X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fmisc%2Funapply-cust_pay.cgi;h=b0343d03449454dbfc42f3dcd901057adc35f563;hb=f3738a9fcd588d32eea9b0af6a3e884293c0c6e5;hp=28643ef6e6e9564006db377d87098779bb61cf9c;hpb=673b9a458d9138523026963df6fa3b4683e09bae;p=freeside.git

diff --git a/httemplate/misc/unapply-cust_pay.cgi b/httemplate/misc/unapply-cust_pay.cgi
index 28643ef6e..b0343d034 100755
--- a/httemplate/misc/unapply-cust_pay.cgi
+++ b/httemplate/misc/unapply-cust_pay.cgi
@@ -1,4 +1,8 @@
-<%
+<% $cgi->redirect($p. "view/cust_main.cgi?". $custnum) %>
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unapply payment');
 
 #untaint paynum
 my($query) = $cgi->keywords;
@@ -8,11 +12,7 @@ my $paynum = $1;
 my $cust_pay = qsearchs('cust_pay', { 'paynum' => $paynum } );
 my $custnum = $cust_pay->custnum;
 
-foreach my $cust_bill_pay ( $cust_pay->cust_bill_pay ) {
-  my $error = $cust_bill_pay->delete;
-  eidiot($error) if $error;
-}
-
-print $cgi->redirect($p. "view/cust_main.cgi?". $custnum);
+my $error = $cust_pay->delete_cust_bill_pay;
+errorpage($error) if $error;
 
-%>
+</%init>