welcome to the new world

[freeside.git] / httemplate / edit / cust_bill_pay.cgi

diff --git a/httemplate/edit/cust_bill_pay.cgi b/httemplate/edit/cust_bill_pay.cgi
index 90292eb..b6a0647 100755 (executable)
--- a/httemplate/edit/cust_bill_pay.cgi
+++ b/httemplate/edit/cust_bill_pay.cgi
@@ -1,9 +1,6 @@
-<% header("Apply Payment", '') %>
+<% include('/elements/header-popup.html', 'Apply Payment') %>
 
-% if ( $cgi->param('error') ) { 
-  <FONT SIZE="+1" COLOR="#ff0000">Error: <% $cgi->param('error') %></FONT>
-  <BR><BR>
-% } 
+<% include('/elements/error.html') %>
 
 <FORM ACTION="<% $p1 %>process/cust_bill_pay.cgi" METHOD=POST>
 
@@ -36,7 +33,6 @@ function changed(what) {
 
 <BR>Invoice #<SELECT NAME="invnum" SIZE=1 onChange="changed(this)">
 <OPTION VALUE="">
-% foreach my $cust_bill ( @cust_bill ) { 
 
 % foreach my $cust_bill ( @cust_bill ) { 
   <OPTION<% $cust_bill->invnum eq $invnum ? ' SELECTED' : '' %> VALUE="<% $cust_bill->invnum %>"><% $cust_bill->invnum %> - <% time2str("%D", $cust_bill->_date) %> - $<% $cust_bill->owed %>
@@ -51,10 +47,14 @@ function changed(what) {
 <CENTER><INPUT TYPE="submit" VALUE="Apply"></CENTER>
 
 </FORM>
-</BODY>
-</HTML>
+
+<% include('/elements/footer.html') %>
 
 <%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Apply payment');
+
 my($paynum, $amount, $invnum);
 if ( $cgi->param('error') ) {
   $paynum = $cgi->param('paynum');
@@ -82,6 +82,5 @@ my @cust_bill = sort {    $a->_date  <=> $b->_date
                      }
                 grep { $_->owed != 0 }
                 qsearch('cust_bill', { 'custnum' => $cust_pay->custnum } );
-</%init>
-
 
+</%init>