def handle_payment_details_submission(self, request):
# Check forms are valid
bankcard_form = forms.BankcardForm(request.POST)
billing_address_form = BillingAddressForm(request.POST)
if bankcard_form.is_valid() and billing_address_form.is_valid():
# Forms are valid - render preview with forms hidden in the page
return self.render_preview(
request,
bankcard=bankcard_form.bankcard,
bankcard_form=bankcard_form,
billing_address=billing_address_form.save(commit=False),
billing_address_form=billing_address_form)
# Form invalid - re-render
return self.render_payment_details(
request, bankcard_form=bankcard_form,
billing_address_form=billing_address_form)
def handle_place_order_submission(self, request):
# Check data from hidden forms again to ensure it hasn't been tampered
# with.
bankcard_form = forms.BankcardForm(request.POST)
billing_address_form = BillingAddressForm(request.POST)
if bankcard_form.is_valid() and billing_address_form.is_valid():
# Data is ok - submit order
submission = self.build_submission(
order_kwargs={
'billing_address': billing_address_form.save(commit=False)
},
payment_kwargs={
'bankcard_form': bankcard_form,
'billing_address_form': billing_address_form,
})
return self.submit(**submission)
# If we get here, it means the hidden forms have been tampered with.
messages.error(request, _("Invalid submission"))
return http.HttpResponseRedirect(
reverse('checkout:payment-details'))
