Permalink
Browse files

Make authorize.net config page secure.

  • Loading branch information...
1 parent 720c5ef commit af3e0ed2eaf2274bf043f6a68f694f88c5d2250e ethem committed Nov 1, 2006
Showing with 13 additions and 2 deletions.
  1. +10 −1 enrol/authorize/enrol.php
  2. +3 −1 lang/en_utf8/enrol_authorize.php
View
@@ -407,7 +407,16 @@ function config_form($frm)
}
if (empty($CFG->loginhttps) and substr($CFG->wwwroot, 0, 5) !== 'https') {
- notify('loginhttps must be ON');
+ $a = new stdClass;
+ $a->url = "$CFG->wwwroot/$CFG->admin/settings.php?section=httpsecurity";
+ notice(get_string('adminconfighttps', 'enrol_authorize', $a));
+ }
+ elseif (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') {
+ $wwwsroot = qualified_me();
+ $wwwsroot = str_replace('http:', 'https:', $wwwsroot);
+ $a = new stdClass;
+ $a->url = $wwwsroot;
+ notice(get_string('adminconfighttpsgo', 'enrol_authorize', $a));
}
if (!empty($frm->an_review)) {
@@ -1,4 +1,4 @@
-<?PHP // $Id$
+<?PHP // $Id$
// enrol_authorize.php - created with Moodle 1.7 beta + (2006101003)
@@ -10,6 +10,8 @@
$string['adminauthorizesettings'] = 'Authorize.net Settings';
$string['adminauthorizewide'] = 'Site-Wide Settings';
$string['adminavs'] = 'Check this if you have activated Address Verification System (AVS) in your authorize.net account. This demands address fields like street, state, country and zip when user fills out payment form.';
+$string['adminconfighttps'] = 'Please ensure that you have \"<a href=\"$a->url\">turned loginhttps ON</a>\" to use this plugin<br />in Admin &gt;&gt; Variables &gt;&gt; Security &gt;&gt; HTTP security.';
+$string['adminconfighttpsgo'] = 'Go to the <a href=\"$a->url\">secure page</a> to configure this plugin.';
$string['admincronsetup'] = 'The cron.php maintenance script has not been run for at least 24 hours.<br />Cron must be enabled if you want to use scheduled-capture feature.<br /><b>Enable</b> \'Authorize.net plugin\' and <b>setup cron</b> properly; or <b>uncheck an_review</b> again.<br />If you disable scheduled-capture, transactions will be cancelled unless you review them within 30 days.<br />Check <b>an_review</b> and enter <b>\'0\' to an_capture_day</b> field<br />if you want to <b>manually</b> accept/deny payments within 30 days.';
$string['adminemailexpired'] = 'This is useful for \'Manual-Capture\'. Admins are notified <b>$a</b> days prior to pending orders expiring.';
$string['adminemailexpiredsort'] = 'When the number of pending orders expiring are sent to the teachers via email, which one is important?';

0 comments on commit af3e0ed

Please sign in to comment.