X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fprocess%2Fcatchall.cgi;h=0dda2eada5761c6e1132b3e3607b11fb5e1449d2;hb=833cfe5c9938d33c3e6b97ed610c25a7afa6eb04;hp=44a63f9f8c67594c9118c1cb6c4dc7c8ff3e9a5f;hpb=2041a9143fac20b79ead4a1ae01224dedf5b27c2;p=freeside.git

diff --git a/httemplate/misc/process/catchall.cgi b/httemplate/misc/process/catchall.cgi
index 44a63f9f8..0dda2eada 100755
--- a/httemplate/misc/process/catchall.cgi
+++ b/httemplate/misc/process/catchall.cgi
@@ -1,4 +1,13 @@
-<%
+%if ($error) {
+%  $cgi->param('error', $error);
+<% $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string ) %>
+%} else {
+<% $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum") %>
+%}
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Edit domain catchall');
 
 $FS::svc_domain::whois_hack=1;
 
@@ -23,11 +32,4 @@ if ( $svcnum ) {
   $svcnum = $new->getfield('svcnum');
 } 
 
-if ($error) {
-  $cgi->param('error', $error);
-  print $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string );
-} else {
-  print $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum");
-}
-
-%>
+</%init>