101 lines
3.3 KiB

# Simple event ticketing system
# Generate QR codes, share to attendees
# Each ticket can be used only once
import random, string, qrcode, os.path, time, re
from pathlib import Path
from flask import Flask, request, escape
# Domain name for the service
domain = ""
# Generate QR code and save to file
def gen_qr(qdata, qid):
data = qdata
filename = qid + ".png"
img = qrcode.make(data)
# Generate random string
def random_string(length):
letters = string.ascii_lowercase
return ''.join(random.choice(letters) for i in range(length))
# Burn QR (filename touch with _burned)
def burn_qr(ticket):
# Allow burning only when event starts,
now = int( time.time() )
if now < 1670223600:
return "The time has not come yet."
# Burning if the event is open
ticket = str(ticket)
if os.path.exists(ticket+".png"+"_burned") == True:
return "Problem: you can't reuse tickets! Call the organizers if you think this is a mistake or incident."
if os.path.exists(ticket+".png") == True:
print(ticket + " burned!")
# Idea: add NFT minting here
return "Ticket burned, get you swagz! Welcome to PMC!"
print("Ticket NOT found!")
return "Ticket NOT found!"
# Generate the tickets and save them to tickets.txt
def generate_tickets(amount):
ticket_file = open("tickets.txt", "w")
for x in range(amount):
rand_val = random_string(16)
# Save logs
ticket_val = "https://" + domain + "/ticket?id=" + rand_val
print("Ticket: " + ticket_val)
ticket_file.write(ticket_val + " \n")
# Generate the QR code image files
gen_qr(ticket_val, rand_val)
# Cleanup ticketing system
# TODO, dangerously removing all files listed in tickets.txt, needs validation/verification/etc
#def ticket_cleanup():
# surely = input("Are you sure you want to remove all .png, _burned and tickets.txt files from this directory? [y/n] ")
# if surely == "y":
# import subprocess
# ticket_file = open("tickets.txt", "r")
# Lines = ticket_file.readlines()
# for line in Lines:
# line = line.strip()
#["rm", line])
# line = line + "_burned"
#["rm", line])
#["rm", "tickets.txt"])
# Web service
app = Flask(__name__)
def r00t():
ticket_id = escape(request.args.get('id'))
ticket_id = re.sub('[^a-zA-Z0-9]', '', ticket_id) # Whitelist based XSS Protection
return "<html><body><h2>PMC ticketing system, click to <a href=\"/ticket/burn?id=" + ticket_id + "\">burn</a>!</h2></body></html>"
return "PMC ticketing system: id missing from parameter."
def burn():
burn_id = request.args.get('id')
return "<html><body><h2>" + burn_qr(burn_id) + "</h2></body></html>"
if __name__ == '__main__':,host='', port=8686)
# Functionalities for testing / alternatively: API
# random_string(16)
# gen_qr("test")
# generate_tickets(5)
# burn_qr("123456789")
# ticket_cleanup()