-<%
+%if ($error) {
+% $cgi->param('error', $error);
+<% $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string ) %>
+%} elsif ( $field eq 'invnum' ) {
+<% $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum") %>
+%} elsif ( $field eq 'custnum' ) {
+% if ( $cgi->param('apply') eq 'yes' ) {
+% my $cust_main = qsearchs('cust_main', { 'custnum' => $linknum })
+% or die "unknown custnum $linknum";
+% $cust_main->apply_payments( 'manual' => 1,
+% 'backdate_application' => ($_date < time-86400) );
+% }
+% if ( $link eq 'popup' ) {
+%
+<% header(emt('Payment entered')) %>
+ <SCRIPT TYPE="text/javascript">
+ window.top.location.reload();
+ </SCRIPT>
+
+ </BODY></HTML>
+%
+% } elsif ( $link eq 'custnum' ) {
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum") %>
+% } else {
+% die "unknown link $link";
+% }
+%
+%}
+<%init>
+
+my $conf = FS::Conf->new;
$cgi->param('linknum') =~ /^(\d+)$/
or die "Illegal linknum: ". $cgi->param('linknum');
my $field = my $link = $1;
$field = 'custnum' if $field eq 'popup';
-my $_date = str2time($cgi->param('_date'));
+my $_date;
+if ( $FS::CurrentUser::CurrentUser->access_right('Backdate payment') ) {
+ $_date = parse_datetime($cgi->param('_date'));
+}
+else {
+ $_date = time;
+}
my $new = new FS::cust_pay ( {
$field => $linknum,
_date => $_date,
+ no_auto_apply => ($cgi->param('apply') eq 'never') ? 'Y' : '',
map {
$_, scalar($cgi->param($_));
- } qw(paid payby payinfo paybatch)
+ } qw( paid payby payinfo paybatch
+ pkgnum discount_term
+ bank depositor account teller
+ )
#} fields('cust_pay')
+ # gatewaynum, processor, auth, order_number
+ # are for realtime payments only, and can't be entered manually
} );
-my $error = $new->insert;
-
-if ($error) {
- $cgi->param('error', $error);
- print $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string );
-} elsif ( $field eq 'invnum' ) {
- print $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum");
-} elsif ( $field eq 'custnum' ) {
- if ( $cgi->param('apply') eq 'yes' ) {
- my $cust_main = qsearchs('cust_main', { 'custnum' => $linknum })
- or die "unknown custnum $linknum";
- $cust_main->apply_payments;
- }
- if ( $link eq 'popup' ) {
-
- %><%= header('Payment entered') %>
- <SCRIPT TYPE="text/javascript">
- window.top.location.reload();
- </SCRIPT>
+my @rights = ('Post payment');
+push @rights, 'Post check payment' if $new->payby eq 'BILL';
+push @rights, 'Post cash payment' if $new->payby eq 'CASH';
- </BODY></HTML>
- <%
-
- } elsif ( $link eq 'custnum' ) {
- print $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum");
- } else {
- die "unknown link $link";
- }
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
-}
+my $error = $new->insert( 'manual' => 1 );
-%>
+</%init>
projects / freeside.git / blobdiff