Showing ffillment page only after a successful payment,

using sessions. Removing double print of status code in
case of a contract's generation failure.

3 files changed, 15 insertions, 5 deletions

diff --git a/src/frontend/fullfillment.php b/src/frontend/fullfillment.php
index ced9a183..d7677aa7 100644
--- a/src/frontend/fullfillment.php
+++ b/src/frontend/fullfillment.php
@@ -37,12 +37,12 @@ if ($_GET['backend_test'] == 'no')
 }
 
 session_start();
-$receiver = $_SESSION['receiver'];
 
-if (! $receiver)
-  echo "Please buy something before landing here!";
+
+if (! isset ($_SESSION['payment_ok']))
+  echo "Please land here after a successful payment!";
 else
-  echo "Thanks for donating to " . $receiver;
+  echo "Thanks for donating to " . $_SESSION['receiver'];
 
 ?>
 
diff --git a/src/frontend/generate_taler_contract.php b/src/frontend/generate_taler_contract.php
index 25cfc587..c71542c8 100644
--- a/src/frontend/generate_taler_contract.php
+++ b/src/frontend/generate_taler_contract.php
@@ -167,7 +167,7 @@ http_response_code ($status_code);
 // Now generate our body  
 if ($status_code != 200)
 {
-  echo "Error while generating the contract, response code: " . $status_code . "\n";
+  echo "Error while generating the contract";
 }
 else
 {
diff --git a/src/frontend/pay.php b/src/frontend/pay.php
index face8080..b5061d39 100644
--- a/src/frontend/pay.php
+++ b/src/frontend/pay.php
@@ -25,6 +25,15 @@
 
 */
 
+session_start();
+
+if (! isset($_SESSION['receiver']))
+{
+  http_response_code(400);
+  echo "Please, donate to someone before landing here!";
+  exit();
+}
+
 $cli_debug = false;
 $backend_test = true;
 
@@ -92,6 +101,7 @@ if ($status_code != 200)
 }
 else
 {
+$_SESSION['payment_ok'] = true;
 http_response_code (301);
 header("Location: http://" . $_SERVER["SERVER_NAME"] . "/fullfillment");
 die();