projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix ACLs to allow the limited "package editing" of customizing customer packages
[freeside.git]
/
httemplate
/
view
/
cust_bill-logo.cgi
diff --git
a/httemplate/view/cust_bill-logo.cgi
b/httemplate/view/cust_bill-logo.cgi
index
96471ff
..
9c1c1d7
100755
(executable)
--- a/
httemplate/view/cust_bill-logo.cgi
+++ b/
httemplate/view/cust_bill-logo.cgi
@@
-1,15
+1,21
@@
-<%
+<% $conf->config_binary("logo$templatename.png") %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices')
+ or $FS::CurrentUser::CurrentUser->access_right('Configuration');
+
+my $conf = new FS::Conf;
my($query) = $cgi->keywords;
$query =~ /^([^\.\/]*)$/;
my $templatename = $1;
my($query) = $cgi->keywords;
$query =~ /^([^\.\/]*)$/;
my $templatename = $1;
-if ( $templatename && $conf->exists("
${logo}
_$templatename.png") ) {
+if ( $templatename && $conf->exists("
logo
_$templatename.png") ) {
$templatename = "_$templatename";
} else {
$templatename = '';
}
$templatename = "_$templatename";
} else {
$templatename = '';
}
-my $conf = new FS::Conf;
-
http_header('Content-Type' => 'image/png' );
http_header('Content-Type' => 'image/png' );
-%><%= $conf->config_binary("logo$templatename.png") %>
+
+</%init>