thiswebshoprules

git clone https://git.tarina.org/thiswebshoprules
Log | Files | Refs
commit 453a29c9d95ecd2fa75ee4fa4e394b7b3aa7c09f
parent f88862ebd308659e5ac56b166f8534cfe486f3ae
Author: rob <rob@tarina.org>
Date:   Tue, 26 Oct 2021 20:26:34 +0300

better handling for sessionkey and pendinginfo

Diffstat:

Mpublic_html/templates/index.html | 2+-


Mpublic_html/templates/pending.html | 2+-


Mserver.py | 65++++++++++++++++++++++++++++++++++-------------------------------


3 files changed, 36 insertions(+), 33 deletions(-)

diff --git a/public_html/templates/index.html b/public_html/templates/index.html
@@ -59,6 +59,6 @@ $if bag != []:
 $if tot > 0:
     <br>
     total: $(tot)&euro; or in real money $int(b.convert_to_btc(tot, 'EUR') * 100000000) Satoshi
-    <a href="/checkout/">Checkout</a>
+    <a href="/checkout">Checkout</a>
     </div>
 </div>
diff --git a/public_html/templates/pending.html b/public_html/templates/pending.html
@@ -38,7 +38,7 @@ $if tot > 0:
     total: $(tot)&euro; or in real money $int(b.convert_to_btc(tot, 'EUR') * 100000000) Satoshi
 </h3>
 <br>
-<a href="/checkout/$pending_key">Go back!</a>
+<a href="/checkout">Go back!</a>
 <div id="addevent">
 <form method="POST">
 $:pendingform.render()
diff --git a/server.py b/server.py
@@ -26,8 +26,8 @@ urls = (
     '/payln/(.*)', 'payln',
     '/paybtc/(.*)', 'paybtc',
     '/payment/(.*)', 'payment',
-    '/checkout/(.*)', 'checkout',
-    '/pending/(.*)', 'pending',
+    '/checkout', 'checkout',
+    '/pending', 'pending',
     '/thankyou', 'thankyou',
     '/login', 'login',
     '/logout', 'logout',
@@ -216,6 +216,13 @@ def organizepics(product):
                     os.system(mv + mv2)
                 organized_nr += 1
 
+def getpendinginfo():
+    try:
+        pendinginfo = db.select('pending', where="invoice_key='" + session.sessionkey + "'", what='country, firstname, lastname, address, town, postalcode, email')[0]
+    except:
+        pendinginfo = ''
+    return pendinginfo
+
 class index():
     def GET(self):
         checkforoldbags()
@@ -290,52 +297,48 @@ class checkout:
     web.form.Textbox('postalcode', web.form.regexp('\d+', 'number thanx!'), web.form.notnull, description="Postalcode / zip"),
     web.form.Textbox('email', web.form.notnull, description="Email:"),
     web.form.Button('Calculate shipping cost'))
-    def GET(self, pending_key):
+
+    def GET(self):
         #checkavailable()
         checkoutform = self.form()
-        if pending_key:
-            oldinfo = db.select('pending', where="invoice_key='" + pending_key + "'", what='country, firstname, lastname, address, town, postalcode, email')
-            oldinfo = oldinfo[0]
-            checkoutform.fill(country=oldinfo.country, firstname=oldinfo.firstname, lastname=oldinfo.lastname, address=oldinfo.address, town=oldinfo.town, postalcode=oldinfo.postalcode, email=oldinfo.email)
+        pendinginfo = getpendinginfo()
+        if pendinginfo:
+            checkoutform.fill(country=pendinginfo.country, firstname=pendinginfo.firstname, lastname=pendinginfo.lastname, address=pendinginfo.address, town=pendinginfo.town, postalcode=pendinginfo.postalcode, email=pendinginfo.email)
         b = BtcConverter()
         bag = db.query("SELECT * FROM customerbag WHERE sessionkey='" + session.sessionkey +"';")
         return render.checkout(checkoutform, bag, b, productname, float)
-    def POST(self, pending_key):
+    def POST(self):
         checkoutform = self.form()
+        pendinginfo = getpendinginfo()
         i = web.input()
         if i.country != 'NO-SHIPPING':
             if not checkoutform.validates():
                 b = BtcConverter()
                 return render.checkout(checkoutform, session.bag, b)
-        if pending_key:
-            db.update('pending', where="invoice_key='" + pending_key +"'", country=i.country, firstname=i.firstname, lastname=i.lastname, address=i.address, town=i.town, postalcode=i.postalcode, email=i.email, dateadded=datetime.datetime.now())
+        if pendinginfo:
+            db.update('pending', where="invoice_key='" + session.sessionkey +"'", country=i.country, firstname=i.firstname, lastname=i.lastname, address=i.address, town=i.town, postalcode=i.postalcode, email=i.email, dateadded=datetime.datetime.now())
         else:
-            pending_key = session.sessionkey
-            db.insert('pending', invoice_key=pending_key, country=i.country, firstname=i.firstname, lastname=i.lastname, address=i.address, town=i.town, postalcode=i.postalcode, email=i.email, dateadded=datetime.datetime.now())
-        raise web.seeother('/pending/' + pending_key)
+            db.insert('pending', invoice_key=session.sessionkey, country=i.country, firstname=i.firstname, lastname=i.lastname, address=i.address, town=i.town, postalcode=i.postalcode, email=i.email, dateadded=datetime.datetime.now())
+        raise web.seeother('/pending')
 
 class pending:
     form = web.form.Form(
     web.form.Dropdown('payment', ['Bitcoin Lightning', 'Bitcoin'], web.form.notnull, description="Select payment method"),
     web.form.Button('Pay'))
-    def GET(self, pending_key):
+    def GET(self):
         #checkavailable()
         pendingform = self.form()
-        if pending_key:
-            pendinginfo = db.select('pending', where="invoice_key='" + pending_key + "'", what='country, firstname, lastname, address, town, postalcode, email')
-            pendinginfo = pendinginfo[0]
-            shippinginfo = db.select('shipping', where="country='" + pendinginfo.country + "'", what='price, days')
-            shippinginfo = shippinginfo[0]
+        pendinginfo = getpendinginfo()
+        if pendinginfo:
+            shippinginfo = db.select('shipping', where="country='" + pendinginfo.country + "'", what='price, days')[0]
         b = BtcConverter()
         bag = db.query("SELECT * FROM customerbag WHERE sessionkey='" + session.sessionkey +"';")
-        return render.pending(pending_key, pendingform, pendinginfo, shippinginfo, bag, b, productname, float)
-    def POST(self, pending_key):
+        return render.pending(session.sessionkey, pendingform, pendinginfo, shippinginfo, bag, b, productname, float)
+    def POST(self):
         pendingform = self.form()
-        if pending_key:
-            pendinginfo = db.select('pending', where="invoice_key='" + pending_key + "'", what='country, firstname, lastname, address, town, postalcode, email')
-            pendinginfo = pendinginfo[0]
-            shippinginfo = db.select('shipping', where="country='" + pendinginfo.country + "'", what='price, days')
-            shippinginfo = shippinginfo[0] 
+        pendinginfo = getpendinginfo()
+        if pendinginfo:
+            shippinginfo = db.select('shipping', where="country='" + pendinginfo.country + "'", what='price, days')[0]
             i = web.input()
             #if session.bag != []:
             totalamount = 0
@@ -355,7 +358,7 @@ class pending:
             #else:
             #    web.seeother('/')
             #make lightning invoice
-            invoice = createinvoice(totsats, description, pending_key)
+            invoice = createinvoice(totsats, description, session.sessionkey)
             callsubprocess('qrencode -s 5 -o '+ staticdir + 'qr/' + invoice['id']+'.png ' + invoice['payreq'])
             #make bitcoin address
             bitcoinrpc = AuthServiceProxy(rpcauth)
@@ -367,7 +370,7 @@ class pending:
                 db.query("DELETE FROM invoices WHERE invoice_key='" + session.sessionkey +"';")
             except:
                 print('no old invoices to delete')
-            db.insert('invoices', invoice_key=pending_key, btc=newaddress, ln=invoice['id'], products=description, payment=i.payment, amount=totalamount, totsats=totsats, timestamp=time.strftime('%Y-%m-%d %H:%M:%S'))
+            db.insert('invoices', invoice_key=session.sessionkey, btc=newaddress, ln=invoice['id'], products=description, payment=i.payment, amount=totalamount, totsats=totsats, timestamp=time.strftime('%Y-%m-%d %H:%M:%S'))
             # send mail to op
             msg = 'You got a new order, from ' + pendinginfo.firstname + ' ' + pendinginfo.lastname + ' from ' + pendinginfo.country + ' email: ' + pendinginfo.email + ' this dude wantz ' + description + ' for ' + str(int(totalamount/100)) + '€ ' + ' with ' + i.payment
             sendmail(webmaster, 'GetDaFuckOuttaHere Shop', msg)
@@ -377,12 +380,12 @@ class pending:
             if i.payment == 'Bitcoin Lightning':
                 paymentlink = 'payln/'
             if pendinginfo.email != '':
-                msg = "Thank you for ordering " + description + " at GetDaFuckOuttaHere Shop, we'll be processing your order as soon as possible and send it to " + pendinginfo.firstname + ' ' + pendinginfo.lastname + ', ' + pendinginfo.address + ', ' + str(pendinginfo.postalcode) + ', ' + pendinginfo.town + ', ' + pendinginfo.country + '. To pay/view status of your order please visit ' + baseurl + paymentlink + pending_key
+                msg = "Thank you for ordering " + description + " at GetDaFuckOuttaHere Shop, we'll be processing your order as soon as possible and send it to " + pendinginfo.firstname + ' ' + pendinginfo.lastname + ', ' + pendinginfo.address + ', ' + str(pendinginfo.postalcode) + ', ' + pendinginfo.town + ', ' + pendinginfo.country + '. To pay/view status of your order please visit ' + baseurl + paymentlink + session.sessionkey
                 sendmail(pendinginfo.email, 'GetDaFuckOuttaHere Shop', msg)
             if i.payment == 'Bitcoin':
-                return web.seeother('/paybtc/' + pending_key)
+                return web.seeother('/paybtc/' + session.sessionkey)
             if i.payment == 'Bitcoin Lightning':
-                return web.seeother('/payln/' + pending_key)
+                return web.seeother('/payln/' + session.sessionkey)
         else:
             return web.seeother('/')