X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fsearch%2Fcust_main.cgi;h=cce4f0d7d48ee1af1fb0c84b6d7ba086e72409f4;hb=6f58ae775b905cd462dd0faafee95973414a45d2;hp=da6c89d44704cd4192000ebeaa5eac6a60513f73;hpb=a2ecb1cf6a6c084c521710f1256da082f70ba9e5;p=freeside.git

diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi
index da6c89d44..cce4f0d7d 100755
--- a/httemplate/search/cust_main.cgi
+++ b/httemplate/search/cust_main.cgi
@@ -330,10 +330,11 @@
 my $curuser = $FS::CurrentUser::CurrentUser;
 
 die "access denied"
-  unless $curuser->access_right('List all customers');
+  unless $curuser->access_right('List all customers')
+      || $curuser->access_right('List customers');
 
 my $conf = new FS::Conf;
-my $maxrecords = $conf->config('maxsearchrecordsperpage');
+my $maxrecords = $conf->config('maxsearchrecordsperpage') || 100;
 # summarize more than this many services of the same svcpart
 my $large_pkg_size = $conf->config('cust_pkg-large_pkg_size') || 0;
 
@@ -351,9 +352,11 @@ my(@cust_main, $sortby, $orderby);
 my @select = ();
 my @addl_headers = ();
 my @addl_cols = ();
-if ( $cgi->param('browse')
-     || $cgi->param('otaker_on')
-     || $cgi->param('agentnum_on')
+if ( (    $cgi->param('browse')
+       || $cgi->param('otaker_on')
+       || $cgi->param('agentnum_on')
+     )
+     and $curuser->access_right('List all customers')
 ) {
 
   my %search = ();
@@ -582,7 +585,7 @@ sub cardsearch {
 
   my($card)=$cgi->param('card');
   $card =~ s/\D//g;
-  $card =~ /^(\d{13,16}|\d{8,9})$/ or errorpage(emt("Illegal card number"));
+  $card =~ /^(\d{13,19}|\d{8,9})$/ or errorpage(emt("Illegal card number"));
   my($payinfo)=$1;
 
   [ qsearch('cust_main',{'payinfo'=>$payinfo, 'payby'=>'CARD'}),