X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fview%2Fcust_bill-logo.cgi;h=9c1c1d71d2289e83cfbccbd9129612b182b7d31b;hb=d0aca10ecd6edb171555eb87b1570daa3d2820b1;hp=fd6a81a75ce446a1a2d3ecfa9938c9a45864f2cf;hpb=3ce7691203a7737406bf2d4442f7fd84b81f847e;p=freeside.git

diff --git a/httemplate/view/cust_bill-logo.cgi b/httemplate/view/cust_bill-logo.cgi
index fd6a81a75..9c1c1d71d 100755
--- a/httemplate/view/cust_bill-logo.cgi
+++ b/httemplate/view/cust_bill-logo.cgi
@@ -1,16 +1,21 @@
-%
-%
-%my $conf = new FS::Conf;
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^([^\.\/]*)$/;
-%my $templatename = $1;
-%if ( $templatename && $conf->exists("logo_$templatename.png") ) {
-%  $templatename = "_$templatename";
-%} else {
-%  $templatename = '';
-%}
-%
-%http_header('Content-Type' => 'image/png' );
-%
 <% $conf->config_binary("logo$templatename.png") %>
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('View invoices')
+      or $FS::CurrentUser::CurrentUser->access_right('Configuration');
+
+my $conf = new FS::Conf;
+
+my($query) = $cgi->keywords;
+$query =~ /^([^\.\/]*)$/;
+my $templatename = $1;
+if ( $templatename && $conf->exists("logo_$templatename.png") ) {
+  $templatename = "_$templatename";
+} else {
+  $templatename = '';
+}
+
+http_header('Content-Type' => 'image/png' );
+
+</%init>