X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fcust_main_note.cgi;h=1fdf0d9e5434d0107fbef5bdb89c27d9c2455cb4;hb=9c9a1838b54292c62e940d7e6cee5141ea8e9b5c;hp=303895bd8366a2f72a9bfdb7bcacfa671f15cc38;hpb=9509e5bfb7f9331303153cac24d7bfecbe2ea9f1;p=freeside.git diff --git a/httemplate/edit/cust_main_note.cgi b/httemplate/edit/cust_main_note.cgi index 303895bd8..1fdf0d9e5 100755 --- a/httemplate/edit/cust_main_note.cgi +++ b/httemplate/edit/cust_main_note.cgi @@ -1,9 +1,6 @@ <% include('/elements/header-popup.html', "$action Customer Note") %> -% if ( $cgi->param('error') ) { - Error: <% $cgi->param('error') %> -

-% } +<% include('/elements/error.html') %>
@@ -11,9 +8,11 @@

- +<% include('/elements/htmlarea.html', 'field' => 'comment', + 'curr_value' => $comment) %> +% #

"> @@ -23,13 +22,12 @@ <%init> -my($custnum, $comment, $notenum, $action); -$comment = ''; +my $comment; +my $notenum = ''; if ( $cgi->param('error') ) { $comment = $cgi->param('comment'); -}elsif ($cgi->param('notenum')) { - $cgi->param('notenum') =~ /^(\d+)$/; +} elsif ( $cgi->param('notenum') =~ /^(\d+)$/ ) { $notenum = $1; die "illegal query ". $cgi->keywords unless $notenum; my $note = qsearchs('cust_main_note', { 'notenum' => $notenum }); @@ -37,15 +35,15 @@ if ( $cgi->param('error') ) { $comment = $note->comments; } -$cgi->param('notenum') =~ /^(\d+)$/; -$notenum = $1; +$comment =~ s/\r//g; # remove weird line breaks to protect FCKeditor -$cgi->param('custnum') =~ /^(\d+)$/; -$custnum = $1; +$cgi->param('custnum') =~ /^(\d+)$/ or die "illeagl custnum"; +my $custnum = $1; -die "illegal query ". $cgi->keywords unless $custnum; +my $action = $notenum ? 'Edit' : 'Add'; -$action = $notenum ? 'Edit' : 'Add'; +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right("$action customer note");