encode_entities for comments entries

[freeside.git] / httemplate / view / cust_main.cgi

diff --git a/httemplate/view/cust_main.cgi b/httemplate/view/cust_main.cgi
index 630d9e5..7d2d873 100755 (executable)
--- a/httemplate/view/cust_main.cgi
+++ b/httemplate/view/cust_main.cgi
@@ -241,9 +241,10 @@ print '</TD></TR></TABLE>';
 if ( defined $cust_main->dbdef_table->column('comments')
      && $cust_main->comments )
 {
-  print "<BR>Comments", &ntable("#cccccc"), "<TR><TD>",
-        &ntable("#cccccc",2),
-        '<TR><TD BGCOLOR="#ffffff"><PRE>', $cust_main->comments,
+  print "<BR>Comments". &ntable("#cccccc"). "<TR><TD>".
+        &ntable("#cccccc",2).
+        '<TR><TD BGCOLOR="#ffffff"><PRE>'.
+        encode_entities($cust_main->comments).
         '</PRE></TD></TR></TABLE></TABLE>';
 }
 
@@ -271,13 +272,31 @@ print '<BR>'.
   qq!<FORM ACTION="${p}edit/process/quick-charge.cgi" METHOD="POST">!.
   qq!<INPUT TYPE="hidden" NAME="custnum" VALUE="$custnum">!.
   qq!Description:<INPUT TYPE="text" NAME="pkg">!.
-  qq! Amount:<INPUT TYPE="text" NAME="amount" SIZE=6>!.
-  qq!&nbsp;<INPUT TYPE="submit" VALUE="One-time charge"></FORM><BR>!;
+  qq!&nbsp;Amount:<INPUT TYPE="text" NAME="amount" SIZE=6>!.
+  qq!&nbsp;!;
+
+#false laziness w/ edit/part_pkg.cgi
+if ( $conf->exists('enable_taxclasses') ) {
+  print '<SELECT NAME="taxclass">';
+  my $sth = dbh->prepare('SELECT DISTINCT taxclass FROM cust_main_county')
+    or die dbh->errstr;
+  $sth->execute or die $sth->errstr;
+  foreach my $taxclass ( map $_->[0], @{$sth->fetchall_arrayref} ) {
+    print qq!<OPTION VALUE="$taxclass"!;
+    #print ' SELECTED' if $taxclass eq $hashref->{taxclass};
+    print qq!>$taxclass</OPTION>!;
+  }
+  print '</SELECT>';
+} else {
+  print '<INPUT TYPE="hidden" NAME="taxclass" VALUE="">';
+}
+
+print qq!<INPUT TYPE="submit" VALUE="One-time charge"></FORM><BR>!;
 
 print <<END;
 <SCRIPT>
 function cust_pkg_areyousure(href) {
-    if (confirm("Permanantly delete included services and cancel this package?") == true)
+    if (confirm("Permanently delete included services and cancel this package?") == true)
         window.location.href = href;
 }
 </SCRIPT>
@@ -466,7 +485,7 @@ foreach my $bill (@bills) {
                                              $payment->payinfo,
                                              $cust_bill_pay->amount,
                       );
-    $payinfo = 'x'x(length($payinfo)-4). substr($payinfo,(length($payinfo)-4));
+    $payinfo = 'x'x(length($payinfo)-4). substr($payinfo,(length($payinfo)-4))
       if $payby eq 'CARD';
     my $target = "$payby$payinfo";
     $payby =~ s/^BILL$/Check #/ if $payinfo;
@@ -549,7 +568,7 @@ foreach my $payment (@unapplied_payments) {
   my $payby = $payment->payby;
   my $payinfo = $payment->payinfo;
   #false laziness w/above
-  $payinfo = substr($payinfo,0,4). 'x'x(length($payinfo)-4)
+  $payinfo = 'x'x(length($payinfo)-4). substr($payinfo,(length($payinfo)-4))
     if $payby eq 'CARD';
   my $target = "$payby$payinfo";
   $payby =~ s/^BILL$/Check #/ if $payinfo;
@@ -604,10 +623,10 @@ foreach my $item (sort keyfield_numerically @history) {
         ( $charge ? "\$".sprintf("%.2f",$charge) : '' ),
         "</FONT></TD>",
        "<TD><FONT SIZE=-1>",
-        ( $payment ? "- \$".sprintf("%.2f",$payment) : '' ),
+        ( $payment ? "-&nbsp;\$".sprintf("%.2f",$payment) : '' ),
         "</FONT></TD>",
        "<TD><FONT SIZE=-1>",
-        ( $credit ? "- \$".sprintf("%.2f",$credit) : '' ),
+        ( $credit ? "-&nbsp;\$".sprintf("%.2f",$credit) : '' ),
         "</FONT></TD>",
        "<TD><FONT SIZE=-1>",
         ( $refund ? "\$".sprintf("%.2f",$refund) : '' ),