def handle_payment_details_submission(self, request): # Check forms are valid bankcard_form = forms.BankcardForm(request.POST) billing_address_form = BillingAddressForm(request.POST) if bankcard_form.is_valid() and billing_address_form.is_valid(): # Forms are valid - render preview with forms hidden in the page return self.render_preview( request, bankcard=bankcard_form.bankcard, bankcard_form=bankcard_form, billing_address=billing_address_form.save(commit=False), billing_address_form=billing_address_form) # Form invalid - re-render return self.render_payment_details( request, bankcard_form=bankcard_form, billing_address_form=billing_address_form)
def handle_place_order_submission(self, request): # Check data from hidden forms again to ensure it hasn't been tampered # with. bankcard_form = forms.BankcardForm(request.POST) billing_address_form = BillingAddressForm(request.POST) if bankcard_form.is_valid() and billing_address_form.is_valid(): # Data is ok - submit order submission = self.build_submission( order_kwargs={ 'billing_address': billing_address_form.save(commit=False) }, payment_kwargs={ 'bankcard_form': bankcard_form, 'billing_address_form': billing_address_form, }) return self.submit(**submission) # If we get here, it means the hidden forms have been tampered with. messages.error(request, _("Invalid submission")) return http.HttpResponseRedirect( reverse('checkout:payment-details'))