ACLs

[freeside.git] / httemplate / edit / quick-charge.html

<% include("/elements/header-popup.html", 'One-time charge entry', '',
            ( $cgi->param('error') ? '' : 'onload="addRow()"' ),
          )
%>

<% include('/elements/error.html') %>

<SCRIPT TYPE="text/javascript">

function enable_quick_charge () {
  if (    document.QuickChargeForm.amount.value
       && document.QuickChargeForm.pkg.value    ) {
    document.QuickChargeForm.submit.disabled = false;
  } else {
    document.QuickChargeForm.submit.disabled = true;
  }
}

function enable_quick_charge_desc () {
  if (  document.QuickChargeForm.amount.value && document.QuickChargeForm.pkg.value ) {
    document.QuickChargeForm.submit.disabled = false;
  } else {
    document.QuickChargeForm.submit.disabled = true;
  }
}

function enable_quick_charge_amount () {
  if ( document.QuickChargeForm.amount.value && document.QuickChargeForm.pkg.value ) {
    document.QuickChargeForm.submit.disabled = false;
  } else {
    document.QuickChargeForm.submit.disabled = true;
  }
}

function validate_quick_charge () {
  var pkg = document.QuickChargeForm.pkg.value;
  var pkg_regex = /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=\[\]]*)$/ ;
  var amount = document.QuickChargeForm.amount.value;
  var amount_regex = /^\s*\$?\s*(\d+(\.\d{1,2})?)\s*$/ ;
  var rval = true;

  if ( ! amount_regex.test(amount) ) {
    alert('Illegal amount - enter an amount to charge, for example, "5" or "43" or "21.46".');
    return false;
  }
  if ( String(pkg).length < 1 ) {
    rval = false;
  }
  if ( ! pkg_regex.test(pkg) ) {
    rval = false;
  }
  var i=0;
  for (i=0; i < rownum; i++) {
    if (! eval('pkg_regex.test(document.QuickChargeForm.description' + i + '.value)')){
      rval = false;
      break;
    }
  }
  if (rval == true) {
    return true;
  }

  if ( ! pkg ) {
    alert('Enter a description for the one-time charge');
    return false;
  }

  alert('Illegal description - spaces, letters, numbers, and the following punctuation characters are allowed: . , ! ? @ # $ % & ( ) - + ; : ' + "'" + ' " = [ ]' );
  return false;
}

</SCRIPT>

<FORM ACTION="process/quick-charge.cgi" NAME="QuickChargeForm" METHOD="POST" onsubmit="document.QuickChargeForm.submit.disabled=true;return validate_quick_charge();">

<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">

<TABLE ID="QuickChargeTable" BGCOLOR="#cccccc" BORDER=0 CELLSPACING=0 STYLE="background-color: #cccccc">

<TR>
  <TD ALIGN="right">Amount:</TD>
  <TD>
    $<INPUT TYPE="text" NAME="amount" SIZE=6 VALUE="<% $amount %>" onChange="enable_quick_charge()" onKeyPress="enable_quick_charge_amount()">
  </TD>
<% include('/elements/tr-select-taxclass.html') %>
</TR>
  <TD>Description:</TD>
  <TD>
    <INPUT TYPE="text" NAME="pkg" SIZE="60" MAXLENGTH="65" VALUE="<% $pkg %>" onChange="enable_quick_charge()" onKeyPress="enable_quick_charge_desc()">
  </TD>
</TR>
<TR>
  <TD></TD>
  <TD><FONT SIZE="-1">Optional additional description: </FONT></TD>
</TR>

% my $row = 0;
%   if ( $cgi->param('error') ) {
%     my $param = $cgi->Vars;
%
% for ( $row = 0; exists($param->{"description$row"}); $row++ ) { 

    <TR>
      <TD></TD>
      <TD>
        <INPUT TYPE="text" NAME="description<% $row %>" SIZE="60" MAXLENGTH="65" VALUE="<% $param->{"description$row"} |h %>" rownum="<% $row %>" onkeyup = "possiblyAddRow;" >
      </TD>
    </TR>
% } 
% } 


</TABLE>

<BR>
<INPUT TYPE="submit" NAME="submit" VALUE="Add one-time charge" <% $cgi->param('error') ? '' :' DISABLED' %>>

</FORM>


<SCRIPT TYPE="text/javascript">

  var rownum = <% $row %>;

  function possiblyAddRow() {
    if ( ( rownum - this.getAttribute('rownum') ) == 1 ) {
      addRow();
    }
  }

  function addRow() {

    var table = document.getElementById('QuickChargeTable');
    var tablebody = table.getElementsByTagName('tbody').item(0);

    var row = document.createElement('TR');

    var empty_cell = document.createElement('TD');
    row.appendChild(empty_cell);

    var description_cell = document.createElement('TD');

      var description_input = document.createElement('INPUT');
      description_input.setAttribute('name', 'description'+rownum);
      description_input.setAttribute('id',   'description'+rownum);
      description_input.setAttribute('size', 60);
      description_input.setAttribute('maxLength', 65);
      description_input.setAttribute('rownum',   rownum);
      description_input.onkeyup = possiblyAddRow;
      description_cell.appendChild(description_input);

    row.appendChild(description_cell);

    tablebody.appendChild(row);

    rownum++;

  }

</SCRIPT>

</BODY>
</HTML>
<%init>

die "access denied"
  unless $FS::CurrentUser::CurrentUser->access_right('One-time charge');

$cgi->param('custnum') =~ /^(\d+)$/ or die 'illegal custnum';
my $custnum = $1;

my $amount = '';
if ( $cgi->param('amount') =~ /^\s*\$?\s*(\d+(\.\d{1,2})?)\s*$/ ) {
  $amount = $1;
}

$cgi->param('pkg') =~ /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=\[\]]*)$/ 
  or die 'illegal description';
my $pkg = $1;

</%init>