X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fquick-charge.cgi;h=38f06e1e92777fb0e9d687332d5e71bf1f72d48d;hb=7b5a266236857fbb4bbf8d4ac3031c3fec75cac2;hp=477f585081128841bc0d04243f5847e445c713d4;hpb=f7fd2a3e34da751cbc02bbf215e99c6dc89adc15;p=freeside.git diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi index 477f58508..38f06e1e9 100644 --- a/httemplate/edit/process/quick-charge.cgi +++ b/httemplate/edit/process/quick-charge.cgi @@ -1,32 +1,75 @@ -<% +% if ( $error ) { +% $cgi->param('error', $error ); +<% $cgi->redirect($p.'quick-charge.html?'. $cgi->query_string) %> +% } else { +<% header(emt("One-time charge added")) %> + + +% } +<%init> -#untaint custnum -$cgi->param('custnum') =~ /^(\d+)$/ - or die 'illegal custnum '. $cgi->param('custnum'); +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('One-time charge'); + +my $error = ''; +my $conf = new FS::conf; +my $param = $cgi->Vars; + +my @description = (); +for ( my $row = 0; exists($param->{"description$row"}); $row++ ) { + push @description, $param->{"description$row"} + if ($param->{"description$row"} =~ /\S/); +} + +$param->{"custnum"} =~ /^(\d+)$/ + or $error .= "Illegal customer number " . $param->{"custnum"} . " "; my $custnum = $1; -$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/ - or die 'illegal amount '. $cgi->param('amount'); +$param->{"amount"} =~ /^\s*(\d*(?:\.?\d{1,2}))\s*$/ + or $error .= "Illegal amount " . $param->{"amount"} . " "; my $amount = $1; -my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) - or die "unknown custnum $custnum"; - -my $error = $cust_main->charge( - $amount, - $cgi->param('pkg'), - '$'. sprintf("%.2f",$amount), - $cgi->param('taxclass') -); - -if ($error) { -%> - -<% - eidiot($error); -} else { - print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" ); +my $quantity = 1; +if ( $cgi->param('quantity') =~ /^\s*(\d+)\s*$/ ) { + $quantity = $1; } -%> +$param->{'tax_override'} =~ /^\s*([,\d]*)\s*$/ + or $error .= "Illegal tax override " . $param->{"tax_override"} . " "; +my $override = $1; + +if ( $param->{'taxclass'} eq '(select)' ) { + $error .= "Must select a tax class. " + unless ($conf->exists('enable_taxproducts') && + ( $override || $param->{taxproductnum} ) + ); + $cgi->param('taxclass', ''); +} + +unless ( $error ) { + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or $error .= "Unknown customer number $custnum. "; + + $error ||= $cust_main->charge( { + 'amount' => $amount, + 'quantity' => $quantity, + 'bill_now' => scalar($cgi->param('bill_now')), + 'invoice_terms' => scalar($cgi->param('invoice_terms')), + 'start_date' => ( scalar($cgi->param('start_date')) + ? parse_datetime($cgi->param('start_date')) + : '' + ), + 'no_auto' => scalar($cgi->param('no_auto')), + 'pkg' => scalar($cgi->param('pkg')), + 'setuptax' => scalar($cgi->param('setuptax')), + 'taxclass' => scalar($cgi->param('taxclass')), + 'taxproductnum' => scalar($cgi->param('taxproductnum')), + 'tax_override' => $override, + 'classnum' => scalar($cgi->param('classnum')), + 'additional' => \@description, + } ); +} +