Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Don't show authorize.net password for security reasons. Merged from 1…

…6stable.
  • Loading branch information...
commit d9d69929f5ae649bd1b062822faf017f46f25ad0 1 parent 0127848
ethem authored
Showing with 32 additions and 11 deletions.
  1. +11 −4 enrol/authorize/config.html
  2. +21 −7 enrol/authorize/enrol.php
View
15 enrol/authorize/config.html
@@ -9,6 +9,7 @@
if (!isset($frm->an_login)) $frm->an_login = '';
if (!isset($frm->an_tran_key)) $frm->an_tran_key = '';
if (!isset($frm->an_password)) $frm->an_password = '';
+if (!isset($frm->delete_current)) $frm->delete_current = '';
if (!isset($frm->an_referer)) $frm->an_referer = 'http://';
if (!isset($frm->an_avs)) $frm->an_avs = '';
if (!isset($frm->an_test)) $frm->an_test = '';
@@ -84,20 +85,26 @@
</tr>
<tr valign="top">
- <td align="right">#&nbsp;</td>
+ <td align="right">#&nbsp;#&nbsp;</td>
<td colspan="2"><?php print_string("chooseone", "enrol_authorize") ?></td>
</tr>
<tr valign="top">
<td align="right">an_tran_key:</td>
- <td><input type="text" name="an_tran_key" value="<?php p($frm->an_tran_key) ?>" /></td>
+ <td><input type="text" name="an_tran_key" value="<?php p($frm->an_tran_key) ?>" /><sup>#1</sup></td>
<td><?php print_string("antrankey", "enrol_authorize") ?></td>
</tr>
<tr valign="top">
<td align="right">an_password:</td>
- <td><input type="text" name="an_password" value="<?php p($frm->an_password) ?>" /></td>
- <td><?php print_string("anpassword", "enrol_authorize") ?></td>
+ <td><input type="text" name="an_password" value="" /><sup>#2</sup></td>
+ <td><?php print_string("anpassword", "enrol_authorize") ?><br />(<?php print_string("leavetokeep") ?>)</td>
+</tr>
+
+<tr valign="top">
+ <td align="right">delete_current:</td>
+ <td><?php print_checkbox('delete_current', '1', !empty($frm->delete_current)) ?></td>
+ <td><?php print_string("deletecheck", "moodle", get_string('oldpassword')) ?><br /><br /></td>
</tr>
<tr valign="top">
View
28 enrol/authorize/enrol.php
@@ -512,22 +512,36 @@ function process_config($config)
set_config('an_emailexpiredteacher', $emailexpiredteacher);
set_config('an_sorttype', $sorttype);
+ // https and openssl library is required
+ if ((substr($CFG->wwwroot, 0, 5) !== 'https' and empty($CFG->loginhttps)) or
+ !enrolment_plugin_authorize::check_openssl_loaded()) {
+ return false;
+ }
+
// required fields
$loginval = optional_param('an_login', '');
+ if (empty($loginval)) {
+ return false;
+ }
+ set_config('an_login', $loginval);
+
$tranval = optional_param('an_tran_key', '');
$passwordval = optional_param('an_password', '');
+ $deletecurrent = optional_param('delete_current', '');
- if ((empty($CFG->loginhttps) and substr($CFG->wwwroot, 0, 5) !== 'https') ||
- !enrolment_plugin_authorize::check_openssl_loaded() ||
- empty($loginval) ||
- (empty($tranval) and empty($passwordval))) {
+ if (!empty($passwordval)) { // password is changing
+ set_config('an_password', $passwordval);
+ }
+ elseif (!empty($deletecurrent) and !empty($tranval)) {
+ set_config('an_password', '');
+ $CFG->an_password = '';
+ }
+
+ if (empty($tranval) and empty($CFG->an_password)) {
return false;
}
- set_config('an_login', $loginval);
- set_config('an_password', $passwordval);
set_config('an_tran_key', $tranval);
-
return true;
}
Please sign in to comment.
Something went wrong with that request. Please try again.