-%
-%
-%#untaint svcnum
-%my $svcnum = $cgi->param('svcnum');
-%$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
-%$svcnum = $1;
-%
-%#untaint prepaid
-%my $prepaid = $cgi->param('prepaid');
-%$prepaid =~ /^(\w*)$/;
-%$prepaid = $1;
-
-%#untaint payby
-%my $payby = $cgi->param('payby');
-%$payby =~ /^([A-Z]*)$/;
-%$payby = $1;
-%
-%my $error = '';
-%my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
-%$error = "Can't recharge service $svcnum. " unless $svc_acct;
-%
-%my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
-%
-%my $oldAutoCommit = $FS::UID::AutoCommit;
-%local $FS::UID::AutoCommit = 0;
-%my $dbh = dbh;
-%
-%
%unless ($error) {
%
% my ($amount, $seconds, $up, $down, $total) = (0, 0, 0, 0, 0);
</SCRIPT>
</BODY></HTML>
<%init>
+
my $conf = new FS::Conf;
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Recharge customer service');
+
+#untaint svcnum
+my $svcnum = $cgi->param('svcnum');
+$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
+$svcnum = $1;
+
+#untaint prepaid
+my $prepaid = $cgi->param('prepaid');
+$prepaid =~ /^(\w*)$/;
+$prepaid = $1;
+
+#untaint payby
+my $payby = $cgi->param('payby');
+$payby =~ /^([A-Z]*)$/;
+$payby = $1;
+
+my $error = '';
+my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
+$error = "Can't recharge service $svcnum. " unless $svc_acct;
+
+my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
+
+my $oldAutoCommit = $FS::UID::AutoCommit;
+local $FS::UID::AutoCommit = 0;
+my $dbh = dbh;
+
</%init>