This commit was generated by cvs2svn to compensate for changes in r6255,

[freeside.git] / httemplate / misc / process / payment.cgi

diff --git a/httemplate/misc/process/payment.cgi b/httemplate/misc/process/payment.cgi
index 6377b13..2baca1e 100644 (file)
--- a/httemplate/misc/process/payment.cgi
+++ b/httemplate/misc/process/payment.cgi
@@ -1,13 +1,23 @@
-<% include( '/elements/header.html', ucfirst($type{$payby}). ' processing successful',
-             include('/elements/menubar.html'),
+% if ( $cgi->param('batch') ) {
 
-    )
-%>
-<% include( '/elements/small_custview.html', $cust_main, '', '', popurl(3). "view/cust_main.cgi" ) %>
+  <% include( '/elements/header.html', ucfirst($type{$payby}). ' processing successful',
+                 include('/elements/menubar.html'),
 
-<% include('/elements/footer.html') %>
+            )
+  %>
+
+  <% include( '/elements/small_custview.html', $cust_main, '', '', popurl(3). "view/cust_main.cgi" ) %>
+
+  <% include('/elements/footer.html') %>
+
+% } else {
+<% $cgi->redirect(popurl(3). "view/cust_pay.html?paynum=$paynum" ) %>
+% }
 <%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+
 #some false laziness w/MyAccount::process_payment
 
 $cgi->param('custnum') =~ /^(\d+)$/
@@ -49,6 +59,10 @@ $cgi->param('payunique') =~ /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=]*)$/
   or errorpage(gettext('illegal_text'). " payunique: ". $cgi->param('payunique'));
 my $payunique = $1;
 
+$cgi->param('balance') =~ /^\s*(\-?\s*\d*(\.\d\d)?)\s*$/
+  or errorpage("illegal balance");
+my $balance = $1;
+
 my $payinfo;
 my $paycvv = '';
 if ( $payby eq 'CHEK' ) {
@@ -99,6 +113,7 @@ if ( $payby eq 'CHEK' ) {
 }
 
 my $error = '';
+my $paynum = '';
 if ( $cgi->param('batch') ) {
 
   $error = $cust_main->batch_card(
@@ -110,18 +125,20 @@ if ( $cgi->param('batch') ) {
                                    map { $_ => $cgi->param($_) } 
                                      @{$payby2fields{$payby}}
                                  );
-  errotpage($error) if $error;
+  errorpage($error) if $error;
 
 } else {
 
   $error = $cust_main->realtime_bop( $FS::payby::payby2bop{$payby}, $amount,
-    'quiet'     => 1,
-    'manual'    => 1,
-    'payinfo'   => $payinfo,
-    'paydate'   => "$year-$month-01",
-    'payname'   => $payname,
-    'payunique' => $payunique,
-    'paycvv'    => $paycvv,
+    'quiet'      => 1,
+    'manual'     => 1,
+    'balance'    => $balance,
+    'payinfo'    => $payinfo,
+    'paydate'    => "$year-$month-01",
+    'payname'    => $payname,
+    'payunique'  => $payunique,
+    'paycvv'     => $paycvv,
+    'paynum_ref' => \$paynum,
     map { $_ => $cgi->param($_) } @{$payby2fields{$payby}}
   );
   errorpage($error) if $error;