[fixes] serverside validation in web form

frappe/__init__.py

@@ -1248,9 +1248,9 @@ def logger(module=None, with_more_info=True):
 	from frappe.utils.logger import get_logger
 	return get_logger(module or 'default', with_more_info=with_more_info)
 
-def log_error(message, title=None):
+def log_error(message=None, title=None):
 	'''Log error to Error Log'''
-	get_doc(dict(doctype='Error Log', error=str(message),
+	get_doc(dict(doctype='Error Log', error=str(message or get_traceback()),
 		method=title)).insert(ignore_permissions=True)
 
 def get_desk_link(doctype, name):

frappe/integration_broker/doctype/integration_service/integration_service.py

@@ -56,6 +56,7 @@ class IntegrationService(Document):
 
 			return res.json()
 		except Exception, exc:
+			frappe.log_error()
 			raise exc
 
 	def put_request(url, auth=None, data=None):

frappe/templates/generators/web_form.html

@@ -276,14 +276,14 @@
 					</div>
 					{% endfor %}
 			</div>
-			{% if last_page and accept_payment and payment_url %}
+			{% if last_page and accept_payment %}
 			<div class="well payment-details">
 				{% if not doc.paid %}
 					{% if payment_button_help %}
 					<div class='text-muted' style='padding-bottom: 15px;'>
 						{{ payment_button_help }}</div>
 					{% endif %}
-					<a class="btn btn-primary btn-payment" href="{{ payment_url }}">
+					<a class="btn btn-primary btn-payment">
 						{{ payment_button_label }}</a>
 				{% else %}
 					<div>{{ _("Payment Complete") }}</div>
@@ -418,11 +418,7 @@ frappe.ready(function() {
 
 	// allow payment only if
 	$('.btn-payment').on('click', function() {
-		var data = get_data();
-		if(frappe.mandatory_missing.length) {
-			show_mandatory_missing();
-			return false;
-		}
+		save(true);
 	});
 
 	// change attach
@@ -594,7 +590,7 @@ frappe.ready(function() {
 		return out;
 	}
 
-	function save() {
+	function save(for_payment) {
 		if(window.saving)
 			return;
 		window.saving = true;
@@ -602,7 +598,8 @@ frappe.ready(function() {
 
 		if(frappe.file_reading) {
 			window.saving = false;
-			frappe.msgprint("Reading file, please retry.");
+			frappe.msgprint(__("Uploading files please wait for a few seconds."));
+			throw 'reading files';
 			return;
 		}
 
@@ -610,6 +607,7 @@ frappe.ready(function() {
 		if(frappe.allow_incomplete && frappe.mandatory_missing.length) {
 			window.saving = false;
 			show_mandatory_missing();
+			throw 'mandatory missing';
 			return;
 		}
 
@@ -618,7 +616,8 @@ frappe.ready(function() {
 			method: "frappe.website.doctype.web_form.web_form.accept",
 			args: {
 				data: data,
-				web_form: frappe.web_form_name
+				web_form: frappe.web_form_name,
+				for_payment: for_payment
 			},
 			freeze: true,
 			btn: $form.find("[type='submit']"),
@@ -636,6 +635,11 @@ frappe.ready(function() {
 					if(frappe.is_new) {
 						window.location.href = window.location.pathname + "?name=" + frappe.doc_name;
 					}
+					if(for_payment && data.message) {
+						window.location.href = data.message;
+					}
+			    } else {
+					set_message(__('Not Saved'));
 			    }
 		    },
             always: function() {

frappe/website/doctype/web_form/web_form.py

@@ -155,7 +155,6 @@ def get_context(context):
 				"<br>").replace("'", "\'")
 
 		self.add_custom_context_and_script(context)
-		self.add_payment_gateway_url(context)
 		if not context.max_attachment_size:
 			context.max_attachment_size = get_max_file_size() / 1024 / 1024
 
@@ -195,27 +194,27 @@ def get_context(context):
 		if self.web_form_module and hasattr(self.web_form_module, 'get_list_context'):
 			self.web_form_module.get_list_context(context)
 
-	def add_payment_gateway_url(self, context):
-		if context.doc and self.accept_payment:
+	def get_payment_gateway_url(self, doc):
+		if self.accept_payment:
 			controller = get_integration_controller(self.payment_gateway)
 
-			title = "Payment for {0} {1}".format(context.doc.doctype, context.doc.name)
+			title = "Payment for {0} {1}".format(doc.doctype, doc.name)
 
 			payment_details = {
 				"amount": self.amount,
 				"title": title,
 				"description": title,
-				"reference_doctype": context.doc.doctype,
-				"reference_docname": context.doc.name,
+				"reference_doctype": doc.doctype,
+				"reference_docname": doc.name,
 				"payer_email": frappe.session.user,
 				"payer_name": frappe.utils.get_fullname(frappe.session.user),
-				"order_id": context.doc.name,
+				"order_id": doc.name,
 				"currency": self.currency,
 				"redirect_to": frappe.utils.get_url(self.route)
 			}
 
 			# Redirect the user to this url
-			context.payment_url = controller.get_payment_url(**payment_details)
+			return controller.get_payment_url(**payment_details)
 
 	def add_custom_context_and_script(self, context):
 		'''Update context from module if standard and append script'''
@@ -303,9 +302,21 @@ def get_context(context):
 		else:
 			self.web_form_module = None
 
+	def validate_mandatory(self, doc):
+		'''Validate mandatory web form fields'''
+		missing = []
+		for f in self.web_form_fields:
+			if f.reqd and doc.get(f.fieldname) in (None, []):
+				missing.append(f)
+
+		if missing:
+			frappe.throw(_('Mandatory Information missing:') + '<br><br>'
+				+ '<br>'.join([d.label for d in missing]))
+
 
 @frappe.whitelist(allow_guest=True)
-def accept(web_form, data):
+def accept(web_form, data, for_payment=False):
+	'''Save the web form'''
 	data = frappe._dict(json.loads(data))
 	files = []
 	files_to_delete = []
@@ -342,6 +353,9 @@ def accept(web_form, data):
 
 		doc.set(fieldname, value)
 
+	if for_payment:
+		web_form.validate_mandatory(doc)
+
 	if doc.name:
 		if has_web_form_permission(doc.doctype, doc.name, "write"):
 			doc.save(ignore_permissions=True)
@@ -379,7 +393,12 @@ def accept(web_form, data):
 			if f:
 				remove_file_by_url(f, doc.doctype, doc.name)
 
-	return doc.name
+	frappe.flags.web_form_doc = doc
+
+	if for_payment:
+		return web_form.get_payment_gateway_url(doc)
+	else:
+		return doc.name
 
 @frappe.whitelist()
 def delete(web_form, name):