If an user's credit card cannot be captured on the internet directly, obtain authorization code over phone from customer's bank.

Some users may not wish to use their credit cards on the internet directly for security reasons.
   In this case, you need to obtain an authorization code from user's bank.
   Initially, ask for credit card information from the customer
   like bank name, name on card, card number, expiry date and card validation code
   by means of phone, face-to-face or a billing application.
   Then, call the customer services of user's bank giving this information and demand an authorization code.
   Finally, after obtaining it, login as user to get the user enrolled.
   Alternatively, you can give it to the user saying enrol using this code.

enrol/authorize/config.html

@@ -12,6 +12,7 @@ if (!isset($frm->an_password)) $frm->an_password = '';
 if (!isset($frm->delete_current)) $frm->delete_current = '';
 if (!isset($frm->an_referer)) $frm->an_referer = 'http://';
 if (!isset($frm->an_avs)) $frm->an_avs = '';
+if (!isset($frm->an_authcode)) $frm->an_authcode = '';
 if (!isset($frm->an_test)) $frm->an_test = '';
 if (!isset($frm->an_review)) $frm->an_review = '';
 if (!isset($frm->an_capture_day)) $frm->an_capture_day = '5';
@@ -129,6 +130,12 @@ if (!isset($frm->acceptechecktypes)) {
         <?php print_string("adminavs", "enrol_authorize") ?></td>
 </tr>
 
+<tr valign="top">
+    <td align="right">an_authcode:</td>
+    <td><?php print_checkbox('an_authcode', '1', !empty($frm->an_authcode)) ?><br />
+        <?php print_string("adminauthcode", "enrol_authorize") ?></td>
+</tr>
+
 <tr valign="top">
     <td align="right">an_test:</td>
     <td><?php print_checkbox('an_test', '1', !empty($frm->an_test)) ?><br />

enrol/authorize/enrol.html

@@ -32,7 +32,7 @@ function print_cc_form($classreference)
     global $CFG, $USER;
 
     $formvars = array(
-        'ccaddress', 'cccity', 'ccstate', 'cccountry', 'cczip',
+        'ccaddress', 'cccity', 'ccstate', 'cccountry', 'cczip', 'ccauthcode', 'haveauth',
         'ccfirstname', 'cclastname', 'cc', 'ccexpiremm', 'ccexpireyyyy', 'cctype', 'cvv'
     );
     foreach ($formvars as $var) {
@@ -102,7 +102,18 @@ function print_cc_form($classreference)
       <?php helpbutton('cvv', '', 'enrol/authorize'); ?>
       <?php if (!empty($classreference->authorizeerrors['cvv'])) { formerr($classreference->authorizeerrors['cvv']); } ?></td>
     </tr>
-    <?php if (!empty($CFG->an_avs)) { /* Address Verification System */ ?>
+
+    <?php if (!empty($CFG->an_authcode)) : /* Authorization Code */ ?>
+    <tr>
+      <td align="right" valign="top"><?php print_string("authcode", "enrol_authorize") ?>: </td>
+      <td align="left"><?php print_checkbox('haveauth', '1', !empty($form->haveauth), get_string("haveauthcode", "enrol_authorize")) ?>
+      <?php helpbutton('authcode', '', 'enrol/authorize'); ?><br />
+      <input type="text" name="ccauthcode" size="8" value="<?php p($form->ccauthcode) ?>" />
+      <?php if (!empty($classreference->authorizeerrors['ccauthcode'])) { formerr($classreference->authorizeerrors['ccauthcode']); } ?></td>
+    </tr>
+    <?php endif; ?>
+
+    <?php if (!empty($CFG->an_avs)) : /* Address Verification System */ ?>
     <tr>
       <td align="right"><?php print_string("address") ?>: </td>
       <td align="left"><input type="text" name="ccaddress" size="32" value="<?php p($useraddress) ?>" />
@@ -119,7 +130,7 @@ function print_cc_form($classreference)
       <td align="left"><?php choose_from_menu(get_list_of_countries(), "cccountry", $usercountry, get_string("selectacountry")."..."); ?>
       <?php if (!empty($classreference->authorizeerrors['cccountry'])) { formerr($classreference->authorizeerrors['cccountry']); } ?></td>
     </tr>
-    <?php } else { /* not AVS */ ?>
+    <?php else: /* not AVS */ ?>
     <tr>
     <td colspan="2">
       <input type="hidden" name="ccstate" value="" />
@@ -128,7 +139,8 @@ function print_cc_form($classreference)
       <input type="hidden" name="cccountry" value="<?php p($usercountry) ?>" />
     </td>
     </tr>
-    <?php } ?>
+    <?php endif; ?>
+
     <tr>
       <td align="right"><?php print_string("zipcode", "enrol_authorize") ?>: </td>
       <td align="left"><input type="text" name="cczip" size="5" value="<?php p($form->cczip) ?>" />

enrol/authorize/enrol.php

@@ -184,9 +184,19 @@ class enrolment_plugin_authorize
         $extra->x_phone = '';
         $extra->x_fax = '';
 
+        $revieworder = false;
+        $action = AN_ACTION_AUTH_CAPTURE;
+
+        if (!empty($CFG->an_authcode) && !empty($form->ccauthcode)) {
+            $action = AN_ACTION_CAPTURE_ONLY;
+            $extra->x_auth_code = $form->ccauthcode;
+        }
+        elseif (!empty($CFG->an_review)) {
+            $revieworder = true;
+            $action = AN_ACTION_AUTH_ONLY;
+        }
+
         $message = '';
-        $an_review = !empty($CFG->an_review);
-        $action = $an_review ? AN_ACTION_AUTH_ONLY : AN_ACTION_AUTH_CAPTURE;
         if (AN_APPROVED != authorize_action($order, $message, $extra, $action, $form->cctype)) {
             email_to_admin($message, $order);
             $this->authorizeerrors['header'] = $message;
@@ -195,7 +205,7 @@ class enrolment_plugin_authorize
 
         $SESSION->ccpaid = 1; // security check: don't duplicate payment
         if ($order->transid == 0) { // TEST MODE
-            if ($an_review) {
+            if ($revieworder) {
                 redirect($CFG->wwwroot, get_string("reviewnotify", "enrol_authorize"), '30');
             }
             else {
@@ -205,7 +215,7 @@ class enrolment_plugin_authorize
             return;
         }
 
-        if ($an_review) { // review enabled, inform site payment managers and redirect the user who have paid to main page.
+        if ($revieworder) { // review enabled, inform site payment managers and redirect the user who have paid to main page.
             $a = new stdClass;
             $a->url = "$CFG->wwwroot/enrol/authorize/index.php?order=$order->id";
             $a->orderid = $order->id;
@@ -453,6 +463,7 @@ class enrolment_plugin_authorize
 
         // optional authorize.net settings
         set_config('an_avs', optional_param('an_avs', 0, PARAM_BOOL));
+        set_config('an_authcode', optional_param('an_authcode', 0, PARAM_BOOL));
         set_config('an_test', optional_param('an_test', 0, PARAM_BOOL));
         set_config('an_referer', optional_param('an_referer', 'http://', PARAM_URL));
 

enrol/authorize/localfuncs.php

@@ -244,8 +244,11 @@ function validate_cc_form($form, &$err)
         $err['cctype'] = get_string('missingcctype', 'enrol_authorize');
     }
 
-    if (!empty($CFG->an_avs))
-    {
+    if (!empty($CFG->an_authcode) && !empty($form->haveauth) && empty($form->ccauthcode)) {
+        $err['ccauthcode'] = get_string('missingccauthcode', 'enrol_authorize');
+    }
+
+    if (!empty($CFG->an_avs)) {
         if (empty($form->ccaddress)) {
             $err['ccaddress'] = get_string('missingaddress', 'enrol_authorize');
         }
@@ -351,7 +354,7 @@ function send_welcome_messages($orderdata)
     while ($ei !== false) {
         $usercourses = array();
         $lastuserid = $ei->userid;
-        for ($current = $ei; $current !== false && $current->userid == $lastuserid; $current = next($emailinfo)) {   
+        for ($current = $ei; $current !== false && $current->userid == $lastuserid; $current = next($emailinfo)) {
              $usercourses[] = $current->fullname;
         }
         $ei = $current;

lang/en_utf8/enrol_authorize.php

@@ -4,6 +4,7 @@
 
 $string['adminacceptccs'] = 'Which credit card types will be accepted?';
 $string['adminaccepts'] = 'Select payment methods allowed and their types';
+$string['adminauthcode'] = 'If an user\'s credit card cannot be captured on the internet directly, obtain authorization code over the phone from customer\'s bank.';
 $string['adminauthorizeccapture'] = 'Order Review & Scheduled-Capture Settings';
 $string['adminauthorizeemail'] = 'Email Sending Settings';
 $string['adminauthorizesettings'] = 'Authorize.net Settings';
@@ -49,6 +50,7 @@ $string['antestmode'] = 'Run transactions in test mode only (no money will be dr
 $string['antrankey'] = 'Authorize.net: Transaction Key';
 $string['approvedreview'] = 'Approved Review';
 $string['authcaptured'] = 'Authorized / Captured';
+$string['authcode'] = 'Authorization Code';
 $string['authorize:managepayments'] = 'Manage payments';
 $string['authorize:uploadcsv']='Upload CSV file';
 $string['authorizedpendingcapture'] = 'Authorized / Pending Capture';
@@ -95,6 +97,7 @@ $string['echeckfirslasttname'] = 'Bank Account Owner';
 $string['echecksavings'] = 'Savings';
 $string['enrolname'] = 'Authorize.net Payment Gateway';
 $string['expired'] = 'Expired';
+$string['haveauthcode'] = 'I have already an authorization code';
 $string['howmuch'] = 'How much?';
 $string['httpsrequired'] = 'We are sorry to inform you that your request cannot be processed now. This site\'s configuration couldn\'t be set up correctly.<br /><br />Please don\'t enter your credit card number unless you see a yellow lock at the bottom of the browser. If the symbol appears, it means the page encrypts all data sent between client and server. So the information during the transaction between the two computers is protected, hence your credit card number cannot be captured over the internet.';
 $string['invalidaba'] = 'Invalid ABA number';
@@ -107,6 +110,7 @@ $string['missingaba'] = 'Missing ABA number';
 $string['missingaddress'] = 'Missing address';
 $string['missingbankname'] = 'Missing bank name';
 $string['missingcc'] = 'Missing card number';
+$string['missingccauthcode'] = 'Missing authorization code';
 $string['missingccexpire'] = 'Missing expiration date';
 $string['missingcctype'] = 'Missing card type';
 $string['missingcvv'] = 'Missing verification number';