X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Funapply-cust_credit.cgi;h=aa1a3a9c20d799f7aed46e7a4e49da831ce682a7;hb=bb7e827141c9ed68f30765c9ca2ddcd1d760ad2d;hp=f8fa6326872befe89f2f2997f3cffbb13f47c7d5;hpb=718f65eee1c797ea90a315b5f03fae75c80a5112;p=freeside.git

diff --git a/httemplate/misc/unapply-cust_credit.cgi b/httemplate/misc/unapply-cust_credit.cgi
index f8fa63268..aa1a3a9c2 100755
--- a/httemplate/misc/unapply-cust_credit.cgi
+++ b/httemplate/misc/unapply-cust_credit.cgi
@@ -1,19 +1,20 @@
-%
-%
-%#untaint crednum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal crednum";
-%my $crednum = $1;
-%
-%my $cust_credit = qsearchs('cust_credit', { 'crednum' => $crednum } );
-%my $custnum = $cust_credit->custnum;
-%
-%foreach my $cust_credit_bill ( $cust_credit->cust_credit_bill ) {
-%  my $error = $cust_credit_bill->delete;
-%  errorpage($error) if $error;
-%}
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+<% $cgi->redirect($p. "view/cust_main.cgi?custnum=". $custnum. ";show=payment_history") %>
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unapply credit');
+
+#untaint crednum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal crednum";
+my $crednum = $1;
+
+my $cust_credit = qsearchs('cust_credit', { 'crednum' => $crednum } );
+my $custnum = $cust_credit->custnum;
+
+foreach my $cust_credit_bill ( $cust_credit->cust_credit_bill ) {
+  my $error = $cust_credit_bill->delete;
+  errorpage($error) if $error;
+}
+
+</%init>