Prevent double submit for recharge and renew

CHANGELOG.md

@@ -6,6 +6,7 @@
 
 - Data Tables for Customers List by @Focuslinkstech
 - Add Bills to Reminder
+- Prevent double submit for recharge and renew
 
 ## 2024.4.3
 

system/autoload/App.php

@@ -10,4 +10,20 @@ class App{
         return true;
     }
 
+    public static function getToken(){
+        return md5(microtime());
+    }
+
+    public static function setToken($token, $value){
+        $_SESSION[$token] = $value;
+    }
+
+    public static function getTokenValue($key){
+        if(isset($_SESSION[$key])){
+            return $_SESSION[$key];
+        }else{
+            return "";
+        }
+    }
+
 }

system/controllers/home.php

@@ -91,6 +91,10 @@ if (_post('send') == 'balance') {
 $ui->assign('_bills', User::_billing());
 
 if (isset($_GET['recharge']) && !empty($_GET['recharge'])) {
+    if(!empty(App::getTokenValue($_GET['stoken']))){
+        r2(U . "voucher/invoice/");
+        die();
+    }
     $bill = ORM::for_table('tbl_user_recharges')->where('id', $_GET['recharge'])->where('username', $user['username'])->findOne();
     if ($bill) {
         $router = ORM::for_table('tbl_routers')->where('name', $bill['routers'])->find_one();
@@ -100,9 +104,9 @@ if (isset($_GET['recharge']) && !empty($_GET['recharge'])) {
                 r2(U . "home", 'e', 'Plan is not exists');
             }
             if ($user['balance'] > $plan['price']) {
-                r2(U . "order/pay/$router[id]/$bill[plan_id]", 'e', 'Order Plan');
+                r2(U . "order/pay/$router[id]/$bill[plan_id]&stoken=".$_GET['stoken']);
             } else {
-                r2(U . "order/buy/$router[id]/$bill[plan_id]", 'e', 'Order Plan');
+                r2(U . "order/buy/$router[id]/$bill[plan_id]");
             }
         } else {
             r2(U . "order/buy/$router[id]/$bill[plan_id]", 'e', 'Order Plan');

system/controllers/order.php

@@ -144,6 +144,10 @@ switch ($action) {
         if ($config['enable_balance'] != 'yes') {
             r2(U . "order/package", 'e', Lang::T("Balance not enabled"));
         }
+        if (!empty(App::getTokenValue($_GET['stoken']))) {
+            r2(U . "voucher/invoice/");
+            die();
+        }
         $plan = ORM::for_table('tbl_plans')->where('enabled', '1')->find_one($routes['3']);
         if (empty($plan)) {
             r2(U . "order/package", 'e', Lang::T("Plan Not found"));
@@ -161,6 +165,7 @@ switch ($action) {
             if (Package::rechargeUser($user['id'], $router_name, $plan['id'], 'Customer', 'Balance')) {
                 // if success, then get the balance
                 Balance::min($user['id'], $plan['price'] + $add_cost);
+                App::setToken($_GET['stoken'], "success");
                 r2(U . "voucher/invoice/", 's', Lang::T("Success to buy package"));
             } else {
                 r2(U . "order/package", 'e', Lang::T("Failed to buy package"));

system/controllers/plan.php

@@ -147,6 +147,15 @@ switch ($action) {
         $server = _post('server');
         $planId = _post('plan');
         $using = _post('using');
+        $stoken = _post('stoken');
+
+        if(!empty(App::getTokenValue($stoken))){
+            $username = App::getTokenValue($stoken);
+            $in = ORM::for_table('tbl_transactions')->where('username', $username)->order_by_desc('id')->find_one();
+            Package::createInvoice($in);
+            $ui->display('invoice.tpl');
+            die();
+        }
 
         $msg = '';
         if ($id_customer == '' or $server == '' or $planId == '' or $using == '') {
@@ -182,6 +191,7 @@ switch ($action) {
                 }
                 $in = ORM::for_table('tbl_transactions')->where('username', $cust['username'])->order_by_desc('id')->find_one();
                 Package::createInvoice($in);
+                App::setToken($stoken, $cust['username']);
                 $ui->display('invoice.tpl');
                 _log('[' . $admin['username'] . ']: ' . 'Recharge ' . $cust['username'] . ' [' . $in['plan_name'] . '][' . Lang::moneyFormat($in['price']) . ']', $admin['user_type'], $admin['id']);
             } else {

system/lan/indonesia.json

@@ -410,5 +410,15 @@
     "Contact": "Kontak",
     "Paid": "Dibayar",
     "Personal": "Pribadi",
-    "Coordinates": "Koordinat"
+    "Coordinates": "Koordinat",
+    "Confirm": "Mengonfirmasi",
+    "Name": "Nama",
+    "Plan": "Paket",
+    "Using": "Menggunakan",
+    "Total": "Total",
+    "Additional_Cost": "Biaya tambahan",
+    "Resend": "Kirim ulang",
+    "Login": "Masuk",
+    "success": "Sukses",
+    "Click_Here": "Klik disini"
 }

ui/ui/recharge-confirm.tpl

@@ -81,6 +81,7 @@
                     <input type="hidden" name="plan" value="{$plan['id']}">
                     <input type="hidden" name="server" value="{$server}">
                     <input type="hidden" name="using" value="{$using}">
+                    <input type="hidden" name="stoken" value="{App::getToken()}">
                     <center>
                         <button class="btn btn-success" type="submit">{Lang::T('Recharge')}</button><br>
                         <a class="btn btn-link" href="{$_url}plan/recharge">{Lang::T('Cancel')}</a>

ui/ui/user-dashboard.tpl

@@ -183,7 +183,7 @@
                                 {/if}
                             </td>
                             <td class="small row">
-                                <a class="btn btn-primary pull-right  btn-sm" href="{$_url}home&recharge={$_bill['id']}"
+                                <a class="btn btn-primary pull-right  btn-sm" href="{$_url}home&recharge={$_bill['id']}&stoken={App::getToken()}"
                                     onclick="return confirm('{Lang::T('Recharge')}?')">{Lang::T('Recharge')}</a>
                             </td>
                         </tr>