Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Don't show authorize.net password for security reasons. Merged from 1…

…6stable.
  • Loading branch information...
commit d9d69929f5ae649bd1b062822faf017f46f25ad0 1 parent 0127848
ethem authored
Showing with 32 additions and 11 deletions.
  1. +11 −4 enrol/authorize/config.html
  2. +21 −7 enrol/authorize/enrol.php
View
15 enrol/authorize/config.html
@@ -9,6 +9,7 @@
if (!isset($frm->an_login)) $frm->an_login = '';
if (!isset($frm->an_tran_key)) $frm->an_tran_key = '';
if (!isset($frm->an_password)) $frm->an_password = '';
+if (!isset($frm->delete_current)) $frm->delete_current = '';
if (!isset($frm->an_referer)) $frm->an_referer = 'http://';
if (!isset($frm->an_avs)) $frm->an_avs = '';
if (!isset($frm->an_test)) $frm->an_test = '';
@@ -84,20 +85,26 @@
</tr>
<tr valign="top">
- <td align="right">#&nbsp;</td>
+ <td align="right">#&nbsp;#&nbsp;</td>
<td colspan="2"><?php print_string("chooseone", "enrol_authorize") ?></td>
</tr>
<tr valign="top">
<td align="right">an_tran_key:</td>
- <td><input type="text" name="an_tran_key" value="<?php p($frm->an_tran_key) ?>" /></td>
+ <td><input type="text" name="an_tran_key" value="<?php p($frm->an_tran_key) ?>" /><sup>#1</sup></td>
<td><?php print_string("antrankey", "enrol_authorize") ?></td>
</tr>
<tr valign="top">
<td align="right">an_password:</td>
- <td><input type="text" name="an_password" value="<?php p($frm->an_password) ?>" /></td>
- <td><?php print_string("anpassword", "enrol_authorize") ?></td>
+ <td><input type="text" name="an_password" value="" /><sup>#2</sup></td>
+ <td><?php print_string("anpassword", "enrol_authorize") ?><br />(<?php print_string("leavetokeep") ?>)</td>
+</tr>
+
+<tr valign="top">
+ <td align="right">delete_current:</td>
+ <td><?php print_checkbox('delete_current', '1', !empty($frm->delete_current)) ?></td>
+ <td><?php print_string("deletecheck", "moodle", get_string('oldpassword')) ?><br /><br /></td>
</tr>
<tr valign="top">
View
28 enrol/authorize/enrol.php
@@ -512,22 +512,36 @@ function process_config($config)
set_config('an_emailexpiredteacher', $emailexpiredteacher);
set_config('an_sorttype', $sorttype);
+ // https and openssl library is required
+ if ((substr($CFG->wwwroot, 0, 5) !== 'https' and empty($CFG->loginhttps)) or
+ !enrolment_plugin_authorize::check_openssl_loaded()) {
+ return false;
+ }
+
// required fields
$loginval = optional_param('an_login', '');
+ if (empty($loginval)) {
+ return false;
+ }
+ set_config('an_login', $loginval);
+
$tranval = optional_param('an_tran_key', '');
$passwordval = optional_param('an_password', '');
+ $deletecurrent = optional_param('delete_current', '');
- if ((empty($CFG->loginhttps) and substr($CFG->wwwroot, 0, 5) !== 'https') ||
- !enrolment_plugin_authorize::check_openssl_loaded() ||
- empty($loginval) ||
- (empty($tranval) and empty($passwordval))) {
+ if (!empty($passwordval)) { // password is changing
+ set_config('an_password', $passwordval);
+ }
+ elseif (!empty($deletecurrent) and !empty($tranval)) {
+ set_config('an_password', '');
+ $CFG->an_password = '';
+ }
+
+ if (empty($tranval) and empty($CFG->an_password)) {
return false;
}
- set_config('an_login', $loginval);
- set_config('an_password', $passwordval);
set_config('an_tran_key', $tranval);
-
return true;
}
Please sign in to comment.
Something went wrong with that request. Please try again.