Beispiel #1
0
/**
 * authorize_print_order_details
 *
 * @param int $orderno
 */
function authorize_print_order_details($orderno)
{
    global $CFG, $USER;
    global $strs, $authstrs;
    $cmdcapture = optional_param(ORDER_CAPTURE, '', PARAM_ALPHA);
    $cmddelete = optional_param(ORDER_DELETE, '', PARAM_ALPHA);
    $cmdrefund = optional_param(ORDER_REFUND, '', PARAM_ALPHA);
    $cmdvoid = optional_param(ORDER_VOID, '', PARAM_ALPHA);
    $unenrol = optional_param('unenrol', 0, PARAM_BOOL);
    $confirm = optional_param('confirm', 0, PARAM_BOOL);
    $table = new stdClass();
    $table->width = '100%';
    $table->size = array('30%', '70%');
    $table->align = array('right', 'left');
    $order = get_record('enrol_authorize', 'id', $orderno);
    if (!$order) {
        notice("Order {$orderno} not found.", "index.php");
        return;
    }
    $course = get_record('course', 'id', $order->courseid);
    $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
    if ($USER->id != $order->userid) {
        // Current user viewing someone else's order
        require_capability('enrol/authorize:managepayments', $coursecontext);
    }
    echo "<form action=\"index.php\" method=\"post\">\n";
    echo "<div>";
    echo "<input type=\"hidden\" name=\"order\" value=\"{$orderno}\" />\n";
    echo "<input type=\"hidden\" name=\"sesskey\" value=\"" . sesskey() . "\" />";
    $settled = authorize_settled($order);
    $status = authorize_get_status_action($order);
    $table->data[] = array("<b>{$authstrs->paymentmethod}:</b>", $order->paymentmethod == AN_METHOD_CC ? $authstrs->methodcc : $authstrs->methodecheck);
    $table->data[] = array("<b>{$authstrs->orderid}:</b>", $orderno);
    $table->data[] = array("<b>{$authstrs->transid}:</b>", $order->transid);
    $table->data[] = array("<b>{$authstrs->amount}:</b>", "{$order->currency} {$order->amount}");
    if (empty($cmdcapture) and empty($cmdrefund) and empty($cmdvoid) and empty($cmddelete)) {
        $color = authorize_get_status_color($status->status);
        $table->data[] = array("<b>{$strs->course}:</b>", format_string($course->shortname));
        $table->data[] = array("<b>{$strs->status}:</b>", "<font style='color:{$color}'>" . $authstrs->{$status->status} . "</font>");
        if ($order->paymentmethod == AN_METHOD_CC) {
            $table->data[] = array("<b>{$authstrs->nameoncard}:</b>", $order->ccname);
        } else {
            $table->data[] = array("<b>{$authstrs->echeckfirslasttname}:</b>", $order->ccname);
        }
        $table->data[] = array("<b>{$strs->time}:</b>", userdate($order->timecreated));
        $table->data[] = array("<b>{$authstrs->settlementdate}:</b>", $settled ? userdate($order->settletime) : $authstrs->notsettled);
    }
    $table->data[] = array("&nbsp;", "<hr size='1' />\n");
    if (!empty($cmdcapture) and confirm_sesskey()) {
        // CAPTURE
        if (!in_array(ORDER_CAPTURE, $status->actions)) {
            $a = new stdClass();
            $a->action = $authstrs->capture;
            print_error('youcantdo', 'enrol_authorize', '', $a);
        }
        if (empty($confirm)) {
            $strcaptureyes = get_string('captureyes', 'enrol_authorize');
            $table->data[] = array("<b>{$strs->confirm}:</b>", "{$strcaptureyes} <br />\n            <input type='hidden' name='confirm' value='1' /><input type='submit' name='" . ORDER_CAPTURE . "' value='{$authstrs->capture}' />\n            &nbsp;&nbsp;&nbsp;<a href='index.php?order={$orderno}'>{$strs->no}</a>");
        } else {
            $message = '';
            $extra = NULL;
            if (AN_APPROVED != authorize_action($order, $message, $extra, AN_ACTION_PRIOR_AUTH_CAPTURE)) {
                $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", $message);
            } else {
                if (empty($CFG->an_test)) {
                    $user = get_record('user', 'id', $order->userid);
                    if (enrol_into_course($course, $user, 'authorize')) {
                        if (!empty($CFG->enrol_mailstudents)) {
                            send_welcome_messages($order->id);
                        }
                        redirect("index.php?order={$orderno}");
                    } else {
                        $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", "Error while trying to enrol " . fullname($user) . " in '" . format_string($course->shortname) . "'");
                    }
                } else {
                    $table->data[] = array(get_string('testmode', 'enrol_authorize'), get_string('testwarning', 'enrol_authorize'));
                }
            }
        }
        print_table($table);
    } elseif (!empty($cmdrefund) and confirm_sesskey()) {
        // REFUND
        if (!in_array(ORDER_REFUND, $status->actions)) {
            $a = new stdClass();
            $a->action = $authstrs->refund;
            print_error('youcantdo', 'enrol_authorize', '', $a);
        }
        $refunded = 0.0;
        $sql = "SELECT SUM(amount) AS refunded FROM {$CFG->prefix}enrol_authorize_refunds " . "WHERE (orderid = '" . $orderno . "') AND (status = '" . AN_STATUS_CREDIT . "')";
        if ($refundval = get_field_sql($sql)) {
            $refunded = floatval($refundval);
        }
        $upto = round($order->amount - $refunded, 2);
        if ($upto <= 0) {
            error("Refunded to original amount.");
        } else {
            $amount = round(optional_param('amount', $upto), 2);
            if ($amount > $upto or empty($confirm)) {
                $a = new stdClass();
                $a->upto = $upto;
                $strcanbecredit = get_string('canbecredit', 'enrol_authorize', $a);
                $strhowmuch = get_string('howmuch', 'enrol_authorize');
                $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
                $table->data[] = array("<b>{$authstrs->unenrolstudent}</b>", $cbunenrol);
                $table->data[] = array("<b>{$strhowmuch}</b>", "<input type='hidden' name='confirm' value='1' />\n                     <input type='text' size='5' name='amount' value='{$amount}' />\n                     {$strcanbecredit}<br /><input type='submit' name='" . ORDER_REFUND . "' value='{$authstrs->refund}' />");
            } else {
                $extra = new stdClass();
                $extra->orderid = $orderno;
                $extra->amount = $amount;
                $message = '';
                $success = authorize_action($order, $message, $extra, AN_ACTION_CREDIT);
                if (AN_APPROVED == $success || AN_REVIEW == $success) {
                    if (empty($CFG->an_test)) {
                        if (empty($extra->id)) {
                            $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", 'insert record error');
                        } else {
                            if (!empty($unenrol)) {
                                role_unassign(0, $order->userid, 0, $coursecontext->id);
                            }
                            redirect("index.php?order={$orderno}");
                        }
                    } else {
                        $table->data[] = array(get_string('testmode', 'enrol_authorize'), get_string('testwarning', 'enrol_authorize'));
                    }
                } else {
                    $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", $message);
                }
            }
        }
        print_table($table);
    } elseif (!empty($cmdvoid) and confirm_sesskey()) {
        // VOID
        $suborderno = optional_param('suborder', 0, PARAM_INT);
        if (empty($suborderno)) {
            // cancel original transaction.
            if (!in_array(ORDER_VOID, $status->actions)) {
                $a = new stdClass();
                $a->action = $authstrs->void;
                print_error('youcantdo', 'enrol_authorize', '', $a);
            }
            if (empty($confirm)) {
                $strvoidyes = get_string('voidyes', 'enrol_authorize');
                $table->data[] = array("<b>{$strs->confirm}:</b>", "{$strvoidyes}<br /><input type='hidden' name='" . ORDER_VOID . "' value='y' />\n                     <input type='hidden' name='confirm' value='1' />\n                     <input type='submit' value='{$authstrs->void}' />\n                     &nbsp;&nbsp;&nbsp;&nbsp;<a href='index.php?order={$orderno}'>{$strs->no}</a>");
            } else {
                $extra = NULL;
                $message = '';
                if (AN_APPROVED == authorize_action($order, $message, $extra, AN_ACTION_VOID)) {
                    if (empty($CFG->an_test)) {
                        redirect("index.php?order={$orderno}");
                    } else {
                        $table->data[] = array(get_string('testmode', 'enrol_authorize'), get_string('testwarning', 'enrol_authorize'));
                    }
                } else {
                    $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", $message);
                }
            }
        } else {
            // cancel refunded transaction
            $sql = "SELECT r.*, e.courseid, e.paymentmethod FROM {$CFG->prefix}enrol_authorize_refunds r " . "INNER JOIN {$CFG->prefix}enrol_authorize e ON r.orderid = e.id " . "WHERE r.id = '{$suborderno}' AND r.orderid = '{$orderno}' AND r.status = '" . AN_STATUS_CREDIT . "'";
            $suborder = get_record_sql($sql);
            if (!$suborder) {
                // not found
                error("Transaction can not be voided because of already been voided.");
            } else {
                $refundedstatus = authorize_get_status_action($suborder);
                if (!in_array(ORDER_VOID, $refundedstatus->actions)) {
                    $a = new stdClass();
                    $a->action = $authstrs->void;
                    print_error('youcantdo', 'enrol_authorize', '', $a);
                }
                unset($suborder->courseid);
                if (empty($confirm)) {
                    $a = new stdClass();
                    $a->transid = $suborder->transid;
                    $a->amount = $suborder->amount;
                    $strsubvoidyes = get_string('subvoidyes', 'enrol_authorize', $a);
                    $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
                    $table->data[] = array("<b>{$authstrs->unenrolstudent}</b>", $cbunenrol);
                    $table->data[] = array("<b>{$strs->confirm}:</b>", "{$strsubvoidyes}<br /><input type='hidden' name='" . ORDER_VOID . "' value='y' />\n                         <input type='hidden' name='confirm' value='1' />\n                         <input type='hidden' name='suborder' value='{$suborderno}' />\n                         <input type='submit' value='{$authstrs->void}' />\n                         &nbsp;&nbsp;&nbsp;&nbsp;<a href='index.php?order={$orderno}'>{$strs->no}</a>");
                } else {
                    $message = '';
                    $extra = NULL;
                    if (AN_APPROVED == authorize_action($suborder, $message, $extra, AN_ACTION_VOID)) {
                        if (empty($CFG->an_test)) {
                            if (!empty($unenrol)) {
                                role_unassign(0, $order->userid, 0, $coursecontext->id);
                            }
                            redirect("index.php?order={$orderno}");
                        } else {
                            $table->data[] = array(get_string('testmode', 'enrol_authorize'), get_string('testwarning', 'enrol_authorize'));
                        }
                    } else {
                        $table->data[] = array("<b><font color='red'>{$strs->error}:</font></b>", $message);
                    }
                }
            }
        }
        print_table($table);
    } elseif (!empty($cmddelete) and confirm_sesskey()) {
        // DELETE
        if (!in_array(ORDER_DELETE, $status->actions)) {
            $a = new stdClass();
            $a->action = $authstrs->delete;
            print_error('youcantdo', 'enrol_authorize', '', $a);
        }
        if (empty($confirm)) {
            $cbunenrol = print_checkbox('unenrol', '1', !empty($unenrol), '', '', '', true);
            $table->data[] = array("<b>{$authstrs->unenrolstudent}</b>", $cbunenrol);
            $table->data[] = array("<b>{$strs->confirm}:</b>", "<input type='hidden' name='" . ORDER_DELETE . "' value='y' />\n                 <input type='hidden' name='confirm' value='1' />\n                 <input type='submit' value='{$authstrs->delete}' />\n                 &nbsp;&nbsp;&nbsp;&nbsp;<a href='index.php?order={$orderno}'>{$strs->no}</a>");
        } else {
            if (!empty($unenrol)) {
                role_unassign(0, $order->userid, 0, $coursecontext->id);
            }
            delete_records('enrol_authorize', 'id', $orderno);
            redirect("index.php");
        }
        print_table($table);
    } else {
        // SHOW
        $actions = '';
        if (empty($status->actions)) {
            if ($order->paymentmethod == AN_METHOD_ECHECK && has_capability('enrol/authorize:uploadcsv', get_context_instance(CONTEXT_USER, $USER->id))) {
                $actions .= '<a href="uploadcsv.php">' . get_string('uploadcsv', 'enrol_authorize') . '</a>';
            } else {
                $actions .= $strs->none;
            }
        } else {
            foreach ($status->actions as $value) {
                $actions .= "<input type='submit' name='{$value}' value='{$authstrs->{$value}}' /> ";
            }
        }
        $table->data[] = array("<b>{$strs->action}</b>", $actions);
        print_table($table);
        if ($settled) {
            // show refunds.
            $t2 = new stdClass();
            $t2->size = array('45%', '15%', '20%', '10%', '10%');
            $t2->align = array('right', 'right', 'right', 'right', 'right');
            $t2->head = array($authstrs->settlementdate, $authstrs->transid, $strs->status, $strs->action, $authstrs->amount);
            $sql = "SELECT r.*, e.courseid, e.paymentmethod FROM {$CFG->prefix}enrol_authorize_refunds r " . "INNER JOIN {$CFG->prefix}enrol_authorize e ON r.orderid = e.id " . "WHERE r.orderid = '{$orderno}'";
            $refunds = get_records_sql($sql);
            if ($refunds) {
                $sumrefund = floatval(0.0);
                foreach ($refunds as $rf) {
                    $substatus = authorize_get_status_action($rf);
                    $subactions = '&nbsp;';
                    if (empty($substatus->actions)) {
                        $subactions .= $strs->none;
                    } else {
                        foreach ($substatus->actions as $vl) {
                            $subactions .= "<a href='index.php?{$vl}=y&amp;sesskey={$USER->sesskey}&amp;order={$orderno}&amp;suborder={$rf->id}'>{$authstrs->{$vl}}</a> ";
                        }
                    }
                    $sign = '';
                    $color = authorize_get_status_color($substatus->status);
                    if ($substatus->status == 'refunded' or $substatus->status == 'settled') {
                        $sign = '-';
                        $sumrefund += floatval($rf->amount);
                    }
                    $t2->data[] = array(userdate($rf->settletime), $rf->transid, "<font style='color:{$color}'>" . $authstrs->{$substatus->status} . "</font>", $subactions, format_float($sign . $rf->amount, 2));
                }
                $t2->data[] = array('', '', get_string('total'), $order->currency, format_float('-' . $sumrefund, 2));
            } else {
                $t2->data[] = array('', '', get_string('noreturns', 'enrol_authorize'), '', '');
            }
            echo "<h4>" . get_string('returns', 'enrol_authorize') . "</h4>\n";
            print_table($t2);
        }
    }
    echo '</div>';
    echo '</form>';
}
Beispiel #2
0
/**
 * authorize_print_order
 *
 * @param object $order
 */
function authorize_print_order($orderid)
{
    global $CFG, $USER, $DB, $OUTPUT, $PAGE;
    global $strs, $authstrs;
    $plugin = enrol_get_plugin('authorize');
    $an_test = $plugin->get_config('an_test');
    $do = optional_param('do', '', PARAM_ALPHA);
    $unenrol = optional_param('unenrol', 0, PARAM_BOOL);
    $confirm = optional_param('confirm', 0, PARAM_BOOL);
    if (!($order = $DB->get_record('enrol_authorize', array('id' => $orderid)))) {
        print_error('orderidnotfound', '', "{$CFG->wwwroot}/enrol/authorize/index.php", $orderid);
    }
    if (!($course = $DB->get_record('course', array('id' => $order->courseid)))) {
        print_error('invalidcourseid', '', "{$CFG->wwwroot}/enrol/authorize/index.php");
    }
    if (!($user = $DB->get_record('user', array('id' => $order->userid)))) {
        print_error('nousers', '', "{$CFG->wwwroot}/enrol/authorize/index.php");
    }
    $coursecontext = context_course::instance($course->id);
    if ($USER->id != $order->userid) {
        // Current user viewing someone else's order
        require_capability('enrol/authorize:managepayments', $coursecontext);
    }
    $settled = AuthorizeNet::settled($order);
    $statusandactions = authorize_get_status_action($order);
    $color = authorize_get_status_color($statusandactions->status);
    $buttons = '';
    if (empty($do)) {
        if (empty($statusandactions->actions)) {
            if (AN_METHOD_ECHECK == $order->paymentmethod && has_capability('enrol/authorize:uploadcsv', context_user::instance($USER->id))) {
                $buttons .= "<form method='get' action='uploadcsv.php'><div><input type='submit' value='" . get_string('uploadcsv', 'enrol_authorize') . "' /></div></form>";
            }
        } else {
            foreach ($statusandactions->actions as $val) {
                $buttons .= authorize_print_action_button($orderid, $val);
            }
        }
    }
    if (SITEID != $course->id) {
        $shortname = format_string($course->shortname, true, array('context' => $coursecontext));
        $PAGE->navbar->add($shortname, new moodle_url('/course/view.php', array('id' => $course->id)));
    }
    $PAGE->navbar->add($authstrs->paymentmanagement, 'index.php?course=' . $course->id);
    $PAGE->navbar->add($authstrs->orderid . ': ' . $orderid, 'index.php');
    $PAGE->set_course($course);
    $PAGE->set_title("{$course->shortname}: {$authstrs->paymentmanagement}");
    $PAGE->set_heading($authstrs->orderdetails);
    $PAGE->set_cacheable(false);
    $PAGE->set_button($buttons);
    echo $OUTPUT->header();
    $table = new html_table();
    $table->width = '100%';
    $table->size = array('30%', '70%');
    $table->align = array('right', 'left');
    if (AN_METHOD_CC == $order->paymentmethod) {
        $table->data[] = array("<b>{$authstrs->paymentmethod}:</b>", $authstrs->methodcc);
        $table->data[] = array("<b>{$authstrs->nameoncard}:</b>", $order->ccname . ' (<b><a href="' . $CFG->wwwroot . '/user/view.php?id=' . $user->id . '">' . fullname($user) . '</a></b>)');
        $table->data[] = array("<b>{$authstrs->cclastfour}:</b>", $order->refundinfo);
    } else {
        $table->data[] = array("<b>{$authstrs->paymentmethod}:</b>", $authstrs->methodecheck);
        $table->data[] = array("<b>{$authstrs->echeckfirslasttname}:</b>", $order->ccname . ' (<b><a href="' . $CFG->wwwroot . '/user/view.php?id=' . $user->id . '">' . fullname($user) . '</a></b>)');
        $table->data[] = array("<b>{$authstrs->isbusinesschecking}:</b>", $order->refundinfo == 1 ? $strs->yes : $strs->no);
    }
    $table->data[] = array("<b>{$authstrs->amount}:</b>", "{$order->currency} {$order->amount}");
    $table->data[] = array("<b>{$authstrs->transid}:</b>", $order->transid);
    $table->data[] = array("<b>{$strs->time}:</b>", userdate($order->timecreated));
    $table->data[] = array("<b>{$authstrs->settlementdate}:</b>", $settled ? userdate($order->settletime) : $authstrs->notsettled);
    $table->data[] = array("<b>{$strs->status}:</b>", "<b><font style='color:{$color}'>" . $authstrs->{$statusandactions->status} . "</font></b>");
    if (ORDER_CAPTURE == $do && in_array(ORDER_CAPTURE, $statusandactions->actions)) {
        if ($confirm && confirm_sesskey()) {
            $message = '';
            $extra = NULL;
            if (AN_APPROVED == AuthorizeNet::process($order, $message, $extra, AN_ACTION_PRIOR_AUTH_CAPTURE)) {
                if (empty($an_test)) {
                    if (enrol_into_course($course, $user, 'authorize')) {
                        if ($plugin->get_config('enrol_mailstudents')) {
                            send_welcome_messages($orderid);
                        }
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}");
                    } else {
                        $shortname = format_string($course->shortname, true, array('context' => $coursecontext));
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", "Error while trying to enrol " . fullname($user) . " in '" . $shortname . "'", 20);
                    }
                } else {
                    redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", get_string('testwarning', 'enrol_authorize'), 10);
                }
            } else {
                redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $message, 20);
            }
        }
        $table->data[] = array("<b>{$strs->confirm}:</b>", get_string('captureyes', 'enrol_authorize') . '<br />' . authorize_print_action_button($orderid, ORDER_CAPTURE, 0, true, false, $strs->no));
        echo html_writer::table($table);
    } elseif (ORDER_REFUND == $do && in_array(ORDER_REFUND, $statusandactions->actions)) {
        $refunded = 0.0;
        $sql = "SELECT SUM(amount) AS refunded\n                  FROM {enrol_authorize_refunds}\n                 WHERE (orderid = ?)\n                   AND (status = ?)";
        if ($refundval = $DB->get_field_sql($sql, array($orderid, AN_STATUS_CREDIT))) {
            $refunded = floatval($refundval);
        }
        $upto = round($order->amount - $refunded, 2);
        if ($upto <= 0) {
            print_error('refoundtoorigi', '', "{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $order->amount);
        }
        $amount = round(optional_param('amount', $upto, PARAM_RAW), 2);
        if ($amount > $upto) {
            print_error('refoundto', '', "{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $upto);
        }
        if ($confirm && confirm_sesskey()) {
            $extra = new stdClass();
            $extra->orderid = $orderid;
            $extra->amount = $amount;
            $message = '';
            $success = AuthorizeNet::process($order, $message, $extra, AN_ACTION_CREDIT);
            if (AN_APPROVED == $success || AN_REVIEW == $success) {
                if (empty($an_test)) {
                    if (empty($extra->id)) {
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", "insert record error", 20);
                    } else {
                        if (!empty($unenrol)) {
                            $pinstance = $DB->get_record('enrol', array('id' => $order->instanceid));
                            $plugin->unenrol_user($pinstance, $order->userid);
                            //role_unassign_all(array('userid'=>$order->userid, 'contextid'=>$coursecontext->id, 'component'=>'enrol_authorize'), true, true);
                        }
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}");
                    }
                } else {
                    redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", get_string('testwarning', 'enrol_authorize'), 10);
                }
            } else {
                redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $message, 20);
            }
        }
        $a = new stdClass();
        $a->upto = $upto;
        $extrahtml = get_string('howmuch', 'enrol_authorize') . ' <input type="text" size="5" name="amount" value="' . $amount . '" /> ' . get_string('canbecredit', 'enrol_authorize', $a) . '<br />';
        $table->data[] = array("<b>{$strs->confirm}:</b>", authorize_print_action_button($orderid, ORDER_REFUND, 0, true, $authstrs->unenrolstudent, $strs->no, $extrahtml));
        echo html_writer::table($table);
    } elseif (ORDER_DELETE == $do && in_array(ORDER_DELETE, $statusandactions->actions)) {
        if ($confirm && confirm_sesskey()) {
            if (!empty($unenrol)) {
                $pinstance = $DB->get_record('enrol', array('id' => $order->instanceid));
                $plugin->unenrol_user($pinstance, $order->userid);
                //role_unassign_all(array('userid'=>$order->userid, 'contextid'=>$coursecontext->id, 'component'=>'enrol_authorize'), true, true);
            }
            $DB->delete_records('enrol_authorize', array('id' => $orderid));
            redirect("{$CFG->wwwroot}/enrol/authorize/index.php");
        }
        $table->data[] = array("<b>{$strs->confirm}:</b>", authorize_print_action_button($orderid, ORDER_DELETE, 0, true, $authstrs->unenrolstudent, $strs->no));
        echo html_writer::table($table);
    } elseif (ORDER_VOID == $do) {
        // special case: cancel original or refunded transaction?
        $suborderid = optional_param('suborder', 0, PARAM_INT);
        if (empty($suborderid) && in_array(ORDER_VOID, $statusandactions->actions)) {
            // cancel original
            if ($confirm && confirm_sesskey()) {
                $extra = NULL;
                $message = '';
                if (AN_APPROVED == AuthorizeNet::process($order, $message, $extra, AN_ACTION_VOID)) {
                    if (empty($an_test)) {
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}");
                    } else {
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", get_string('testwarning', 'enrol_authorize'), 10);
                    }
                } else {
                    redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $message, 20);
                }
            }
            $table->data[] = array("<b>{$strs->confirm}:</b>", get_string('voidyes', 'enrol_authorize') . '<br />' . authorize_print_action_button($orderid, ORDER_VOID, 0, true, false, $strs->no));
            echo html_writer::table($table);
        } elseif (!empty($suborderid)) {
            // cancel refunded
            $sql = "SELECT r.*, e.courseid, e.paymentmethod\n                      FROM {enrol_authorize_refunds} r\n                INNER JOIN {enrol_authorize} e\n                        ON r.orderid = e.id\n                     WHERE r.id = ?\n                       AND r.orderid = ?\n                       AND r.status = ?";
            $suborder = $DB->get_record_sql($sql, array($suborderid, $orderid, AN_STATUS_CREDIT));
            if (!$suborder) {
                // not found
                print_error('transactionvoid', '', "{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}");
            }
            $refundedstatus = authorize_get_status_action($suborder);
            unset($suborder->courseid);
            if (in_array(ORDER_VOID, $refundedstatus->actions)) {
                if ($confirm && confirm_sesskey()) {
                    $message = '';
                    $extra = NULL;
                    if (AN_APPROVED == AuthorizeNet::process($suborder, $message, $extra, AN_ACTION_VOID)) {
                        if (empty($an_test)) {
                            if (!empty($unenrol)) {
                                $pinstance = $DB->get_record('enrol', array('id' => $order->instanceid));
                                $plugin->unenrol_user($pinstance, $order->userid);
                                //role_unassign_all(array('userid'=>$order->userid, 'contextid'=>$coursecontext->id, 'component'=>'enrol_authorize'), true, true);
                            }
                            redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}");
                        } else {
                            redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", get_string('testwarning', 'enrol_authorize'), 10);
                        }
                    } else {
                        redirect("{$CFG->wwwroot}/enrol/authorize/index.php?order={$orderid}", $message, 20);
                    }
                }
                $a = new stdClass();
                $a->transid = $suborder->transid;
                $a->amount = $suborder->amount;
                $table->data[] = array("<b>{$strs->confirm}:</b>", get_string('subvoidyes', 'enrol_authorize', $a) . '<br />' . authorize_print_action_button($orderid, ORDER_VOID, $suborderid, true, $authstrs->unenrolstudent, $strs->no));
                echo html_writer::table($table);
            }
        }
    } else {
        echo html_writer::table($table);
        if ($settled) {
            // show refunds.
            $t2 = new html_table();
            $t2->size = array('45%', '15%', '20%', '10%', '10%');
            $t2->align = array('right', 'right', 'right', 'right', 'right');
            $t2->head = array($authstrs->settlementdate, $authstrs->transid, $strs->status, $strs->action, $authstrs->amount);
            $sql = "SELECT r.*, e.courseid, e.paymentmethod\n                      FROM {enrol_authorize_refunds} r\n                INNER JOIN {enrol_authorize} e\n                        ON r.orderid = e.id\n                     WHERE r.orderid = ?";
            if ($refunds = $DB->get_records_sql($sql, array($orderid))) {
                $sumrefund = floatval(0.0);
                foreach ($refunds as $rf) {
                    $subactions = '';
                    $substatus = authorize_get_status_action($rf);
                    if (empty($substatus->actions)) {
                        $subactions .= $strs->none;
                    } else {
                        foreach ($substatus->actions as $vl) {
                            $subactions .= authorize_print_action_button($orderid, $vl, $rf->id);
                        }
                    }
                    $sign = '';
                    $color = authorize_get_status_color($substatus->status);
                    if ($substatus->status == 'refunded' or $substatus->status == 'settled') {
                        $sign = '-';
                        $sumrefund += floatval($rf->amount);
                    }
                    $t2->data[] = array(userdate($rf->settletime), $rf->transid, "<b><font style='color:{$color}'>" . $authstrs->{$substatus->status} . "</font></b>", $subactions, format_float($sign . $rf->amount, 2));
                }
                $t2->data[] = array('', '', get_string('total'), $order->currency, format_float('-' . $sumrefund, 2));
            } else {
                $t2->data[] = array('', '', get_string('noreturns', 'enrol_authorize'), '', '');
            }
            echo "<h4>" . get_string('returns', 'enrol_authorize') . "</h4>\n";
            echo html_writer::table($t2);
        }
    }
    echo $OUTPUT->footer();
}