import torrus 1.0.9

[freeside.git] / httemplate / edit / cust_pay.cgi

diff --git a/httemplate/edit/cust_pay.cgi b/httemplate/edit/cust_pay.cgi
index a6b73b1..8e1c779 100755 (executable)
--- a/httemplate/edit/cust_pay.cgi
+++ b/httemplate/edit/cust_pay.cgi
@@ -46,6 +46,12 @@ Payment
   <TD><INPUT TYPE="text" NAME="paid" VALUE="<% $paid %>" SIZE=8 MAXLENGTH=8> by <B><% FS::payby->payname($payby) %></B></TD>
 </TR>
 
+  <% include('/elements/tr-select-discount_term.html',
+               'custnum' => $custnum,
+               'cgi'     => $cgi
+            )
+  %>
+
 % if ( $payby eq 'BILL' ) { 
   <TR>
     <TD ALIGN="right">Check #</TD>
@@ -103,9 +109,6 @@ my $conf = new FS::Conf;
 my $money_char  = $conf->config('money_char')  || '$';
 my $date_format = $conf->config('date_format') || '%m/%d/%Y';
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Post payment');
-
 my($link, $linknum, $paid, $payby, $payinfo, $_date);
 if ( $cgi->param('error') ) {
   $link     = $cgi->param('link');
@@ -113,7 +116,7 @@ if ( $cgi->param('error') ) {
   $paid     = $cgi->param('paid');
   $payby    = $cgi->param('payby');
   $payinfo  = $cgi->param('payinfo');
-  $_date    = $cgi->param('_date') ? str2time($cgi->param('_date')) : time;
+  $_date    = $cgi->param('_date') ? parse_datetime($cgi->param('_date')) : time;
 } elsif ( $cgi->param('custnum') =~ /^(\d+)$/ ) {
   $link     = $cgi->param('popup') ? 'popup' : 'custnum';
   $linknum  = $1;
@@ -132,6 +135,13 @@ if ( $cgi->param('error') ) {
   die "illegal query ". $cgi->keywords;
 }
 
+my @rights = ('Post payment');
+push @rights, 'Post check payment' if $payby eq 'BILL';
+push @rights, 'Post cash payment'  if $payby eq 'CASH';
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
 my $paybatch = "webui-$_date-$$-". rand() * 2**32;
 
 my $title = 'Post '. FS::payby->payname($payby). ' payment';