%if ( $success ) { <& /elements/header-popup.html, mt("Payment voided") &> %} else { <& /elements/header-popup.html, mt('Void payment') &> <& /elements/error.html &>

<% mt('Void this payment?') |h %>

<& /elements/tr-select-reason.html, 'field' => 'reasonnum', 'reason_class' => 'P', 'cgi' => $cgi &>

         " onClick="parent.cClick();">

%} <%init> #untaint paynum my $paynum = $cgi->param('paynum'); if ($paynum) { $paynum =~ /^(\d+)$/ || die "Illegal paynum"; } else { my($query) = $cgi->keywords; $query =~ /^(\d+)/ || die "Illegal paynum"; $paynum = $1; } my $cust_pay = qsearchs('cust_pay',{'paynum'=>$paynum}) || die "Payment not found"; my $right = 'Void payments'; $right = 'Credit card void' if $cust_pay->payby eq 'CARD'; $right = 'Echeck void' if $cust_pay->payby eq 'CHEK'; die "access denied" unless $FS::CurrentUser::CurrentUser->access_right($right); my $success = 0; if ($cgi->param('confirm_void_payment')) { #untaint reasonnum / create new reason my ($reasonnum, $error) = $m->comp('process/elements/reason'); if (!$reasonnum) { $error = 'Reason required'; } else { my $reason = qsearchs('reason', { 'reasonnum' => $reasonnum }) || die "Reason num $reasonnum not found in database"; $error = $cust_pay->void($reason) unless $error; } if ($error) { $cgi->param('error',$error); } else { $success = 1; } }