X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fview%2Fcust_bill-pdf.cgi;h=2ac0d0a3a474dce9ca939f67d312d9200a53d1a1;hp=7aa69100d50cd5f8733b41aaa1ed9ed02352e066;hb=c3da5cf1caa244937d280e0f406927103beef148;hpb=eb9668a6f3181ee02cb335272c5ee4616e61fd09

diff --git a/httemplate/view/cust_bill-pdf.cgi b/httemplate/view/cust_bill-pdf.cgi
index 7aa69100d..2ac0d0a3a 100755
--- a/httemplate/view/cust_bill-pdf.cgi
+++ b/httemplate/view/cust_bill-pdf.cgi
@@ -1,13 +1,44 @@
-<%
+<% $pdf %>
+<%init>
 
-#untaint invnum
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+my( $invnum, $template, $notice_name );
 my($query) = $cgi->keywords;
-$query =~ /^(\d+)$/;
-my $invnum = $1;
+if ( $query =~ /^((.+)-)?(\d+)(.pdf)?$/ ) { #probably not necessary anymore?
+  $template = $2;
+  $invnum = $3;
+  $notice_name = 'Invoice';
+} else {
+  $invnum = $cgi->param('invnum');
+  $invnum =~ s/\.pdf//i; #probably not necessary anymore
+  $template = $cgi->param('template');
+  $notice_name = ( $cgi->param('notice_name') || 'Invoice' );
+}
+
+my $conf = new FS::Conf;
+
+my %opt = (
+  'unsquelch_cdr' => $conf->exists('voip-cdr_email'),
+  'template'      => $template,
+  'notice_name'   => $notice_name,
+);
 
-my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
+my $cust_bill = qsearchs({
+  'select'    => 'cust_bill.*',
+  'table'     => 'cust_bill',
+  'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+  'hashref'   => { 'invnum' => $invnum },
+  'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
 die "Invoice #$invnum not found!" unless $cust_bill;
 
+my $pdf = $cust_bill->print_pdf(\%opt);
+
 http_header('Content-Type' => 'application/pdf' );
-%>
-<%= $cust_bill->print_pdf %>
+http_header('Content-Disposition' => "filename=$invnum.pdf" );
+http_header('Content-Length' => length($pdf) );
+http_header('Cache-control' => 'max-age=60' );
+
+</%init>