<% include('/elements/header-popup.html', 'Enter Credit') %>
-% if ( $cgi->param('error') ) {
- <FONT SIZE="+1" COLOR="#ff0000">Error: <% $cgi->param('error') %></FONT>
- <BR><BR>
-% }
+<% include('/elements/error.html') %>
-<FORM ACTION="<% $p1 %>process/cust_credit.cgi" METHOD=POST>
+<FORM NAME="credit_popup" ACTION="<% $p1 %>process/cust_credit.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="crednum" VALUE="">
-<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
+<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum |h %>">
<INPUT TYPE="hidden" NAME="paybatch" VALUE="">
<INPUT TYPE="hidden" NAME="_date" VALUE="<% $_date %>">
<INPUT TYPE="hidden" NAME="credited" VALUE="">
<TR>
<TD ALIGN="right">Amount</TD>
- <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="amount" VALUE="<% $amount %>" SIZE=8 MAXLENGTH=8></TD>
+ <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="amount" VALUE="<% $amount |h %>" SIZE=8 MAXLENGTH=8></TD>
</TR>
%
%#print qq! <INPUT TYPE="checkbox" NAME="refund" VALUE="$refund">Also post refund!;
%
- <TR>
- <TD ALIGN="right">Reason</TD>
- <TD BGCOLOR="#ffffff"><INPUT TYPE="text" NAME="reason" VALUE="<% $reason %>" SIZE=32></TD>
- </TR>
+<% include( '/elements/tr-select-reason.html',
+ 'field' => 'reasonnum',
+ 'reason_class' => 'R',
+ 'control_button' => "document.getElementById('confirm_credit_button')",
+ 'cgi' => $cgi,
+ )
+%>
<TR>
<TD ALIGN="right">Auto-apply<BR>to invoices</TD>
<BR>
-<CENTER><INPUT TYPE="submit" VALUE="Enter credit"></CENTER>
+<CENTER><INPUT TYPE="submit" ID="confirm_credit_button" VALUE="Enter credit" DISABLED></CENTER>
</FORM>
</BODY>
</HTML>
-
<%once>
+
my $conf = new FS::Conf;
-</%once>
+</%once>
<%init>
-my($custnum, $amount, $reason);
-if ( $cgi->param('error') ) {
- #$cust_credit = new FS::cust_credit ( {
- # map { $_, scalar($cgi->param($_)) } fields('cust_credit')
- #} );
- $custnum = $cgi->param('custnum');
- $amount = $cgi->param('amount');
- #$refund = $cgi->param('refund');
- $reason = $cgi->param('reason');
-} else {
- my($query) = $cgi->keywords;
- $query =~ /^(\d+)$/;
- $custnum = $1;
- $amount = '';
- #$refund = 'yes';
- $reason = '';
-}
-my $_date = time;
-
-my $otaker = getotaker;
-
-my $p1 = popurl(1);
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Post credit');
+
+my $custnum = $cgi->param('custnum');
+my $amount = $cgi->param('amount');
+my $_date = time;
+my $otaker = getotaker;
+my $p1 = popurl(1);
+
</%init>