moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Users can view their orders...

Browse source
This commit is contained in:
ethem 2006-03-13 11:15:09 +00:00
parent e996ef5d94
commit 3a36b0b6f3
1 changed files with 61 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

57
enrol/authorize/index.php
View file

@ -15,8 +15,8 @@ if (!($site = get_site())) {
require_login(); require_login();
if (!isadmin()) { if (isguest()) {
error("You must be an administrator to use this page."); error("Guests cannot use this page.");
} }
$orderid = optional_param('order', 0, PARAM_INT); $orderid = optional_param('order', 0, PARAM_INT);
@ -55,6 +55,10 @@ function authorize_orders()
$courseid = 0; // no filter $courseid = 0; // no filter
} }
if (!isstudent($courseid, $userid) && !isteacher($courseid, $userid)) {
error("You must be a teacher/student to use this page.");
}
$baseurl = $CFG->wwwroot."/enrol/authorize/index.php?user=$userid"; $baseurl = $CFG->wwwroot."/enrol/authorize/index.php?user=$userid";
$statusmenu = array(AN_STATUS_NONE => get_string('all'), $statusmenu = array(AN_STATUS_NONE => get_string('all'),
AN_STATUS_AUTH => $authstrs->authorizedpendingcapture, AN_STATUS_AUTH => $authstrs->authorizedpendingcapture,
@ -142,10 +146,17 @@ function authorize_orders()
if ($records = get_records_sql($select . $from . $where . $sort . $limit)) { if ($records = get_records_sql($select . $from . $where . $sort . $limit)) {
foreach ($records as $record) { foreach ($records as $record) {
$actionstatus = get_order_status_desc($record); $actionstatus = get_order_status_desc($record);
$actions = ' '; $actions = '';
if (empty($actionstatus->actions)) {
$actions .= $strs->none;
}
else {
foreach ($actionstatus->actions as $value) { foreach ($actionstatus->actions as $value) {
$actions .= "&nbsp;&nbsp;<a href='index.php?$value=y&amp;order=$record->id'>{$authstrs->$value}</a> "; $actions .= "&nbsp;&nbsp;<a href='index.php?$value=y&amp;order=$record->id'>{$authstrs->$value}</a> ";
} }
}
$table->add_data(array( $table->add_data(array(
"<a href='index.php?order=$record->id'>$record->id</a>", "<a href='index.php?order=$record->id'>$record->id</a>",
userdate($record->timecreated), userdate($record->timecreated),
@ -161,7 +172,7 @@ function authorize_orders()
function authorize_order_details($orderno) { function authorize_order_details($orderno) {
global $CFG; global $CFG, $USER;
global $strs, $authstrs; global $strs, $authstrs;
$unenrol = optional_param('unenrol', ''); $unenrol = optional_param('unenrol', '');
@ -187,6 +198,12 @@ function authorize_order_details($orderno) {
return; return;
} }
if ($USER->id != $order->userid) {
if (! (isadmin() || isteacher($order->courseid, $order->userid))) {
error("Students can view their order.");
}
}
echo "<form action='index.php' method='post'>\n"; echo "<form action='index.php' method='post'>\n";
echo "<input type='hidden' name='order' value='$orderno'>\n"; echo "<input type='hidden' name='order' value='$orderno'>\n";
@ -207,6 +224,10 @@ function authorize_order_details($orderno) {
$table->data[] = array("&nbsp;", "<hr size='1' noshade>\n"); $table->data[] = array("&nbsp;", "<hr size='1' noshade>\n");
if (!empty($cmdcapture)) { // CAPTURE if (!empty($cmdcapture)) { // CAPTURE
if (!in_array(ORDER_CAPTURE, $status->actions)) {
error("You can't do this action:" + ORDER_CAPTURE);
}
if (empty($cmdconfirm)) { if (empty($cmdconfirm)) {
$table->data[] = array("<b>$strs->confirm:</b>", $table->data[] = array("<b>$strs->confirm:</b>",
"$authstrs->captureyes<br /><a href='index.php?order=$orderno&amp;capture=y&amp;confirm=y'>$strs->yes</a> "$authstrs->captureyes<br /><a href='index.php?order=$orderno&amp;capture=y&amp;confirm=y'>$strs->yes</a>
@ -251,6 +272,10 @@ function authorize_order_details($orderno) {
print_table($table); print_table($table);
} }
elseif (!empty($cmdrefund)) { // REFUND elseif (!empty($cmdrefund)) { // REFUND
if (!in_array(ORDER_REFUND, $status->actions)) {
error("You can't do this action:" + ORDER_REFUND);
}
$extra = new stdClass(); $extra = new stdClass();
$extra->sum = 0.0; $extra->sum = 0.0;
$extra->orderid = $orderno; $extra->orderid = $orderno;
@ -305,6 +330,10 @@ function authorize_order_details($orderno) {
print_table($table); print_table($table);
} }
elseif (!empty($cmdvoid)) { // VOID elseif (!empty($cmdvoid)) { // VOID
if (!in_array(ORDER_VOID, $status->actions)) {
error("You can't do this action:" + ORDER_VOID);
}
$suborderno = optional_param('suborder', 0, PARAM_INT); $suborderno = optional_param('suborder', 0, PARAM_INT);
if (empty($suborderno)) { // cancel original transaction. if (empty($suborderno)) { // cancel original transaction.
if (empty($cmdconfirm)) { if (empty($cmdconfirm)) {
@ -382,8 +411,11 @@ function authorize_order_details($orderno) {
} }
elseif (!empty($cmddelete)) { // DELETE elseif (!empty($cmddelete)) { // DELETE
if (!in_array(ORDER_DELETE, $status->actions)) { if (!in_array(ORDER_DELETE, $status->actions)) {
error("Order $orderno cannot be deleted. Status must be expired."); error("You can't do this action:" + ORDER_DELETE);
} }
//if (!in_array(ORDER_DELETE, $status->actions)) {
// error("Order $orderno cannot be deleted. Status must be expired.");
//}
if (empty($cmdconfirm)) { if (empty($cmdconfirm)) {
$table->data[] = array("<b>$authstrs->unenrolstudent</b>", $table->data[] = array("<b>$authstrs->unenrolstudent</b>",
"<input type='checkbox' name='unenrol' value='y'" . (!empty($unenrol) ? " checked" : "") . ">"); "<input type='checkbox' name='unenrol' value='y'" . (!empty($unenrol) ? " checked" : "") . ">");
@ -462,7 +494,9 @@ function get_order_status_desc($order)
$ret = new stdClass(); $ret = new stdClass();
if (intval($order->transid) == 0) { // test transaction if (intval($order->transid) == 0) { // test transaction
if (isadmin()) {
$ret->actions = array(ORDER_DELETE); $ret->actions = array(ORDER_DELETE);
}
$ret->status = 'tested'; $ret->status = 'tested';
return $ret; return $ret;
} }
@ -473,22 +507,30 @@ function get_order_status_desc($order)
if (getsettletime($order->timecreated) < $timediff30) { if (getsettletime($order->timecreated) < $timediff30) {
$order->status = AN_STATUS_EXPIRE; $order->status = AN_STATUS_EXPIRE;
update_record("enrol_authorize", $order); update_record("enrol_authorize", $order);
if (isadmin()) {
$ret->actions = array(ORDER_DELETE); $ret->actions = array(ORDER_DELETE);
}
$ret->status = 'expired'; $ret->status = 'expired';
} }
else { else {
if (isadmin()) {
$ret->actions = array(ORDER_CAPTURE, ORDER_VOID); $ret->actions = array(ORDER_CAPTURE, ORDER_VOID);
}
$ret->status = 'authorizedpendingcapture'; $ret->status = 'authorizedpendingcapture';
} }
return $ret; return $ret;
case AN_STATUS_AUTHCAPTURE: case AN_STATUS_AUTHCAPTURE:
if (settled($order)) { if (settled($order)) {
if (isadmin()) {
$ret->actions = array(ORDER_REFUND); $ret->actions = array(ORDER_REFUND);
}
$ret->status = 'capturedsettled'; $ret->status = 'capturedsettled';
} }
else { else {
if (isadmin()) {
$ret->actions = array(ORDER_VOID); $ret->actions = array(ORDER_VOID);
}
$ret->status = 'capturedpendingsettle'; $ret->status = 'capturedpendingsettle';
} }
return $ret; return $ret;
@ -499,7 +541,9 @@ function get_order_status_desc($order)
$ret->status = 'settled'; $ret->status = 'settled';
} }
else { else {
if (isadmin()) {
$ret->actions = array(ORDER_VOID); $ret->actions = array(ORDER_VOID);
}
$ret->status = 'refunded'; $ret->status = 'refunded';
} }
return $ret; return $ret;
@ -510,7 +554,10 @@ function get_order_status_desc($order)
return $ret; return $ret;
case AN_STATUS_EXPIRE: case AN_STATUS_EXPIRE:
if (isadmin()) {
$ret->actions = array(ORDER_DELETE); $ret->actions = array(ORDER_DELETE);
}
$ret->status = 'expired'; $ret->status = 'expired';
return $ret; return $ret;