X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_pay.cgi;h=9e5f3d3f705bfc27a86e29e500ab467596ed763e;hp=cecccb59e1d779b240a9640def6efb46078a7bf3;hb=d7759b49c2ff3b220ab328767645bfed85d18f31;hpb=8e3dfb380406e145494a5fffa7a0e4aab7b38253

diff --git a/httemplate/edit/process/cust_pay.cgi b/httemplate/edit/process/cust_pay.cgi
index cecccb59e..9e5f3d3f7 100755
--- a/httemplate/edit/process/cust_pay.cgi
+++ b/httemplate/edit/process/cust_pay.cgi
@@ -1,4 +1,34 @@
-<%
+%if ($error) {
+%  $cgi->param('error', $error);
+<% $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string ) %>
+%} elsif ( $field eq 'invnum' ) {
+<% $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum") %>
+%} elsif ( $field eq 'custnum' ) {
+%  if ( $cgi->param('apply') eq 'yes' ) {
+%    my $cust_main = qsearchs('cust_main', { 'custnum' => $linknum })
+%      or die "unknown custnum $linknum";
+%    $cust_main->apply_payments( 'manual' => 1,
+%                                'backdate_application' => ($_date < time-86400) );
+%  }
+%  if ( $link eq 'popup' ) {
+%    
+<% header(emt('Payment entered')) %>
+    <SCRIPT TYPE="text/javascript">
+      window.top.location.reload();
+    </SCRIPT>
+
+    </BODY></HTML>
+%
+%  } elsif ( $link eq 'custnum' ) {
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum") %>
+%  } else {
+%    die "unknown link $link";
+%  }
+%
+%}
+<%init>
+
+my $conf = FS::Conf->new;
 
 $cgi->param('linknum') =~ /^(\d+)$/
   or die "Illegal linknum: ". $cgi->param('linknum');
@@ -9,46 +39,36 @@ $cgi->param('link') =~ /^(custnum|invnum|popup)$/
 my $field = my $link = $1;
 $field = 'custnum' if $field eq 'popup';
 
-my $_date = str2time($cgi->param('_date'));
+my $_date;
+if ( $FS::CurrentUser::CurrentUser->access_right('Backdate payment') ) {
+  $_date = parse_datetime($cgi->param('_date'));
+}
+else {
+  $_date = time;
+}
 
 my $new = new FS::cust_pay ( {
   $field => $linknum,
   _date  => $_date,
+  no_auto_apply => ($cgi->param('apply') eq 'never') ? 'Y' : '',
   map {
     $_, scalar($cgi->param($_));
-  } qw(paid payby payinfo paybatch)
+  } qw( paid payby payinfo paybatch
+        pkgnum discount_term
+        bank depositor account teller
+      )
   #} fields('cust_pay')
+  # gatewaynum, processor, auth, order_number
+  # are for realtime payments only, and can't be entered manually
 } );
 
-my $error = $new->insert;
-
-if ($error) {
-  $cgi->param('error', $error);
-  print $cgi->redirect(popurl(2). 'cust_pay.cgi?'. $cgi->query_string );
-} elsif ( $field eq 'invnum' ) {
-  print $cgi->redirect(popurl(3). "view/cust_bill.cgi?$linknum");
-} elsif ( $field eq 'custnum' ) {
-  if ( $cgi->param('apply') eq 'yes' ) {
-    my $cust_main = qsearchs('cust_main', { 'custnum' => $linknum })
-      or die "unknown custnum $linknum";
-    $cust_main->apply_payments;
-  }
-  if ( $link eq 'popup' ) {
-
-    %><%= header('Payment entered') %>
-    <SCRIPT TYPE="text/javascript">
-      window.top.location.reload();
-    </SCRIPT>
+my @rights = ('Post payment');
+push @rights, 'Post check payment' if $new->payby eq 'BILL';
+push @rights, 'Post cash payment'  if $new->payby eq 'CASH';
 
-    </BODY></HTML>
-    <%
-
-  } elsif ( $link eq 'custnum' ) {
-    print $cgi->redirect(popurl(3). "view/cust_main.cgi?$linknum");
-  } else {
-    die "unknown link $link";
-  }
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
 
-}
+my $error = $new->insert( 'manual' => 1 );
 
-%>
+</%init>