projects / freeside.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
This commit was generated by cvs2svn to compensate for changes in r6252,
[freeside.git] / httemplate / misc / payment.cgi
diff --git a/httemplate/misc/payment.cgi b/httemplate/misc/payment.cgi
index 2c889d7..f99f2f0 100644 (file)
--- a/httemplate/misc/payment.cgi
+++ b/httemplate/misc/payment.cgi
@@ -1,9 +1,10 @@
 <% include( '/elements/header.html', "Process $type{$payby} payment" ) %>
 <% include( '/elements/small_custview.html', $cust_main, '', '', popurl(2) . "view/cust_main.cgi" ) %>
 <FORM NAME="OneTrueForm" ACTION="process/payment.cgi" METHOD="POST" onSubmit="document.OneTrueForm.process.disabled=true">
-<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>">
-<INPUT TYPE="hidden" NAME="payby" VALUE="<% $payby %>">
+<INPUT TYPE="hidden" NAME="custnum"   VALUE="<% $custnum %>">
+<INPUT TYPE="hidden" NAME="payby"     VALUE="<% $payby %>">
 <INPUT TYPE="hidden" NAME="payunique" VALUE="<% $payunique %>">
+<INPUT TYPE="hidden" NAME="balance"   VALUE="<% $balance %>">
 
 <SCRIPT TYPE="text/javascript" SRC="../elements/overlibmws.js"></SCRIPT>
 <SCRIPT TYPE="text/javascript" SRC="../elements/overlibmws_iframe.js"></SCRIPT>
@@ -216,6 +217,9 @@ function OLiframeContent(src, width, height, name) {
 <% include('/elements/footer.html') %>
 <%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+
 my %type = ( 'CARD' => 'credit card',
              'CHEK' => 'electronic check (ACH)',
            );
Freeside billing, trouble ticketing, network monitoring and provisioning