X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Funapply-cust_pay.cgi;h=8cdac180be1d87fe4b5945deeb8dfb129418ea76;hb=dfba562ff61f541ba7c75f2c02b32951b73aa002;hp=b28f61b0f6c7a6b7870c16bca5e2a881b9ac93aa;hpb=9509e5bfb7f9331303153cac24d7bfecbe2ea9f1;p=freeside.git

diff --git a/httemplate/misc/unapply-cust_pay.cgi b/httemplate/misc/unapply-cust_pay.cgi
index b28f61b0f..8cdac180b 100755
--- a/httemplate/misc/unapply-cust_pay.cgi
+++ b/httemplate/misc/unapply-cust_pay.cgi
@@ -1,19 +1,20 @@
-%
-%
-%#untaint paynum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal paynum";
-%my $paynum = $1;
-%
-%my $cust_pay = qsearchs('cust_pay', { 'paynum' => $paynum } );
-%my $custnum = $cust_pay->custnum;
-%
-%foreach my $cust_bill_pay ( $cust_pay->cust_bill_pay ) {
-%  my $error = $cust_bill_pay->delete;
-%  eidiot($error) if $error;
-%}
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unapply payment');
+
+#untaint paynum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal paynum";
+my $paynum = $1;
+
+my $cust_pay = qsearchs('cust_pay', { 'paynum' => $paynum } );
+my $custnum = $cust_pay->custnum;
+
+foreach my $cust_bill_pay ( $cust_pay->cust_bill_pay ) {
+  my $error = $cust_bill_pay->delete;
+  errorpage($error) if $error;
+}
+
+</%init>