X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fcust_main_attach.cgi;h=0880c760ae5af1ecffdab18050c4477be78a3473;hb=f48ffc61601d08024aeff19ecd07d7420fc4e5b3;hp=7c9e407d96e603c0a53fadd88493a3f2842504b9;hpb=283ea2b5137ae3ec36882b492e6de024b0ce6027;p=freeside.git

diff --git a/httemplate/edit/cust_main_attach.cgi b/httemplate/edit/cust_main_attach.cgi
index 7c9e407d9..0880c760a 100755
--- a/httemplate/edit/cust_main_attach.cgi
+++ b/httemplate/edit/cust_main_attach.cgi
@@ -2,31 +2,42 @@
 
 <% include('/elements/error.html') %>
 
-<FORM ACTION="<% popurl(1) %>process/cust_main_attach.cgi" METHOD=POST ENCTYPE="multipart/form-data">
+<FORM NAME="attach_edit" ACTION="<% popurl(1) %>process/cust_main_attach.cgi" METHOD=POST ENCTYPE="multipart/form-data">
 <INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
 <INPUT TYPE="hidden" NAME="attachnum" VALUE="<% $attachnum %>">
 
-<BR><BR>
-
 % if(defined $attach) {
-Filename <INPUT TYPE="text" NAME="filename" VALUE="<% $attach->filename %>"><BR>
-MIME type <INPUT TYPE="text" NAME="mime_type" VALUE="<% $attach->mime_type %>"<BR>
-Size: <% $attach->size %><BR>
+%   if($curuser->access_right("Download attachment")) {
+<A HREF="<% $p.'view/attachment.html?'.$attachnum %>">Download this file</A><BR>
+%   }
+% }
 
+<BR>
+<TABLE BGCOLOR="#cccccc" CELLSPACING=0>
+
+% if ( defined $attach ) {
+<TR><TD> Filename </TD>
+<TD><INPUT TYPE="text" NAME="file" SIZE=40 MAXLENGTH=255 VALUE="<% $cgi->param('file') || $attach->filename |h %>"<% $disabled %>></TD></TR>
+<TR><TD> Description </TD>
+<TD><INPUT TYPE="text" NAME="title" SIZE=40 MAXLENGTH=80 VALUE="<% $cgi->param('title') || $attach->title |h %>"<% $disabled %></TD></TR>
+<TR><TD> MIME type </TD>
+<TD><INPUT TYPE="text" NAME="mime_type" SIZE=40 VALUE="<% $cgi->param('mime_type') || $attach->mime_type |h %>"<% $disabled %></TD></TR>
+<TR><TD> Size </TD><TD><% $attach->size %></TD></TR>
 % }
 % else { # !defined $attach
-
-Filename <INPUT TYPE="file" NAME="file"><BR>
-
+<TR><TD> Filename </TD><TD><INPUT TYPE="file" SIZE=24 NAME="file"></TD></TR>
+<TR><TD> Description </TD><TD><INPUT TYPE="text" NAME="title" SIZE=40 MAXLENGTH=80></TD></TR>
 % }
-
+</TABLE>
 <BR>
+% if(! $disabled) {
 <INPUT TYPE="submit" NAME="submit" 
-    VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>">
-
-% if(defined $attach) {
+    VALUE="<% $attachnum ? emt("Apply changes") : emt("Upload File") %>">
+% }
+% if(defined $attach and $curuser->access_right('Delete attachment')) {
 <BR>
-<INPUT TYPE="submit" NAME="delete" value="Delete File">
+<INPUT TYPE="submit" NAME="delete" value="Delete File" 
+onclick="return(confirm('Delete this file?'));">
 % }
 
 </FORM>
@@ -35,24 +46,27 @@ Filename <INPUT TYPE="file" NAME="file"><BR>
 
 <%init>
 
+my $curuser = $FS::CurrentUser::CurrentUser;
+
 my $attachnum = '';
 my $attach;
-if ( $cgi->param('error') ) {
-  #$comment     = $cgi->param('comment');
-} elsif ( $cgi->param('attachnum') =~ /^(\d+)$/ ) {
+
+if ( $cgi->param('attachnum') =~ /^(\d+)$/ ) {
   $attachnum = $1;
   die "illegal query ". $cgi->keywords unless $attachnum;
   $attach = qsearchs('cust_attachment', { 'attachnum' => $attachnum });
   die "no such attachment: ". $attachnum unless $attach;
 }
 
-$cgi->param('custnum') =~ /^(\d+)$/ or die "illegal custnum";
-my $custnum = $1;
-
 my $action = $attachnum ? 'Edit' : 'Add';
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right("$action customer note");
+my $disabled='';
+if(! $curuser->access_right("$action attachment")) {
+  $disabled = ' disabled="disabled"';
+}
+
+$cgi->param('custnum') =~ /^(\d+)$/ or die "illegal custnum";
+my $custnum = $1;
 
 </%init>
 

Filename	>
Description
MIME type
Size	<% $attach->size %>
Filename
Description