X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Flink.cgi;h=748eaa15f993cfa774198103049bf1505046377c;hb=cd6a49deff31eb40300317cb4416a51707378316;hp=18cd378d3691fdcf11f84d2648f48d7fa1c04258;hpb=673b9a458d9138523026963df6fa3b4683e09bae;p=freeside.git diff --git a/httemplate/misc/link.cgi b/httemplate/misc/link.cgi index 18cd378d3..748eaa15f 100755 --- a/httemplate/misc/link.cgi +++ b/httemplate/misc/link.cgi @@ -1,5 +1,59 @@ - -<% +<% include("/elements/header.html","Link to existing $svc") %> + +
+ +<% include('/elements/footer.html') %> + +<%init> + +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('View/link unlinked services'); my %link_field = ( 'svc_acct' => 'username', @@ -16,12 +70,10 @@ my %link_field2 = ( }, ); -my($query) = $cgi->keywords; -my($pkgnum, $svcpart) = ('', ''); -foreach $_ (split(/-/,$query)) { #get & untaint pkgnum & svcpart - $pkgnum=$1 if /^pkgnum(\d+)$/; - $svcpart=$1 if /^svcpart(\d+)$/; -} +$cgi->param('pkgnum') =~ /^(\d+)$/ or die 'unparsable pkgnum'; +my $pkgnum = $1; +$cgi->param('svcpart') =~ /^(\d+)$/ or die 'unparsable svcpart'; +my $svcpart = $1; my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart}); my $svc = $part_svc->getfield('svc'); @@ -29,46 +81,4 @@ my $svcdb = $part_svc->getfield('svcdb'); my $link_field = $link_field{$svcdb}; my $link_field2 = $link_field2{$svcdb}; -%> - -<%= header("Link to existing $svc") %> - -