-%
-%
-%my %statusmap = ('I'=>'In Transit', 'O'=>'Open', 'R'=>'Resolved');
-%my $hashref = {};
-%my $count_query = 'SELECT COUNT(*) FROM pay_batch';
-%
-%my($begin, $end) = ( '', '' );
-%
-%my @where;
-%if ( $cgi->param('beginning')
-% && $cgi->param('beginning') =~ /^([ 0-9\-\/]{0,10})$/ ) {
-% $begin = str2time($1);
-% push @where, "download >= $begin";
-%}
-%if ( $cgi->param('ending')
-% && $cgi->param('ending') =~ /^([ 0-9\-\/]{0,10})$/ ) {
-% $end = str2time($1) + 86399;
-% push @where, "download < $end";
-%}
-%
-%my @status;
-%if ( $cgi->param('open') ) {
-% push @status, "O";
-%}
-%
-%if ( $cgi->param('intransit') ) {
-% push @status, "I";
-%}
-%
-%if ( $cgi->param('resolved') ) {
-% push @status, "R";
-%}
-%
-%push @where,
-% scalar(@status) ? q!(status='! . join(q!' OR status='!, @status) . q!')!
-% : q!status='X'!; # kludgy, X is unused at present
-%
-%my $extra_sql = scalar(@where) ? 'WHERE ' . join(' AND ', @where) : '';
-%
-%my $link = [ "${p}search/cust_pay_batch.cgi?batchnum=", 'batchnum' ];
-%
<% include( 'elements/search.html',
'title' => 'Payment Batches',
'name_singular' => 'batch',
)
%>
+<%init>
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Financial reports')
+ || $FS::CurrentUser::CurrentUser->access_right('Process batches');
+my %statusmap = ('I'=>'In Transit', 'O'=>'Open', 'R'=>'Resolved');
+my $hashref = {};
+my $count_query = 'SELECT COUNT(*) FROM pay_batch';
+
+my($begin, $end) = ( '', '' );
+
+my @where;
+if ( $cgi->param('beginning')
+ && $cgi->param('beginning') =~ /^([ 0-9\-\/]{0,10})$/ ) {
+ $begin = parse_datetime($1);
+ push @where, "download >= $begin";
+}
+if ( $cgi->param('ending')
+ && $cgi->param('ending') =~ /^([ 0-9\-\/]{0,10})$/ ) {
+ $end = parse_datetime($1) + 86399;
+ push @where, "download < $end";
+}
+
+my @status;
+if ( $cgi->param('open') ) {
+ push @status, "O";
+}
+
+if ( $cgi->param('intransit') ) {
+ push @status, "I";
+}
+
+if ( $cgi->param('resolved') ) {
+ push @status, "R";
+}
+
+push @where,
+ scalar(@status) ? q!(status='! . join(q!' OR status='!, @status) . q!')!
+ : q!status='X'!; # kludgy, X is unused at present
+
+my $extra_sql = scalar(@where) ? 'WHERE ' . join(' AND ', @where) : '';
+
+my $link = [ "${p}search/cust_pay_batch.cgi?dcln=1;batchnum=", 'batchnum' ];
+
+</%init>