X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fvoid-cust_pay.cgi;h=784bb9a94a4e76b58bcc6b98349678eae0c91ad2;hb=5da68ff1a7c638e30cbafbc9b0749f1e82b333df;hp=972a1a5bd17563c4792f42fa09274a8cd36b4168;hpb=718f65eee1c797ea90a315b5f03fae75c80a5112;p=freeside.git

diff --git a/httemplate/misc/void-cust_pay.cgi b/httemplate/misc/void-cust_pay.cgi
index 972a1a5bd..784bb9a94 100755
--- a/httemplate/misc/void-cust_pay.cgi
+++ b/httemplate/misc/void-cust_pay.cgi
@@ -1,17 +1,78 @@
-%
-%
-%#untaint paynum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal paynum";
-%my $paynum = $1;
-%
-%my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum});
-%my $custnum = $cust_pay->custnum;
-%
-%my $error = $cust_pay->void;
-%errorpage($error) if $error;
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+%if ( $success ) {
+<& /elements/header-popup.html, mt("Payment voided") &>
+  <SCRIPT TYPE="text/javascript">
+    window.top.location.reload();
+  </SCRIPT>
+  </BODY>
+</HTML>
+%} else {
+<& /elements/header-popup.html, mt('Void payment')  &>
 
+<& /elements/error.html &>
+
+<P ALIGN="center"><B><% mt('Void this payment?') |h %></B>
+
+<FORM action="<% ${p} %>misc/void-cust_pay.cgi">
+<INPUT TYPE="hidden" NAME="paynum" VALUE="<% $paynum %>">
+
+<TABLE BGCOLOR="#cccccc" BORDER="0" CELLSPACING="2" STYLE="margin-left:auto; margin-right:auto">
+<& /elements/tr-select-reason.html,
+             'field'          => 'reasonnum',
+             'reason_class'   => 'X',
+             'cgi'            => $cgi
+&>
+</TABLE>
+
+<BR>
+<P ALIGN="CENTER">
+<INPUT TYPE="submit" NAME="confirm_void_payment" VALUE="<% mt('Void payment') |h %>"> 
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<INPUT TYPE="BUTTON" VALUE="<% mt("Don't void payment") |h %>" onClick="parent.cClick();"> 
+
+</FORM>
+</BODY>
+</HTML>
+
+%}
+<%init>
+
+#untaint paynum
+my $paynum = $cgi->param('paynum');
+if ($paynum) {
+  $paynum =~ /^(\d+)$/ || die "Illegal paynum";
+} else {
+  my($query) = $cgi->keywords;
+  $query =~ /^(\d+)/ || die "Illegal paynum";
+  $paynum = $1;
+}
+
+my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum}) || die "Payment not found";
+
+my $right = 'Void payments';
+$right = 'Credit card void' if $cust_pay->payby eq 'CARD';
+$right = 'Echeck void'      if $cust_pay->payby eq 'CHEK';
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right($right);
+
+my $success = 0;
+if ($cgi->param('confirm_void_payment')) {
+
+  #untaint reasonnum / create new reason
+  my ($reasonnum, $error) = $m->comp('process/elements/reason');
+  if (!$reasonnum) {
+    $error = 'Reason required';
+  } else {
+    my $reason = qsearchs('reason', { 'reasonnum' => $reasonnum })
+      || die "Reason num $reasonnum not found in database";
+	$error = $cust_pay->void($reason) unless $error;
+  }
+
+  if ($error) {
+    $cgi->param('error',$error);
+  } else {
+    $success = 1;
+  }
+}
+
+</%init>