Skip to content
Browse files

Fix: Don't show newly created orders prior to 2 minutes.

They may be still in proggress and these aren't test transacions(transid=0).
We check timecreated field to prevent this.
MERGED FROM MOODLE_16_STABLE.
  • Loading branch information...
1 parent 3335e3f commit 17dd6691498466e156942ab085fd61bcf48a62f2 ethem committed
Showing with 86 additions and 60 deletions.
  1. +5 −0 enrol/authorize/const.php
  2. +23 −24 enrol/authorize/enrol.php
  3. +1 −1 enrol/authorize/index.php
  4. +57 −35 enrol/authorize/locallib.php
View
5 enrol/authorize/const.php
@@ -36,6 +36,11 @@
define('AN_STATUS_EXPIRE', 0x10);
/**
+ * Tested.
+ */
+define('AN_STATUS_TEST', 0x80);
+
+/**
* No action.
*/
define('AN_ACTION_NONE', 0x00);
View
47 enrol/authorize/enrol.php
@@ -12,10 +12,8 @@
function get_list_of_creditcards($getall = false)
{
global $CFG;
- static $alltypes = array();
- if (empty($alltypes)) {
- $alltypes = array(
+ $alltypes = array(
'mcd' => 'Master Card',
'vis' => 'Visa',
'amx' => 'American Express',
@@ -25,8 +23,7 @@ function get_list_of_creditcards($getall = false)
'swi' => 'Switch',
'dlt' => 'Delta',
'enr' => 'EnRoute'
- );
- }
+ );
if ($getall || empty($CFG->an_acceptccs)) {
return $alltypes;
@@ -34,9 +31,8 @@ function get_list_of_creditcards($getall = false)
$ret = array();
$ccs = explode(',', $CFG->an_acceptccs);
- $intersects = array_intersect(array_keys($alltypes), $ccs);
- foreach ($intersects as $key) {
+ foreach ($ccs as $key) {
$ret[$key] = $alltypes[$key];
}
@@ -311,36 +307,39 @@ function cc_submit($form, $course)
function validate_enrol_form($form)
{
global $CFG;
- require_once $CFG->dirroot.'/enrol/authorize/ccval.php';
-
- $ccexpiremm = intval($form->ccexpiremm);
- $ccexpireyyyy = intval($form->ccexpireyyyy);
+ require_once('ccval.php');
- if (empty($ccexpiremm) || empty($ccexpireyyyy)) {
+ if (empty($form->cc)) {
+ $this->ccerrors['cc'] = get_string('missingcc', 'enrol_authorize');
+ }
+ if (empty($form->ccexpiremm) || empty($form->ccexpireyyyy)) {
$this->ccerrors['ccexpire'] = get_string('missingccexpire', 'enrol_authorize');
}
- $expdate = sprintf("%02d", $ccexpiremm) . strval($ccexpireyyyy);
- $validcc = CCVal($form->cc, $form->cctype, $expdate);
- if (!$validcc) {
- if ($validcc === 0) {
- $this->ccerrors['ccexpire'] = get_string('ccexpired', 'enrol_authorize');
- }
- else {
- $this->ccerrors['cc'] = get_string('ccinvalid', 'enrol_authorize');
+ else {
+ $expdate = sprintf("%02d", intval($form->ccexpiremm)) . $form->ccexpireyyyy;
+ $validcc = CCVal($form->cc, $form->cctype, $expdate);
+ if (!$validcc) {
+ if ($validcc === 0) {
+ $this->ccerrors['ccexpire'] = get_string('ccexpired', 'enrol_authorize');
+ }
+ else {
+ $this->ccerrors['cc'] = get_string('ccinvalid', 'enrol_authorize');
+ }
}
}
+
if (empty($form->ccfirstname) || empty($form->cclastname)) {
$this->ccerrors['ccfirstlast'] = get_string('missingfullname');
}
- if (empty($form->cc)) {
- $this->ccerrors['cc'] = get_string('missingcc', 'enrol_authorize');
- }
+
if (empty($form->cvv) || !is_numeric($form->cvv)) {
$this->ccerrors['cvv'] = get_string('missingcvv', 'enrol_authorize');
}
- if (empty($form->cctype)) {
+
+ if (empty($form->cctype) || !in_array($form->cctype, array_keys(get_list_of_creditcards()))) {
$this->ccerrors['cctype'] = get_string('missingcctype', 'enrol_authorize');
}
+
if (!empty($CFG->an_avs)) {
if (empty($form->ccaddress)) {
$this->ccerrors['ccaddress'] = get_string('missingaddress', 'enrol_authorize');
View
2 enrol/authorize/index.php
@@ -20,7 +20,7 @@
$strs = get_strings(array('user','status','action','delete','time','course','confirm','yes','no','all','none','error'));
$authstrs = get_strings(array('paymentmanagement','orderid','void','capture','refund','delete',
'authcaptured','authorizedpendingcapture','capturedpendingsettle','capturedsettled',
- 'settled','refunded','cancelled','expired','tested',
+ 'settled','refunded','cancelled','expired','tested','new',
'transid','settlementdate','notsettled','amount',
'howmuch','captureyes','unenrolstudent'), 'enrol_authorize');
View
92 enrol/authorize/locallib.php
@@ -1,7 +1,7 @@
<?PHP // $Id$
if (!defined('MOODLE_INTERNAL')) {
- die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
+ die('Direct access to this script is forbidden.');
}
require_once('const.php');
@@ -36,23 +36,26 @@ function authorize_print_orders()
AN_STATUS_AUTHCAPTURE => $authstrs->authcaptured,
AN_STATUS_CREDIT => $authstrs->refunded,
AN_STATUS_VOID => $authstrs->cancelled,
- AN_STATUS_EXPIRE => $authstrs->expired
+ AN_STATUS_EXPIRE => $authstrs->expired,
+ AN_STATUS_TEST => $authstrs->tested
);
- print_simple_box_start('center', '80%');
- echo "$strs->status: ";
- echo popup_form($baseurl.'&amp;course='.$courseid.'&amp;status=', $statusmenu, 'statusmenu', $status, '', '', '', true);
if ($courses = get_courses('all', 'c.sortorder ASC', 'c.id,c.fullname,c.enrol')) {
$popupcrs = array();
foreach ($courses as $crs) {
if ($crs->enrol == 'authorize' || (empty($crs->enrol) && $CFG->enrol == 'authorize')) {
- $popupcrs[(int)$crs->id] = $crs->fullname;
+ $popupcrs[intval($crs->id)] = $crs->fullname;
}
}
- echo " &nbsp; $strs->course: ";
- echo popup_form($baseurl.'&amp;status='.$status.'&amp;course=', $popupcrs, 'coursesmenu', $courseid, '', '', '', true);
+ if (!empty($popupcrs)) {
+ print_simple_box_start('center', '100%');
+ echo "$strs->status: ";
+ echo popup_form($baseurl.'&amp;course='.$courseid.'&amp;status=',$statusmenu,'statusmenu',$status,'', '', '',true);
+ echo " &nbsp; $strs->course: ";
+ echo popup_form($baseurl.'&amp;status='.$status.'&amp;course=',$popupcrs,'coursesmenu',$courseid,'','','',true);
+ print_simple_box_end();
+ }
}
- print_simple_box_end();
$table = new flexible_table('enrol-authorize');
$table->set_attribute('width', '100%');
@@ -65,7 +68,7 @@ function authorize_print_orders()
$table->define_headers(array($authstrs->orderid, $strs->time, $strs->user, $strs->status, $strs->action));
$table->define_baseurl($baseurl."&amp;status=$status");
- $table->sortable(true);
+ $table->sortable(true, 'id', SORT_DESC);
$table->pageable(true);
$table->setup();
@@ -77,11 +80,15 @@ function authorize_print_orders()
$from .= "INNER JOIN {$CFG->prefix}enrol_authorize_refunds R ON E.id = R.orderid ";
$where = "WHERE (E.status = '" . AN_STATUS_AUTHCAPTURE . "') ";
}
+ elseif ($status == AN_STATUS_TEST) {
+ $newordertime = time() - 120; // -2 minutes. Order may be still in process.
+ $where = "WHERE (E.status = '" . AN_STATUS_NONE . "') AND (E.transid='0') AND (E.timecreated<$newordertime) ";
+ }
else {
$where = "WHERE (E.status = '$status') ";
}
}
- else {
+ else { // No filter
if (empty($CFG->an_test)) {
$where = "WHERE (E.status != '" . AN_STATUS_NONE . "') ";
}
@@ -100,9 +107,6 @@ function authorize_print_orders()
if ($sort = $table->get_sql_sort()) {
$sort = ' ORDER BY ' . $sort;
}
- else {
- $sort = ' ORDER BY id DESC ';
- }
$totalcount = count_records_sql('SELECT COUNT(*) ' . $from . $where);
$table->initialbars($totalcount > $perpage);
@@ -285,12 +289,23 @@ function authorize_print_order_details($orderno)
$success = authorizenet_action($order, $message, $extra, AN_ACTION_CREDIT);
if ($success) {
if (empty($CFG->an_test)) {
+ unset($extra->sum); // this is not used in refunds table.
$extra->id = insert_record("enrol_authorize_refunds", $extra);
- if (!$extra->id) {
- // to do: email admin
+ if (empty($extra->id)) {
+ $emailsubject = "Authorize.net: insert record error";
+ $emailmessage = "Error while trying to insert new data to enrol_authorize_refunds table:\n";
+ $data = (array)$extra;
+ foreach ($data as $key => $value) {
+ $emailmessage .= "$key => $value\n";
+ }
+ $adminuser = get_admin();
+ email_to_user($adminuser, $adminuser, $emailsubject, $emailmessage);
+ $table->data[] = array("<b><font color=red>$strs->error:</font></b>", $emailmessage);
}
- if (!empty($unenrol)) {
- unenrol_student($order->userid, $order->courseid);
+ else {
+ if (!empty($unenrol)) {
+ unenrol_student($order->userid, $order->courseid);
+ }
}
redirect("index.php?order=$orderno");
}
@@ -429,12 +444,12 @@ function authorize_print_order_details($orderno)
if ($settled) { // show refunds.
echo "<h4>" . get_string('returns', 'enrol_authorize') . "</h4>\n";
$t2->size = array('15%', '15%', '20%', '35%', '15%');
- $t2->align = array('right', 'right', 'right', 'left', 'right');
+ $t2->align = array('right', 'right', 'right', 'right', 'right');
$t2->head = array($authstrs->transid,
- $authstrs->amount,
- $strs->status,
- $authstrs->settlementdate,
- $strs->action);
+ $authstrs->amount,
+ $strs->status,
+ $authstrs->settlementdate,
+ $strs->action);
$refunds = get_records('enrol_authorize_refunds', 'orderid', $orderno);
if ($refunds) {
foreach ($refunds as $rf) {
@@ -450,14 +465,14 @@ function authorize_print_order_details($orderno)
}
}
$t2->data[] = array($rf->transid,
- $rf->amount,
- $authstrs->{$substatus->status},
- userdate($rf->settletime),
- $subactions);
+ $rf->amount,
+ $authstrs->{$substatus->status},
+ userdate($rf->settletime),
+ $subactions);
}
}
else {
- $t2->data[] = array(get_string('noreturns', 'enrol_authorize'));
+ $t2->data[] = array('','',get_string('noreturns', 'enrol_authorize'),'','');
}
print_table($t2);
}
@@ -473,21 +488,28 @@ function authorize_print_order_details($orderno)
*/
function authorize_get_status_action($order)
{
- global $CFG, $USER;
- static $timediff30;
+ global $CFG;
+ static $timediff30, $newordertime;
if (empty($timediff30)) {
- $timediff30 = getsettletime(time()) - (30 * 3600 * 24);
+ $timenow = time();
+ $timediff30 = getsettletime($timenow) - (30 * 3600 * 24);
+ $newordertime = $timenow - 120; // -2 minutes. Order may be still in process.
}
$ret = new stdClass();
$ret->actions = array();
- if (intval($order->transid) == 0) { // test transaction
- if (isadmin() || (!empty($CFG->an_teachermanagepay) && isteacher($order->courseid))) {
- $ret->actions = array(ORDER_DELETE);
+ if (intval($order->transid) == 0) { // test transaction or new order
+ if ($order->timecreated < $newordertime) {
+ if (isadmin() || (!empty($CFG->an_teachermanagepay) && isteacher($order->courseid))) {
+ $ret->actions = array(ORDER_DELETE);
+ }
+ $ret->status = 'tested';
+ }
+ else {
+ $ret->status = 'new';
}
- $ret->status = 'tested';
return $ret;
}

0 comments on commit 17dd669

Please sign in to comment.
Something went wrong with that request. Please try again.