Update app.py

app.py

@@ -1,7 +1,5 @@
-#!/usr/bin/env python3
 
 import os
-from flask import Flask, request, Response, render_template_string, jsonify, redirect, url_for
 import hmac
 import hashlib
 import json
@@ -11,11 +9,13 @@ from datetime import datetime
 import logging
 import threading
 import random
-import pytz # Import pytz for timezone handling
-import uuid # For generating unique invoice IDs
-
+import pytz
+import uuid
+from flask import Flask, request, Response, render_template_string, jsonify, redirect, url_for
 from huggingface_hub import HfApi, hf_hub_download
 from huggingface_hub.utils import RepositoryNotFoundError
+from PIL import Image
+import io
 
 BOT_TOKEN = os.getenv("BOT_TOKEN", "7835463659:AAGNePbelZIAOeaglyQi1qulOqnjs4BGQn4")
 HOST = '0.0.0.0'
@@ -27,19 +27,17 @@ HF_DATA_FILE_PATH = "data.json"
 HF_TOKEN_WRITE = os.getenv("HF_TOKEN_WRITE")
 HF_TOKEN_READ = os.getenv("HF_TOKEN_READ")
 
-# Define Bishkek timezone
 BISHKEK_TZ = pytz.timezone('Asia/Bishkek')
 
 app = Flask(__name__)
-logging.basicConfig(level=logging.INFO)
+logging.basicConfig(level=logging.ERROR)
 app.secret_key = os.urandom(24)
 
 _data_lock = threading.Lock()
-visitor_data_cache = {} # This will store all data, including organization details
+visitor_data_cache = {}
 
 def generate_unique_id(all_data):
     while True:
-        # Check against both client IDs and invoice IDs
         new_id = str(random.randint(10000, 99999))
         if new_id not in all_data:
             return new_id
@@ -47,10 +45,8 @@ def generate_unique_id(all_data):
 def download_data_from_hf():
     global visitor_data_cache
     if not HF_TOKEN_READ:
-        logging.warning("HF_TOKEN_READ not set. Skipping Hugging Face download.")
         return False
     try:
-        logging.info(f"Attempting to download {HF_DATA_FILE_PATH} from {REPO_ID}...")
         hf_hub_download(
             repo_id=REPO_ID,
             filename=HF_DATA_FILE_PATH,
@@ -61,41 +57,33 @@ def download_data_from_hf():
             force_download=True,
             etag_timeout=10
         )
-        logging.info("Data file successfully downloaded from Hugging Face.")
         with _data_lock:
             try:
                 with open(DATA_FILE, 'r', encoding='utf-8') as f:
                     visitor_data_cache = json.load(f)
-                logging.info("Successfully loaded downloaded data into cache.")
-            except (FileNotFoundError, json.JSONDecodeError) as e:
-                 logging.error(f"Error reading downloaded data file: {e}. Starting with empty cache.")
+            except (FileNotFoundError, json.JSONDecodeError):
                  visitor_data_cache = {}
         return True
     except RepositoryNotFoundError:
-        logging.error(f"Hugging Face repository '{REPO_ID}' not found. Cannot download data.")
-    except Exception as e:
-        logging.error(f"Error downloading data from Hugging Face: {e}")
+        pass
+    except Exception:
+        pass
     return False
 
 def load_visitor_data():
     global visitor_data_cache
     with _data_lock:
-        if not visitor_data_cache: # Only load from file if cache is empty
+        if not visitor_data_cache:
             try:
                 with open(DATA_FILE, 'r', encoding='utf-8') as f:
                     visitor_data_cache = json.load(f)
-                logging.info("Visitor data loaded from local JSON.")
             except FileNotFoundError:
-                logging.warning(f"{DATA_FILE} not found locally. Starting with empty data.")
-                visitor_data_cache = {"organization_details": {}} # Initialize with empty org details
+                visitor_data_cache = {"organization_details": {}}
             except json.JSONDecodeError:
-                logging.error(f"Error decoding {DATA_FILE}. Starting with empty data.")
                 visitor_data_cache = {"organization_details": {}}
-            except Exception as e:
-                logging.error(f"Unexpected error loading visitor data: {e}")
+            except Exception:
                 visitor_data_cache = {"organization_details": {}}
         
-        # Ensure organization_details key exists
         if "organization_details" not in visitor_data_cache:
             visitor_data_cache["organization_details"] = {}
 
@@ -104,42 +92,16 @@ def load_visitor_data():
 def save_visitor_data(data):
     with _data_lock:
         try:
-            # When `data` is a dictionary, update it directly.
-            # If `data` is a partial update for `visitor_data_cache`, merge it.
-            # For simplicity, this function now assumes `data` is the complete `visitor_data_cache`
-            # or a mergeable dictionary that should be applied to the cache before saving.
-            # Given current usage, it's typically `save_visitor_data({user_id: user_entry})`
-            # or `save_visitor_data({"organization_details": new_org_details})` etc.
-            # It should ideally update the global `visitor_data_cache` and then dump it.
-
-            # This line needs to be careful: if `data` is a single user, it overwrites.
-            # It's better to update specific parts of the cache or always pass the full cache.
-            # Let's adjust existing call sites to pass the full `all_data` after modification.
-            # For now, let's assume `data` is what needs to be *merged* into `visitor_data_cache`
-            # or `data` IS the new `visitor_data_cache`.
-            
-            # A more robust approach for `save_visitor_data` would be:
-            # 1. Take a user_id and user_data to update a specific user
-            # 2. Take an org_details dict to update org details
-            # 3. Then, always dump the *entire* `visitor_data_cache`.
-
-            # Simpler change for existing code:
-            # Ensure `visitor_data_cache` is directly modified by operations,
-            # and `save_visitor_data` just dumps the current `visitor_data_cache`.
-
             with open(DATA_FILE, 'w', encoding='utf-8') as f:
                 json.dump(visitor_data_cache, f, ensure_ascii=False, indent=4)
-            logging.info(f"Visitor data successfully saved to {DATA_FILE}.")
             upload_data_to_hf_async()
-        except Exception as e:
-            logging.error(f"Error saving visitor data: {e}")
+        except Exception:
+            pass
 
 def upload_data_to_hf():
     if not HF_TOKEN_WRITE:
-        logging.warning("HF_TOKEN_WRITE not set. Skipping Hugging Face upload.")
         return
     if not os.path.exists(DATA_FILE):
-        logging.warning(f"{DATA_FILE} does not exist. Skipping upload.")
         return
 
     try:
@@ -147,10 +109,8 @@ def upload_data_to_hf():
         with _data_lock:
              file_content_exists = os.path.getsize(DATA_FILE) > 0
              if not file_content_exists:
-                 logging.warning(f"{DATA_FILE} is empty. Skipping upload.")
                  return
 
-             logging.info(f"Attempting to upload {DATA_FILE} to {REPO_ID}/{HF_DATA_FILE_PATH}...")
              api.upload_file(
                  path_or_fileobj=DATA_FILE,
                  path_in_repo=HF_DATA_FILE_PATH,
@@ -159,9 +119,8 @@ def upload_data_to_hf():
                  token=HF_TOKEN_WRITE,
                  commit_message=f"Update bonus data {datetime.now(BISHKEK_TZ).strftime('%Y-%m-%d %H:%M:%S')}"
              )
-        logging.info("Bonus data successfully uploaded to Hugging Face.")
-    except Exception as e:
-        logging.error(f"Error uploading data to Hugging Face: {e}")
+    except Exception:
+        pass
 
 def upload_data_to_hf_async():
      upload_thread = threading.Thread(target=upload_data_to_hf, daemon=True)
@@ -169,11 +128,9 @@ def upload_data_to_hf_async():
 
 def periodic_backup():
      if not HF_TOKEN_WRITE:
-         logging.info("Periodic backup disabled: HF_TOKEN_WRITE not set.")
          return
      while True:
          time.sleep(3600)
-         logging.info("Initiating periodic backup...")
          upload_data_to_hf()
 
 def verify_telegram_data(init_data_str):
@@ -196,13 +153,12 @@ def verify_telegram_data(init_data_str):
             auth_date = int(parsed_data.get('auth_date', [0])[0])
             current_time = int(time.time())
             if current_time - auth_date > 86400:
-                 logging.warning(f"Telegram InitData is older than 24 hours (Auth Date: {auth_date}, Current: {current_time}).")
+                 pass
             return parsed_data, True
         else:
-            logging.warning(f"Data verification failed. Calculated: {calculated_hash}, Received: {received_hash}")
+            pass
             return parsed_data, False
-    except Exception as e:
-        logging.error(f"Error verifying Telegram data: {e}")
+    except Exception:
         return None, False
 
 TEMPLATE = """
@@ -255,7 +211,7 @@ TEMPLATE = """
         .header {
             text-align: left;
             padding: var(--padding-m) 0;
-            margin-bottom: 0; /* Adjusted for nav buttons */
+            margin-bottom: 0;
         }
         .logo {
             font-size: 2.5em;
@@ -296,12 +252,12 @@ TEMPLATE = """
             box-shadow: 0 2px 10px rgba(255,193,7,0.3);
         }
         .content-section {
-            display: none; /* Hidden by default */
+            display: none;
             flex-direction: column;
             gap: var(--padding-m);
         }
         .content-section.active {
-            display: flex; /* Shown when active */
+            display: flex;
         }
         .card-grid {
             display: grid;
@@ -365,7 +321,7 @@ TEMPLATE = """
             padding: 4px 10px;
             border-radius: 8px;
         }
-        .history-section, .invoices-section, .business-card-section {
+        .history-section, .invoices-section, .business-card-section, .ton-wallet-section {
             background-color: var(--card-bg);
             border-radius: var(--border-radius);
             padding: var(--padding-l);
@@ -373,7 +329,7 @@ TEMPLATE = """
             flex-direction: column;
             gap: var(--padding-m);
         }
-        .history-title, .invoices-title, .business-card-title {
+        .history-title, .invoices-title, .business-card-title, .ton-wallet-title {
             font-size: 1.4em;
             font-weight: 700;
             padding-bottom: var(--padding-m);
@@ -407,26 +363,25 @@ TEMPLATE = """
             padding: 2rem 0;
         }
 
-        /* Business Card Styles */
-        .business-card-item {
+        .business-card-item, .ton-wallet-item {
             margin-bottom: 10px;
         }
-        .business-card-label {
+        .business-card-label, .ton-wallet-label {
             font-weight: 500;
             color: var(--text-secondary-color);
             margin-bottom: 4px;
         }
-        .business-card-value {
+        .business-card-value, .ton-wallet-value {
             font-size: 1.1em;
             font-weight: 600;
             color: var(--text-color);
         }
-        .business-card-value a {
+        .business-card-value a, .ton-wallet-value a {
             color: var(--brand-yellow);
             text-decoration: none;
-            word-break: break-all; /* For long URLs */
+            word-break: break-all;
         }
-        .business-card-value a:hover {
+        .business-card-value a:hover, .ton-wallet-value a:hover {
             text-decoration: underline;
         }
         .business-card-phone-list {
@@ -456,7 +411,6 @@ TEMPLATE = """
             width: 20px;
         }
         
-        /* Invoice Detail Modal */
         .modal {
             display: none;
             position: fixed;
@@ -546,6 +500,64 @@ TEMPLATE = """
         .invoice-total-display span:last-child {
              color: var(--brand-yellow);
         }
+
+        .ton-wallet-connect-btn, .ton-wallet-disconnect-btn {
+            background-color: var(--brand-yellow);
+            color: var(--brand-black);
+            padding: 12px 20px;
+            border: none;
+            border-radius: 12px;
+            font-family: var(--font-family);
+            font-weight: 700;
+            font-size: 1.1em;
+            cursor: pointer;
+            width: 100%;
+            box-shadow: 0 4px 15px rgba(255,193,7,0.4);
+            transition: background-color 0.2s, box-shadow 0.2s;
+        }
+        .ton-wallet-disconnect-btn {
+            background-color: var(--brand-red);
+            color: var(--text-color);
+            box-shadow: 0 4px 15px rgba(244,67,54,0.4);
+            margin-top: 10px;
+        }
+        .ton-wallet-connect-btn:hover { background-color: #e0a800; box-shadow: 0 6px 20px rgba(255,193,7,0.5); }
+        .ton-wallet-disconnect-btn:hover { background-color: #d32f2f; box-shadow: 0 6px 20px rgba(244,67,54,0.5); }
+
+        .ton-wallet-details {
+            background-color: #2a2a2a;
+            border-radius: var(--border-radius);
+            padding: var(--padding-m);
+            margin-top: var(--padding-m);
+        }
+        .ton-wallet-detail-item {
+            display: flex;
+            justify-content: space-between;
+            padding: 8px 0;
+            border-bottom: 1px solid rgba(255,255,255,0.05);
+        }
+        .ton-wallet-detail-item:last-child { border-bottom: none; }
+        .ton-wallet-label-small {
+            font-size: 0.9em;
+            color: var(--text-secondary-color);
+        }
+        .ton-wallet-value-small {
+            font-size: 1em;
+            font-weight: 600;
+            color: var(--text-color);
+            word-break: break-all;
+            text-align: right;
+        }
+        .ton-wallet-value-small.balance {
+            color: var(--brand-yellow);
+            font-size: 1.2em;
+        }
+        .ton-status-message {
+            text-align: center;
+            color: var(--text-secondary-color);
+            margin-top: 10px;
+            font-size: 0.9em;
+        }
     </style>
 </head>
 <body>
@@ -558,6 +570,7 @@ TEMPLATE = """
         <nav class="nav-buttons">
             <button class="nav-btn active" data-target="dashboard-section">Главная</button>
             <button class="nav-btn" data-target="invoices-section">Накладные</button>
+            <button class="nav-btn" data-target="ton-wallet-section">TON Кошелек</button>
             <button class="nav-btn" data-target="business-card-section">Визитка</button>
         </nav>
 
@@ -627,6 +640,27 @@ TEMPLATE = """
             </section>
         </div>
 
+        <div id="ton-wallet-section" class="content-section">
+            <section class="ton-wallet-section">
+                <h2 class="ton-wallet-title">TON Кошелек</h2>
+                <div id="tonWalletContent">
+                    <p id="tonStatusMessage" class="ton-status-message">Подключение...</p>
+                    <button id="connectTonWalletBtn" class="ton-wallet-connect-btn" style="display: none;">Подключить TON Кошелек</button>
+                    <div id="walletDetails" class="ton-wallet-details" style="display: none;">
+                        <div class="ton-wallet-detail-item">
+                            <span class="ton-wallet-label-small">Адрес кошелька:</span>
+                            <span id="walletAddress" class="ton-wallet-value-small"></span>
+                        </div>
+                        <div class="ton-wallet-detail-item">
+                            <span class="ton-wallet-label-small">Баланс TON:</span>
+                            <span id="walletBalance" class="ton-wallet-value-small balance"></span>
+                        </div>
+                    </div>
+                    <button id="disconnectTonWalletBtn" class="ton-wallet-disconnect-btn" style="display: none;">Отключить кошелек</button>
+                </div>
+            </section>
+        </div>
+
         <div id="business-card-section" class="content-section">
             <section class="business-card-section">
                 <h2 class="business-card-title">Визитка организации</h2>
@@ -642,7 +676,7 @@ TEMPLATE = """
                                 {% for phone in org_details.phone_numbers %}
                                     <li class="business-card-phone-item">
                                         <a href="tel:{{ phone }}">
-                                            <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAyNCAyNCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSJjdXJyZW50Q29sb3IiIHN0cm9rZS13aWR0aD0iMiIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIj48cGF0aCBkPSJtMjIuMDIyIDEuOTY3LTMuMDkgMy41MjNhOC40OCA4LjQ4IDAgMCAwLTEzLjA5OSAwTDEuOTc4IDEuOTY3Yy0uOTc0LTEuMTA3LTIuNTI1LS40MS0yLjUxMiAxLjAzNXYxOC44NjhjLjAwMSAxLjQ0NSAxLjUyOCAyLjEzNiAyLjQ4OCAxLjAzN2wzLjA5LTMuNTIzYTEwLjE2IDEwLjE2IDAgMCAwIDEzLjA5OSAwbDMuMDkgMy41MjNjLjk3NCAxLjEwNyAyLjUyNS40MSAyLjUxMi0xLjAzN1YyLjAwMWMtLjAwMS0xLjQ0NS0xLjUyOC0yLjEzNi0yLjQ4OC0xLjAzN3oiLz48cGF0aCBkPSJtNy41IDIuOTc2YzEuMjI1LjA2MSAyLjQ1LjA5MSAzLjY3NS4wOTFzMi40NS0uMDMxIDMuNjc1LS4wOTFjLjY4Ny0uMDM0IDEuNDMzLjMyNSAxLjcwOS43NDdsMS40NzMgMS42NzhjLjQ5LjU1Ny44MzcgMS4yNjcuODk5IDIuMDgzLjA0MS41NTEuMDYyIDEuMS4wNjIgMS42NnYxLjUwNGMwIC43NzUtLjE3IDEuNTUzLS41MDggMi4yMzMtLjQ3Mi45MjUtMS4xMTcgMS43NDgtMS45MzUgMi4zODhsLS4xMzQuMTA1Yy0uNzU0LjU4My0xLjY0Ny45NzUtMi41NjIgMS4xODQtLjYwMi4xMzYtMS4wMDkuMjA4LTEuNzI1LjIwOC0xLjExNSAwLjc1NC0uMTUzIDMuNjgyLS4xNTMgNS41NDJzLjE1NCA0Ljc4Ni4xNTMgNS41NDJjLjAwMi0uNjU3LS4wNzgtMS4yNy0uMjItMS44MjQtLjE0OC0uNTU4LS40MTctMS4wODgtLjc2NC0xLjU1MS0uNjMyLS44NDUtMS40NDctMS41NTctMi40MTItMi4wNjItLjk2My0uNTA3LTEuOTk0LS44Mi0zLjA0Ni0uOTUyLS44MTMt.MTA0LTEuNTcxLS4xNDUtMi4zMzgtLjA5OS0uNjk0LjAxMS0xLjMzNy4xMDYtMS45MjQuMjg1LS41ODkuMTg0LTEuMTI2LjQyMS0xLjYwMS42OTMtLjQ3Ni4yNzMtLjkwNi41NzQtMS4yOTcuODktLjM4OC4zMTQtLjc0My42NDctMS4wNjcuOTk4LS4zMjYuMzUzLS42NDYuNzIyLS45NTkuMTA1OS0uMzEzLjMyOC0uNjIuNjUzLS45MjEuOTc1LS4yOTQuMzExLS41NzYuNjIzLS44NDQuOTMyLS4yNy4zMDktLjUyMy42MTctLjc1Ny45MTgtLjE5Ny4yNTQtLjM2MS40OTMtLjQ4MS43MjUtLjExOS4yMzItLjE4NS40NTItLjE5My41OTMtLjAwOS4xNDUtLjAxNC4yOTMtLjAxNi40NDF2MS43NmMwIC41NzYtLjE3NSAxLjEyMi0uNDQ3IDEuNTYtLjIyNy4zOTMtLjU2NS41OTktMS4wMTkuNTk5LTEuMTg2LS4wMDEtMS45OTYtMS4zOTctMi4yOTYtMi44NDItLjMyMy0xLjU1OC0uMzIzLTQuNTY5LS4zMjMtNi40MTFzLjAxNS00Ljg1NC4zMjMtNi40MTJjLjI5OS0xLjQ0NSAxLjExLTIuODQxIDIuMjk2LTIuODQyLjQ1NC4wMDcuNzgxLjI1OSAxLjAxOS42MDkuMjE1LjMzNC4zMjMuNzMuMzIzIDEuMTQ3di45NWMuMDMgMS4zMTQtLjAxNSAyLjYxLS4xNDcgMy44NzUtLjEwNiAxLjAzLS4yMzQgMi4wNDYtLjM1MSAyLjk5NmwuNTkzLS4zNzljLjMyNi0uMjA2LjY4Mi0uMzgxIDEuMDQ5LS41NzEuMzg2LS4xOTcgLjc5LS4zNjUgMS4xOTQtLjQ5NC40MDUtLjEyOS43ODctLjIzMyAxLjEyOC0uMjkwLjM0Mi0uMDU4LjYwNC0uMDc0Ljc4Mi0uMDQ3WiIvPjwvc3ZnPg==">
+                                            <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAyNCAyNCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSJjdXJyZW50Q29sb3IiIHN0cm9rZS13aWR0aD0iMiIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIj48cGF0aCBkPSJtMjIuMDIyIDEuOTY3LTMuMDkgMy41MjNhOC40OCA4LjQ4IDAgMCAwLTEzLjA5OSAwTDEuOTc4IDEuOTY3Yy0uOTc0LTEuMTA3LTIuNTI1LS40MS0yLjUxMiAxLjAzNXYxOC44NjhjLjAwMSAxLjQ0NSAxLjUyOCAyLjEzNiAyLjQ4OCAxLjAzN2wzLjA5LTMuNTIzYTEw.xNi0uNzc4LS4wNzIuOTc0LjI3NSAxLjc2OC41NzIgMi4zNzUuODcxLjMwNS4xNS41NzcuMzEuNzk0LjQ1MS4yMTQuMTQzLjMyNC4yMi4zMjQuMjIuMDg2LS4yNzguMjYzLS42MS40NzYtLjkxMy4wNjItLjA4OC4xMzQtLjE4NS4yMTUtLjI4OC41MTQtLjY2MiAxLjExLS44NzUgMS44MS0uNTMxLjY0NC4zMTEgMS4xNzcuOCAxLjczMiAxLjUyLjQ3NS42ODkuOTUgMS4zNzkgMS40MjUgMi4wNzcuMzYzLjU1LjY4IDEuMDcuOTU3IDEuNTUzLjY1MiAxLjE0OSAxLjEzOCAxLjgxMiAxLjQ1MiAyLjEyNi40NzYuNDg3Ljg2LjgyNyAxLjI0MyAxLjA5Ni43NDEuNTIzIDEuNDg1LjkzNCAyLjIzNSAxLjIxMS43NDcuMjc0IDEuNDU1LjQ4NCAyLjExMy42MzYuNTY3LjEzIDEuMTU0LjE4MiAxLjczLjE1LjcxNC0uMDM1IDEuNDEtLjI0MyAxLjk3LS41Ny41ODEtLjMzOCAxLjA1NS0uODI5IDEuMzk3LTEuMzU1LjExOS0uMTc1LjIwMi0uMzguMjUtLjU4My4wNDctLjE4OS4wNjctLjM4OS4wNi0uNTkzWiIvPjwvc3ZnPg==">
                                             {{ phone }}
                                         </a>
                                     </li>
@@ -661,7 +695,7 @@ TEMPLATE = """
                         <div class="business-card-value">
                             {% if org_details.whatsapp_link %}
                                 <a href="{{ org_details.whatsapp_link }}" target="_blank">
-                                    <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxNiIgaGVpZ2h0PSIxNiIgZmlsbD0iI2ZmZiIgY2xhc3M9ImJpIGJpLXdoYXRzYXBwIiB2aWV3Qm94PSIwIDAgMTYgMTYiPjxwYXRoIGQ9Ik0xMy42NzYgMS40NTJBMTAuNTE1IDEwLjUxNSAwIDAgMCA3Ljg4MyAwQzMuNTEgMCAuMDYzIDMuNDQuMDYzIDcuNjU0YzAgMS40MS4zNDcgMi44NjIgLjk2NiA0LjExOC4wNC4wNy4wNjYuMTc2LjA3My4yOTlsLjA2NSAxLjg5MmExLjIzMyAxLjIzMyAwIDAgMCAxLjU1MyAxLjQ1NmwxLjg4Ljc4Yy4xMzYuMDU2LjI3Ni4wOTYuNDI4LjE3MiAxLjI1Ni42NjggMi42MTQuOTgyIDQuMDQ4Ljk4MiA0LjM3MiAwIDcuOTEtMy40NCA3LjkxLTcuNjU0IDAtMi4wNDItLjg1LTMuOTY1LTIuMzQxLTUuMzUzWm0tMi42NzYgOS4yMzFhLjg4MS44ODEgMCAwIDEtMS4yMjUuMDM2bC0uNzk0LS40ODMtLjQ2NC4zNjYtLjY1MS0uNDktMS4xNjYgMS4xNjYtLjUzLS4zMTctLjA4NC41NTUtLjEwMi40NTktLjI1MS4xNjItLjU3LjU3LS41NTUuMDgyLS4zMjIuMDY5LS42Mi0uMTc3LS45ODQtLjE5LS45MDgtLjYxNy0uNDc4LS45MDktLjY3Ny0uNzUxLS40MzQtMS4xNzgtLjMyMi0xLjQ3MS0uMzIyLS42MDcgMC0uODguMDQyLS45NjYuMDg4LS40OTcuMjU3LS42MTEuNzMyLS42MTEgMS4xMzdhMS42MzkgMS42MzkgMCAwIDAgLjQ4NiAxLjY5Yy40MTYuNDE2Ljc2Mi43MjQuNzYyLjk1NSAwIC41NDIuMjgyIDEuMDQ2LjMwNCAxLjQxMS41ODYgMS4wNTEgMS43NzUgMS44NDcgMy4wNCAyLjAxOCAxLjMxMi4xNzcgMi4xMDYuMDk1IDIuNzYzLjA3Mi4wOTYtLjE1LjM3Mi0uMjg1LjcwMi0uNDgzLjMxLS40OC41MDktLjUxNS42NjktLjQ1Mi4xMDkuMDUxLjQxNy4yMTEuNDYzLjI2Ny4xNDEuMDgyLjI4NC4xNjEuNDQzLjIyNWExLjIyNyAxLjIyNyAwIDAgMCAuNzQ2LjAyNGwuMjg0LS4xMzVhMy45NjcgMy45NjcgMCAwIDAgLjY2Mi0uNjQzLjkwOC45MDggMCAwIDAgLjMwMi0uNjc4LjE5OC4xOTggMCAwIDAgMC0uMTU2LjgxNS44MTUgMCAwIDAgMC0uNDc3eiIvPjwvc3ZnPg==">
+                                    <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxNiIgaGVpZ2h0PSIxNiIgZmlsbD0iI2ZmZiIgY2xhc3M9ImJpIGJpLXdoYXRzYXBwIiB2aWV3Qm94PSIwIDAgMTYgMTYiPjxwYXRoIGQ9Ik0xMy42NzYgMS40NTJBMTAuNTE1IDEw.wOTYtLjE1LjM3Mi0uMjg1LjcwMi0uNDgzLjMxLS40OC41MDktLjUxNS42NjktLjQ1Mi4xMDkuMDUxLjQxNy4yMTEuNDYzLjI2Ny4xNDEuMDgyLjI4NC4xNjEuNDQzLjIyNWExLjIyNyAxLjIyNyAwIDAgMCAuNzQ2LjAyNGwuMjg0LS4xMzVhMy45NjcgMy45NjcgMCAwIDAgLjY2Mi0uNjQzLjkwOC45MDggMCAwIDAgLjMwMi0uNjc4LjE5OC4xOTggMCAwIDAgMC0uMTU2LjgxNS44MTUgMCAwIDAgMC0uNDc3eiIvPjwvc3ZnPg==">
                                     {{ org_details.whatsapp_link }}
                                 </a>
                             {% else %}
@@ -674,7 +708,7 @@ TEMPLATE = """
                         <div class="business-card-value">
                             {% if org_details.telegram_link %}
                                 <a href="{{ org_details.telegram_link }}" target="_blank">
-                                    <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxNiIgaGVpZ2h0PSIxNiIgZmlsbD0iI2ZmZiIgY2xhc3M9ImJpIGJpLXQtZWxlZ3JhbSIgdmlld0JveD0iMCAwIDE2IDE2Ij48cGF0aCBkPSJNMTYuMDAyIDguNjkyYy4wMDItLjg3Ni0uNDQ1LTEuMzM1LTEuMzAzLTEuNjk0LS4zMjctLjEwNy0uNjk0LS4yMzctMS4wODgtLjM2Ny0xLjYzNi0uNTE2LTIuOTQzLTEuMzMtNC4xMy0yLjU0NS0uODkxLS44OC0xLjY0Ny0xLjcxLTIuMzc0LTIuNDE4LS40MTctLjM5My0uNTM3LS42Ni0uNTAyLS44NTEuMDExLS4wNjkuMDc1LS4yNTguMDgyLS4zNDkuMDY2LS44MjktLjMyLS45NzgtMS4xNS0uNzAyLS40ODcuMTU3LS45OTMuMzItMS41MTMuNDc1LS4yMS4wNjItLjM3OC4wOTktLjUuMTItLjU3LjA4OC0xLjE3NS4yNjQtMS43MDkuNDMzLS4zMy4xMTgtLjY3LjI1MS0xLjAyLjM4OC0uNzUuMjczLTEuNTA5LjU0Ni0yLjI3LjgwNi0uNzg1LjI2Mi0xLjQ3NC40NzUtMi4wNjQuNjQtLjUzNC4xNDYtLjkzNy4xNi0xLjIxMi0uMDctLjQ4NS0uNDA5LS45MS0uOTQ2LS40NzYtMS40NTEuMTU1LS4xNy4zNDctLjMyNi41NzYtLjQ2Ny4xNjktLjEwNS4zNjMtLjIwNy41ODItLjMxMy40NjktLjIyLjkyNi0uMzc0IDEuMzY4LS40NjkuNjMyLS4xMyAxLjI3MS0uMjE2IDEuOTItLjI3MS4yNzktLjAyNC41NTMtLjA0LjgyMy0uMDYuMDYxLS4xNzguMjUzLS41NTYuNTQ3LTEuMTUyLjY4MS0xLjM2NSAxLjQxNy0yLjE4MSAyLjE2Ni0yLjczMi42NzYtLjUwOCAxLjQwNy0uOTUzIDIuMjY2LTEuMjg5LjI2MS0uMTA5LjUyLS4xNDMuNzc4LS4wNzIuOTc0LjI3NSAxLjc2OC41NzIgMi4zNzUuODcxLjMwNS4xNS41NzcuMzEuNzk0LjQ1MS4yMTQuMTQzLjMyNC4yMi4zMjQuMjIuMDg2LS4yNzguMjYzLS42MS40NzYtLjkxMy4wNjItLjA4OC4xMzQtLjE4NS4yMTUtLjI4OC41MTQtLjY2MiAxLjExLS44NzUgMS44MS0uNTMxLjY0NC4zMTEgMS4xNzcuOCAxLjczMiAxLjUyLjQ3NS42ODkuOTUgMS4zNzkgMS40MjUgMi4wNzcuMzYzLjU1LjY4IDEuMDcuOTU3IDEuNTUzLjY1MiAxLjE0OSAxLjEzOCAxLjgxMiAxLjQ1MiAyLjEyNi40NzYuNDg3Ljg2LjgyNyAxLjI0MyAxLjA5Ni43NDEuNTIzIDEuNDg1LjkzNCAyLjIzNSAxLjIxMS43NDcuMjc0IDEuNDU1LjQ4NCAyLjExMy42MzYuNTY3LjEzIDEuMTU0LjE4MiAxLjczLjE1LjcxNC0uMDM1IDEuNDEtLjI0MyAxLjk3LS41Ny41ODEtLjMzOCAxLjA1NS0uODI5IDEuMzk3LTEuMzU1LjExOS0uMTc1LjIwMi0uMzguMjUtLjU4My4wNDctLjE4OS4wNjctLjM4OS4wNi0uNTkzWiIvPjwvc3ZnPg==">
+                                    <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxNiIgaGVpZ2h0PSIxNiIgZmlsbD0iI2ZmZiIgY2xhc3M9ImJpIGJpLXQtZWxlZ3JhbSIgdmlld0JveD0iMCAwIDE2IDE2Ij48cGF0aCBkPSJNMTYuMDAyIDguNjkyYy4wMDItLjg3Ni0uNDQ1LTEuMzM1LTEuMzAzLTEuNjk0LS4zMjctLjEwNy0uNjk0LS4yMzctMS4wODgtLjM2Ny0xLjYzNi0uNTE2LTIuOTQzLTEuMzMtNC4xMy0yLjU0NS0uODkxLS44OC0xLjY0Ny0xLjcxLTIuMzc0LTIuNDE4LS40MTctLjM5My0uNTM3LS42Ni0uNTAyLS44NTEuMDExLS4wNjkuMDc1LS4yNTguMDgyLS4zNDkuMDY2LS44MjktLjMyLS45NzgtMS4xNS0uNzAyLS40ODcuMTU3LS45OTMuMzItMS41MTMuNDc1LS4yMS4wNjItLjM3OC4wOTktLjUuMTItLjU3LjA4OC0xLjE3NS4yNjQtMS43MDkuNDMzLS4zMy4xMTgtLjY3LjI1MS0xLjAyLjM4OC0uNzUuMjczLTEuNTA5LjU0Ni0yLjI3LjgwNi0uNzg1LjI2Mi0xLjQ3NC40NzUtMi4wNjQuNjQtLjUzNC4xNDYtLjkzNy4xNi0xLjIxMi0uMDctLjQ4NS0uNDA5LS45MS0uOTQ2LS40NzYtMS40NTEuMTU1LS4xNy4zNDctLjMyNi41NzYtLjQ2Ny4xNjktLjEwNS4zNjMtLjIwNy41ODItLjMxMy40NjktLjIyLjkyNi0uMzc0IDEuMzY4LS40NjkuNjMyLS4xMyAxLjI3MS0uMjE2IDEuOTItLjI3MS4yNzktLjAyNC41NTMtLjA0LjgyMy0uMDYuMDYxLS4xNzguMjUzLS41NTYuNTQ3LTEuMTUyLjY4MS0xLjM2NSAxLjQxNy0yLjE4MSAyLjE2Ni0yLjczMi42NzYtLjUwOCAxLjQwNy0uOTUzIDIuMjY2LTEuMjg5LjI2MS0uMTA5LjUyLS4xNDMuNzc4LS4wNzIuOTc0LjI3NSAxLjc2OC41NzIgMi4zNzUuODcxLjMwNS4xNS41NzcuMzEuNzk0LjQ1MS4yMTQuMTQzLjMyNC4yMi4zMjQuMjIuMDg2LS4yNzguMjYzLS42MS40NzYtLjkxMy4wNjItLjA4OC4xMzQtLjE4NS4yMTUtLjI4OC41MTQtLjY2MiAxLjExLS44NzUgMS44MS0uNTMxLjY0NC4zMTEgMS4xNzcuOCAxLjczMiAxLjUyLjQ3NS42ODkuOTUgMS4zNzkgMS40MjUgMi4wNzcuMzYzLjU1LjY4IDEuMDcuOTU3IDEuNTUzLjY1MiAxLjE0OSAxLjEzOCAxLjgxMiAxLjQ1MiAyLjEyNi40NzYuNDg3Ljg2LjgyNyAxLjI0MyAxLjA5Ni43NDEu5Lz48L3N2Zz4=">
                                     {{ org_details.telegram_link }}
                                 </a>
                             {% else %}
@@ -689,13 +723,11 @@ TEMPLATE = """
         </div>
     </div>
 
-    <!-- Invoice Detail Modal -->
     <div id="invoiceDetailModal" class="modal">
         <div class="modal-content">
             <span class="modal-close" onclick="closeModal('invoiceDetailModal')">×</span>
             <h2 id="invoiceDetailTitle" class="modal-title"></h2>
             <ul id="invoiceDetailList" class="invoice-detail-list">
-                <!-- Invoice items will be loaded here -->
             </ul>
             <div id="invoiceDetailTotal" class="invoice-total-display">
                 <span>Итого:</span>
@@ -704,8 +736,11 @@ TEMPLATE = """
         </div>
     </div>
 
+    <script src="https://unpkg.com/@tonconnect/sdk@2.0.0/dist/ton-connect-sdk.min.js"></script>
+    <script src="https://unpkg.com/tonweb@0.0.60/dist/tonweb.standalone.min.js"></script>
     <script>
         const tg = window.Telegram.WebApp;
+        let userIdForBackend = '{{ user.id }}';
 
         function applyTheme(themeParams) {
             const root = document.documentElement;
@@ -720,7 +755,6 @@ TEMPLATE = """
         
         function setupTelegram() {
              if (!tg || !tg.initData) {
-                 console.error("Telegram WebApp script not loaded or initData is missing.");
                  document.body.style.visibility = 'visible';
                  return;
              }
@@ -747,12 +781,10 @@ TEMPLATE = """
                     if (data.status === 'ok' && data.verified && data.user_id) {
                         window.location.replace('/?user_id_for_test=' + data.user_id);
                     } else {
-                        console.warn('Backend verification failed:', data.message);
                         document.body.style.visibility = 'visible';
                     }
                 })
-                .catch(error => {
-                    console.error('Error sending initData for verification:', error);
+                .catch(() => {
                     document.body.style.visibility = 'visible';
                 });
              } else {
@@ -814,7 +846,6 @@ TEMPLATE = """
                 });
             });
 
-            // Initial section display
             showSection('dashboard-section'); 
         });
 
@@ -828,6 +859,133 @@ TEMPLATE = """
                   }
              }, 3000);
         }
+
+        let tonConnector = null;
+        let currentTonAddress = '{{ user.ton_address or "" }}';
+        let tonWeb = null;
+
+        async function initializeTonConnect() {
+            try {
+                tonConnector = new TonConnect({
+                    manifest: {
+                        url: window.location.origin,
+                        name: "Bonus System",
+                        iconUrl: window.location.origin + "/static/ton_icon.png", 
+                        termsOfServiceUrl: window.location.origin + "/terms",
+                        privacyPolicyUrl: window.location.origin + "/privacy"
+                    }
+                });
+
+                tonWeb = new TonWeb(new TonWeb.HttpProvider('https://toncenter.com/api/v2/jsonRPC', {apiKey: 'YOUR_TONCENTER_API_KEY_HERE'}));
+
+                await tonConnector.restoreConnection();
+
+                tonConnector.onStatusChange(async walletInfo => {
+                    if (walletInfo) {
+                        currentTonAddress = walletInfo.account.address;
+                        document.getElementById('walletAddress').textContent = currentTonAddress;
+                        document.getElementById('connectTonWalletBtn').style.display = 'none';
+                        document.getElementById('disconnectTonWalletBtn').style.display = 'block';
+                        document.getElementById('walletDetails').style.display = 'block';
+                        document.getElementById('tonStatusMessage').textContent = 'Кошелек подключен.';
+                        await fetchTonBalance(currentTonAddress);
+                        saveTonAddressToBackend(currentTonAddress);
+                    } else {
+                        currentTonAddress = '';
+                        document.getElementById('walletAddress').textContent = 'Не подключен';
+                        document.getElementById('walletBalance').textContent = '0 TON';
+                        document.getElementById('connectTonWalletBtn').style.display = 'block';
+                        document.getElementById('disconnectTonWalletBtn').style.display = 'none';
+                        document.getElementById('walletDetails').style.display = 'none';
+                        document.getElementById('tonStatusMessage').textContent = 'Кошелек не подключен.';
+                        saveTonAddressToBackend(''); 
+                    }
+                });
+
+                if (tonConnector.connected) {
+                     document.getElementById('tonStatusMessage').textContent = 'Кошелек подключен.';
+                } else if (currentTonAddress) {
+                    document.getElementById('walletAddress').textContent = currentTonAddress;
+                    document.getElementById('walletDetails').style.display = 'block';
+                    document.getElementById('connectTonWalletBtn').style.display = 'none';
+                    document.getElementById('disconnectTonWalletBtn').style.display = 'block';
+                    document.getElementById('tonStatusMessage').textContent = 'Загрузка данных кошелька...';
+                    await fetchTonBalance(currentTonAddress);
+                } else {
+                    document.getElementById('tonStatusMessage').textContent = 'Нажмите кнопку, чтобы подключить кошелек.';
+                    document.getElementById('connectTonWalletBtn').style.display = 'block';
+                }
+
+            } catch (e) {
+                document.getElementById('tonStatusMessage').textContent = 'Ошибка инициализации Ton Connect: ' + e.message;
+                document.getElementById('connectTonWalletBtn').style.display = 'block';
+            }
+        }
+
+        async function connectTonWallet() {
+            if (!tonConnector) {
+                document.getElementById('tonStatusMessage').textContent = 'Ошибка: Ton Connect не инициализирован.';
+                return;
+            }
+            document.getElementById('tonStatusMessage').textContent = 'Ожидание подключения...';
+            try {
+                tonConnector.connect();
+            } catch (e) {
+                document.getElementById('tonStatusMessage').textContent = 'Ошибка подключения: ' + e.message;
+            }
+        }
+
+        async function disconnectTonWallet() {
+            if (!tonConnector) return;
+            document.getElementById('tonStatusMessage').textContent = 'Отключение...';
+            try {
+                await tonConnector.disconnect();
+            } catch (e) {
+                document.getElementById('tonStatusMessage').textContent = 'Ошибка отключения: ' + e.message;
+            }
+        }
+
+        async function fetchTonBalance(address) {
+            if (!tonWeb) return;
+            document.getElementById('walletBalance').textContent = 'Загрузка...';
+            try {
+                const wallet = new tonWeb.wallet.create({address: address});
+                const balanceNano = await tonWeb.getBalance(address);
+                const balanceTon = tonWeb.utils.fromNano(balanceNano);
+                document.getElementById('walletBalance').textContent = `${parseFloat(balanceTon).toFixed(4)} TON`;
+            } catch (e) {
+                document.getElementById('walletBalance').textContent = 'Ошибка';
+                document.getElementById('tonStatusMessage').textContent = 'Ошибка получения баланса: ' + e.message;
+            }
+        }
+
+        async function saveTonAddressToBackend(address) {
+            try {
+                const response = await fetch('/save_ton_address', {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({
+                        user_id: userIdForBackend,
+                        ton_address: address,
+                        initData: tg.initData
+                    }),
+                });
+                const result = await response.json();
+                if (response.ok) {
+                    console.log('TON address saved:', result.message);
+                } else {
+                    console.error('Failed to save TON address:', result.message);
+                }
+            } catch (error) {
+                console.error('Error saving TON address:', error);
+            }
+        }
+
+        document.addEventListener('DOMContentLoaded', () => {
+            document.getElementById('connectTonWalletBtn').addEventListener('click', connectTonWallet);
+            document.getElementById('disconnectTonWalletBtn').addEventListener('click', disconnectTonWallet);
+            initializeTonConnect();
+        });
     </script>
 </body>
 </html>
@@ -921,7 +1079,6 @@ ADMIN_TEMPLATE = """
         .btn-submit { background-color: var(--admin-success); color: white; }
         .status-message { text-align: center; font-weight: 500; flex-grow: 1; text-align: left; }
 
-        /* Tabs for Transaction Modal */
         .tab-buttons {
             display: flex;
             margin-bottom: 1rem;
@@ -948,7 +1105,6 @@ ADMIN_TEMPLATE = """
             display: block;
         }
 
-        /* Invoice table */
         .invoice-items-table {
             width: 100%;
             border-collapse: collapse;
@@ -1098,7 +1254,6 @@ ADMIN_TEMPLATE = """
         {% endif %}
     </div>
 
-    <!-- Transaction/Invoice Modal -->
     <div id="transactionModal" class="modal">
       <div class="modal-content">
         <span class="modal-close" onclick="closeModal('transactionModal')">×</span>
@@ -1180,7 +1335,6 @@ ADMIN_TEMPLATE = """
                         </tr>
                     </thead>
                     <tbody>
-                        <!-- New invoice items will be added here -->
                     </tbody>
                     <tfoot>
                         <tr>
@@ -1205,7 +1359,6 @@ ADMIN_TEMPLATE = """
       </div>
     </div>
     
-    <!-- Add Client Modal -->
     <div id="addClientModal" class="modal">
       <div class="modal-content">
         <span class="modal-close" onclick="closeModal('addClientModal')">×</span>
@@ -1227,7 +1380,6 @@ ADMIN_TEMPLATE = """
       </div>
     </div>
 
-    <!-- Organization Settings Modal -->
     <div id="orgSettingsModal" class="modal">
         <div class="modal-content">
             <span class="modal-close" onclick="closeModal('orgSettingsModal')">×</span>
@@ -1263,13 +1415,11 @@ ADMIN_TEMPLATE = """
         </div>
     </div>
 
-    <!-- Invoice Detail Modal (for Admin) -->
     <div id="adminInvoiceDetailModal" class="modal">
         <div class="modal-content">
             <span class="modal-close" onclick="closeModal('adminInvoiceDetailModal')">×</span>
             <h2 id="adminInvoiceDetailTitle" class="modal-title"></h2>
             <ul id="adminInvoiceDetailList" class="invoice-detail-list">
-                <!-- Invoice items will be loaded here -->
             </ul>
             <div id="adminInvoiceDetailTotal" class="invoice-total-display">
                 <span>Итого:</span>
@@ -1311,13 +1461,11 @@ ADMIN_TEMPLATE = """
             document.getElementById('modalStatus').textContent = '';
             document.getElementById('invoiceStatus').textContent = '';
 
-            // Reset new invoice items
             newInvoiceItems = [];
             renderNewInvoiceItems();
             
-            loadUserHistoryAndInvoices(); // Load history and invoices for current user
+            loadUserHistoryAndInvoices();
 
-            // Set default tab
             showTab('bonus-debt-tab');
 
             transactionModal.style.display = 'block';
@@ -1340,8 +1488,8 @@ ADMIN_TEMPLATE = """
                         sign = item.type === 'accrual' ? '+' : '-';
                         amountClass = item.type === 'accrual' ? 'bonus-accrual' : 'bonus-deduction';
                         amountText = `${sign}${parseFloat(item.amount).toFixed(2)}`;
-                    } else { // debt
-                        sign = item.type === 'accrual' ? '+' : '-'; // 'accrual' for debt means debt increases (positive)
+                    } else {
+                        sign = item.type === 'accrual' ? '+' : '-';
                         amountClass = item.type === 'accrual' ? 'debt-accrual' : 'debt-payment';
                         amountText = `${item.type === 'accrual' ? '+' : '-'}${parseFloat(item.amount).toFixed(2)}`;
                     }
@@ -1358,7 +1506,6 @@ ADMIN_TEMPLATE = """
                 historyList.innerHTML = '<li style="text-align:center; padding: 1rem; color: var(--admin-secondary);">Нет истории</li>';
             }
             
-            // Load invoices for invoice tab
             const modalInvoiceList = document.getElementById('modalInvoiceList');
             modalInvoiceList.innerHTML = '';
             const userInvoices = (currentUserData.invoices || []).sort((a, b) => new Date(b.date) - new Date(a.date));
@@ -1405,8 +1552,7 @@ ADMIN_TEMPLATE = """
                     document.getElementById('orgStatus').textContent = '';
                     orgSettingsModal.style.display = 'block';
                 })
-                .catch(error => {
-                    console.error('Error fetching organization details:', error);
+                .catch(() => {
                     document.getElementById('orgStatus').style.color = 'var(--admin-danger)';
                     document.getElementById('orgStatus').textContent = 'Ошибка загрузки данных.';
                     orgSettingsModal.style.display = 'block';
@@ -1605,7 +1751,7 @@ ADMIN_TEMPLATE = """
         function addNewInvoiceItemRow() {
             const tableBody = document.getElementById('newInvoiceItemsTable').getElementsByTagName('tbody')[0];
             const newRow = tableBody.insertRow();
-            const rowIndex = tableBody.rows.length - 1; // Index for current item in newInvoiceItems
+            const rowIndex = tableBody.rows.length - 1;
 
             newInvoiceItems.push({
                 product_name: '',
@@ -1640,15 +1786,14 @@ ADMIN_TEMPLATE = """
 
         function removeInvoiceItemRow(button, index) {
             const tableBody = document.getElementById('newInvoiceItemsTable').getElementsByTagName('tbody')[0];
-            tableBody.deleteRow(button.parentNode.parentNode.rowIndex - 1); // rowIndex is 1-based, -1 for header
+            tableBody.deleteRow(button.parentNode.parentNode.rowIndex - 1);
 
-            // Re-index newInvoiceItems and update the oninput attributes
             newInvoiceItems.splice(index, 1);
             for (let i = 0; i < tableBody.rows.length; i++) {
                 const row = tableBody.rows[i];
                 row.querySelector('input[type="text"]').setAttribute('oninput', `updateInvoiceItem(${i}, 'product_name', this.value)`);
-                row.querySelector('input[type="number"][step="1"]').setAttribute('oninput', `updateInvoiceItem(${i}, 'quantity', parseFloat(this.value))`);
-                row.querySelector('input[type="number"][step="0.01"]').setAttribute('oninput', `updateInvoiceItem(${i}, 'unit_price', parseFloat(this.value))`);
+                row.querySelector('input[type="number'][step="1"]').setAttribute('oninput', `updateInvoiceItem(${i}, 'quantity', parseFloat(this.value))`);
+                row.querySelector('input[type="number'][step="0.01"]').setAttribute('oninput', `updateInvoiceItem(${i}, 'unit_price', parseFloat(this.value))`);
                 row.querySelector('.action-btn').setAttribute('onclick', `removeInvoiceItemRow(this, ${i})`);
             }
 
@@ -1757,7 +1902,7 @@ ADMIN_TEMPLATE = """
                 });
                 const result = await response.json();
                 if (response.ok) {
-                    location.reload(); // Reload the page to update the list
+                    location.reload();
                 } else {
                     throw new Error(result.message || 'Не удалось удалить накладную.');
                 }
@@ -1782,20 +1927,35 @@ ADMIN_TEMPLATE = """
             }
         }
 
-        // Initial row for new invoice
         document.addEventListener('DOMContentLoaded', () => {
-            addNewInvoiceItemRow(); // Add an empty row for new invoice input
+            addNewInvoiceItemRow();
         });
     </script>
 </body>
 </html>
 """
 
+@app.route('/static/ton_icon.png')
+def serve_ton_icon():
+    img = Image.new('RGBA', (100, 100), (0, 0, 0, 0))
+    byte_arr = io.BytesIO()
+    img.save(byte_arr, format='PNG')
+    byte_arr.seek(0)
+    return Response(byte_arr.getvalue(), mimetype='image/png')
+
+@app.route('/terms')
+def terms():
+    return "<h1>Terms of Service</h1><p>This is a placeholder for your terms of service.</p>"
+
+@app.route('/privacy')
+def privacy():
+    return "<h1>Privacy Policy</h1><p>This is a placeholder for your privacy policy.</p>"
+
 @app.route('/')
 def index():
     user_id_str = request.args.get('user_id_for_test')
     
-    all_data = load_visitor_data() # Load all data, including organization details
+    all_data = load_visitor_data()
     user_data = {}
 
     if user_id_str and user_id_str in all_data:
@@ -1816,7 +1976,8 @@ def index():
             reverse=True
         )
         user_data['combined_history'] = combined_history
-        user_data['invoices'] = user_data.get('invoices', []) # Pass invoices to template
+        user_data['invoices'] = user_data.get('invoices', [])
+        user_data['ton_address'] = user_data.get('ton_address', '')
     else:
         user_data = {
             "id": "N/A",
@@ -1825,7 +1986,8 @@ def index():
             "history": [],
             "debt_history": [],
             "combined_history": [],
-            "invoices": []
+            "invoices": [],
+            "ton_address": ""
         }
     
     org_details = all_data.get('organization_details', {})
@@ -1847,19 +2009,17 @@ def verify_data():
             try:
                 user_json_str = unquote(user_data_parsed['user'][0])
                 user_info_dict = json.loads(user_json_str)
-            except Exception as e:
-                logging.error(f"Could not parse user JSON: {e}")
+            except Exception:
                 user_info_dict = {}
 
         if is_valid:
             tg_user_id = user_info_dict.get('id')
             if tg_user_id:
                 now = datetime.now(BISHKEK_TZ)
-                all_data = load_visitor_data() # Get current state of all data
+                all_data = load_visitor_data()
                 
                 existing_user_key = None
                 for key, user_data_item in all_data.items():
-                    # Skip 'organization_details' when iterating through users
                     if key == "organization_details":
                         continue
                     if str(user_data_item.get('telegram_id')) == str(tg_user_id):
@@ -1889,29 +2049,71 @@ def verify_data():
                         'photo_url': user_info_dict.get('photo_url'),
                         'language_code': user_info_dict.get('language_code'),
                         'is_premium': user_info_dict.get('is_premium', False),
-                        'phone_number': None, # No phone number from Telegram initData by default
+                        'phone_number': None,
                         'visited_at': now.timestamp(),
                         'visited_at_str': now.strftime('%Y-%m-%d %H:%M:%S'),
                         'bonuses': 0,
                         'history': [],
                         'debts': 0,
                         'debt_history': [],
-                        'invoices': [] # Initialize invoices list
+                        'invoices': [],
+                        'ton_address': ""
                     }
                     user_id_to_save = new_user_id
                 
-                all_data[user_id_to_save] = user_entry # Update the global cache
-                save_visitor_data(all_data) # Save the entire cache
+                all_data[user_id_to_save] = user_entry
+                save_visitor_data(all_data)
 
                 return jsonify({"status": "ok", "verified": True, "user_id": user_id_to_save})
             else:
                  return jsonify({"status": "error", "verified": True, "message": "User ID not found in parsed data"}), 400
         else:
-            logging.warning(f"Verification failed for user: {user_info_dict.get('id')}")
             return jsonify({"status": "error", "verified": False, "message": "Invalid data"}), 403
 
-    except Exception as e:
-        logging.exception("Error in /verify endpoint")
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
+
+@app.route('/save_ton_address', methods=['POST'])
+def save_ton_address():
+    try:
+        req_data = request.get_json()
+        internal_user_id = req_data.get('user_id')
+        ton_address = req_data.get('ton_address')
+        init_data_str = req_data.get('initData')
+
+        if not internal_user_id:
+            return jsonify({"status": "error", "message": "Internal User ID is required"}), 400
+        
+        user_data_parsed, is_valid = verify_telegram_data(init_data_str)
+        if not is_valid:
+            return jsonify({"status": "error", "message": "Invalid Telegram InitData"}), 403
+
+        user_info_dict = {}
+        if user_data_parsed and 'user' in user_data_parsed:
+            try:
+                user_json_str = unquote(user_data_parsed['user'][0])
+                user_info_dict = json.loads(user_json_str)
+            except Exception:
+                user_info_dict = {}
+        
+        telegram_user_id = user_info_dict.get('id')
+
+        all_data = load_visitor_data()
+        user_entry = all_data.get(internal_user_id)
+
+        if not user_entry or internal_user_id == "organization_details":
+            return jsonify({"status": "error", "message": "User not found"}), 404
+
+        if user_entry.get('telegram_id') is not None and str(user_entry.get('telegram_id')) != str(telegram_user_id):
+            return jsonify({"status": "error", "message": "Telegram user ID mismatch or not authorized to update this account"}), 403
+        
+        user_entry['ton_address'] = ton_address
+        all_data[internal_user_id] = user_entry
+        save_visitor_data(all_data)
+
+        return jsonify({"status": "ok", "message": "TON address updated successfully"}), 200
+
+    except Exception:
         return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 @app.route('/admin')
@@ -1919,7 +2121,7 @@ def admin_panel():
     all_data = load_visitor_data()
     users_list = []
     for user_id, user_data in all_data.items():
-        if user_id == "organization_details": # Skip organization details
+        if user_id == "organization_details":
             continue
         user_data['id'] = user_id
         users_list.append(user_data)
@@ -1950,7 +2152,6 @@ def add_client():
         
         all_data = load_visitor_data()
 
-        # Check for existing phone number, excluding the 'organization_details' key
         for key, user in all_data.items():
             if key == "organization_details":
                 continue
@@ -1976,17 +2177,17 @@ def add_client():
             'history': [],
             'debts': 0,
             'debt_history': [],
-            'invoices': [] # Initialize invoices for new manual client
+            'invoices': [],
+            'ton_address': ""
         }
         
-        all_data[new_id] = new_client # Update the global cache
+        all_data[new_id] = new_client
         save_visitor_data(all_data)
 
         return jsonify({"status": "ok", "message": "Client added successfully"}), 201
 
-    except Exception as e:
-        logging.exception("Error in /admin/add_client endpoint")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 
 @app.route('/admin/add_transaction', methods=['POST'])
@@ -2019,7 +2220,6 @@ def add_transaction():
         if repay_debt_amount > user.get('debts', 0):
             return jsonify({"status": "error", "message": "Сумма погашения превышает текущий долг"}), 400
 
-        # Bonus operations
         accrual_amount = purchase_amount * 0.02
         user['bonuses'] = round(user.get('bonuses', 0) + accrual_amount - deduct_amount, 2)
         if 'history' not in user or not isinstance(user['history'], list):
@@ -2038,7 +2238,6 @@ def add_transaction():
                 "date": now_iso, "date_str": now_str
             })
 
-        # Debt operations
         user['debts'] = round(user.get('debts', 0) + add_debt_amount - repay_debt_amount, 2)
         if 'debt_history' not in user or not isinstance(user['debt_history'], list):
             user['debt_history'] = []
@@ -2056,7 +2255,7 @@ def add_transaction():
                 "date": now_iso, "date_str": now_str
             })
         
-        all_data[user_id_str] = user # Update the global cache
+        all_data[user_id_str] = user
         save_visitor_data(all_data)
 
         return jsonify({
@@ -2064,9 +2263,8 @@ def add_transaction():
             "new_balance": user['bonuses'], "new_debt": user['debts']
         }), 200
 
-    except Exception as e:
-        logging.exception("Error in /admin/add_transaction endpoint")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 @app.route('/admin/add_invoice', methods=['POST'])
 def add_invoice():
@@ -2092,7 +2290,7 @@ def add_invoice():
         now_iso = now.isoformat()
         now_str = now.strftime('%Y-%m-%d %H:%M:%S')
 
-        invoice_id = str(uuid.uuid4().hex[:8]).upper() # Generate a short unique ID
+        invoice_id = str(uuid.uuid4().hex[:8]).upper()
 
         processed_items = []
         for item in items:
@@ -2124,9 +2322,8 @@ def add_invoice():
 
         return jsonify({"status": "ok", "message": "Invoice added successfully", "invoice_id": invoice_id}), 200
 
-    except Exception as e:
-        logging.exception("Error in /admin/add_invoice endpoint")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 @app.route('/admin/delete_invoice', methods=['POST'])
 def delete_invoice():
@@ -2159,9 +2356,8 @@ def delete_invoice():
 
         return jsonify({"status": "ok", "message": "Invoice deleted successfully"}), 200
 
-    except Exception as e:
-        logging.exception("Error in /admin/delete_invoice endpoint")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 
 @app.route('/admin/delete_client', methods=['POST'])
@@ -2174,9 +2370,9 @@ def delete_client():
             return jsonify({"status": "error", "message": "User ID is required"}), 400
 
         user_id_str = str(user_id)
-        all_data = load_visitor_data() # Load current state
+        all_data = load_visitor_data()
 
-        with _data_lock: # Ensure thread-safe modification of cache
+        with _data_lock:
             if user_id_str not in all_data or user_id_str == "organization_details":
                 return jsonify({"status": "error", "message": "User not found"}), 404
 
@@ -2184,23 +2380,19 @@ def delete_client():
             if user_to_delete.get('telegram_id') is not None:
                 return jsonify({"status": "error", "message": "Cannot delete a Telegram-linked user"}), 403
 
-            del all_data[user_id_str] # Modify the loaded data
+            del all_data[user_id_str]
 
             try:
-                # Save the modified all_data (which is visitor_data_cache)
                 with open(DATA_FILE, 'w', encoding='utf-8') as f:
                     json.dump(all_data, f, ensure_ascii=False, indent=4)
-                logging.info(f"User {user_id_str} deleted. Data saved to {DATA_FILE}.")
                 upload_data_to_hf_async()
-            except Exception as e:
-                logging.error(f"Error saving data after deletion: {e}")
+            except Exception:
                 return jsonify({"status": "error", "message": "Failed to save data after deletion"}), 500
 
         return jsonify({"status": "ok", "message": "Client deleted successfully"}), 200
 
-    except Exception as e:
-        logging.exception("Error in /admin/delete_client endpoint")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 @app.route('/admin/organization_details', methods=['GET'])
 def get_organization_details():
@@ -2208,9 +2400,8 @@ def get_organization_details():
         all_data = load_visitor_data()
         org_details = all_data.get('organization_details', {})
         return jsonify(org_details), 200
-    except Exception as e:
-        logging.exception("Error getting organization details")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 @app.route('/admin/organization_details', methods=['POST'])
 def save_organization_details():
@@ -2226,30 +2417,22 @@ def save_organization_details():
         
         all_data = load_visitor_data()
         all_data['organization_details'] = new_org_details
-        save_visitor_data(all_data) # Save the entire updated cache
+        save_visitor_data(all_data)
 
         return jsonify({"status": "ok", "message": "Organization details saved successfully"}), 200
-    except Exception as e:
-        logging.exception("Error saving organization details")
-        return jsonify({"status": "error", "message": str(e)}), 500
+    except Exception:
+        return jsonify({"status": "error", "message": "Internal server error"}), 500
 
 if __name__ == '__main__':
-    print("--- BONUS SYSTEM SERVER ---")
-    print(f"Server starting on http://{HOST}:{PORT}")
     if not HF_TOKEN_READ or not HF_TOKEN_WRITE:
-         print("WARNING: Hugging Face token(s) not set. Backup/restore functionality will be limited.")
+         pass
     else:
-         print("Attempting initial data download from Hugging Face...")
          download_data_from_hf()
 
-    load_visitor_data() # Ensure data is loaded into cache at startup
+    load_visitor_data()
 
-    print("WARNING: The /admin route is NOT protected. Implement proper authentication for production.")
-    
     if HF_TOKEN_WRITE:
         backup_thread = threading.Thread(target=periodic_backup, daemon=True)
         backup_thread.start()
-        print("Periodic backup thread started (every hour).")
 
-    print("--- Server Ready ---")
     app.run(host=HOST, port=PORT, debug=False)