def order_status(invoice_id):
order = query_db("""SELECT price_in_usd, product_url, price_in_btc
FROM invoices
WHERE invoice_id = ?""", [invoice_id],
one=True)
pending_txs = query_db(
"""SELECT value
FROM pending_invoice_payments
WHERE invoice_id = ?""", [invoice_id]) or [{
'value':
0
}]
confirmed_txs = query_db(
"""SELECT value
FROM invoice_payments
WHERE invoice_id = ?""", [invoice_id]) or [{
'value':
0
}]
confirmed = sum(t['value'] for t in confirmed_txs)
pending = sum(t['value'] for t in pending_txs)
return render_template('order_status.html',
invoice_id=invoice_id,
order=order,
pending=pending,
confirmed=confirmed)
def payment_handler(invoice_id):
address = request.args.get('address')
secret = request.args.get('secret')
confirmations = request.args.get('confirmations')
tx_hash = request.args.get('transaction_hash')
value = float(request.args.get('value')) / 100000000
order = query_db("""SELECT address
FROM invoices
WHERE invoice_id = ?""",
[invoice_id],
one=True)
if address != order['address']:
return 'Incorrect Receiving Address', 400
if secret != app.config['SECRET_KEY']:
return 'invalid secret', 400
if confirmations >= 4:
run_db("""INSERT INTO invoice_payments
(invoice_id, transaction_hash, value)
VALUES (?, ?, ?)""",
[invoice_id, tx_hash, value])
run_db("""DELETE FROM pending_invoice_payments
WHERE invoice_id = ?""",
[invoice_id])
return '*ok*'
else:
run_db("""INSERT INTO pending_invoice_payments
(invoice_id, transaction_hash, value)
VALUES (?, ?, ?)""",
[invoice_id, tx_hash, value])
return 'Waiting for confirmations'
# should never reach here!
return 'something went wrong', 500
def payment_handler(invoice_id):
address = request.args.get('address')
secret = request.args.get('secret')
confirmations = request.args.get('confirmations')
tx_hash = request.args.get('transaction_hash')
value = float(request.args.get('value')) / 100000000
order = query_db("""SELECT address
FROM invoices
WHERE invoice_id = ?""", [invoice_id],
one=True)
if address != order['address']:
return 'Incorrect Receiving Address', 400
if secret != app.config['SECRET_KEY']:
return 'invalid secret', 400
if confirmations >= 4:
run_db(
"""INSERT INTO invoice_payments
(invoice_id, transaction_hash, value)
VALUES (?, ?, ?)""", [invoice_id, tx_hash, value])
run_db(
"""DELETE FROM pending_invoice_payments
WHERE invoice_id = ?""", [invoice_id])
return '*ok*'
else:
run_db(
"""INSERT INTO pending_invoice_payments
(invoice_id, transaction_hash, value)
VALUES (?, ?, ?)""", [invoice_id, tx_hash, value])
return 'Waiting for confirmations'
# should never reach here!
return 'something went wrong', 500
def order_status(invoice_id):
order = query_db("""SELECT price_in_usd, product_url, price_in_btc
FROM invoices
WHERE invoice_id = ?""",
[invoice_id],
one=True)
pending_txs = query_db("""SELECT value
FROM pending_invoice_payments
WHERE invoice_id = ?""",
[invoice_id]) or [{'value': 0}]
confirmed_txs = query_db("""SELECT value
FROM invoice_payments
WHERE invoice_id = ?""",
[invoice_id]) or [{'value': 0}]
confirmed = sum(t['value'] for t in confirmed_txs)
pending = sum(t['value'] for t in pending_txs)
return render_template('order_status.html',
invoice_id=invoice_id,
order=order,
pending=pending,
confirmed=confirmed)