X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;ds=sidebyside;f=httemplate%2Fedit%2Fcust_credit.cgi;h=10eb53260b481654bee093d239cc81863f43872c;hb=826efec5cd17cd1485cb4c0ef796c7008252e6e4;hp=803798ef838b88f3b3bae34be342c3d63c4d04b1;hpb=6af1b1bfa25e5ececef5e0dcd38b55917121cee2;p=freeside.git

diff --git a/httemplate/edit/cust_credit.cgi b/httemplate/edit/cust_credit.cgi
index 803798ef8..10eb53260 100755
--- a/httemplate/edit/cust_credit.cgi
+++ b/httemplate/edit/cust_credit.cgi
@@ -1,13 +1,10 @@
 <% include('/elements/header-popup.html', 'Enter Credit') %>
 
-% if ( $cgi->param('error') ) { 
-  <FONT SIZE="+1" COLOR="#ff0000">Error: <% $cgi->param('error') %></FONT>
-  <BR><BR>
-% } 
+<% include('/elements/error.html') %>
 
-<FORM ACTION="<% $p1 %>process/cust_credit.cgi" METHOD=POST>
+<FORM NAME="credit_popup" ACTION="<% $p1 %>process/cust_credit.cgi" METHOD=POST>
 <INPUT TYPE="hidden" NAME="crednum" VALUE="">
-<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
+<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum |h %>">
 <INPUT TYPE="hidden" NAME="paybatch" VALUE="">
 <INPUT TYPE="hidden" NAME="_date" VALUE="<% $_date %>">
 <INPUT TYPE="hidden" NAME="credited" VALUE="">
@@ -23,20 +20,14 @@ Credit
 
   <TR>
     <TD ALIGN="right">Amount</TD>
-    <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="amount" VALUE="<% $amount %>" SIZE=8 MAXLENGTH=8></TD>
+    <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="amount" VALUE="<% $amount |h%>" SIZE=8 MAXLENGTH=8></TD>
   </TR>
-%
-%#print qq! <INPUT TYPE="checkbox" NAME="refund" VALUE="$refund">Also post refund!;
-%
 
 %
 %#print qq! <INPUT TYPE="checkbox" NAME="refund" VALUE="$refund">Also post refund!;
 %
 
-  <TR>
-    <TD ALIGN="right">Reason</TD>
-    <TD BGCOLOR="#ffffff"><INPUT TYPE="text" NAME="reason" VALUE="<% $reason %>" SIZE=32></TD>
-  </TR>
+<% include('/elements/tr-select-reason.html', 'reasonnum', 'R', '', '', '', "document.getElementById('confirm_credit_button')") %>
 
   <TR>
     <TD ALIGN="right">Auto-apply<BR>to invoices</TD>
@@ -47,38 +38,25 @@ Credit
 
 <BR>
 
-<CENTER><INPUT TYPE="submit" VALUE="Enter credit"></CENTER>
+<CENTER><INPUT TYPE="submit" ID="confirm_credit_button" VALUE="Enter credit" DISABLED></CENTER>
 
 </FORM>
 </BODY>
 </HTML>
-
 <%once>
+
 my $conf = new FS::Conf;
-</%once>
 
+</%once>
 <%init>
-my($custnum, $amount, $reason);
-if ( $cgi->param('error') ) {
-  #$cust_credit = new FS::cust_credit ( {
-  #  map { $_, scalar($cgi->param($_)) } fields('cust_credit')
-  #} );
-  $custnum = $cgi->param('custnum');
-  $amount = $cgi->param('amount');
-  #$refund = $cgi->param('refund');
-  $reason = $cgi->param('reason');
-} else {
-  my($query) = $cgi->keywords;
-  $query =~ /^(\d+)$/;
-  $custnum = $1;
-  $amount = '';
-  #$refund = 'yes';
-  $reason = '';
-}
-my $_date = time;
-
-my $otaker = getotaker;
-
-my $p1 = popurl(1);
-</%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Post credit');
+
+my $custnum = $cgi->param('custnum');
+my $amount  = $cgi->param('amount');
+my $_date   = time;
+my $otaker  = getotaker;
+my $p1      = popurl(1);
+
+</%init>