X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Flink.cgi;h=748eaa15f993cfa774198103049bf1505046377c;hb=c648976f0b7975f2328ebd7ba8c711fad0ca4195;hp=18cd378d3691fdcf11f84d2648f48d7fa1c04258;hpb=f7fd2a3e34da751cbc02bbf215e99c6dc89adc15;p=freeside.git diff --git a/httemplate/misc/link.cgi b/httemplate/misc/link.cgi index 18cd378d3..748eaa15f 100755 --- a/httemplate/misc/link.cgi +++ b/httemplate/misc/link.cgi @@ -1,5 +1,59 @@ - -<% +<% include("/elements/header.html","Link to existing $svc") %> + +
+ +<% include('/elements/footer.html') %> + +<%init> + +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('View/link unlinked services'); my %link_field = ( 'svc_acct' => 'username', @@ -16,12 +70,10 @@ my %link_field2 = ( }, ); -my($query) = $cgi->keywords; -my($pkgnum, $svcpart) = ('', ''); -foreach $_ (split(/-/,$query)) { #get & untaint pkgnum & svcpart - $pkgnum=$1 if /^pkgnum(\d+)$/; - $svcpart=$1 if /^svcpart(\d+)$/; -} +$cgi->param('pkgnum') =~ /^(\d+)$/ or die 'unparsable pkgnum'; +my $pkgnum = $1; +$cgi->param('svcpart') =~ /^(\d+)$/ or die 'unparsable svcpart'; +my $svcpart = $1; my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart}); my $svc = $part_svc->getfield('svc'); @@ -29,46 +81,4 @@ my $svcdb = $part_svc->getfield('svcdb'); my $link_field = $link_field{$svcdb}; my $link_field2 = $link_field2{$svcdb}; -%> - -<%= header("Link to existing $svc") %> - -