X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fquick-charge.cgi;h=4c4927f4d26b995eabef91671a8f13d70943e6c9;hb=1203e278e2ec38fcf1468da2e4f10862004bebeb;hp=f614dd5cfd96a07e23c3bf0410df2dc93723abd5;hpb=2a863bbb144830dfb8fca4afb3af76a84a647c76;p=freeside.git

diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi
index f614dd5cf..4c4927f4d 100644
--- a/httemplate/edit/process/quick-charge.cgi
+++ b/httemplate/edit/process/quick-charge.cgi
@@ -1,47 +1,56 @@
-%
-%  my $error = '';
-%  my $param = $cgi->Vars;
-%
-%  my @description = ();
-%  for ( my $row = 0; exists($param->{"description$row"}); $row++ ) {
-%    push @description, $param->{"description$row"};
-%  }
-%  pop @description until ($description[$#description]);
-%
-%  $param->{"custnum"} =~ /^(\d+)$/
-%    or $error .= "Illegal customer number " . $param->{"custnum"} . "  ";
-%  my $custnum = $1;
-%
-%  $param->{"amount"} =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
-%    or $error .= "Illegal amount " . $param->{"amount"} . "  ";
-%  my $amount = $1;
-%
-%  if ( $param->{'taxclass'} eq '(select)' ) {
-%    $error .= "Must select a tax class.  ";
-%  }
-%
-%  unless ( $error ) {
-%    my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
-%      or $error .= "Unknown customer number $custnum.  ";
-%
-%    $error ||= $cust_main->charge({ 'amount'   => $amount,
-%                                   'pkg'      => $cgi->param('pkg'),
-%                                   'taxclass' => $cgi->param('taxclass'),
-%                                   'additional' => \@description,
-%                                 }
-%                               );
-%  }
-%
-%  if ( $error ) {
-%
-%    $cgi->param('error', "$error" );
-%    
+% if ( $error ) {
+%   $cgi->param('error', $error );
 <% $cgi->redirect($p.'quick-charge.html?'. $cgi->query_string) %>
-%
-% }
+% } else {
 <% header("One-time charge added") %>
   <SCRIPT TYPE="text/javascript">
     window.top.location.reload();
   </SCRIPT>
   </BODY></HTML>
+% }
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('One-time charge');
+
+my $error = '';
+my $param = $cgi->Vars;
+
+my @description = ();
+for ( my $row = 0; exists($param->{"description$row"}); $row++ ) {
+  push @description, $param->{"description$row"}
+    if ($param->{"description$row"} =~ /\S/);
+}
+
+$param->{"custnum"} =~ /^(\d+)$/
+  or $error .= "Illegal customer number " . $param->{"custnum"} . "  ";
+my $custnum = $1;
+
+$param->{"amount"} =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
+  or $error .= "Illegal amount " . $param->{"amount"} . "  ";
+my $amount = $1;
+
+my $quantity = 1;
+if ( $cgi->param('quantity') =~ /^\s*(\d+)\s*$/ ) {
+  $quantity = $1;
+}
+
+if ( $param->{'taxclass'} eq '(select)' ) {
+  $error .= "Must select a tax class.  ";
+}
+
+unless ( $error ) {
+  my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
+    or $error .= "Unknown customer number $custnum.  ";
+
+  $error ||= $cust_main->charge( {
+    'amount'     => $amount,
+    'quantity'   => $quantity,
+    'pkg'        => scalar($cgi->param('pkg')),
+    'taxclass'   => scalar($cgi->param('taxclass')),
+    'classnum'   => scalar($cgi->param('classnum')),
+    'additional' => \@description,
+  } );
+}
 
+</%init>