X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fdelete-cust_credit.cgi;h=03eb47299fa72825df9c912719ab1541b554a9ee;hb=dfba562ff61f541ba7c75f2c02b32951b73aa002;hp=78df2498915cd6b8fceb0d2b59c74de217951e8c;hpb=718f65eee1c797ea90a315b5f03fae75c80a5112;p=freeside.git

diff --git a/httemplate/misc/delete-cust_credit.cgi b/httemplate/misc/delete-cust_credit.cgi
index 78df24989..03eb47299 100755
--- a/httemplate/misc/delete-cust_credit.cgi
+++ b/httemplate/misc/delete-cust_credit.cgi
@@ -1,17 +1,21 @@
-%
-%
-%#untaint crednum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal crednum";
-%my $crednum = $1;
-%
-%my $cust_credit = qsearchs('cust_credit',{'crednum'=>$crednum});
-%my $custnum = $cust_credit->custnum;
-%
-%my $error = $cust_credit->delete;
-%errorpage($error) if $error;
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+% if ( $error ) {
+%   errorpage($error);
+% } else {
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+% }
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Delete credit');
+
+#untaint crednum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal crednum";
+my $crednum = $1;
+
+my $cust_credit = qsearchs('cust_credit',{'crednum'=>$crednum});
+my $custnum = $cust_credit->custnum;
+
+my $error = $cust_credit->delete;
+
+</%init>