+<%init>
+
+$cgi->param('linknum') =~ /^(\d+)$/
+ or die "Illegal linknum: ". $cgi->param('linknum');
+my $linknum = $1;
+
+$cgi->param('link') =~ /^(custnum|invnum|popup)$/
+ or die "Illegal link: ". $cgi->param('link');
+my $field = my $link = $1;
+$field = 'custnum' if $field eq 'popup';
+
+my $_date = parse_datetime($cgi->param('_date'));
+
+my $new = new FS::cust_pay ( {
+ $field => $linknum,
+ _date => $_date,
+ map {
+ $_, scalar($cgi->param($_));
+ } qw( paid payby payinfo paybatch
+ pkgnum discount_term
+ )
+ #} fields('cust_pay')
+} );
+
+my @rights = ('Post payment');
+push @rights, 'Post check payment' if $new->payby eq 'BILL';
+push @rights, 'Post cash payment' if $new->payby eq 'CASH';
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
+my $error = $new->insert( 'manual' => 1 );