Commit 02be5e16 authored by Skia's avatar Skia
Browse files

Protect query on Eboutic to prevend double basket validation

parent cfbd6103
Pipeline #411 passed with stage
in 3 minutes and 53 seconds
...@@ -180,7 +180,7 @@ class EtransactionAutoAnswer(View): ...@@ -180,7 +180,7 @@ class EtransactionAutoAnswer(View):
if request.GET['Error'] == "00000": if request.GET['Error'] == "00000":
try: try:
with transaction.atomic(): with transaction.atomic():
b = Basket.objects.filter(id=request.GET['BasketID']).first() b = Basket.objects.select_for_update().filter(id=request.GET['BasketID']).first()
if b is None: if b is None:
raise SuspiciousOperation("Basket does not exists") raise SuspiciousOperation("Basket does not exists")
i = Invoice() i = Invoice()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment