-<%
+%if ( $error ) {
+% $cgi->param('error', $error);
+<% $cgi->redirect(popurl(2). "cust_bill_pay.cgi?". $cgi->query_string ) %>
+%} else {
+<% header('Payment application sucessful') %>
+ <SCRIPT TYPE="text/javascript">
+ window.top.location.reload();
+ </SCRIPT>
+ </BODY>
+ </HTML>
+% }
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Apply payment');
$cgi->param('paynum') =~ /^(\d*)$/ or die "Illegal paynum!";
my $paynum = $1;
my $error = $new->insert;
-if ( $error ) {
-
- $cgi->param('error', $error);
- %><%= $cgi->redirect(popurl(2). "cust_bill_pay.cgi?". $cgi->query_string ) %><%
-
-} else {
-
- #print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum");
-
- %><%= header('Payment application sucessful') %>
- <SCRIPT TYPE="text/javascript">
- window.top.location.reload();
- </SCRIPT>
-
- </BODY></HTML>
-
-<% } %>
+</%init>