X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fquick-charge.cgi;h=27921b8c36580e34559b84eb02855cc22a1cbede;hp=928e3daad78d9e327cc2a60b8dedff39969721ff;hb=e078ca418dcf3c7b92efcd371ce761df3314c369;hpb=d1a885c65ac10e19bed0333a380dafeb42c2cef1

diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi
index 928e3daad..27921b8c3 100644
--- a/httemplate/edit/process/quick-charge.cgi
+++ b/httemplate/edit/process/quick-charge.cgi
@@ -1,41 +1,75 @@
-<%
+% if ( $error ) {
+%   $cgi->param('error', $error );
+<% $cgi->redirect($p.'quick-charge.html?'. $cgi->query_string) %>
+% } else {
+<% header("One-time charge added") %>
+  <SCRIPT TYPE="text/javascript">
+    window.top.location.reload();
+  </SCRIPT>
+  </BODY></HTML>
+% }
+<%init>
 
-#untaint custnum
-$cgi->param('custnum') =~ /^(\d+)$/
-  or die 'illegal custnum '. $cgi->param('custnum');
-my $custnum = $1;
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('One-time charge');
 
-$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/
-  or die 'illegal amount '. $cgi->param('amount');
-my $amount = $1;
+my $error = '';
+my $conf = new FS::conf;
+my $param = $cgi->Vars;
 
-my( $error, $cust_main);
-if ( $cgi->param('taxclass') eq '(select)' ) {
+my @description = ();
+for ( my $row = 0; exists($param->{"description$row"}); $row++ ) {
+  push @description, $param->{"description$row"}
+    if ($param->{"description$row"} =~ /\S/);
+}
 
+$param->{"custnum"} =~ /^(\d+)$/
+  or $error .= "Illegal customer number " . $param->{"custnum"} . "  ";
+my $custnum = $1;
 
- $error = 'Must select a tax class';
-} else {
+$param->{"amount"} =~ /^\s*(\d*(?:\.?\d{1,2}))\s*$/
+  or $error .= "Illegal amount " . $param->{"amount"} . "  ";
+my $amount = $1;
 
-  my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
-    or die "unknown custnum $custnum";
+my $quantity = 1;
+if ( $cgi->param('quantity') =~ /^\s*(\d+)\s*$/ ) {
+  $quantity = $1;
+}
 
-  $error = $cust_main->charge(
-    $amount,
-    $cgi->param('pkg'),
-    '$'. sprintf("%.2f",$amount),
-    $cgi->param('taxclass')
-  );
+$param->{'tax_override'} =~ /^\s*([,\d]*)\s*$/
+  or $error .= "Illegal tax override " . $param->{"tax_override"} . "  ";
+my $override = $1;
 
+if ( $param->{'taxclass'} eq '(select)' ) {
+  $error .= "Must select a tax class.  "
+    unless ($conf->exists('enable_taxproducts') &&
+             ( $override || $param->{taxproductnum} )
+           );
+  $cgi->param('taxclass', '');
 }
 
-if ($error) {
-%>
-<!-- mason kludge -->
-<%
-  eidiot($error);
-} else {
-  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" );
-}
+unless ( $error ) {
+  my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
+    or $error .= "Unknown customer number $custnum.  ";
 
-%>
+  $error ||= $cust_main->charge( {
+    'amount'        => $amount,
+    'quantity'      => $quantity,
+    'bill_now'      => scalar($cgi->param('bill_now')),
+    'invoice_terms' => scalar($cgi->param('invoice_terms')),
+    'start_date'    => ( scalar($cgi->param('start_date'))
+                           ? str2time($cgi->param('start_date'))
+                           : ''
+                       ),
+    'no_auto'       => scalar($cgi->param('no_auto')),
+    'pkg'           => scalar($cgi->param('pkg')),
+    'setuptax'      => scalar($cgi->param('setuptax')),
+    'taxclass'      => scalar($cgi->param('taxclass')),
+    'taxproductnum' => scalar($cgi->param('taxproductnum')),
+    'tax_override'  => $override,
+    'classnum'      => scalar($cgi->param('classnum')),
+    'additional'    => \@description,
+  } );
+}
 
+</%init>