<TR>
<TD ALIGN="right">Amount</TD>
<TD BGCOLOR="#ffffff" ALIGN="right"><% $money_char %></TD>
- <TD><INPUT TYPE="text" NAME="paid" VALUE="<% $paid %>" SIZE=8 MAXLENGTH=8> by <B><% FS::payby->payname($payby) %></B></TD>
+ <TD><INPUT TYPE="text" NAME="paid" VALUE="<% $paid %>" SIZE=8 MAXLENGTH=9> by <B><% FS::payby->payname($payby) %></B></TD>
</TR>
<% include('/elements/tr-select-discount_term.html',
my $money_char = $conf->config('money_char') || '$';
my $date_format = $conf->config('date_format') || '%m/%d/%Y';
-die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right('Post payment');
-
my($link, $linknum, $paid, $payby, $payinfo, $_date);
if ( $cgi->param('error') ) {
$link = $cgi->param('link');
die "illegal query ". $cgi->keywords;
}
+my @rights = ('Post payment');
+push @rights, 'Post check payment' if $payby eq 'BILL';
+push @rights, 'Post cash payment' if $payby eq 'CASH';
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
my $paybatch = "webui-$_date-$$-". rand() * 2**32;
my $title = 'Post '. FS::payby->payname($payby). ' payment';