X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fmisc%2Fdelete-cust_refund.cgi;h=983a79da5eec3aba74be91f9dce51a9aed9f30d8;hp=3e44560d0262cd4719f9cb8c0dca8f6c785b01ac;hb=1fc8addc56f8daf12397da568eb1ac1b27fd3984;hpb=9509e5bfb7f9331303153cac24d7bfecbe2ea9f1

diff --git a/httemplate/misc/delete-cust_refund.cgi b/httemplate/misc/delete-cust_refund.cgi
index 3e44560d0..983a79da5 100755
--- a/httemplate/misc/delete-cust_refund.cgi
+++ b/httemplate/misc/delete-cust_refund.cgi
@@ -1,17 +1,21 @@
-%
-%
-%#untaint refundnum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal refundnum";
-%my $refundnum = $1;
-%
-%my $cust_refund = qsearchs('cust_refund',{'refundnum'=>$refundnum});
-%my $custnum = $cust_refund->custnum;
-%
-%my $error = $cust_refund->delete;
-%eidiot($error) if $error;
-%
-%print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
-%
-%
+% if ( $error ) {
+%   errorpage($error);
+% } else {
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+% }
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Delete refund');
+
+#untaint refundnum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal refundnum";
+my $refundnum = $1;
+
+my $cust_refund = qsearchs('cust_refund',{'refundnum'=>$refundnum});
+my $custnum = $cust_refund->custnum;
+
+my $error = $cust_refund->delete;
+
+</%init>