X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Fvoid-cust_pay.cgi;h=7b484e93eb54f48b2cce72d0ae52e66d58330f4f;hb=dfba562ff61f541ba7c75f2c02b32951b73aa002;hp=4eec6089249da41be6c9520b824781c134031ac3;hpb=f7fd2a3e34da751cbc02bbf215e99c6dc89adc15;p=freeside.git

diff --git a/httemplate/misc/void-cust_pay.cgi b/httemplate/misc/void-cust_pay.cgi
index 4eec60892..7b484e93e 100755
--- a/httemplate/misc/void-cust_pay.cgi
+++ b/httemplate/misc/void-cust_pay.cgi
@@ -1,4 +1,9 @@
-<%
+%if ( $error ) {
+%  errorpage($error);
+%} else {
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+%}
+<%init>
 
 #untaint paynum
 my($query) = $cgi->keywords;
@@ -6,11 +11,16 @@ $query =~ /^(\d+)$/ || die "Illegal paynum";
 my $paynum = $1;
 
 my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum});
+
+my $right = 'Regular void';
+$right = 'Credit card void' if $cust_pay->payby eq 'CARD';
+$right = 'Echeck void'      if $cust_pay->payby eq 'CHEK';
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right($right);
+
 my $custnum = $cust_pay->custnum;
 
 my $error = $cust_pay->void;
-eidiot($error) if $error;
-
-print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
 
-%>
+</%init>