X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fmisc%2Funvoid-cust_pay_void.cgi;h=84b7879fbb6d7a48d60906bb34d81d073002e7f2;hp=539cd4a23ea87bbaea281b1f167c51ae3e67edef;hb=cee66872f5c67825cae5a0f86da3fb0657c4ebae;hpb=0f37b9c32e41fd94a0d5ea2f895a737cf674f310

diff --git a/httemplate/misc/unvoid-cust_pay_void.cgi b/httemplate/misc/unvoid-cust_pay_void.cgi
index 539cd4a23..84b7879fb 100755
--- a/httemplate/misc/unvoid-cust_pay_void.cgi
+++ b/httemplate/misc/unvoid-cust_pay_void.cgi
@@ -1,4 +1,12 @@
-<%
+%if ( $error ) {
+%  errorpage($error);
+%} else {
+<% $cgi->redirect($p. "view/cust_main.cgi?custnum=". $custnum. ";show=payment_history") %>
+%}
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unvoid payments');
 
 #untaint paynum
 my($query) = $cgi->keywords;
@@ -9,8 +17,5 @@ my $cust_pay_void = qsearchs('cust_pay_void', { 'paynum' => $paynum } );
 my $custnum = $cust_pay_void->custnum;
 
 my $error = $cust_pay_void->unvoid;
-eidiot($error) if $error;
-
-print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
 
-%>
+</%init>