "no such attachment: ". $attachnum unless $attach;
50 $cgi->param('custnum') =~ /^(\d+)$/ or die "illegal custnum";
53 my $action = $attachnum ? 'Edit' : 'Add';
56 unless $curuser->access_right("$action attachment");