$title .= "\u$name_singular Search Results";
my $link = '';
-if ( ( $curuser->access_right('View invoices') #XXX for now
- || $curuser->access_right('View customer payments')
+if ( ( $curuser->access_right('View invoices') #remove in 2.5 (2.7?)
+ || ($curuser->access_right('View payments') && $table =~ /^cust_pay/)
+ || ($curuser->access_right('View refunds') && $table eq 'cust_refund')
)
&& ! $opt{'disable_link'}
)
$title = $agent->agent. " $title";
}
+ if ( $cgi->param('refnum') && $cgi->param('refnum') =~ /^(\d+)$/ ) {
+ push @search, "refnum = $1";
+ my $part_referral = qsearchs('part_referral', { 'refnum' => $1 } );
+ die "unknown refnum $1" unless $part_referral;
+ $title = $part_referral->referral. " $title";
+ }
+
+ if ( $cgi->param('cust_classnum') ) {
+ my @classnums = grep /^\d+$/, $cgi->param('cust_classnum');
+ push @search, 'cust_main.classnum IN('.join(',',@classnums).')'
+ if @classnums;
+ }
+
if ( $cgi->param('custnum') =~ /^(\d+)$/ ) {
push @search, "custnum = $1";
}
$orderby = "LOWER(company || ' ' || last || ' ' || first )";
+ } elsif ( $cgi->param('magic') eq 'batchnum' ) {
+
+ $cgi->param('batchnum') =~ /^(\d+)$/
+ or die "illegal batchnum: ".$cgi->param('batchnum');
+
+ push @search, "batchnum = $1";
+
+ $orderby = "LOWER(company || ' ' || last || ' ' || first )";
+
} else {
die "unknown search magic: ". $cgi->param('magic');
}