if form.is_valid(): try: status_data = form.save(commit=False) except Exception, e: error = "Exception: %s" % e else: error = "Invalid form: %s" % form.errors if not status_data: status_data = MoneybookersTransaction() if status_data.md5sig != md5sig_generate(status_data): # Invalid md5sig, that's not Moneybookers return HttpResponseForbidden("Allowed only for Moneybookers") if error: status_data.set_error(error) status_data.mb_ipaddress = request.META.get("REMOTE_ADDR", "0.0.0.0") if not request.is_secure() and STATUS_URL[:5]=="https": status_data.set_error("Moneybookers request was not SSL-encrypted") merchant_field = status_data.merchant_field merchant_value = request.POST.get(merchant_field,"") if status_data.md5merchant != md5merchant_generate(status_data.user_id, status_data.invoice, status_data.amount, merchant_value): status_data.set_error("Invalid md5 of merchants fields") if user_id_old and user_id_old != status_data.user_id: status_data.set_error("Wrong User ID: old=%s, new=%s" % (user_id_old, status_data.user_id)) if invoice_old and invoice_old != status_data.invoice: