7 files changed, 183 insertions, 146 deletions
diff --git a/src/frontend_blog/cc_payment.html b/src/frontend_blog/cc_payment.php
index fc7e887f..ec67ac61 100644
--- a/src/frontend_blog/cc_payment.html
+++ b/src/frontend_blog/cc_payment.php
@@ -4,6 +4,17 @@
   <title>Enter your details</title>
   <link rel="stylesheet" type="text/css" href="style.css">
 </head>
+<?php
+  if (!isset($_GET['article'])){
+    echo "Please select an article to buy";
+    die();
+  }
+  else {
+    session_start();
+    $_SESSION['cc_payment'] = true;
+    $article = $_GET['article'];
+    }
+?>
 
 <body>
   <header>
@@ -31,8 +42,10 @@
       Nationality<br> <input type="text"></input><br>
       Gender<br> <input type="radio" name"gender">Male</input>
              <input type="radio" name="gender">Female</input><br>
-      <input type="submit"></input>
     </form>
+    <?php
+      echo "<form method=\"post\" action=\"essay_cc_pay.php?article=$article\"><input type=\"submit\"></input></form>";
+    ?>
     </article>
   </section>
 </body>
diff --git a/src/frontend_blog/essay_cc_pay.php b/src/frontend_blog/essay_cc_pay.php
new file mode 100644
index 00000000..a0bc8ba8
--- /dev/null
+++ b/src/frontend_blog/essay_cc_pay.php
@@ -0,0 +1,22 @@
+<?php
+session_start();
+if (!$_SESSION['cc_payment'])
+{
+  echo "No session active";
+  die();
+}
+$article = $_GET['article'];
+$_SESSION['payment_ok'] = true;
+if (!isset($_SESSION['allowed_articles']))
+  $_SESSION['allowed_articles'] = array ($article => true);
+else $_SESSION['allowed_articles'] = array_merge($_SESSION['allowed_articles'], array ($article => true));
+http_response_code (301);
+// WARNING: the following construct yields non-expected forms when using URL
+// parameter in it
+//$url = (new http\URL($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST']))
+//  ->mod(array ("path" => "essay_fulfillment.php?article=$article"), http\Url::JOIN_PATH);
+$url =  'http://' . $_SERVER['HTTP_HOST'] . "/essay_fulfillment.php?article=$article";
+header("Location: " . $url);
+echo $url;
+die();
+?>
diff --git a/src/frontend_blog/essay_contract.php b/src/frontend_blog/essay_contract.php
index 4aeb8c99..265b5007 100644
--- a/src/frontend_blog/essay_contract.php
+++ b/src/frontend_blog/essay_contract.php
@@ -26,11 +26,12 @@
 include("../frontend_lib/merchants.php");
 include("./blog_lib.php");
 session_start();
-if (!isset($_SESSION['article'])){
+if (!isset($_GET['article'])){
   echo "Please land here just to buy articles";
   die();
   }
-$article = $_SESSION['article'];
+$article = $_GET['article'];
+$_SESSION['article'] = $article;
 // 2 to-do
 
 // send contract
diff --git a/src/frontend_blog/essay_fulfillment.php b/src/frontend_blog/essay_fulfillment.php
index b21e8b6d..205cffec 100644
--- a/src/frontend_blog/essay_fulfillment.php
+++ b/src/frontend_blog/essay_fulfillment.php
@@ -2,7 +2,6 @@
 
 include("./blog_lib.php");
 session_start();
-
 if (!isset($_GET['article'])){
   http_response_code(400);
   echo "No article specified";
diff --git a/src/frontend_blog/essay_pay.php b/src/frontend_blog/essay_pay.php
index 31c00bd0..c1515330 100644
--- a/src/frontend_blog/essay_pay.php
+++ b/src/frontend_blog/essay_pay.php
@@ -18,7 +18,7 @@
 /**
  * This file should:
  * 1. Check if the session is valid
- * 2. augment the deposit permission with missin values
+ * 2. augment the deposit permission with missing values
  * 3. forward payment to backend
  */
 include("../frontend_lib/merchants.php");
@@ -75,7 +75,7 @@ else
 {
   $_SESSION['payment_ok'] = true;
   if (!isset($_SESSION['allowed_articles']))
-    $_SESSION['allowed_articles'] = array ($_SESSION['article'] => true);
+    $_SESSION['allowed_articles'] = array ($article => true);
   else $_SESSION['allowed_articles'] = array_merge($_SESSION['allowed_articles'], array ($article => true));
   http_response_code (301);
   $url = (new http\URL($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']))
diff --git a/src/frontend_blog/index.html b/src/frontend_blog/index.html
index a1ad1db7..c7141b44 100644
--- a/src/frontend_blog/index.html
+++ b/src/frontend_blog/index.html
@@ -3,33 +3,9 @@
 <head>
   <title>Blog site demonstration</title>
   <link rel="stylesheet" type="text/css" href="style.css">
-  <script type="text/javascript">
-    /* @licstart  The following is the entire license notice for the
-      JavaScript code in this page.
-
-      Copyright (C) 2015 GNUnet e.V.
-
-      The JavaScript code in this page is free software: you can
-      redistribute it and/or modify it under the terms of the GNU
-      Lesser General Public License (GNU LGPL) as published by the Free Software
-      Foundation, either version 2.1 of the License, or (at your option)
-      any later version.  The code is distributed WITHOUT ANY WARRANTY;
-      without even the implied warranty of MERCHANTABILITY or FITNESS
-      FOR A PARTICULAR PURPOSE.  See the GNU LGPL for more details.
-
-      As additional permission under GNU LGPL version 2.1 section 7, you
-      may distribute non-source (e.g., minimized or compacted) forms of
-      that code without the copy of the GNU LGPL normally required by
-      section 4, provided you include this license notice and a URL
-      through which recipients can access the Corresponding Source.
-
-      @licend  The above is the entire license notice
-      for the JavaScript code in this page.
-    */
-  </script>
 </head>
 
-<body>
+<body onload="signal_taler_wallet_onload()">
   <header>
     <div id="logo">
       <svg height="100" width="100">
@@ -64,7 +40,7 @@
       <article class="articles">
         <ul style="list-style-type:none">
 	  <li>
-	    <a href="/teaser.php?article=essay-x">
+	    <a href="/cc_payment.php?article=essay-x" class="read-more" id="essay-x">
 	      <div class="teasers_item">
 	        <h3>Essay x</h3>
 	        <p>In essay x, we will ...</p>
@@ -76,4 +52,144 @@
     </section>
   </section>
 </body>
+<script type="text/javascript">
+/* @licstart  The following is the entire license notice for the
+  JavaScript code in this page.
+
+  Copyright (C) 2015 GNUnet e.V.
+
+  The JavaScript code in this page is free software: you can
+  redistribute it and/or modify it under the terms of the GNU
+  Lesser General Public License (GNU LGPL) as published by the Free Software
+  Foundation, either version 2.1 of the License, or (at your option)
+  any later version.  The code is distributed WITHOUT ANY WARRANTY;
+  without even the implied warranty of MERCHANTABILITY or FITNESS
+  FOR A PARTICULAR PURPOSE.  See the GNU LGPL for more details.
+
+  As additional permission under GNU LGPL version 2.1 section 7, you
+  may distribute non-source (e.g., minimized or compacted) forms of
+  that code without the copy of the GNU LGPL normally required by
+  section 4, provided you include this license notice and a URL
+  through which recipients can access the Corresponding Source.
+
+  @licend  The above is the entire license notice
+  for the JavaScript code in this page.
+  */
+
+/* This function is called from "taler_pay" after
+   we downloaded the JSON contract from the merchant.
+   We now need to pass it to the extension. */
+function handle_contract(json_contract)
+{
+  var cEvent = new CustomEvent('taler-contract', { detail: json_contract });
+
+  document.dispatchEvent(cEvent);
+};
+
+function taler_pay(article)
+{
+  var contract_request = new XMLHttpRequest();
+
+  /* Note that the URL we give here is specific to the Demo-shop
+     and not required by the protocol: each web shop can
+     have its own way of generating and transmitting the
+     contract, there just must be a way to get the contract
+     and to pass it to the wallet when the user selects 'Pay'. */
+  contract_request.open("GET", "essay_contract.php?article=" + article, true);
+  contract_request.onload = function (e)
+  {
+    if (contract_request.readyState == 4)
+    {
+      if (contract_request.status == 200)
+      {
+        /* display contract_requestificate (i.e. it sends the JSON string
+          to the extension) alert (contract_request.responseText); */
+	console.log("contract here");
+        console.log("response text:", contract_request.responseText);
+        handle_contract(contract_request.responseText);
+      }
+      else
+      {
+        /* There was an error obtaining the contract from the merchant,
+           obviously this should not happen. To keep it simple, we just
+           alert the user to the error. */
+        alert("Failure to download contract from merchant " +
+              "(" + contract_request.status + "):\n" +
+              contract_request.responseText);
+      }
+    }
+  };
+  contract_request.onerror = function (e)
+  {
+    /* There was an error obtaining the contract from the merchant,
+       obviously this should not happen. To keep it simple, we just
+       alert the user to the error. */
+    alert("Failure requesting the contract:\n" + contract_request.statusText);
+  };
+  contract_request.send(null);
+}
+
+/* The following event gets fired whenever a customer has a Taler
+   wallet installed in his browser. In that case, the webmaster can decide
+   whether or not to display/enable Taler as a payment option in the dialog. */
+function has_taler_wallet_cb(aEvent)
+{
+  console.log("has taler wallet");
+  // make "read more" trigger Taler payment
+  var articles_links = document.getElementsByClassName("read-more");
+  for(var i=0; i < articles_links.length; i++)
+    //console.log(link);
+    articles_links[i].setAttribute("href", "javascript:taler_pay(\"" + articles_links[i].id + "\")");
+};
+
+/* Function called when the Taler extension was unloaded;
+   here we disable the Taler option and check "Lisa", as
+   some "valid" option should always be selected. */
+function taler_wallet_unload_cb(aEvent)
+{
+  var rm = document.getElementById("read-more");
+  rm.setAttribute("href", "cc_payment.html");
+};
+
+
+/* The merchant signals its taler-friendlyness to the wallet,
+   thereby causing the wallet to make itself more visible in the menu.
+   This function should be called both when the page is loaded
+   (i.e. via body's onload) and when we receive a "taler-load" signal
+   (as the extension may be loaded/enabled after the page was loaded) */
+function signal_taler_wallet_onload()
+{
+  var eve = new Event('taler-probe');
+  document.dispatchEvent(eve);
+};
+
+
+// function included to be run to test the page despite a
+// wallet not being present in the browser.  Enables the
+// Taler option. NOT needed in real deployments.
+function test_without_wallet(){
+  var tbutton = document.getElementById("taler-radio-button-id");
+  tbutton.removeAttribute("disabled");
+};
+
+
+// /////////////// Main logic run first ////////////////////////
+
+// Register event to be triggered by the wallet as a response to our
+// first event
+document.addEventListener("taler-wallet-present",
+                          has_taler_wallet_cb,
+			  false);
+
+// Register event to be triggered by the wallet when it gets enabled while
+// the user is on the payment page
+document.addEventListener("taler-load",
+                          signal_taler_wallet_onload,
+			  false);
+
+// Register event to be triggered by the wallet when it is unloaded
+document.addEventListener("taler-unload",
+                          taler_wallet_unload_cb,
+	                  false);
+</script>
 </html>
diff --git a/src/frontend_blog/teaser.php b/src/frontend_blog/teaser.php
index 6f404f2b..ba802f50 100644
--- a/src/frontend_blog/teaser.php
+++ b/src/frontend_blog/teaser.php
@@ -45,119 +45,5 @@ $teaser = $doc->getElementById("teaser");
 	<br><a href="cc_payment.html" id="read-more">read more</a>
 
 </body>
-<script>
-/* This function is called from "taler_pay" after
-   we downloaded the JSON contract from the merchant.
-   We now need to pass it to the extension. */
-function handle_contract(json_contract)
-{
-  var cEvent = new CustomEvent('taler-contract', { detail: json_contract });
 
-  document.dispatchEvent(cEvent);
-};
-
-function taler_pay()
-{
-  var contract_request = new XMLHttpRequest();
-
-  /* Note that the URL we give here is specific to the Demo-shop
-     and not required by the protocol: each web shop can
-     have its own way of generating and transmitting the
-     contract, there just must be a way to get the contract
-     and to pass it to the wallet when the user selects 'Pay'. */
-  contract_request.open("GET", "essay_contract.php", true);
-  contract_request.onload = function (e)
-  {
-    if (contract_request.readyState == 4)
-    {
-      if (contract_request.status == 200)
-      {
-        /* display contract_requestificate (i.e. it sends the JSON string
-          to the extension) alert (contract_request.responseText); */
-	console.log("contract here");
-        console.log("response text:", contract_request.responseText);
-        handle_contract(contract_request.responseText);
-      }
-      else
-      {
-        /* There was an error obtaining the contract from the merchant,
-           obviously this should not happen. To keep it simple, we just
-           alert the user to the error. */
-        alert("Failure to download contract from merchant " +
-              "(" + contract_request.status + "):\n" +
-              contract_request.responseText);
-      }
-    }
-  };
-  contract_request.onerror = function (e)
-  {
-    /* There was an error obtaining the contract from the merchant,
-       obviously this should not happen. To keep it simple, we just
-       alert the user to the error. */
-    alert("Failure requesting the contract:\n" + contract_request.statusText);
-  };
-  contract_request.send(null);
-}
-
-/* The following event gets fired whenever a customer has a Taler
-   wallet installed in his browser. In that case, the webmaster can decide
-   whether or not to display/enable Taler as a payment option in the dialog. */
-function has_taler_wallet_cb(aEvent)
-{
-  console.log("has taler wallet");
-  // make "read more" trigger Taler payment
-  var rm = document.getElementById("read-more");
-  rm.setAttribute("href", "javascript:taler_pay();");
-};
-
-/* Function called when the Taler extension was unloaded;
-   here we disable the Taler option and check "Lisa", as
-   some "valid" option should always be selected. */
-function taler_wallet_unload_cb(aEvent)
-{
-  var rm = document.getElementById("read-more");
-  rm.setAttribute("href", "cc_payment.html");
-};
-
-
-/* The merchant signals its taler-friendlyness to the wallet,
-   thereby causing the wallet to make itself more visible in the menu.
-   This function should be called both when the page is loaded
-   (i.e. via body's onload) and when we receive a "taler-load" signal
-   (as the extension may be loaded/enabled after the page was loaded) */
-function signal_taler_wallet_onload()
-{
-  var eve = new Event('taler-probe');
-  document.dispatchEvent(eve);
-};
-
-
-// function included to be run to test the page despite a
-// wallet not being present in the browser.  Enables the
-// Taler option. NOT needed in real deployments.
-function test_without_wallet(){
-  var tbutton = document.getElementById("taler-radio-button-id");
-  tbutton.removeAttribute("disabled");
-};
-
-
-// /////////////// Main logic run first ////////////////////////
-
-// Register event to be triggered by the wallet as a response to our
-// first event
-document.addEventListener("taler-wallet-present",
-                          has_taler_wallet_cb,
-			  false);
-
-// Register event to be triggered by the wallet when it gets enabled while
-// the user is on the payment page
-document.addEventListener("taler-load",
-                          signal_taler_wallet_onload,
-			  false);
-
-// Register event to be triggered by the wallet when it is unloaded
-document.addEventListener("taler-unload",
-                          taler_wallet_unload_cb,
-	                  false);
-</script>
 </html>