3 if (!defined('MOODLE_INTERNAL')) {
4 die('Direct access to this script is forbidden.');
7 define('ORDER_CAPTURE', 'capture');
8 define('ORDER_DELETE', 'delete');
9 define('ORDER_REFUND', 'refund');
10 define('ORDER_VOID', 'void');
13 * authorize_print_orders
16 function authorize_print_orders($courseid, $userid)
18 global $CFG, $USER, $SITE;
19 global $strs, $authstrs;
20 require_once($CFG->libdir
.'/tablelib.php');
23 $status = optional_param('status', AN_STATUS_NONE
, PARAM_INT
);
24 $searchtype = optional_param('searchtype', 'id', PARAM_ALPHA
);
25 $idortransid = optional_param('idortransid', '0', PARAM_INT
);
26 $showonlymy = optional_param('showonlymy', 0, PARAM_BOOL
);
28 $canmanagepayments = has_capability('enrol/authorize:managepayments', get_context_instance(CONTEXT_COURSE
, $courseid));
30 if ($showonlymy ||
!$canmanagepayments) {
34 $baseurl = $CFG->wwwroot
."/enrol/authorize/index.php?user=$userid";
35 $statusmenu = array(AN_STATUS_NONE
=> $strs->all
,
36 AN_STATUS_AUTH | AN_STATUS_UNDERREVIEW | AN_STATUS_APPROVEDREVIEW
=> $authstrs->allpendingorders
,
37 AN_STATUS_AUTH
=> $authstrs->authorizedpendingcapture
,
38 AN_STATUS_AUTHCAPTURE
=> $authstrs->authcaptured
,
39 AN_STATUS_CREDIT
=> $authstrs->refunded
,
40 AN_STATUS_VOID
=> $authstrs->cancelled
,
41 AN_STATUS_EXPIRE
=> $authstrs->expired
,
42 AN_STATUS_UNDERREVIEW
=> $authstrs->underreview
,
43 AN_STATUS_APPROVEDREVIEW
=> $authstrs->approvedreview
,
44 AN_STATUS_REVIEWFAILED
=> $authstrs->reviewfailed
,
45 AN_STATUS_TEST
=> $authstrs->tested
48 $sql = "SELECT c.id, c.fullname FROM {$CFG->prefix}course c INNER JOIN {$CFG->prefix}enrol_authorize e ON c.id = e.courseid ";
50 $sql .= "WHERE (e.userid='$userid') ";
52 $sql .= "ORDER BY c.sortorder, c.fullname";
53 if (($popupcrs = get_records_sql_menu($sql))) {
54 $popupcrs = array($SITE->id
=> $SITE->fullname
) +
$popupcrs;
55 echo "<table border='0' width='100%' cellspacing='0' cellpadding='3' class='generaltable generalbox'>";
57 echo "<td width='5%' valign='top'>$strs->status: </td><td width='10%'>";
58 popup_form($baseurl.'&course='.$courseid.'&status=',$statusmenu,'statusmenu',$status,'','','',false);
59 if ($canmanagepayments) {
61 print_checkbox('showonlymy', '1', $userid == $USER->id
, get_string('mypaymentsonly', 'enrol_authorize'), '',
62 "var locationtogo = '{$CFG->wwwroot}/enrol/authorize/index.php?status=$status&course=$courseid';
63 locationtogo += '&user=' + (this.checked ? '$USER->id' : '0');
64 top.location.href=locationtogo;");
67 echo "<td width='5%' valign='top'>$strs->course: </td><td width='10%' valign='top'>";
68 popup_form($baseurl.'&status='.$status.'&course=',$popupcrs,'coursesmenu',$courseid,'','','',false);echo"</td>\n";
69 if (has_capability('enrol/authorize:uploadcsv', get_context_instance(CONTEXT_USER
, $USER->id
))) {
70 echo "<form method='get' action='uploadcsv.php'>";
71 echo "<td rowspan='2' align='right' valign='middle' width='50%'><div><input type='submit' value='".get_string('uploadcsv', 'enrol_authorize')."' /></div></td>";
75 echo "<td rowspan=2 width='100%'> </td>";
79 echo "<tr><td>$strs->search: </td>"; $searchmenu = array('id' => $authstrs->orderid
, 'transid' => $authstrs->transid
);
80 echo "<form method='POST' action='index.php' autocomplete='off'>";
81 echo "<td colspan='3'>"; choose_from_menu($searchmenu, 'searchtype', $searchtype, '');
82 echo " = <fieldset class=\"invisiblefieldset\"><input type='text' size='14' name='idortransid' value='' /> ";
83 echo "<input type='submit' value='$strs->search' /></fieldset></td>";
89 $table = new flexible_table('enrol-authorize');
90 $table->set_attribute('width', '100%');
91 $table->set_attribute('cellspacing', '0');
92 $table->set_attribute('cellpadding', '3');
93 $table->set_attribute('id', 'orders');
94 $table->set_attribute('class', 'generaltable generalbox');
96 $table->define_columns(array('id', 'timecreated', 'userid', 'status', ''));
97 $table->define_headers(array($authstrs->orderid
, $strs->time
, $authstrs->nameoncard
, $strs->status
, $strs->action
));
98 $table->define_baseurl($baseurl."&status=$status&course=$courseid");
100 $table->sortable(true, 'id', SORT_DESC
);
101 $table->pageable(true);
104 $select = "SELECT e.id, e.paymentmethod, e.transid, e.courseid, e.userid, e.status, e.ccname, e.timecreated, e.settletime ";
105 $from = "FROM {$CFG->prefix}enrol_authorize e ";
106 $where = "WHERE (1=1) ";
108 if ($status > AN_STATUS_NONE
) {
111 case AN_STATUS_AUTH | AN_STATUS_UNDERREVIEW | AN_STATUS_APPROVEDREVIEW
:
112 $where .= 'AND (e.status IN('.AN_STATUS_AUTH
.','.AN_STATUS_UNDERREVIEW
.','.AN_STATUS_APPROVEDREVIEW
.')) ';
115 case AN_STATUS_CREDIT
:
116 $from .= "INNER JOIN {$CFG->prefix}enrol_authorize_refunds r ON e.id = r.orderid ";
117 $where .= "AND (e.status = '" . AN_STATUS_AUTHCAPTURE
. "') ";
121 $newordertime = time() - 120; // -2 minutes. Order may be still in process.
122 $where .= "AND (e.status = '" . AN_STATUS_NONE
. "') AND (e.transid = '0') AND (e.timecreated < $newordertime) ";
126 $where .= "AND (e.status = '$status') ";
131 if (empty($CFG->an_test
)) {
132 $where .= "AND (e.status != '" . AN_STATUS_NONE
. "') ";
136 if ($courseid != SITEID
) {
137 $where .= "AND (e.courseid = '" . $courseid . "') ";
140 if (!empty($idortransid)) {
142 if ($searchtype == 'transid') {
143 $where = "WHERE (e.transid = $idortransid) ";
146 $where = "WHERE (e.id = $idortransid) ";
150 // This must be always last where!!!
152 $where .= "AND (e.userid = '" . $userid . "') ";
155 if (($sort = $table->get_sql_sort())) {
156 $sort = ' ORDER BY ' . $sort;
159 $totalcount = count_records_sql('SELECT COUNT(*) ' . $from . $where);
160 $table->initialbars($totalcount > $perpage);
161 $table->pagesize($perpage, $totalcount);
163 if (($records = get_records_sql($select . $from . $where . $sort, $table->get_page_start(), $table->get_page_size()))) {
164 foreach ($records as $record) {
165 $actionstatus = authorize_get_status_action($record);
166 $color = authorize_get_status_color($actionstatus->status
);
169 if (empty($actionstatus->actions
)) {
170 $actions .= $strs->none
;
173 foreach ($actionstatus->actions
as $value) {
174 $actions .= " <a href='index.php?$value=y&sesskey=$USER->sesskey&order=$record->id'>{$authstrs->$value}</a> ";
178 $table->add_data(array(
179 "<a href='index.php?order=$record->id'>$record->id</a>",
180 userdate($record->timecreated
),
182 "<font style='color:$color'>" . $authstrs->{$actionstatus->status
} . "</font>",
188 $table->print_html();
192 * authorize_print_order_details
194 * @param int $orderno
196 function authorize_print_order_details($orderno)
199 global $strs, $authstrs;
201 $cmdcapture = optional_param(ORDER_CAPTURE
, '', PARAM_ALPHA
);
202 $cmddelete = optional_param(ORDER_DELETE
, '', PARAM_ALPHA
);
203 $cmdrefund = optional_param(ORDER_REFUND
, '', PARAM_ALPHA
);
204 $cmdvoid = optional_param(ORDER_VOID
, '', PARAM_ALPHA
);
206 $unenrol = optional_param('unenrol', 0, PARAM_BOOL
);
207 $confirm = optional_param('confirm', 0, PARAM_BOOL
);
209 $table = new stdClass
;
210 $table->width
= '100%';
211 $table->size
= array('30%', '70%');
212 $table->align
= array('right', 'left');
214 $order = get_record('enrol_authorize', 'id', $orderno);
216 notice("Order $orderno not found.", "index.php");
220 $course = get_record('course', 'id', $order->courseid
);
221 $coursecontext = get_context_instance(CONTEXT_COURSE
, $course->id
);
223 if ($USER->id
!= $order->userid
) { // Current user viewing someone else's order
224 require_capability('enrol/authorize:managepayments', $coursecontext);
227 echo "<form action=\"index.php\" method=\"post\">\n";
229 echo "<input type=\"hidden\" name=\"order\" value=\"$orderno\" />\n";
230 echo "<input type=\"hidden\" name=\"sesskey\" value=\"" . sesskey() . "\" />";
232 $settled = authorize_settled($order);
233 $status = authorize_get_status_action($order);
235 $table->data
[] = array("<b>$authstrs->paymentmethod:</b>",
236 ($order->paymentmethod
== AN_METHOD_CC ?
$authstrs->methodcc
: $authstrs->methodecheck
));
237 $table->data
[] = array("<b>$authstrs->orderid:</b>", $orderno);
238 $table->data
[] = array("<b>$authstrs->transid:</b>", $order->transid
);
239 $table->data
[] = array("<b>$authstrs->amount:</b>", "$order->currency $order->amount");
240 if (empty($cmdcapture) and empty($cmdrefund) and empty($cmdvoid) and empty($cmddelete)) {
241 $color = authorize_get_status_color($status->status
);
242 $table->data
[] = array("<b>$strs->course:</b>", format_string($course->shortname
));
243 $table->data
[] = array("<b>$strs->status:</b>", "<font style='color:$color'>" . $authstrs->{$status->status
} . "</font>");
244 if ($order->paymentmethod
== AN_METHOD_CC
) {
245 $table->data
[] = array("<b>$authstrs->nameoncard:</b>", $order->ccname
);
248 $table->data
[] = array("<b>$authstrs->echeckfirslasttname:</b>", $order->ccname
);
250 $table->data
[] = array("<b>$strs->time:</b>", userdate($order->timecreated
));
251 $table->data
[] = array("<b>$authstrs->settlementdate:</b>", $settled ?
252 userdate($order->settletime
) : $authstrs->notsettled
);
254 $table->data
[] = array(" ", "<hr size='1' />\n");
256 if (!empty($cmdcapture) and confirm_sesskey()) { // CAPTURE
257 if (!in_array(ORDER_CAPTURE
, $status->actions
)) {
259 $a->action
= $authstrs->capture
;
260 print_error('youcantdo', 'enrol_authorize', '', $a);
263 if (empty($confirm)) {
264 $strcaptureyes = get_string('captureyes', 'enrol_authorize');
265 $table->data
[] = array("<b>$strs->confirm:</b>",
266 "$strcaptureyes <br />
267 <input type='hidden' name='confirm' value='1' /><input type='submit' name='". ORDER_CAPTURE
."' value='$authstrs->capture' />
268 <a href='index.php?order=$orderno'>$strs->no</a>");
273 if (AN_APPROVED
!= authorize_action($order, $message, $extra, AN_ACTION_PRIOR_AUTH_CAPTURE
)) {
274 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>", $message);
277 if (empty($CFG->an_test
)) {
278 $user = get_record('user', 'id', $order->userid
);
279 if (enrol_into_course($course, $user, 'authorize')) {
280 if (!empty($CFG->enrol_mailstudents
)) {
281 send_welcome_messages($order->id
);
283 redirect("index.php?order=$orderno");
286 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>",
287 "Error while trying to enrol ".fullname($user)." in '" . format_string($course->shortname
) . "'");
291 $table->data
[] = array(get_string('testmode', 'enrol_authorize'),
292 get_string('testwarning', 'enrol_authorize'));
298 elseif (!empty($cmdrefund) and confirm_sesskey()) { // REFUND
299 if (!in_array(ORDER_REFUND
, $status->actions
)) {
301 $a->action
= $authstrs->refund
;
302 print_error('youcantdo', 'enrol_authorize', '', $a);
306 $sql = "SELECT SUM(amount) AS refunded FROM {$CFG->prefix}enrol_authorize_refunds " .
307 "WHERE (orderid = '" . $orderno . "') AND (status = '" . AN_STATUS_CREDIT
. "')";
309 if (($refundval = get_field_sql($sql))) {
310 $refunded = floatval($refundval);
312 $upto = round($order->amount
- $refunded, 2);
314 error("Refunded to original amount.");
317 $amount = round(optional_param('amount', $upto), 2);
318 if (($amount > $upto) or empty($confirm)) {
321 $strcanbecredit = get_string('canbecredit', 'enrol_authorize', $a);
322 $strhowmuch = get_string('howmuch', 'enrol_authorize');
323 $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
324 $table->data
[] = array("<b>$authstrs->unenrolstudent</b>", $cbunenrol);
325 $table->data
[] = array("<b>$strhowmuch</b>",
326 "<input type='hidden' name='confirm' value='1' />
327 <input type='text' size='5' name='amount' value='$amount' />
328 $strcanbecredit<br /><input type='submit' name='".ORDER_REFUND
."' value='$authstrs->refund' />");
331 $extra = new stdClass
;
332 $extra->orderid
= $orderno;
333 $extra->amount
= $amount;
335 $success = authorize_action($order, $message, $extra, AN_ACTION_CREDIT
);
336 if (AN_APPROVED
== $success || AN_REVIEW
== $success) {
337 if (empty($CFG->an_test
)) {
338 if (empty($extra->id
)) {
339 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>", 'insert record error');
342 if (!empty($unenrol)) {
343 role_unassign(0, $order->userid
, 0, $coursecontext->id
);
345 redirect("index.php?order=$orderno");
349 $table->data
[] = array(get_string('testmode', 'enrol_authorize'),
350 get_string('testwarning', 'enrol_authorize'));
354 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>", $message);
360 elseif (!empty($cmdvoid) and confirm_sesskey()) { // VOID
361 $suborderno = optional_param('suborder', 0, PARAM_INT
);
362 if (empty($suborderno)) { // cancel original transaction.
363 if (!in_array(ORDER_VOID
, $status->actions
)) {
365 $a->action
= $authstrs->void
;
366 print_error('youcantdo', 'enrol_authorize', '', $a);
368 if (empty($confirm)) {
369 $strvoidyes = get_string('voidyes', 'enrol_authorize');
370 $table->data
[] = array("<b>$strs->confirm:</b>",
371 "$strvoidyes<br /><input type='hidden' name='".ORDER_VOID
."' value='y' />
372 <input type='hidden' name='confirm' value='1' />
373 <input type='submit' value='$authstrs->void' />
374 <a href='index.php?order=$orderno'>$strs->no</a>");
379 if (AN_APPROVED
== authorize_action($order, $message, $extra, AN_ACTION_VOID
)) {
380 if (empty($CFG->an_test
)) {
381 redirect("index.php?order=$orderno");
384 $table->data
[] = array(get_string('testmode', 'enrol_authorize'),
385 get_string('testwarning', 'enrol_authorize'));
389 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>", $message);
393 else { // cancel refunded transaction
394 $sql = "SELECT r.*, e.courseid, e.paymentmethod FROM {$CFG->prefix}enrol_authorize_refunds r " .
395 "INNER JOIN {$CFG->prefix}enrol_authorize e ON r.orderid = e.id " .
396 "WHERE r.id = '$suborderno' AND r.orderid = '$orderno' AND r.status = '" .AN_STATUS_CREDIT
. "'";
398 $suborder = get_record_sql($sql);
399 if (!$suborder) { // not found
400 error("Transaction can not be voided because of already been voided.");
403 $refundedstatus = authorize_get_status_action($suborder);
404 if (!in_array(ORDER_VOID
, $refundedstatus->actions
)) {
406 $a->action
= $authstrs->void
;
407 print_error('youcantdo', 'enrol_authorize', '', $a);
409 unset($suborder->courseid
);
410 if (empty($confirm)) {
412 $a->transid
= $suborder->transid
;
413 $a->amount
= $suborder->amount
;
414 $strsubvoidyes = get_string('subvoidyes', 'enrol_authorize', $a);
415 $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
416 $table->data
[] = array("<b>$authstrs->unenrolstudent</b>", $cbunenrol);
417 $table->data
[] = array("<b>$strs->confirm:</b>",
418 "$strsubvoidyes<br /><input type='hidden' name='".ORDER_VOID
."' value='y' />
419 <input type='hidden' name='confirm' value='1' />
420 <input type='hidden' name='suborder' value='$suborderno' />
421 <input type='submit' value='$authstrs->void' />
422 <a href='index.php?order=$orderno'>$strs->no</a>");
427 if (AN_APPROVED
== authorize_action($suborder, $message, $extra, AN_ACTION_VOID
)) {
428 if (empty($CFG->an_test
)) {
429 if (!empty($unenrol)) {
430 role_unassign(0, $order->userid
, 0, $coursecontext->id
);
432 redirect("index.php?order=$orderno");
435 $table->data
[] = array(get_string('testmode', 'enrol_authorize'),
436 get_string('testwarning', 'enrol_authorize'));
440 $table->data
[] = array("<b><font color='red'>$strs->error:</font></b>", $message);
447 elseif (!empty($cmddelete) and confirm_sesskey()) { // DELETE
448 if (!in_array(ORDER_DELETE
, $status->actions
)) {
450 $a->action
= $authstrs->delete
;
451 print_error('youcantdo', 'enrol_authorize', '', $a);
453 if (empty($confirm)) {
454 $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
455 $table->data
[] = array("<b>$authstrs->unenrolstudent</b>", $cbunenrol);
456 $table->data
[] = array("<b>$strs->confirm:</b>",
457 "<input type='hidden' name='".ORDER_DELETE
."' value='y' />
458 <input type='hidden' name='confirm' value='1' />
459 <input type='submit' value='$authstrs->delete' />
460 <a href='index.php?order=$orderno'>$strs->no</a>");
463 if (!empty($unenrol)) {
464 role_unassign(0, $order->userid
, 0, $coursecontext->id
);
466 delete_records('enrol_authorize', 'id', $orderno);
467 redirect("index.php");
473 if (empty($status->actions
)) {
474 if (($order->paymentmethod
== AN_METHOD_ECHECK
) && has_capability('enrol/authorize:uploadcsv', get_context_instance(CONTEXT_USER
, $USER->id
))) {
475 $actions .= '<a href="uploadcsv.php">'.get_string('uploadcsv', 'enrol_authorize').'</a>';
478 $actions .= $strs->none
;
482 foreach ($status->actions
as $value) {
483 $actions .= "<input type='submit' name='$value' value='{$authstrs->$value}' /> ";
486 $table->data
[] = array("<b>$strs->action</b>", $actions);
488 if ($settled) { // show refunds.
490 $t2->size
= array('45%', '15%', '20%', '10%', '10%');
491 $t2->align
= array('right', 'right', 'right', 'right', 'right');
492 $t2->head
= array($authstrs->settlementdate
,
498 $sql = "SELECT r.*, e.courseid, e.paymentmethod FROM {$CFG->prefix}enrol_authorize_refunds r " .
499 "INNER JOIN {$CFG->prefix}enrol_authorize e ON r.orderid = e.id " .
500 "WHERE r.orderid = '$orderno'";
502 $refunds = get_records_sql($sql);
504 $sumrefund = floatval(0.0);
505 foreach ($refunds as $rf) {
506 $substatus = authorize_get_status_action($rf);
507 $subactions = ' ';
508 if (empty($substatus->actions
)) {
509 $subactions .= $strs->none
;
512 foreach ($substatus->actions
as $vl) {
514 "<a href='index.php?$vl=y&sesskey=$USER->sesskey&order=$orderno&suborder=$rf->id'>{$authstrs->$vl}</a> ";
518 $color = authorize_get_status_color($substatus->status
);
519 if ($substatus->status
== 'refunded' or $substatus->status
== 'settled') {
521 $sumrefund +
= floatval($rf->amount
);
524 userdate($rf->settletime
),
526 "<font style='color:$color'>" .$authstrs->{$substatus->status
} . "</font>",
528 format_float($sign . $rf->amount
, 2)
531 $t2->data
[] = array('','',get_string('total'),$order->currency
,format_float('-'.$sumrefund, 2));
534 $t2->data
[] = array('','',get_string('noreturns', 'enrol_authorize'),'','');
536 echo "<h4>" . get_string('returns', 'enrol_authorize') . "</h4>\n";
545 * authorize_get_status_action
547 * @param object $order Order details.
550 function authorize_get_status_action($order)
553 static $newordertime;
555 if (empty($newordertime)) {
556 $newordertime = time() - 120; // -2 minutes. Order may be still in process.
559 $ret = new stdClass();
560 $ret->actions
= array();
562 $canmanage = has_capability('enrol/authorize:managepayments', get_context_instance(CONTEXT_COURSE
, $order->courseid
));
564 if (intval($order->transid
) == 0) { // test transaction or new order
565 if ($order->timecreated
< $newordertime) {
567 $ret->actions
= array(ORDER_DELETE
);
569 $ret->status
= 'tested';
572 $ret->status
= 'new';
577 switch ($order->status
) {
579 if (authorize_expired($order)) {
581 $ret->actions
= array(ORDER_DELETE
);
583 $ret->status
= 'expired';
587 $ret->actions
= array(ORDER_CAPTURE
, ORDER_VOID
);
589 $ret->status
= 'authorizedpendingcapture';
593 case AN_STATUS_AUTHCAPTURE
:
594 if (authorize_settled($order)) {
596 if (($order->paymentmethod
== AN_METHOD_CC
) ||
($order->paymentmethod
== AN_METHOD_ECHECK
&& !empty($order->refundinfo
))) {
597 $ret->actions
= array(ORDER_REFUND
);
600 $ret->status
= 'settled';
603 if ($order->paymentmethod
== AN_METHOD_CC
&& $canmanage) {
604 $ret->actions
= array(ORDER_VOID
);
606 $ret->status
= 'capturedpendingsettle';
610 case AN_STATUS_CREDIT
:
611 if (authorize_settled($order)) {
612 $ret->status
= 'settled';
615 if ($order->paymentmethod
== AN_METHOD_CC
&& $canmanage) {
616 $ret->actions
= array(ORDER_VOID
);
618 $ret->status
= 'refunded';
623 $ret->status
= 'cancelled';
626 case AN_STATUS_EXPIRE
:
628 $ret->actions
= array(ORDER_DELETE
);
630 $ret->status
= 'expired';
633 case AN_STATUS_UNDERREVIEW
:
634 $ret->status
= 'underreview';
637 case AN_STATUS_APPROVEDREVIEW
:
638 $ret->status
= 'approvedreview';
641 case AN_STATUS_REVIEWFAILED
:
643 $ret->actions
= array(ORDER_DELETE
);
645 $ret->status
= 'reviewfailed';
654 function authorize_get_status_color($status)
660 case 'approvedreview':
661 case 'capturedpendingsettle':
662 $color = '#339900'; // green
668 case 'authorizedpendingcapture':
669 $color = '#FF6600'; // orange
676 $color = '#FF0033'; // red