New accordion panels using <fieldset>

* Add the option to introduce rich-text placeholders

* Add tests in test_format

* Add some css

* Block vs inline

* Some fixed css

* Update src/pretix/control/forms/event.py

Co-authored-by: Mira <weller@rami.io>

* Add missing docstring prat

---------

Co-authored-by: Mira <weller@rami.io>

doc/admin/config.rst

@@ -288,6 +288,7 @@ Example::
     [django]
     secret=j1kjps5a5&4ilpn912s7a1!e2h!duz^i3&idu@_907s$wrz@x-
     debug=off
+    passwords_argon2=on
 
 ``secret``
     The secret to be used by Django for signing and verification purposes. If this
@@ -303,6 +304,10 @@ Example::
 
     .. WARNING:: Never set this to ``True`` in production!
 
+``passwords_argon``
+    Use the ``argon2`` algorithm for password hashing. Disable on systems with a small number of CPU cores (currently
+    less than 8).
+
 ``profile``
     Enable code profiling for a random subset of requests. Disabled by default, see
     :ref:`perf-monitoring` for details.

doc/admin/installation/docker_smallscale.rst

@@ -231,11 +231,10 @@ The following snippet is an example on how to configure a nginx proxy for pretix
         }
     }
     server {
-        listen 443 default_server;
-        listen [::]:443 ipv6only=on default_server;
+        listen 443 ssl default_server;
+        listen [::]:443 ipv6only=on ssl default_server;
         server_name pretix.mydomain.com;
 
-        ssl on;
         ssl_certificate /path/to/cert.chain.pem;
         ssl_certificate_key /path/to/key.pem;
 

doc/admin/installation/manual_smallscale.rst

@@ -216,11 +216,10 @@ The following snippet is an example on how to configure a nginx proxy for pretix
         }
     }
     server {
-        listen 443 default_server;
-        listen [::]:443 ipv6only=on default_server;
+        listen 443 ssl default_server;
+        listen [::]:443 ipv6only=on ssl default_server;
         server_name pretix.mydomain.com;
 
-        ssl on;
         ssl_certificate /path/to/cert.chain.pem;
         ssl_certificate_key /path/to/key.pem;
 

doc/api/resources/invoices.rst

@@ -352,12 +352,12 @@ Fetching individual invoices
 
    :param organizer: The ``slug`` field of the organizer to fetch
    :param event: The ``slug`` field of the event to fetch
-   :param invoice_no: The ``invoice_no`` field of the invoice to fetch
+   :param number: The ``number`` field of the invoice to fetch
    :statuscode 200: no error
    :statuscode 401: Authentication failure
    :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
 
-.. http:get:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/download/
+.. http:get:: /api/v1/organizers/(organizer)/events/(event)/invoices/(number)/download/
 
    Download an invoice in PDF format.
 
@@ -384,7 +384,7 @@ Fetching individual invoices
 
    :param organizer: The ``slug`` field of the organizer to fetch
    :param event: The ``slug`` field of the event to fetch
-   :param invoice_no: The ``invoice_no`` field of the invoice to fetch
+   :param number: The ``number`` field of the invoice to fetch
    :statuscode 200: no error
    :statuscode 401: Authentication failure
    :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
@@ -397,7 +397,7 @@ Modifying invoices
 
 Invoices cannot be edited directly, but the following actions can be triggered:
 
-.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/reissue/
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(number)/reissue/
 
    Cancels the invoice and creates a new one.
 
@@ -419,13 +419,13 @@ Invoices cannot be edited directly, but the following actions can be triggered:
 
    :param organizer: The ``slug`` field of the organizer to fetch
    :param event: The ``slug`` field of the event to fetch
-   :param invoice_no: The ``invoice_no`` field of the invoice to reissue
+   :param number: The ``number`` field of the invoice to reissue
    :statuscode 200: no error
    :statuscode 400: The invoice has already been canceled
    :statuscode 401: Authentication failure
    :statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
 
-.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/regenerate/
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(number)/regenerate/
 
    Re-generates the invoice from order data.
 
@@ -447,7 +447,7 @@ Invoices cannot be edited directly, but the following actions can be triggered:
 
    :param organizer: The ``slug`` field of the organizer to fetch
    :param event: The ``slug`` field of the event to fetch
-   :param invoice_no: The ``invoice_no`` field of the invoice to regenerate
+   :param number: The ``number`` field of the invoice to regenerate
    :statuscode 200: no error
    :statuscode 400: The invoice has already been canceled
    :statuscode 401: Authentication failure

doc/api/resources/seats.rst

@@ -249,7 +249,7 @@ Endpoints
             "orderposition": null,
             "cartposition": null,
             "voucher": null
-        },
+        }
 
    :param organizer: The ``slug`` field of the organizer to modify
    :param event: The ``slug`` field of the event to modify
@@ -260,3 +260,114 @@ Endpoints
    :statuscode 401: Authentication failure
    :statuscode 403: The requested organizer or event does not exist **or** you have no permission to change this resource.
    :statuscode 404: Seat does not exist; or the endpoint without subevent id was used for event with subevents, or vice versa.
+
+
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/seats/bulk_block/
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/seats/bulk_block/
+
+   Set the ``blocked`` attribute to ``true`` for a large number of seats at once.
+   You can pass either a list of ``id`` values or a list of ``seat_guid`` values.
+   You can pass up to 10,000 seats in one request.
+
+   The endpoint will return an error if you pass a seat ID that does not exist.
+   However, it will not return an error if one of the passed seats is already blocked or sold.
+
+   **Example request**:
+
+   .. sourcecode:: http
+
+        PATCH /api/v1/organizers/bigevents/events/sampleconf/seats/bulk_block/ HTTP/1.1
+        Host: pretix.eu
+        Accept: application/json, text/javascript
+        Content-Type: application/json
+
+        {
+            "ids": [12, 45, 56]
+        }
+
+   or
+
+   .. sourcecode:: http
+
+        PATCH /api/v1/organizers/bigevents/events/sampleconf/seats/bulk_block/ HTTP/1.1
+        Host: pretix.eu
+        Accept: application/json, text/javascript
+        Content-Type: application/json
+
+        {
+            "seat_guids": ["6c0e29e5-05d6-421f-99f3-afd01478ecad", "c2899340-e2e7-4d05-8100-000a4b6d7cf4"]
+        }
+
+   **Example response**:
+
+   .. sourcecode:: http
+
+        HTTP/1.1 200 OK
+        Vary: Accept
+        Content-Type: application/json
+
+        {}
+
+   :param organizer: The ``slug`` field of the organizer to modify
+   :param event: The ``slug`` field of the event to modify
+   :param subevent_id: The ``id`` field of the subevent to modify
+   :statuscode 200: no error
+   :statuscode 400: The seat could not be modified due to invalid submitted data
+   :statuscode 401: Authentication failure
+   :statuscode 403: The requested organizer or event does not exist **or** you have no permission to change this resource.
+   :statuscode 404: Seat does not exist; or the endpoint without subevent id was used for event with subevents, or vice versa.
+
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/seats/bulk_unblock/
+.. http:post:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/seats/bulk_unblock/
+
+   Set the ``blocked`` attribute to ``false`` for a large number of seats at once.
+   You can pass either a list of ``id`` values or a list of ``seat_guid`` values.
+   You can pass up to 10,000 seats in one request.
+
+   The endpoint will return an error if you pass a seat ID that does not exist.
+   However, it will not return an error if one of the passed seat is already unblocked or is sold.
+
+   **Example request**:
+
+   .. sourcecode:: http
+
+        PATCH /api/v1/organizers/bigevents/events/sampleconf/seats/bulk_unblock/ HTTP/1.1
+        Host: pretix.eu
+        Accept: application/json, text/javascript
+        Content-Type: application/json
+
+        {
+            "ids": [12, 45, 56]
+        }
+
+   or
+
+   .. sourcecode:: http
+
+        PATCH /api/v1/organizers/bigevents/events/sampleconf/seats/bulk_unblock/ HTTP/1.1
+        Host: pretix.eu
+        Accept: application/json, text/javascript
+        Content-Type: application/json
+
+        {
+            "seat_guids": ["6c0e29e5-05d6-421f-99f3-afd01478ecad", "c2899340-e2e7-4d05-8100-000a4b6d7cf4"]
+        }
+
+   **Example response**:
+
+   .. sourcecode:: http
+
+        HTTP/1.1 200 OK
+        Vary: Accept
+        Content-Type: application/json
+
+        {}
+
+   :param organizer: The ``slug`` field of the organizer to modify
+   :param event: The ``slug`` field of the event to modify
+   :param subevent_id: The ``id`` field of the subevent to modify
+   :statuscode 200: no error
+   :statuscode 400: The seat could not be modified due to invalid submitted data
+   :statuscode 401: Authentication failure
+   :statuscode 403: The requested organizer or event does not exist **or** you have no permission to change this resource.
+   :statuscode 404: Seat does not exist; or the endpoint without subevent id was used for event with subevents, or vice versa.

pyproject.toml

@@ -53,7 +53,7 @@ dependencies = [
   "django-phonenumber-field==7.3.*",
   "django-redis==5.4.*",
   "django-scopes==2.0.*",
-  "django-statici18n==2.5.*",
+  "django-statici18n==2.6.*",
   "djangorestframework==3.15.*",
   "dnspython==2.7.*",
   "drf_ujson2==1.7.*",
@@ -76,7 +76,7 @@ dependencies = [
   "phonenumberslite==8.13.*",
   "Pillow==11.0.*",
   "pretix-plugin-build",
-  "protobuf==5.28.*",
+  "protobuf==5.29.*",
   "psycopg2-binary",
   "pycountry",
   "pycparser==2.22",
@@ -97,17 +97,17 @@ dependencies = [
   "text-unidecode==1.*",
   "tlds>=2020041600",
   "tqdm==4.*",
-  "ua-parser==0.18.*",
+  "ua-parser==1.0.*",
   "vat_moss_forked==2020.3.20.0.11.0",
   "vobject==0.9.*",
-  "webauthn==2.2.*",
+  "webauthn==2.3.*",
   "zeep==4.3.*"
 ]
 
 [project.optional-dependencies]
 memcached = ["pylibmc"]
 dev = [
-  "aiohttp==3.10.*",
+  "aiohttp==3.11.*",
   "coverage",
   "coveralls",
   "fakeredis==2.26.*",

src/pretix/__init__.py

@@ -19,4 +19,4 @@
 # You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
 # <https://www.gnu.org/licenses/>.
 #
-__version__ = "2024.11.0.dev0"
+__version__ = "2024.12.0.dev0"

src/pretix/api/serializers/event.py

@@ -989,6 +989,40 @@ def prefetch_by_id(items, qs, id_attr, target_attr):
             setattr(item, target_attr, result.get(getattr(item, id_attr)))
 
 
+class SeatBulkBlockInputSerializer(serializers.Serializer):
+    ids = serializers.ListField(child=serializers.IntegerField(), required=False, allow_empty=True)
+    seat_guids = serializers.ListField(child=serializers.CharField(), required=False, allow_empty=True)
+
+    def to_internal_value(self, data):
+        data = super().to_internal_value(data)
+
+        if data.get("seat_guids") and data.get("ids"):
+            raise ValidationError("Please pass either seat_guids or ids.")
+
+        if data.get("seat_guids"):
+            seat_ids = data["seat_guids"]
+            if len(seat_ids) > 10000:
+                raise ValidationError({"seat_guids": ["Please do not pass over 10000 seats."]})
+
+            seats = {s.seat_guid: s for s in self.context["queryset"].filter(seat_guid__in=seat_ids)}
+            for s in seat_ids:
+                if s not in seats:
+                    raise ValidationError({"seat_guids": [f"The seat '{s}' does not exist."]})
+        elif data.get("ids"):
+            seat_ids = data["ids"]
+            if len(seat_ids) > 10000:
+                raise ValidationError({"ids": ["Please do not pass over 10000 seats."]})
+
+            seats = self.context["queryset"].in_bulk(seat_ids)
+            for s in seat_ids:
+                if s not in seats:
+                    raise ValidationError({"ids": [f"The seat '{s}' does not exist."]})
+        else:
+            raise ValidationError("Please pass either seat_guids or ids.")
+
+        return {"seats": seats.values()}
+
+
 class SeatSerializer(I18nAwareModelSerializer):
     orderposition = serializers.IntegerField(source='orderposition_id')
     cartposition = serializers.IntegerField(source='cartposition_id')

src/pretix/api/views/event.py

@@ -40,6 +40,7 @@ from django.utils.timezone import now
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import serializers, views, viewsets
+from rest_framework.decorators import action
 from rest_framework.exceptions import (
     NotFound, PermissionDenied, ValidationError,
 )
@@ -50,8 +51,9 @@ from pretix.api.auth.permission import EventCRUDPermission
 from pretix.api.pagination import TotalOrderingFilter
 from pretix.api.serializers.event import (
     CloneEventSerializer, DeviceEventSettingsSerializer, EventSerializer,
-    EventSettingsSerializer, ItemMetaPropertiesSerializer, SeatSerializer,
-    SubEventSerializer, TaxRuleSerializer,
+    EventSettingsSerializer, ItemMetaPropertiesSerializer,
+    SeatBulkBlockInputSerializer, SeatSerializer, SubEventSerializer,
+    TaxRuleSerializer,
 )
 from pretix.api.views import ConditionalListView
 from pretix.base.models import (
@@ -237,9 +239,9 @@ class EventViewSet(viewsets.ModelViewSet):
             disabled = {m: 'disabled' for m in current_plugins_value if m not in updated_plugins_value}
             changed = merge_dicts(enabled, disabled)
 
-            for module, action in changed.items():
+            for module, operation in changed.items():
                 serializer.instance.log_action(
-                    'pretix.event.plugins.' + action,
+                    'pretix.event.plugins.' + operation,
                     user=self.request.user,
                     auth=self.request.auth,
                     data={'plugin': module}
@@ -744,3 +746,24 @@ class SeatViewSet(ConditionalListView, viewsets.ModelViewSet):
             auth=self.request.auth,
             data={"seats": [serializer.instance.pk]},
         )
+
+    def bulk_change_blocked(self, blocked):
+        s = SeatBulkBlockInputSerializer(
+            data=self.request.data,
+            context={"event": self.request.event, "queryset": self.get_queryset()},
+        )
+        s.is_valid(raise_exception=True)
+
+        seats = s.validated_data["seats"]
+        for seat in seats:
+            seat.blocked = blocked
+        Seat.objects.bulk_update(seats, ["blocked"], batch_size=1000)
+        return Response({})
+
+    @action(methods=["POST"], detail=False)
+    def bulk_block(self, request, *args, **kwargs):
+        return self.bulk_change_blocked(True)
+
+    @action(methods=["POST"], detail=False)
+    def bulk_unblock(self, request, *args, **kwargs):
+        return self.bulk_change_blocked(False)

src/pretix/base/auth.py

@@ -152,7 +152,7 @@ class NativeAuthBackend(BaseAuthBackend):
         to log in.
         """
         d = OrderedDict([
-            ('email', forms.EmailField(label=_("E-mail"), max_length=254,
+            ('email', forms.EmailField(label=_("Email"), max_length=254,
                                        widget=forms.EmailInput(attrs={'autofocus': 'autofocus'}))),
             ('password', forms.CharField(label=_("Password"), widget=forms.PasswordInput,
                                          max_length=4096)),

src/pretix/base/email.py

@@ -35,6 +35,7 @@ from django.utils.translation import get_language, gettext_lazy as _
 from pretix.base.models import Event
 from pretix.base.signals import register_html_mail_renderers
 from pretix.base.templatetags.rich_text import markdown_compile_email
+from pretix.helpers.format import SafeFormatter, format_map
 
 from pretix.base.services.placeholders import (  # noqa
     get_available_placeholders, PlaceholderContext
@@ -68,7 +69,7 @@ def test_custom_smtp_backend(backend: T, from_addr: str) -> None:
 
 class BaseHTMLMailRenderer:
     """
-    This is the base class for all HTML e-mail renderers.
+    This is the base class for all HTML email renderers.
     """
 
     def __init__(self, event: Event, organizer=None):
@@ -79,7 +80,7 @@ class BaseHTMLMailRenderer:
         return self.identifier
 
     def render(self, plain_body: str, plain_signature: str, subject: str, order=None,
-               position=None) -> str:
+               position=None, context=None) -> str:
         """
         This method should generate the HTML part of the email.
 
@@ -88,6 +89,7 @@ class BaseHTMLMailRenderer:
         :param subject: The email subject.
         :param order: The order if this email is connected to one, otherwise ``None``.
         :param position: The order position if this email is connected to one, otherwise ``None``.
+        :param context: Context to use to render placeholders in the plain body
         :return: An HTML string
         """
         raise NotImplementedError()
@@ -134,8 +136,10 @@ class TemplateBasedMailRenderer(BaseHTMLMailRenderer):
     def compile_markdown(self, plaintext):
         return markdown_compile_email(plaintext)
 
-    def render(self, plain_body: str, plain_signature: str, subject: str, order, position) -> str:
+    def render(self, plain_body: str, plain_signature: str, subject: str, order, position, context) -> str:
         body_md = self.compile_markdown(plain_body)
+        if context:
+            body_md = format_map(body_md, context=context, mode=SafeFormatter.MODE_RICH_TO_HTML)
         htmlctx = {
             'site': settings.PRETIX_INSTANCE_NAME,
             'site_url': settings.SITE_URL,

src/pretix/base/exporters/customers.py

@@ -64,7 +64,7 @@ class CustomerListExporter(OrganizerLevelExportMixin, ListExporter):
             _('Customer ID'),
             _('SSO provider'),
             _('External identifier'),
-            _('E-mail'),
+            _('Email'),
             _('Phone number'),
             _('Full name'),
         ]

src/pretix/base/exporters/invoices.py

@@ -199,7 +199,7 @@ class InvoiceDataExporter(InvoiceExporterMixin, MultiSheetListExporter):
                 _('Invoice number'),
                 _('Date'),
                 _('Order code'),
-                _('E-mail address'),
+                _('Email address'),
                 _('Invoice type'),
                 _('Cancellation of'),
                 _('Language'),
@@ -326,7 +326,7 @@ class InvoiceDataExporter(InvoiceExporterMixin, MultiSheetListExporter):
                 _('Event start date'),
                 _('Date'),
                 _('Order code'),
-                _('E-mail address'),
+                _('Email address'),
                 _('Invoice type'),
                 _('Cancellation of'),
                 _('Invoice sender:') + ' ' + _('Name'),

src/pretix/base/exporters/orderlist.py

@@ -284,7 +284,7 @@ class OrderListExporter(MultiSheetListExporter):
         headers.append(_('Comment'))
         headers.append(_('Follow-up date'))
         headers.append(_('Positions'))
-        headers.append(_('E-mail address verified'))
+        headers.append(_('Email address verified'))
         headers.append(_('External customer ID'))
         headers.append(_('Payment providers'))
         if form_data.get('include_payment_amounts'):
@@ -655,7 +655,7 @@ class OrderListExporter(MultiSheetListExporter):
         headers += [
             _('Sales channel'),
             _('Order locale'),
-            _('E-mail address verified'),
+            _('Email address verified'),
             _('External customer ID'),
             _('Check-in lists'),
             _('Payment providers'),

src/pretix/base/forms/auth.py

@@ -254,7 +254,7 @@ class PasswordRecoverForm(forms.Form):
 
 class PasswordForgotForm(forms.Form):
     email = forms.EmailField(
-        label=_('E-mail'),
+        label=_('Email'),
     )
 
     def __init__(self, *args, **kwargs):

src/pretix/base/forms/questions.py

@@ -54,6 +54,7 @@ from django.core.validators import (
 from django.db.models import QuerySet
 from django.forms import Select, widgets
 from django.forms.widgets import FILE_INPUT_CONTRADICTION
+from django.urls import reverse
 from django.utils.formats import date_format
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
@@ -77,7 +78,7 @@ from pretix.base.i18n import (
     get_babel_locale, get_language_without_region, language,
 )
 from pretix.base.models import InvoiceAddress, Item, Question, QuestionOption
-from pretix.base.models.tax import VAT_ID_COUNTRIES, ask_for_vat_id
+from pretix.base.models.tax import ask_for_vat_id
 from pretix.base.services.tax import (
     VATIDFinalError, VATIDTemporaryError, validate_vat_id,
 )
@@ -602,6 +603,7 @@ class BaseQuestionsForm(forms.Form):
         questions = pos.item.questions_to_ask
         event = kwargs.pop('event')
         self.all_optional = kwargs.pop('all_optional', False)
+        self.attendee_addresses_required = event.settings.attendee_addresses_required and not self.all_optional
 
         super().__init__(*args, **kwargs)
 
@@ -676,7 +678,7 @@ class BaseQuestionsForm(forms.Form):
 
         if item.ask_attendee_data and event.settings.attendee_addresses_asked:
             add_fields['street'] = forms.CharField(
-                required=event.settings.attendee_addresses_required and not self.all_optional,
+                required=self.attendee_addresses_required,
                 label=_('Address'),
                 widget=forms.Textarea(attrs={
                     'rows': 2,
@@ -686,7 +688,7 @@ class BaseQuestionsForm(forms.Form):
                 initial=(cartpos.street if cartpos else orderpos.street),
             )
             add_fields['zipcode'] = forms.CharField(
-                required=event.settings.attendee_addresses_required and not self.all_optional,
+                required=False,
                 max_length=30,
                 label=_('ZIP code'),
                 initial=(cartpos.zipcode if cartpos else orderpos.zipcode),
@@ -695,7 +697,7 @@ class BaseQuestionsForm(forms.Form):
                 }),
             )
             add_fields['city'] = forms.CharField(
-                required=event.settings.attendee_addresses_required and not self.all_optional,
+                required=False,
                 label=_('City'),
                 max_length=255,
                 initial=(cartpos.city if cartpos else orderpos.city),
@@ -707,11 +709,12 @@ class BaseQuestionsForm(forms.Form):
             add_fields['country'] = CountryField(
                 countries=CachedCountries
             ).formfield(
-                required=event.settings.attendee_addresses_required and not self.all_optional,
+                required=self.attendee_addresses_required,
                 label=_('Country'),
                 initial=country,
                 widget=forms.Select(attrs={
                     'autocomplete': 'country',
+                    'data-country-information-url': reverse('js_helpers.states'),
                 }),
             )
             c = [('', pgettext_lazy('address', 'Select state'))]
@@ -946,9 +949,9 @@ class BaseQuestionsForm(forms.Form):
         d = super().clean()
 
         if self.address_validation:
-            self.cleaned_data = d = validate_address(d, True)
+            self.cleaned_data = d = validate_address(d, all_optional=not self.attendee_addresses_required)
 
-        if d.get('city') and d.get('country') and str(d['country']) in COUNTRIES_WITH_STATE_IN_ADDRESS:
+        if d.get('street') and d.get('country') and str(d['country']) in COUNTRIES_WITH_STATE_IN_ADDRESS:
             if not d.get('state'):
                 self.add_error('state', _('This field is required.'))
 
@@ -1005,7 +1008,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
             'street': forms.Textarea(attrs={
                 'rows': 2,
                 'placeholder': _('Street and Number'),
-                'autocomplete': 'street-address'
+                'autocomplete': 'street-address',
             }),
             'beneficiary': forms.Textarea(attrs={'rows': 3}),
             'country': forms.Select(attrs={
@@ -1021,7 +1024,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
                 'data-display-dependency': '#id_is_business_1',
                 'autocomplete': 'organization',
             }),
-            'vat_id': forms.TextInput(attrs={'data-display-dependency': '#id_is_business_1', 'data-countries-with-vat-id': ','.join(VAT_ID_COUNTRIES)}),
+            'vat_id': forms.TextInput(attrs={'data-display-dependency': '#id_is_business_1'}),
             'internal_reference': forms.TextInput,
         }
         labels = {
@@ -1055,6 +1058,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
             ])
 
         self.fields['country'].choices = CachedCountries()
+        self.fields['country'].widget.attrs['data-country-information-url'] = reverse('js_helpers.states')
 
         c = [('', pgettext_lazy('address', 'Select state'))]
         fprefix = self.prefix + '-' if self.prefix else ''
@@ -1083,6 +1087,10 @@ class BaseInvoiceAddressForm(forms.ModelForm):
         )
         self.fields['state'].widget.is_required = True
 
+        self.fields['street'].required = False
+        self.fields['zipcode'].required = False
+        self.fields['city'].required = False
+
         # Without JavaScript the VAT ID field is not hidden, so we empty the field if a country outside the EU is selected.
         if cc and not ask_for_vat_id(cc) and fprefix + 'vat_id' in self.data:
             self.data = self.data.copy()
@@ -1135,6 +1143,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
             validate_address  # local import to prevent impact on startup time
 
         data = self.cleaned_data
+
         if not data.get('is_business'):
             data['company'] = ''
             data['vat_id'] = ''
@@ -1142,9 +1151,11 @@ class BaseInvoiceAddressForm(forms.ModelForm):
             data['vat_id'] = ''
         if self.event.settings.invoice_address_required:
             if data.get('is_business') and not data.get('company'):
-                raise ValidationError(_('You need to provide a company name.'))
+                raise ValidationError({"company": _('You need to provide a company name.')})
             if not data.get('is_business') and not data.get('name_parts'):
                 raise ValidationError(_('You need to provide your name.'))
+            if not self.all_optional and 'street' in self.fields and not data.get('street') and not data.get('zipcode') and not data.get('city'):
+                raise ValidationError({"street": _('This field is required.')})
 
         if 'vat_id' in self.changed_data or not data.get('vat_id'):
             self.instance.vat_id_validated = False

src/pretix/base/forms/user.py

@@ -48,10 +48,10 @@ from pretix.control.forms import SingleLanguageWidget
 
 class UserSettingsForm(forms.ModelForm):
     error_messages = {
-        'duplicate_identifier': _("There already is an account associated with this e-mail address. "
+        'duplicate_identifier': _("There already is an account associated with this email address. "
                                   "Please choose a different one."),
-        'pw_current': _("Please enter your current password if you want to change your e-mail "
-                        "address or password."),
+        'pw_current': _("Please enter your current password if you want to change your email address "
+                        "or password."),
         'pw_current_wrong': _("The current password you entered was not correct."),
         'pw_mismatch': _("Please enter the same password twice"),
         'rate_limit': _("For security reasons, please wait 5 minutes before you try again."),

src/pretix/base/media.py

@@ -37,6 +37,16 @@ class BaseMediaType:
     def verbose_name(self):
         raise NotImplementedError()
 
+    @property
+    def icon(self):
+        """
+        This can be:
+
+        - The name of a Font Awesome icon to represent this channel type.
+        - The name of a SVG icon file that is resolvable through the static file system. We recommend to design for a size of 18x14 pixels.
+        """
+        return "circle"
+
     def generate_identifier(self, organizer):
         if self.medium_created_by_server:
             raise NotImplementedError()
@@ -59,6 +69,7 @@ class BaseMediaType:
 class BarcodePlainMediaType(BaseMediaType):
     identifier = 'barcode'
     verbose_name = _('Barcode / QR-Code')
+    icon = 'qrcode'
     medium_created_by_server = True
     supports_giftcard = False
     supports_orderposition = True
@@ -75,6 +86,7 @@ class BarcodePlainMediaType(BaseMediaType):
 class NfcUidMediaType(BaseMediaType):
     identifier = 'nfc_uid'
     verbose_name = _('NFC UID-based')
+    icon = 'pretixbase/img/media/nfc_uid.svg'
     medium_created_by_server = False
     supports_giftcard = True
     supports_orderposition = False
@@ -114,6 +126,7 @@ class NfcUidMediaType(BaseMediaType):
 class NfcMf0aesMediaType(BaseMediaType):
     identifier = 'nfc_mf0aes'
     verbose_name = 'NFC Mifare Ultralight AES'
+    icon = 'pretixbase/img/media/nfc_secure.svg'
     medium_created_by_server = False
     supports_giftcard = True
     supports_orderposition = False

src/pretix/base/migrations/0001_initial.py

@@ -29,7 +29,7 @@ class Migration(migrations.Migration):
                 ('password', models.CharField(verbose_name='password', max_length=128)),
                 ('last_login', models.DateTimeField(verbose_name='last login', blank=True, null=True)),
                 ('is_superuser', models.BooleanField(verbose_name='superuser status', default=False, help_text='Designates that this user has all permissions without explicitly assigning them.')),
-                ('email', models.EmailField(max_length=191, blank=True, unique=True, verbose_name='E-mail', null=True,
+                ('email', models.EmailField(max_length=191, blank=True, unique=True, verbose_name='Email', null=True,
                                             db_index=True)),
                 ('givenname', models.CharField(verbose_name='Given name', max_length=255, blank=True, null=True)),
                 ('familyname', models.CharField(verbose_name='Family name', max_length=255, blank=True, null=True)),

src/pretix/base/migrations/0001_squashed_0028_auto_20160816_1242.py

@@ -9,6 +9,7 @@ from decimal import Decimal
 import django.core.validators
 import django.db.models.deletion
 import i18nfield.fields
+from argon2.exceptions import HashingError
 from django.conf import settings
 from django.contrib.auth.hashers import make_password
 from django.db import migrations, models
@@ -25,7 +26,14 @@ def initial_user(apps, schema_editor):
     user = User(email='admin@localhost')
     user.is_staff = True
     user.is_superuser = True
-    user.password = make_password('admin')
+    try:
+        user.password = make_password('admin')
+    except HashingError:
+        raise Exception(
+            "Could not hash password of initial user with argon2id. If this is a system with less than 8 CPU cores, "
+            "you might need to disable argon2id by setting `passwords_argon2=off` in the `[django]` section of the "
+            "pretix.cfg configuration file."
+        )
     user.save()
 
 
@@ -48,7 +56,7 @@ class Migration(migrations.Migration):
                 ('password', models.CharField(max_length=128, verbose_name='password')),
                 ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
                 ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
-                ('email', models.EmailField(blank=True, db_index=True, max_length=254, null=True, unique=True, verbose_name='E-mail')),
+                ('email', models.EmailField(blank=True, db_index=True, max_length=254, null=True, unique=True, verbose_name='Email')),
                 ('givenname', models.CharField(blank=True, max_length=255, null=True, verbose_name='Given name')),
                 ('familyname', models.CharField(blank=True, max_length=255, null=True, verbose_name='Family name')),
                 ('is_active', models.BooleanField(default=True, verbose_name='Is active')),
@@ -232,7 +240,7 @@ class Migration(migrations.Migration):
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('code', models.CharField(max_length=16, verbose_name='Order code')),
                 ('status', models.CharField(choices=[('n', 'pending'), ('p', 'paid'), ('e', 'expired'), ('c', 'cancelled'), ('r', 'refunded')], max_length=3, verbose_name='Status')),
-                ('email', models.EmailField(blank=True, max_length=254, null=True, verbose_name='E-mail')),
+                ('email', models.EmailField(blank=True, max_length=254, null=True, verbose_name='Email')),
                 ('locale', models.CharField(blank=True, max_length=32, null=True, verbose_name='Locale')),
                 ('secret', models.CharField(default=pretix.base.models.orders.generate_secret, max_length=32)),
                 ('datetime', models.DateTimeField(verbose_name='Date')),

src/pretix/base/migrations/0002_auto_20160209_0940.py

@@ -187,7 +187,7 @@ class Migration(migrations.Migration):
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('code', models.CharField(max_length=16, verbose_name='Order code')),
                 ('status', models.CharField(choices=[('n', 'pending'), ('p', 'paid'), ('e', 'expired'), ('c', 'cancelled'), ('r', 'refunded')], max_length=3, verbose_name='Status')),
-                ('email', models.EmailField(blank=True, max_length=254, null=True, verbose_name='E-mail')),
+                ('email', models.EmailField(blank=True, max_length=254, null=True, verbose_name='Email')),
                 ('locale', models.CharField(blank=True, max_length=32, null=True, verbose_name='Locale')),
                 ('secret', models.CharField(default=pretix.base.models.orders.generate_secret, max_length=32)),
                 ('datetime', models.DateTimeField(verbose_name='Date')),

src/pretix/base/migrations/0051_auto_20170206_2027.py

@@ -20,7 +20,7 @@ class Migration(migrations.Migration):
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('created', models.DateTimeField(auto_now_add=True, verbose_name='On waiting list since')),
-                ('email', models.EmailField(max_length=254, verbose_name='E-mail address')),
+                ('email', models.EmailField(max_length=254, verbose_name='Email address')),
                 ('locale', models.CharField(default='en', max_length=190)),
                 ('event', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='waitinglistentries', to='pretixbase.Event', verbose_name='Event')),
                 ('item', models.ForeignKey(help_text='The product the user waits for.', on_delete=django.db.models.deletion.CASCADE, related_name='waitinglistentries', to='pretixbase.Item', verbose_name='Product')),

src/pretix/base/migrations/0051_auto_20170206_2027_squashed_0057_auto_20170501_2116.py

@@ -35,7 +35,7 @@ class Migration(migrations.Migration):
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('created', models.DateTimeField(auto_now_add=True, verbose_name='On waiting list since')),
-                ('email', models.EmailField(max_length=254, verbose_name='E-mail address')),
+                ('email', models.EmailField(max_length=254, verbose_name='Email address')),
                 ('locale', models.CharField(default='en', max_length=190)),
                 ('event', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='waitinglistentries', to='pretixbase.Event', verbose_name='Event')),
                 ('item', models.ForeignKey(help_text='The product the user waits for.', on_delete=django.db.models.deletion.CASCADE, related_name='waitinglistentries', to='pretixbase.Item', verbose_name='Product')),

src/pretix/base/migrations/0077_auto_20171124_1629_squashed_0088_auto_20180328_1217.py

@@ -163,7 +163,7 @@ class Migration(migrations.Migration):
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('action_type', models.CharField(max_length=255)),
-                ('method', models.CharField(choices=[('mail', 'E-mail')], max_length=255)),
+                ('method', models.CharField(choices=[('mail', 'Email')], max_length=255)),
                 ('event', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE,
                                             to='pretixbase.Event')),
                 ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),

src/pretix/base/migrations/0078_auto_20171206_1603.py

@@ -21,7 +21,7 @@ class Migration(migrations.Migration):
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('action_type', models.CharField(max_length=255)),
-                ('method', models.CharField(choices=[('mail', 'E-mail')], max_length=255)),
+                ('method', models.CharField(choices=[('mail', 'Email')], max_length=255)),
                 ('event', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='pretixbase.Event')),
                 ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
                 ('enabled', models.BooleanField(default=True)),

src/pretix/base/modelimport_orders.py

@@ -56,7 +56,7 @@ from pretix.base.signals import order_import_columns
 
 class EmailColumn(ImportColumn):
     identifier = 'email'
-    verbose_name = gettext_lazy('E-mail address')
+    verbose_name = gettext_lazy('Email address')
 
     def clean(self, value, previous_values):
         if value:
@@ -322,7 +322,7 @@ class AttendeeNamePart(ImportColumn):
 
 class AttendeeEmail(ImportColumn):
     identifier = 'attendee_email'
-    verbose_name = gettext_lazy('Attendee e-mail address')
+    verbose_name = gettext_lazy('Attendee email address')
 
     def clean(self, value, previous_values):
         if value:

src/pretix/base/models/auth.py

@@ -241,7 +241,7 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
     REQUIRED_FIELDS = []
 
     email = models.EmailField(unique=True, db_index=True, null=True, blank=True,
-                              verbose_name=_('E-mail'), max_length=190)
+                              verbose_name=_('Email'), max_length=190)
     fullname = models.CharField(max_length=255, blank=True, null=True,
                                 verbose_name=_('Full name'))
     is_active = models.BooleanField(default=True,

src/pretix/base/models/customers.py

@@ -91,7 +91,7 @@ class Customer(LoggedModel):
             ),
         ],
     )
-    email = models.EmailField(db_index=True, null=True, blank=False, verbose_name=_('E-mail'), max_length=190)
+    email = models.EmailField(db_index=True, null=True, blank=False, verbose_name=_('Email'), max_length=190)
     phone = PhoneNumberField(null=True, blank=True, verbose_name=_('Phone number'))
     password = models.CharField(verbose_name=_('Password'), max_length=128)
     name_cached = models.CharField(max_length=255, verbose_name=_('Full name'), blank=True)
@@ -392,7 +392,7 @@ class CustomerSSOClient(LoggedModel):
     SCOPE_CHOICES = (
         ('openid', _('OpenID Connect access (required)')),
         ('profile', _('Profile data (name, addresses)')),
-        ('email', _('E-mail address')),
+        ('email', _('Email address')),
         ('phone', _('Phone number')),
     )
 

src/pretix/base/models/event.py

@@ -823,6 +823,9 @@ class Event(EventMixin, LoggedModel):
         self.save()
         self.log_action('pretix.object.cloned', data={'source': other.slug, 'source_id': other.pk})
 
+        if hasattr(other, 'alternative_domain_assignment'):
+            other.alternative_domain_assignment.domain.event_assignments.create(event=self)
+
         if not self.all_sales_channels:
             self.limit_sales_channels.set(
                 self.organizer.sales_channels.filter(

src/pretix/base/models/memberships.py

@@ -159,10 +159,24 @@ class Membership(models.Model):
         de = date_format(self.date_end, 'SHORT_DATE_FORMAT')
         return f'{self.membership_type.name}: {self.attendee_name} ({ds} – {de})'
 
+    @property
+    def percentage_used(self):
+        if self.membership_type.max_usages and self.usages:
+            return int(self.usages / self.membership_type.max_usages * 100)
+        return 0
+
     @property
     def attendee_name(self):
         return build_name(self.attendee_name_parts, fallback_scheme=lambda: self.customer.organizer.settings.name_scheme)
 
+    @property
+    def expired(self):
+        return time_machine_now() > self.date_end
+
+    @property
+    def not_yet_valid(self):
+        return time_machine_now() < self.date_start
+
     def is_valid(self, ev=None, ticket_valid_from=None, valid_from_not_chosen=False):
         if valid_from_not_chosen:
             return not self.canceled and self.date_end >= time_machine_now()

src/pretix/base/models/notifications.py

@@ -43,7 +43,7 @@ class NotificationSetting(models.Model):
     :type enabled: bool
     """
     CHANNELS = (
-        ('mail', _('E-mail')),
+        ('mail', _('Email')),
     )
     user = models.ForeignKey('User', on_delete=models.CASCADE,
                              related_name='notification_settings')

src/pretix/base/models/orders.py

@@ -242,7 +242,7 @@ class Order(LockModel, LoggedModel):
     )
     email = models.EmailField(
         null=True, blank=True,
-        verbose_name=_('E-mail')
+        verbose_name=_('Email')
     )
     phone = PhoneNumberField(
         null=True, blank=True,
@@ -317,7 +317,7 @@ class Order(LockModel, LoggedModel):
     )
     email_known_to_work = models.BooleanField(
         default=False,
-        verbose_name=_('E-mail address verified')
+        verbose_name=_('Email address verified')
     )
     invoice_dirty = models.BooleanField(
         # Invoice needs to be re-issued when the order is paid again
@@ -2275,6 +2275,7 @@ class OrderFee(models.Model):
     FEE_TYPE_SERVICE = "service"
     FEE_TYPE_CANCELLATION = "cancellation"
     FEE_TYPE_INSURANCE = "insurance"
+    FEE_TYPE_LATE = "late"
     FEE_TYPE_OTHER = "other"
     FEE_TYPE_GIFTCARD = "giftcard"
     FEE_TYPES = (
@@ -2283,6 +2284,7 @@ class OrderFee(models.Model):
         (FEE_TYPE_SERVICE, _("Service fee")),
         (FEE_TYPE_CANCELLATION, _("Cancellation fee")),
         (FEE_TYPE_INSURANCE, _("Insurance fee")),
+        (FEE_TYPE_LATE, _("Late fee")),
         (FEE_TYPE_OTHER, _("Other fees")),
         (FEE_TYPE_GIFTCARD, _("Gift card")),
     )
@@ -3204,9 +3206,9 @@ class InvoiceAddress(models.Model):
     company = models.CharField(max_length=255, blank=True, verbose_name=_('Company name'))
     name_cached = models.CharField(max_length=255, verbose_name=_('Full name'), blank=True)
     name_parts = models.JSONField(default=dict)
-    street = models.TextField(verbose_name=_('Address'), blank=False)
-    zipcode = models.CharField(max_length=30, verbose_name=_('ZIP code'), blank=False)
-    city = models.CharField(max_length=255, verbose_name=_('City'), blank=False)
+    street = models.TextField(verbose_name=_('Address'), blank=True)
+    zipcode = models.CharField(max_length=30, verbose_name=_('ZIP code'), blank=True)
+    city = models.CharField(max_length=255, verbose_name=_('City'), blank=True)
     country_old = models.CharField(max_length=255, verbose_name=_('Country'), blank=False)
     country = FastCountryField(verbose_name=_('Country'), blank=False, blank_label=_('Select country'),
                                countries=CachedCountries)

src/pretix/base/models/waitinglist.py

@@ -73,7 +73,7 @@ class WaitingListEntry(LoggedModel):
         blank=True, default=dict
     )
     email = models.EmailField(
-        verbose_name=_("E-mail address")
+        verbose_name=_("Email address")
     )
     phone = PhoneNumberField(
         null=True, blank=True,

src/pretix/base/services/mail.py

@@ -76,7 +76,7 @@ from pretix.base.services.tasks import TransactionAwareTask
 from pretix.base.services.tickets import get_tickets_for_order
 from pretix.base.signals import email_filter, global_email_filter
 from pretix.celery_app import app
-from pretix.helpers.format import format_map
+from pretix.helpers.format import SafeFormatter, format_map
 from pretix.helpers.hierarkey import clean_filename
 from pretix.multidomain.urlreverse import build_absolute_uri
 from pretix.presale.ical import get_private_icals
@@ -311,11 +311,17 @@ def mail(email: Union[str, Sequence[str]], subject: str, template: Union[str, La
             try:
                 if plain_text_only:
                     body_html = None
+                elif 'context' in inspect.signature(renderer.render).parameters:
+                    body_html = renderer.render(content_plain, signature, raw_subject, order, position, context)
                 elif 'position' in inspect.signature(renderer.render).parameters:
+                    # Backwards compatibility
+                    warnings.warn('Email renderer called without context argument because context argument is not '
+                                  'supported.',
+                                  DeprecationWarning)
                     body_html = renderer.render(content_plain, signature, raw_subject, order, position)
                 else:
                     # Backwards compatibility
-                    warnings.warn('E-mail renderer called without position argument because position argument is not '
+                    warnings.warn('Email renderer called without position argument because position argument is not '
                                   'supported.',
                                   DeprecationWarning)
                     body_html = renderer.render(content_plain, signature, raw_subject, order)
@@ -323,6 +329,8 @@ def mail(email: Union[str, Sequence[str]], subject: str, template: Union[str, La
                 logger.exception('Could not render HTML body')
                 body_html = None
 
+        body_plain = format_map(body_plain, context, mode=SafeFormatter.MODE_RICH_TO_PLAIN)
+
         send_task = mail_send_task.si(
             to=[email] if isinstance(email, str) else list(email),
             cc=cc,
@@ -655,7 +663,7 @@ def render_mail(template, context):
     if isinstance(template, LazyI18nString):
         body = str(template)
         if context:
-            body = format_map(body, context)
+            body = format_map(body, context, mode=SafeFormatter.MODE_IGNORE_RICH)
     else:
         tpl = get_template(template)
         body = tpl.render(context)

src/pretix/base/services/placeholders.py

@@ -26,6 +26,7 @@ from decimal import Decimal
 
 from django.dispatch import receiver
 from django.utils.formats import date_format
+from django.utils.html import escape
 from django.utils.timezone import now
 from django.utils.translation import gettext_lazy as _
 
@@ -39,7 +40,8 @@ from pretix.base.settings import PERSON_NAME_SCHEMES, get_name_parts_localized
 from pretix.base.signals import (
     register_mail_placeholders, register_text_placeholders,
 )
-from pretix.helpers.format import SafeFormatter
+from pretix.base.templatetags.rich_text import markdown_compile_email
+from pretix.helpers.format import PlainHtmlAlternativeString, SafeFormatter
 
 logger = logging.getLogger('pretix.base.services.placeholders')
 
@@ -107,6 +109,91 @@ class SimpleFunctionalTextPlaceholder(BaseTextPlaceholder):
             return self._sample
 
 
+class BaseRichTextPlaceholder(BaseTextPlaceholder):
+    """
+    This is the base class for all placeholders which can render either to plain text
+    or to a rich HTML element.
+    """
+
+    def __init__(self, identifier, args):
+        self._identifier = identifier
+        self._args = args
+
+    @property
+    def identifier(self):
+        return self._identifier
+
+    @property
+    def required_context(self):
+        return self._args
+
+    @property
+    def is_block(self):
+        return False
+
+    def render(self, context):
+        return PlainHtmlAlternativeString(
+            self.render_plain(**{k: context[k] for k in self._args}),
+            self.render_html(**{k: context[k] for k in self._args}),
+            self.is_block,
+        )
+
+    def render_html(self, **kwargs):
+        """
+        HTML rendering of the placeholder. Should return "safe" HTML, i.e. everything needs to be
+        escaped.
+        """
+        raise NotImplementedError
+
+    def render_plain(self, **kwargs):
+        """
+        Plain text rendering of the placeholder.
+        """
+        raise NotImplementedError
+
+    def render_sample(self, event):
+        return PlainHtmlAlternativeString(
+            self.render_sample_plain(event=event),
+            self.render_sample_html(event=event),
+            self.is_block,
+        )
+
+    def render_sample_html(self, event):
+        raise NotImplementedError
+
+    def render_sample_plain(self, event):
+        raise NotImplementedError
+
+
+class SimpleButtonPlaceholder(BaseRichTextPlaceholder):
+    def __init__(self, identifier, args, url_func, text_func, sample_url_func, sample_text_func):
+        super().__init__(identifier, args)
+        self._url_func = url_func
+        self._text_func = text_func
+        self._sample_url_func = sample_url_func
+        self._sample_text_func = sample_text_func
+
+    def render_html(self, **context):
+        text = self._text_func(**{k: context[k] for k in self._args})
+        url = self._url_func(**{k: context[k] for k in self._args})
+        return f'<a href="{url}" class="button">{escape(text)}</a>'
+
+    def render_plain(self, **context):
+        text = self._text_func(**{k: context[k] for k in self._args})
+        url = self._url_func(**{k: context[k] for k in self._args})
+        return f'{text}: {url}'
+
+    def render_sample_html(self, event):
+        text = self._sample_text_func(event)
+        url = self._sample_url_func(event)
+        return f'<a href="{url}" class="button">{escape(text)}</a>'
+
+    def render_sample_plain(self, event):
+        text = self._sample_text_func(event)
+        url = self._sample_url_func(event)
+        return f'{text}: {url}'
+
+
 class PlaceholderContext(SafeFormatter):
     """
     Holds the contextual arguments and corresponding list of available placeholders for formatting
@@ -209,13 +296,24 @@ def get_best_name(position_or_address, parts=False):
 def base_placeholders(sender, **kwargs):
     from pretix.multidomain.urlreverse import build_absolute_uri
 
+    def _event_sample(event):
+        if event.has_subevents:
+            se = event.subevents.first()
+            if se:
+                return se.name
+        return event.name
+
     ph = [
         SimpleFunctionalTextPlaceholder(
             'event', ['event'], lambda event: event.name, lambda event: event.name
         ),
         SimpleFunctionalTextPlaceholder(
             'event', ['event_or_subevent'], lambda event_or_subevent: event_or_subevent.name,
-            lambda event_or_subevent: event_or_subevent.name
+            _event_sample,
+        ),
+        SimpleFunctionalTextPlaceholder(
+            'event_series_name', ['event', 'event_or_subevent'], lambda event, event_or_subevent: event.name,
+            lambda event: event.name
         ),
         SimpleFunctionalTextPlaceholder(
             'event_slug', ['event'], lambda event: event.slug, lambda event: event.slug
@@ -273,6 +371,27 @@ def base_placeholders(sender, **kwargs):
                 }
             ),
         ),
+        SimpleButtonPlaceholder(
+            'url_button', ['order', 'event'],
+            url_func=lambda order, event: build_absolute_uri(
+                event,
+                'presale:event.order.open', kwargs={
+                    'order': order.code,
+                    'secret': order.secret,
+                    'hash': order.email_confirm_secret()
+                }
+            ),
+            text_func=lambda order, event: _("View order details"),
+            sample_url_func=lambda event: build_absolute_uri(
+                event,
+                'presale:event.order.open', kwargs={
+                    'order': 'F8VVL',
+                    'secret': '6zzjnumtsx136ddy',
+                    'hash': '98kusd8ofsj8dnkd'
+                }
+            ),
+            sample_text_func=lambda event: _("View order details"),
+        ),
         SimpleFunctionalTextPlaceholder(
             'url_info_change', ['order', 'event'], lambda order, event: build_absolute_uri(
                 event,
@@ -337,6 +456,27 @@ def base_placeholders(sender, **kwargs):
                 }
             ),
         ),
+        SimpleButtonPlaceholder(
+            'url_button', ['event', 'position'],
+            url_func=lambda event, position: build_absolute_uri(
+                event,
+                'presale:event.order.position', kwargs={
+                    'order': position.order.code,
+                    'secret': position.web_secret,
+                    'position': position.positionid
+                }
+            ),
+            text_func=lambda event, position: _("View registration details"),
+            sample_url_func=lambda event: build_absolute_uri(
+                event,
+                'presale:event.order.position', kwargs={
+                    'order': 'F8VVL',
+                    'secret': '6zzjnumtsx136ddy',
+                    'position': '123'
+                }
+            ),
+            sample_text_func=lambda event: _("View registration details"),
+        ),
         SimpleFunctionalTextPlaceholder(
             'url_info_change', ['position', 'event'], lambda position, event: build_absolute_uri(
                 event,
@@ -592,8 +732,8 @@ def base_placeholders(sender, **kwargs):
 
 
 class FormPlaceholderMixin:
-    def _set_field_placeholders(self, fn, base_parameters):
-        placeholders = get_available_placeholders(self.event, base_parameters)
+    def _set_field_placeholders(self, fn, base_parameters, rich=False):
+        placeholders = get_available_placeholders(self.event, base_parameters, rich=rich)
         ht = format_placeholders_help_text(placeholders, self.event)
         if self.fields[fn].help_text:
             self.fields[fn].help_text += ' ' + str(ht)
@@ -604,7 +744,7 @@ class FormPlaceholderMixin:
         )
 
 
-def get_available_placeholders(event, base_parameters):
+def get_available_placeholders(event, base_parameters, rich=False):
     if 'order' in base_parameters:
         base_parameters.append('invoice_address')
         base_parameters.append('position_or_address')
@@ -613,6 +753,35 @@ def get_available_placeholders(event, base_parameters):
         if not isinstance(val, (list, tuple)):
             val = [val]
         for v in val:
+            if isinstance(v, BaseRichTextPlaceholder) and not rich:
+                continue
             if all(rp in base_parameters for rp in v.required_context):
                 params[v.identifier] = v
     return params
+
+
+def get_sample_context(event, context_parameters, rich=True):
+    context_dict = {}
+    lbl = _('This value will be replaced based on dynamic parameters.')
+    for k, v in get_available_placeholders(event, context_parameters, rich=rich).items():
+        sample = v.render_sample(event)
+        if isinstance(sample, PlainHtmlAlternativeString):
+            context_dict[k] = PlainHtmlAlternativeString(
+                sample.plain,
+                '<{el} class="placeholder placeholder-html" title="{title}">{html}</{el}>'.format(
+                    el='div' if sample.is_block else 'span',
+                    title=lbl,
+                    html=sample.html,
+                )
+            )
+        elif str(sample).strip().startswith('* ') or str(sample).startswith('  '):
+            context_dict[k] = '<div class="placeholder" title="{}">{}</div>'.format(
+                lbl,
+                markdown_compile_email(str(sample))
+            )
+        else:
+            context_dict[k] = '<span class="placeholder" title="{}">{}</span>'.format(
+                lbl,
+                escape(sample)
+            )
+    return context_dict

src/pretix/base/shredder.py

@@ -287,9 +287,9 @@ class PhoneNumberShredder(BaseDataShredder):
 
 
 class EmailAddressShredder(BaseDataShredder):
-    verbose_name = _('E-mails')
+    verbose_name = _('Emails')
     identifier = 'order_emails'
-    description = _('This will remove all e-mail addresses from orders and attendees, as well as logged email '
+    description = _('This will remove all email addresses from orders and attendees, as well as logged email '
                     'contents. This will also remove the association to customer accounts.')
 
     def generate_files(self) -> List[Tuple[str, str, str]]:

src/pretix/base/templates/pretixbase/email/base.html

@@ -131,6 +131,9 @@
             text-align: left;
             padding: 0;
         }
+        .content table td.align-right {
+            text-align: right;
+        }
 
         a.button {
             display: inline-block;
@@ -178,6 +181,9 @@
         pre, pre code {
             white-space: pre-line;
         }
+        .text-right, .content table td.text-right {
+            text-align: right;
+        }
 
         {% if rtl %}
             body {
@@ -186,6 +192,9 @@
             .content {
                 text-align: right;
             }
+            .text-right, .content table td.text-right {
+                text-align: left;
+            }
         {% endif %}
 
         {% block addcss %}{% endblock %}

src/pretix/base/templatetags/icon.py

@@ -0,0 +1,34 @@
+#
+# This file is part of pretix (Community Edition).
+#
+# Copyright (C) 2014-2020 Raphael Michel and contributors
+# Copyright (C) 2020-2021 rami.io GmbH and contributors
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
+# Public License as published by the Free Software Foundation in version 3 of the License.
+#
+# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
+# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
+# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
+# this file, see <https://pretix.eu/about/en/license>.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
+# <https://www.gnu.org/licenses/>.
+#
+from django import template
+from django.utils.html import format_html
+
+register = template.Library()
+
+
+@register.simple_tag
+def icon(key, *args, **kwargs):
+    return format_html(
+        '<span class="fa fa-{} {}" aria-hidden="true"></span>',
+        key,
+        kwargs["class"] if "class" in kwargs else "",
+    )

src/pretix/base/templatetags/rich_text.py

@@ -305,6 +305,7 @@ def markdown_compile_email(source, allowed_tags=ALLOWED_TAGS, allowed_attributes
         source,
         extensions=[
             'markdown.extensions.sane_lists',
+            'markdown.extensions.tables',
             EmailNl2BrExtension(),
             LinkifyAndCleanExtension(
                 linker,

src/pretix/base/templatetags/textbubble.py

@@ -0,0 +1,42 @@
+#
+# This file is part of pretix (Community Edition).
+#
+# Copyright (C) 2014-2020 Raphael Michel and contributors
+# Copyright (C) 2020-2021 rami.io GmbH and contributors
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
+# Public License as published by the Free Software Foundation in version 3 of the License.
+#
+# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
+# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
+# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
+# this file, see <https://pretix.eu/about/en/license>.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
+# <https://www.gnu.org/licenses/>.
+#
+from django import template
+from django.utils.html import format_html, mark_safe
+
+register = template.Library()
+
+
+@register.simple_tag
+def textbubble(type, *args, **kwargs):
+    return format_html(
+        '<span class="textbubble-{}">{}',
+        type or "info",
+        "" if "icon" not in kwargs else format_html(
+            '<i class="fa fa-{}" aria-hidden="true"></i> ',
+            kwargs["icon"]
+        )
+    )
+
+
+@register.simple_tag
+def endtextbubble():
+    return mark_safe('</span>')

src/pretix/base/views/js_helpers.py

@@ -22,16 +22,30 @@
 import pycountry
 from django.http import JsonResponse
 
+from pretix.base.addressvalidation import (
+    COUNTRIES_WITH_STREET_ZIPCODE_AND_CITY_REQUIRED,
+)
+from pretix.base.models.tax import VAT_ID_COUNTRIES
 from pretix.base.settings import COUNTRIES_WITH_STATE_IN_ADDRESS
 
 
 def states(request):
     cc = request.GET.get("country", "DE")
+    info = {
+        'street': {'required': True},
+        'zipcode': {'required': cc in COUNTRIES_WITH_STREET_ZIPCODE_AND_CITY_REQUIRED},
+        'city': {'required': cc in COUNTRIES_WITH_STREET_ZIPCODE_AND_CITY_REQUIRED},
+        'state': {'visible': cc in COUNTRIES_WITH_STATE_IN_ADDRESS, 'required': cc in COUNTRIES_WITH_STATE_IN_ADDRESS},
+        'vat_id': {'visible': cc in VAT_ID_COUNTRIES, 'required': False},
+    }
     if cc not in COUNTRIES_WITH_STATE_IN_ADDRESS:
-        return JsonResponse({'data': []})
+        return JsonResponse({'data': [], **info, })
     types, form = COUNTRIES_WITH_STATE_IN_ADDRESS[cc]
     statelist = [s for s in pycountry.subdivisions.get(country_code=cc) if s.type in types]
-    return JsonResponse({'data': [
-        {'name': s.name, 'code': s.code[3:]}
-        for s in sorted(statelist, key=lambda s: s.name)
-    ]})
+    return JsonResponse({
+        'data': [
+            {'name': s.name, 'code': s.code[3:]}
+            for s in sorted(statelist, key=lambda s: s.name)
+        ],
+        **info,
+    })

src/pretix/control/forms/event.py

@@ -35,7 +35,7 @@
 # License for the specific language governing permissions and limitations under the License.
 
 from decimal import Decimal
-from urllib.parse import urlencode, urlparse
+from urllib.parse import urlencode
 from zoneinfo import ZoneInfo
 
 import pycountry
@@ -76,8 +76,10 @@ from pretix.control.forms import (
 )
 from pretix.control.forms.widgets import Select2
 from pretix.helpers.countries import CachedCountries
-from pretix.multidomain.models import KnownDomain
-from pretix.multidomain.urlreverse import build_absolute_uri
+from pretix.multidomain.models import AlternativeDomainAssignment, KnownDomain
+from pretix.multidomain.urlreverse import (
+    build_absolute_uri, get_organizer_domain,
+)
 from pretix.plugins.banktransfer.payment import BankTransfer
 from pretix.presale.style import get_fonts
 
@@ -136,6 +138,11 @@ class EventWizardBasicsForm(I18nModelForm):
         choices=settings.LANGUAGES,
         label=_("Default language"),
     )
+    no_taxes = forms.BooleanField(
+        label=_("I don't want to specify taxes now"),
+        help_text=_("You can always configure tax rates later."),
+        required=False,
+    )
     tax_rate = forms.DecimalField(
         label=_("Sales tax rate"),
         help_text=_("Do you need to pay sales tax on your tickets? In this case, please enter the applicable tax rate "
@@ -223,6 +230,11 @@ class EventWizardBasicsForm(I18nModelForm):
             raise ValidationError({
                 'timezone': _('Your default locale must be specified.')
             })
+        if not data.get("no_taxes") and not data.get("tax_rate"):
+            raise ValidationError({
+                'tax_rate': _('You have not specified a tax rate. If you do not want us to compute sales taxes, please '
+                              'check "{field}" above.').format(field=self.fields["no_taxes"].label)
+            })
 
         # change timezone
         zone = ZoneInfo(data.get('timezone'))
@@ -353,14 +365,9 @@ class EventUpdateForm(I18nModelForm):
 
     def __init__(self, *args, **kwargs):
         self.change_slug = kwargs.pop('change_slug', False)
-        self.domain = kwargs.pop('domain', False)
 
         kwargs.setdefault('initial', {})
         self.instance = kwargs['instance']
-        if self.domain and self.instance:
-            initial_domain = self.instance.domains.first()
-            if initial_domain:
-                kwargs['initial'].setdefault('domain', initial_domain.domainname)
 
         super().__init__(*args, **kwargs)
         if not self.change_slug:
@@ -369,48 +376,54 @@ class EventUpdateForm(I18nModelForm):
         self.fields['location'].widget.attrs['placeholder'] = _(
             'Sample Conference Center\nHeidelberg, Germany'
         )
-        if self.domain:
+
+        try:
             self.fields['domain'] = forms.CharField(
                 max_length=255,
-                label=_('Custom domain'),
+                label=_('Domain'),
+                initial=self.instance.domain.domainname,
+                required=False,
+                disabled=True,
+                help_text=_('You can configure this in your organizer settings.')
+            )
+        except KnownDomain.DoesNotExist:
+            domain = get_organizer_domain(self.instance.organizer)
+            try:
+                current_domain_assignment = self.instance.alternative_domain_assignment
+            except AlternativeDomainAssignment.DoesNotExist:
+                current_domain_assignment = None
+            self.fields['domain'] = forms.ChoiceField(
+                label=_('Domain'),
+                help_text=_('You can add more domains in your organizer account.'),
+                choices=[('', _('Same as organizer account') + (f" ({domain})" if domain else ""))] + [
+                    (d.domainname, d.domainname) for d in self.instance.organizer.domains.filter(mode=KnownDomain.MODE_ORG_ALT_DOMAIN)
+                ],
+                initial=current_domain_assignment.domain_id if current_domain_assignment else "",
                 required=False,
-                help_text=_('You need to configure the custom domain in the webserver beforehand.')
             )
         self.fields['limit_sales_channels'].queryset = self.event.organizer.sales_channels.all()
         self.fields['limit_sales_channels'].widget = SalesChannelCheckboxSelectMultiple(self.event, attrs={
             'data-inverse-dependency': '<[name$=all_sales_channels]',
         }, choices=self.fields['limit_sales_channels'].widget.choices)
 
-    def clean_domain(self):
-        d = self.cleaned_data['domain']
-        if d:
-            if d == urlparse(settings.SITE_URL).hostname:
-                raise ValidationError(
-                    _('You cannot choose the base domain of this installation.')
-                )
-            if KnownDomain.objects.filter(domainname=d).exclude(event=self.instance.pk).exists():
-                raise ValidationError(
-                    _('This domain is already in use for a different event or organizer.')
-                )
-        return d
-
     def save(self, commit=True):
         instance = super().save(commit)
 
-        if self.domain:
-            current_domain = instance.domains.first()
-            if self.cleaned_data['domain']:
-                if current_domain and current_domain.domainname != self.cleaned_data['domain']:
-                    current_domain.delete()
-                    KnownDomain.objects.create(
-                        organizer=instance.organizer, event=instance, domainname=self.cleaned_data['domain']
-                    )
-                elif not current_domain:
-                    KnownDomain.objects.create(
-                        organizer=instance.organizer, event=instance, domainname=self.cleaned_data['domain']
-                    )
-            elif current_domain:
-                current_domain.delete()
+        try:
+            current_domain_assignment = instance.alternative_domain_assignment
+        except AlternativeDomainAssignment.DoesNotExist:
+            current_domain_assignment = None
+        if self.cleaned_data['domain'] and not hasattr(instance, 'domain'):
+            domain = self.instance.organizer.domains.get(mode=KnownDomain.MODE_ORG_ALT_DOMAIN, domainname=self.cleaned_data["domain"])
+            AlternativeDomainAssignment.objects.update_or_create(
+                event=instance,
+                defaults={
+                    "domain": domain,
+                }
+            )
+            instance.cache.clear()
+        elif current_domain_assignment:
+            current_domain_assignment.delete()
             instance.cache.clear()
 
         return instance
@@ -1372,7 +1385,7 @@ class MailSettingsForm(FormPlaceholderMixin, SettingsForm):
         self.event.meta_values_cached = self.event.meta_values.select_related('property').all()
 
         for k, v in self.base_context.items():
-            self._set_field_placeholders(k, v)
+            self._set_field_placeholders(k, v, rich=k.startswith('mail_text_'))
 
         for k, v in list(self.fields.items()):
             if k.endswith('_attendee') and not event.settings.attendee_emails_asked:

src/pretix/control/forms/filter.py

@@ -549,7 +549,7 @@ class EventOrderExpertFilterForm(EventOrderFilterForm):
     )
     email = forms.CharField(
         required=False,
-        label=_('E-mail address')
+        label=_('Email address')
     )
     comment = forms.CharField(
         required=False,
@@ -563,7 +563,7 @@ class EventOrderExpertFilterForm(EventOrderFilterForm):
     email_known_to_work = forms.NullBooleanField(
         required=False,
         widget=FilterNullBooleanSelect,
-        label=_('E-mail address verified'),
+        label=_('Email address verified'),
     )
     total = forms.DecimalField(
         localize=True,
@@ -648,7 +648,7 @@ class EventOrderExpertFilterForm(EventOrderFilterForm):
         )
         self.fields['attendee_email'] = forms.CharField(
             required=False,
-            label=_('Attendee e-mail address')
+            label=_('Attendee email address')
         )
         self.fields['attendee_address_company'] = forms.CharField(
             required=False,

src/pretix/control/forms/global_settings.py

@@ -128,7 +128,7 @@ class UpdateSettingsForm(SettingsForm):
     )
     update_check_email = forms.EmailField(
         required=False,
-        label=_("E-mail notifications"),
+        label=_("Email notifications"),
         help_text=_("We will notify you at this address if we detect that a new update is available. This "
                     "address will not be transmitted to pretix.eu, the emails will be sent by this server "
                     "locally.")

src/pretix/control/forms/organizer.py

@@ -133,63 +133,108 @@ class OrganizerDeleteForm(forms.Form):
 class OrganizerUpdateForm(OrganizerForm):
 
     def __init__(self, *args, **kwargs):
-        self.domain = kwargs.pop('domain', False)
         self.change_slug = kwargs.pop('change_slug', False)
         kwargs.setdefault('initial', {})
         self.instance = kwargs['instance']
-        if self.domain and self.instance:
-            initial_domain = self.instance.domains.filter(event__isnull=True).first()
-            if initial_domain:
-                kwargs['initial'].setdefault('domain', initial_domain.domainname)
 
         super().__init__(*args, **kwargs)
         if not self.change_slug:
             self.fields['slug'].widget.attrs['readonly'] = 'readonly'
-        if self.domain:
-            self.fields['domain'] = forms.CharField(
-                max_length=255,
-                label=_('Custom domain'),
-                required=False,
-                help_text=_('You need to configure the custom domain in the webserver beforehand.')
-            )
-
-    def clean_domain(self):
-        d = self.cleaned_data['domain']
-        if d:
-            if d == urlparse(settings.SITE_URL).hostname:
-                raise ValidationError(
-                    _('You cannot choose the base domain of this installation.')
-                )
-            if KnownDomain.objects.filter(domainname=d).exclude(organizer=self.instance.pk,
-                                                                event__isnull=True).exists():
-                raise ValidationError(
-                    _('This domain is already in use for a different event or organizer.')
-                )
-        return d
 
     def clean_slug(self):
         if self.change_slug:
             return self.cleaned_data['slug']
         return self.instance.slug
 
-    def save(self, commit=True):
-        instance = super().save(commit)
 
-        if self.domain:
-            current_domain = instance.domains.filter(event__isnull=True).first()
-            if self.cleaned_data['domain']:
-                if current_domain and current_domain.domainname != self.cleaned_data['domain']:
-                    current_domain.delete()
-                    KnownDomain.objects.create(organizer=instance, domainname=self.cleaned_data['domain'])
-                elif not current_domain:
-                    KnownDomain.objects.create(organizer=instance, domainname=self.cleaned_data['domain'])
-            elif current_domain:
-                current_domain.delete()
-            instance.cache.clear()
-            for ev in instance.events.all():
-                ev.cache.clear()
+class KnownDomainForm(forms.ModelForm):
+    class Meta:
+        model = KnownDomain
+        fields = ["domainname", "mode", "event"]
+        field_classes = {
+            "event": SafeModelChoiceField,
+        }
 
-        return instance
+    def __init__(self, *args, **kwargs):
+        self.organizer = kwargs.pop('organizer')
+        super().__init__(*args, **kwargs)
+        self.fields["event"].queryset = self.organizer.events.all()
+        if self.instance and self.instance.pk:
+            self.fields["domainname"].widget.attrs['readonly'] = 'readonly'
+
+    def clean_domainname(self):
+        if self.instance and self.instance.pk:
+            return self.instance.domainname
+        d = self.cleaned_data['domainname']
+        if d:
+            if d == urlparse(settings.SITE_URL).hostname:
+                raise ValidationError(
+                    _('You cannot choose the base domain of this installation.')
+                )
+            if KnownDomain.objects.filter(domainname=d).exclude(organizer=self.instance.organizer).exists():
+                raise ValidationError(
+                    _('This domain is already in use for a different event or organizer.')
+                )
+        return d
+
+    def clean(self):
+        d = super().clean()
+
+        if d["mode"] == KnownDomain.MODE_ORG_DOMAIN and d["event"]:
+            raise ValidationError(
+                _("Do not choose an event for this mode.")
+            )
+
+        if d["mode"] == KnownDomain.MODE_ORG_ALT_DOMAIN and d["event"]:
+            raise ValidationError(
+                _("Do not choose an event for this mode. You can assign events to this domain in event settings.")
+            )
+
+        if d["mode"] == KnownDomain.MODE_EVENT_DOMAIN and not d["event"]:
+            raise ValidationError(
+                _("You need to choose an event.")
+            )
+
+        return d
+
+
+class BaseKnownDomainFormSet(forms.BaseInlineFormSet):
+    def __init__(self, *args, **kwargs):
+        self.organizer = kwargs.pop('organizer')
+        super().__init__(*args, **kwargs)
+
+    def _construct_form(self, i, **kwargs):
+        kwargs['organizer'] = self.organizer
+        return super()._construct_form(i, **kwargs)
+
+    @property
+    def empty_form(self):
+        form = self.form(
+            auto_id=self.auto_id,
+            prefix=self.add_prefix('__prefix__'),
+            empty_permitted=True,
+            use_required_attribute=False,
+            organizer=self.organizer,
+        )
+        self.add_fields(form, None)
+        return form
+
+    def clean(self):
+        super().clean()
+        data = [f.cleaned_data for f in self.forms]
+
+        if len([d for d in data if d.get("mode") == KnownDomain.MODE_ORG_DOMAIN and not d.get("DELETE")]) > 1:
+            raise ValidationError(_("You may set only one organizer domain."))
+
+        return data
+
+
+KnownDomainFormset = inlineformset_factory(
+    Organizer, KnownDomain,
+    KnownDomainForm,
+    formset=BaseKnownDomainFormSet,
+    can_order=False, can_delete=True, extra=0
+)
 
 
 class SafeOrderPositionChoiceField(forms.ModelChoiceField):

src/pretix/control/forms/users.py

@@ -40,7 +40,7 @@ class StaffSessionForm(forms.ModelForm):
 
 class UserEditForm(forms.ModelForm):
     error_messages = {
-        'duplicate_identifier': _("There already is an account associated with this e-mail address. "
+        'duplicate_identifier': _("There already is an account associated with this email address. "
                                   "Please choose a different one."),
         'pw_mismatch': _("Please enter the same password twice"),
     }

src/pretix/control/navigation.py

@@ -78,7 +78,7 @@ def get_event_navigation(request: HttpRequest):
                 'active': url.url_name == 'event.settings.tickets',
             },
             {
-                'label': _('E-mail'),
+                'label': _('Email'),
                 'url': reverse('control:event.settings.mail', kwargs={
                     'event': request.event.slug,
                     'organizer': request.event.organizer.slug,
@@ -132,16 +132,6 @@ def get_event_navigation(request: HttpRequest):
             'icon': 'wrench',
             'children': event_settings
         })
-        if request.event.has_subevents:
-            nav.append({
-                'label': pgettext_lazy('subevent', 'Dates'),
-                'url': reverse('control:event.subevents', kwargs={
-                    'event': request.event.slug,
-                    'organizer': request.event.organizer.slug,
-                }),
-                'active': ('event.subevent' in url.url_name),
-                'icon': 'calendar',
-            })
 
     if 'can_change_items' in request.eventpermset:
         nav.append({
@@ -197,6 +187,18 @@ def get_event_navigation(request: HttpRequest):
             ]
         })
 
+    if 'can_change_event_settings' in request.eventpermset:
+        if request.event.has_subevents:
+            nav.append({
+                'label': pgettext_lazy('subevent', 'Dates'),
+                'url': reverse('control:event.subevents', kwargs={
+                    'event': request.event.slug,
+                    'organizer': request.event.organizer.slug,
+                }),
+                'active': ('event.subevent' in url.url_name),
+                'icon': 'calendar',
+            })
+
     if 'can_view_orders' in request.eventpermset:
         children = [
             {
@@ -496,7 +498,7 @@ def get_organizer_navigation(request):
                     'active': url.url_name.startswith('organizer.propert'),
                 },
                 {
-                    'label': _('E-mail'),
+                    'label': _('Email'),
                     'url': reverse('control:organizer.settings.mail', kwargs={
                         'organizer': request.organizer.slug,
                     }),

src/pretix/control/templates/pretixcontrol/base.html

@@ -61,6 +61,7 @@
             <script type="text/javascript" src="{% static "fileupload/jquery.fileupload.js" %}"></script>
             <script type="text/javascript" src="{% static "lightbox/js/lightbox.js" %}"></script>
             <script type="text/javascript" src="{% static "are-you-sure/jquery.are-you-sure.js" %}"></script>
+            <script type="text/javascript" src="{% static "pretixbase/js/addressform.js" %}"></script>
 		{% endcompress %}
         {{ html_head|safe }}
 

src/pretix/control/templates/pretixcontrol/checkin/checkins.html

@@ -127,6 +127,7 @@
                                 <strong>
                                     <a href="{% url "control:event.order" event=request.event.slug organizer=request.event.organizer.slug code=c.position.order.code %}">{{ c.position.order.code }}</a>-{{ c.position.positionid }}
                                 </strong>
+                                {% include "pretixcontrol/checkin/fragment_checkin_source_type.html" with source_type=c.raw_source_type %}
                                 {% if c.position.attendee_name %}
                                     <br>
                                     <small>
@@ -143,7 +144,7 @@
                                     </small>
                                 {% endif %}
                             {% else %}
-                                <span class="fa fa-qrcode fa-fw"></span>
+                                {% include "pretixcontrol/checkin/fragment_checkin_source_type.html" with source_type=c.raw_source_type %}
                                 <span title="{{ c.raw_barcode }}">
                                     {{ c.raw_barcode|slice:":16" }}{% if c.raw_barcode|length > 16 %}…{% endif %}
                                     <button type="button" class="btn btn-xs btn-link btn-clipboard" data-clipboard-text="{{ c.raw_barcode }}">

src/pretix/control/templates/pretixcontrol/checkin/fragment_checkin_source_type.html

@@ -0,0 +1,15 @@
+{% load i18n %}
+{% load static %}
+{% load getitem %}
+
+{% if source_type %}
+    {% with media_types|getitem:source_type as media_type %}
+        {% if "." in media_type.icon %}
+            <img src="{% static media_type.icon %}" class="fa-like-image"
+                 data-toggle="tooltip" title="{{ media_type.verbose_name }}">
+        {% else %}
+            <span class="fa fa-fw fa-{{ media_type.icon }} text-muted"
+                  data-toggle="tooltip" title="{{ media_type.verbose_name }}"></span>
+        {% endif %}
+    {% endwith %}
+{% endif %}

src/pretix/control/templates/pretixcontrol/checkin/index.html

@@ -185,6 +185,7 @@
                                             <span class="fa fa-magic text-muted"
                                                   data-toggle="tooltip" title="{% trans "Checked in automatically" %}"></span>
                                         {% endif %}
+                                        {% include "pretixcontrol/checkin/fragment_checkin_source_type.html" with source_type=e.last_entry_source_type %}
                                     {% endif %}
                                 {% endif %}
                             </td>

src/pretix/control/templates/pretixcontrol/email_setup.html

@@ -5,7 +5,7 @@
 {% load static %}
 {% block title %}{% trans "Organizer" %}{% endblock %}
 {% block content %}
-    <h1>{% trans "E-mail sending" %}</h1>
+    <h1>{% trans "Email sending" %}</h1>
     <form action="" method="post" class="form-horizontal">
         {% csrf_token %}
         <div class="panel-group" id="email">
@@ -27,7 +27,7 @@
                     <div class="panel-body form-horizontal">
                         <p>
                             {% blocktrans trimmed %}
-                                E-mails will be sent through the system's default server. They will show the following
+                                Emails will be sent through the system's default server. They will show the following
                                 sender information:
                             {% endblocktrans %}
                         </p>
@@ -62,7 +62,7 @@
                     <div class="panel-body form-horizontal">
                         <p>
                             {% blocktrans trimmed %}
-                                E-mails will be sent through the system's default server but with your own sender
+                                Emails will be sent through the system's default server but with your own sender
                                 address.
                                 This will make your emails look more personalized and coming directly from you, but it
                                 also might require some extra steps to ensure good deliverability.

src/pretix/control/templates/pretixcontrol/email_setup_simple.html

@@ -5,7 +5,7 @@
 {% load static %}
 {% block title %}{% trans "Organizer" %}{% endblock %}
 {% block content %}
-    <h1>{% trans "E-mail sending" %}</h1>
+    <h1>{% trans "Email sending" %}</h1>
     <form action="" method="post" class="form-horizontal">
         {% csrf_token %}
         {% for k, v in request.POST.items %}

src/pretix/control/templates/pretixcontrol/email_setup_smtp.html

@@ -5,7 +5,7 @@
 {% load static %}
 {% block title %}{% trans "Organizer" %}{% endblock %}
 {% block content %}
-    <h1>{% trans "E-mail sending" %}</h1>
+    <h1>{% trans "Email sending" %}</h1>
     <form action="" method="post" class="form-horizontal">
         {% csrf_token %}
         {% for k, v in request.POST.items %}

src/pretix/control/templates/pretixcontrol/event/mail.html

@@ -4,7 +4,7 @@
 {% load hierarkey_form %}
 {% load static %}
 {% block inside %}
-    <h1>{% trans "E-mail settings" %}</h1>
+    <h1>{% trans "Email settings" %}</h1>
     <form action="" method="post" class="form-horizontal" enctype="multipart/form-data"
             mail-preview-url="{% url "control:event.settings.mail.preview" event=request.event.slug organizer=request.event.organizer.slug %}">
         {% csrf_token %}
@@ -63,7 +63,7 @@
                 {% bootstrap_field form.mail_attach_ical_description layout="control" %}
             </fieldset>
             <fieldset>
-                <legend>{% trans "E-mail design" %}</legend>
+                <legend>{% trans "Email design" %}</legend>
                 <div class="row">
                     {% for r in renderers.values %}
                         <div class="col-md-3">
@@ -84,7 +84,7 @@
                 </div>
             </fieldset>
             <fieldset>
-                <legend>{% trans "E-mail content" %}</legend>
+                <legend>{% trans "Email content" %}</legend>
                 <h4>{% trans "Text" %}</h4>
                 <div class="panel-group" id="questions_group">
                     {% blocktrans asvar title_placed_order %}Placed order{% endblocktrans %}

src/pretix/control/templates/pretixcontrol/event/settings.html

@@ -22,7 +22,7 @@
                 {% bootstrap_field form.name layout="control" %}
                 {% bootstrap_field form.slug layout="control" %}
                 {% if form.domain %}
-                    {% bootstrap_field form.domain layout="control" %}
+                    {% bootstrap_field form.domain layout="horizontal" %}
                 {% endif %}
                 {% bootstrap_field form.date_from layout="control" %}
                 {% bootstrap_field form.date_to layout="control" %}
@@ -67,7 +67,7 @@
                 <h4>{% trans "Customer data (once per order)" %}</h4>
                 <div class="form-group">
                     <label class="control-label col-md-3">
-                        {% trans "E-mail" %}
+                        {% trans "Email" %}
                     </label>
                     <div class="col-md-9">
                         <div class="checkbox">

src/pretix/control/templates/pretixcontrol/events/create_basics.html

@@ -41,7 +41,10 @@
         {% endif %}
         {% include "pretixcontrol/event/fragment_geodata.html" %}
         {% bootstrap_field form.currency layout="control" %}
-        {% bootstrap_field form.tax_rate addon_after="%" layout="control" %}
+        {% bootstrap_field form.no_taxes layout="control" %}
+        <div data-display-dependency="#{{ form.no_taxes.id_for_label }}" data-inverse>
+            {% bootstrap_field form.tax_rate addon_after="%" layout="control" %}
+        </div>
     </fieldset>
     <fieldset>
         <legend>{% trans "Display settings" %}</legend>

src/pretix/control/templates/pretixcontrol/order/change_questions.html

@@ -46,11 +46,13 @@
                     <div id="cp{{ pos.id }}">
                         <div class="panel-body">
                             {% for form in forms %}
-                                {% if form.pos.item != pos.item %}
-                                    {# Add-Ons #}
-                                    <legend>+ {{ form.pos.item }}</legend>
-                                {% endif %}
-                                {% bootstrap_form form layout="control" %}
+                                <div class="profile-scope">
+                                    {% if form.pos.item != pos.item %}
+                                        {# Add-Ons #}
+                                        <legend>+ {{ form.pos.item }}</legend>
+                                    {% endif %}
+                                    {% bootstrap_form form layout="control" %}
+                                </div>
                             {% endfor %}
                         </div>
                     </div>

src/pretix/control/templates/pretixcontrol/order/sendmail.html

@@ -24,7 +24,7 @@
             {% endif %}
             {% if request.method == "POST" %}
                 <fieldset>
-                    <legend>{% trans "E-mail preview" %}</legend>
+                    <legend>{% trans "Email preview" %}</legend>
                     <div class="tab-pane mail-preview-group">
                         <div lang="{{ order.locale }}" class="mail-preview">
                             <strong>{{ preview_output.subject }}</strong><br><br>

src/pretix/control/templates/pretixcontrol/organizers/customer.html

@@ -46,7 +46,7 @@
                                         {% trans "active" %}
                                     {% endif %}
                                 </dd>
-                                <dt>{% trans "E-mail" %}</dt>
+                                <dt>{% trans "Email" %}</dt>
                                 <dd>
                                     {{ customer.email|default_if_none:"" }}
                                     {% if customer.email and not customer.provider %}

src/pretix/control/templates/pretixcontrol/organizers/edit.html

@@ -294,6 +294,71 @@
                         <legend>{% trans "Invoices" %}</legend>
                         {% bootstrap_field sform.invoice_regenerate_allowed layout="control" %}
                     </fieldset>
+                    {% if domain_formset %}
+                        <fieldset>
+                            <legend>{% trans "Domains" %}</legend>
+                            <div class="alert alert-warning">
+                                {% trans "This dialog is intended for advanced users." %}
+                                {% trans "The domain needs to be configured on your webserver before it can be used here." %}
+                            </div>
+                            <div class="formset" data-formset data-formset-prefix="{{ domain_formset.prefix }}">
+                                {{ domain_formset.management_form }}
+                                {% bootstrap_formset_errors domain_formset %}
+                                <div data-formset-body>
+                                    {% for form in domain_formset %}
+                                        <div class="row formset-row" data-formset-form>
+                                            <div class="sr-only">
+                                                {{ form.id }}
+                                                {% bootstrap_field form.DELETE form_group_class="" layout="inline" %}
+                                            </div>
+                                            <div class="col-md-4">
+                                                {% bootstrap_field form.domainname layout='' form_group_class="" %}
+                                                {% bootstrap_form_errors form %}
+                                            </div>
+                                            <div class="col-md-3">
+                                                {% bootstrap_field form.mode layout='' form_group_class="" %}
+                                            </div>
+                                            <div class="col-md-3">
+                                                {% bootstrap_field form.event layout='' form_group_class="" %}
+                                            </div>
+                                            <div class="col-md-2 text-right flip">
+                                                <label aria-hidden="true">&nbsp;</label><br>
+                                                <button type="button" class="btn btn-danger" data-formset-delete-button>
+                                                    <i class="fa fa-trash"></i></button>
+                                            </div>
+                                        </div>
+                                    {% endfor %}
+                                </div>
+                                <script type="form-template" data-formset-empty-form>
+                                    {% escapescript %}
+                                        <div class="row formset-row" data-formset-form>
+                                            <div class="sr-only">
+                                                {{ domain_formset.empty_form.id }}
+                                                {% bootstrap_field domain_formset.empty_form.DELETE form_group_class="" layout="inline" %}
+                                            </div>
+                                            <div class="col-md-4">
+                                                {% bootstrap_field domain_formset.empty_form.domainname layout='' form_group_class="" %}
+                                            </div>
+                                            <div class="col-md-3">
+                                                {% bootstrap_field domain_formset.empty_form.mode layout='' form_group_class="" %}
+                                            </div>
+                                            <div class="col-md-3">
+                                                {% bootstrap_field domain_formset.empty_form.event layout='' form_group_class="" %}
+                                            </div>
+                                            <div class="col-md-2 text-right flip">
+                                                <label aria-hidden="true">&nbsp;</label><br>
+                                                <button type="button" class="btn btn-danger" data-formset-delete-button>
+                                                    <i class="fa fa-trash"></i></button>
+                                            </div>
+                                        </div>
+                                    {% endescapescript %}
+                                </script>
+                                <p>
+                                    <button type="button" class="btn btn-default" data-formset-add>
+                                        <i class="fa fa-plus"></i> {% trans "Add domain" %}</button>
+                                </p>
+                        </fieldset>
+                    {% endif %}
                 </div>
                 <div class="form-group submit-group">
                     <button type="submit" class="btn btn-primary btn-save">

src/pretix/control/templates/pretixcontrol/organizers/mail.html

@@ -8,7 +8,7 @@
 {% endblock %}
 {% block title %}{% trans "Organizer" %}{% endblock %}
 {% block content %}
-    <h1>{% trans "E-mail settings" %}</h1>
+    <h1>{% trans "Email settings" %}</h1>
 
     <form action="" method="post" class="form-horizontal" enctype="multipart/form-data"
           mail-preview-url="{% url "control:organizer.settings.mail.preview" organizer=request.organizer.slug %}">
@@ -55,7 +55,7 @@
                 {% bootstrap_field form.mail_bcc layout="control" %}
             </fieldset>
             <fieldset>
-                <legend>{% trans "E-mail content" %}</legend>
+                <legend>{% trans "Email content" %}</legend>
                 <div class="panel-group" id="questions_group">
                     {% blocktrans asvar title_customer_registration %}Customer account registration{% endblocktrans %}
                     {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="customer_registration" title=title_customer_registration items="mail_subject_customer_registration,mail_text_customer_registration" %}

src/pretix/control/templates/pretixcontrol/user/notifications.html

@@ -54,7 +54,7 @@
                 <thead>
                 <tr>
                     <th>{% trans "Notification type" %}</th>
-                    <th class="text-center">{% trans "E-Mail notification" %}</th>
+                    <th class="text-center">{% trans "Email notification" %}</th>
                 </tr>
                 </thead>
                 <tbody>

src/pretix/control/templates/pretixcontrol/users/index.html

@@ -39,7 +39,7 @@
         <thead>
         <tr>
             <th>
-                {% trans "E-mail address" %}
+                {% trans "Email address" %}
                 <a href="?{% url_replace request 'ordering' '-email' %}"><i class="fa fa-caret-down"></i></a>
                 <a href="?{% url_replace request 'ordering' 'email' %}"><i class="fa fa-caret-up"></i></a>
             </th>

src/pretix/control/views/auth.py

@@ -343,7 +343,7 @@ class Forgot(TemplateView):
                 logger.warning('Backend password reset for unregistered e-mail \"' + email + '\" requested.')
 
             except SendMailException:
-                logger.exception('Sending password reset e-mail to \"' + email + '\" failed.')
+                logger.exception('Sending password reset email to \"' + email + '\" failed.')
 
             except RepeatedResetDenied:
                 pass
@@ -354,10 +354,10 @@ class Forgot(TemplateView):
 
             finally:
                 if has_redis:
-                    messages.info(request, _('If the address is registered to valid account, then we have sent you an e-mail containing further instructions. '
+                    messages.info(request, _('If the address is registered to valid account, then we have sent you an email containing further instructions. '
                                              'Please note that we will send at most one email every 24 hours.'))
                 else:
-                    messages.info(request, _('If the address is registered to valid account, then we have sent you an e-mail containing further instructions.'))
+                    messages.info(request, _('If the address is registered to valid account, then we have sent you an email containing further instructions.'))
 
                 return redirect('control:auth.forgot')
         else:

src/pretix/control/views/checkin.py

@@ -49,6 +49,7 @@ from django.views.generic import FormView, ListView, TemplateView
 from i18nfield.strings import LazyI18nString
 
 from pretix.api.views.checkin import _redeem_process
+from pretix.base.media import MEDIA_TYPES
 from pretix.base.models import Checkin, Order, OrderPosition
 from pretix.base.models.checkin import CheckinList
 from pretix.base.services.checkin import (
@@ -81,9 +82,7 @@ class CheckInListQueryMixin:
             position_id=OuterRef('pk'),
             list_id=self.list.pk,
             type=Checkin.TYPE_ENTRY
-        ).order_by().values('position_id').annotate(
-            m=Max('datetime')
-        ).values('m')
+        ).order_by('-datetime').values('position_id')
         cqs_exit = Checkin.objects.filter(
             position_id=OuterRef('pk'),
             list_id=self.list.pk,
@@ -103,7 +102,7 @@ class CheckInListQueryMixin:
             status_q,
             order__event=self.request.event,
         ).annotate(
-            last_entry=Subquery(cqs),
+            last_entry=Subquery(cqs[:1].values('datetime')),
             last_exit=Subquery(cqs_exit),
             auto_checked_in=Exists(
                 Checkin.objects.filter(
@@ -112,7 +111,8 @@ class CheckInListQueryMixin:
                     list_id=self.list.pk,
                     auto_checked_in=True
                 )
-            )
+            ),
+            last_entry_source_type=Subquery(cqs[:1].values('raw_source_type'))
         ).select_related(
             'item', 'variation', 'order', 'addon_to'
         ).prefetch_related(
@@ -157,6 +157,7 @@ class CheckInListShow(EventPermissionRequiredMixin, PaginationMixin, CheckInList
 
     def get_context_data(self, **kwargs):
         ctx = super().get_context_data(**kwargs)
+        ctx['media_types'] = MEDIA_TYPES
         ctx['checkinlist'] = self.list
         if self.request.event.has_subevents:
             ctx['seats'] = (
@@ -497,6 +498,7 @@ class CheckinListView(EventPermissionRequiredMixin, PaginationMixin, ListView):
     def get_context_data(self, **kwargs):
         ctx = super().get_context_data()
         ctx['filter_form'] = self.filter_form
+        ctx['media_types'] = MEDIA_TYPES
         return ctx
 
 

src/pretix/control/views/event.py

@@ -62,7 +62,7 @@ from django.http import (
 from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse
 from django.utils.functional import cached_property
-from django.utils.html import escape
+from django.utils.html import conditional_escape
 from django.utils.http import url_has_allowed_host_and_scheme
 from django.utils.timezone import now
 from django.utils.translation import gettext, gettext_lazy as _, gettext_noop
@@ -100,9 +100,12 @@ from ...base.models.items import (
     Item, ItemCategory, ItemMetaProperty, Question, Quota,
 )
 from ...base.services.mail import prefix_subject
+from ...base.services.placeholders import get_sample_context
 from ...base.settings import LazyI18nStringList
 from ...helpers.compat import CompatDeleteView
-from ...helpers.format import format_map
+from ...helpers.format import (
+    PlainHtmlAlternativeString, SafeFormatter, format_map,
+)
 from ..logdisplay import OVERVIEW_BANLIST
 from . import CreateView, PaginationMixin, UpdateView
 
@@ -239,7 +242,6 @@ class EventUpdate(DecoupleMixin, EventSettingsViewMixin, EventPermissionRequired
         kwargs = super().get_form_kwargs()
         if self.request.user.has_active_staff_session(self.request.session.session_key):
             kwargs['change_slug'] = True
-            kwargs['domain'] = True
         return kwargs
 
     def post(self, request, *args, **kwargs):
@@ -717,20 +719,7 @@ class MailSettingsPreview(EventPermissionRequiredMixin, View):
 
     # get all supported placeholders with dummy values
     def placeholders(self, item):
-        ctx = {}
-        for p in get_available_placeholders(self.request.event, MailSettingsForm.base_context[item]).values():
-            s = str(p.render_sample(self.request.event))
-            if s.strip().startswith('* '):
-                ctx[p.identifier] = '<div class="placeholder" title="{}">{}</div>'.format(
-                    _('This value will be replaced based on dynamic parameters.'),
-                    markdown_compile_email(s)
-                )
-            else:
-                ctx[p.identifier] = '<span class="placeholder" title="{}">{}</span>'.format(
-                    _('This value will be replaced based on dynamic parameters.'),
-                    escape(s)
-                )
-        return ctx
+        return get_sample_context(self.request.event, MailSettingsForm.base_context[item])
 
     def post(self, request, *args, **kwargs):
         preview_item = request.POST.get('item', '')
@@ -752,9 +741,15 @@ class MailSettingsPreview(EventPermissionRequiredMixin, View):
                                     bleach.clean(v), self.placeholders(preview_item), raise_on_missing=True
                                 ), highlight=True)
                             else:
-                                msgs[self.supported_locale[idx]] = markdown_compile_email(
-                                    format_map(v, self.placeholders(preview_item), raise_on_missing=True)
+                                placeholders = self.placeholders(preview_item)
+                                msgs[self.supported_locale[idx]] = format_map(
+                                    markdown_compile_email(
+                                        format_map(v, placeholders, raise_on_missing=True)
+                                    ),
+                                    placeholders,
+                                    mode=SafeFormatter.MODE_RICH_TO_HTML,
                                 )
+
                         except ValueError:
                             msgs[self.supported_locale[idx]] = '<div class="alert alert-danger">{}</div>'.format(
                                 PlaceholderValidator.error_message)
@@ -777,13 +772,18 @@ class MailSettingsRendererPreview(MailSettingsPreview):
     # get all supported placeholders with dummy values
     def placeholders(self, item):
         ctx = {}
-        for p in get_available_placeholders(self.request.event, MailSettingsForm.base_context[item]).values():
-            ctx[p.identifier] = escape(str(p.render_sample(self.request.event)))
+        for p in get_available_placeholders(self.request.event, MailSettingsForm.base_context[item], rich=True).values():
+            sample = p.render_sample(self.request.event)
+            if isinstance(sample, PlainHtmlAlternativeString):
+                ctx[p.identifier] = sample
+            else:
+                ctx[p.identifier] = conditional_escape(sample)
         return ctx
 
     def get(self, request, *args, **kwargs):
         v = str(request.event.settings.mail_text_order_placed)
-        v = format_map(v, self.placeholders('mail_text_order_placed'))
+        context = self.placeholders('mail_text_order_placed')
+        v = format_map(v, context)
         renderers = request.event.get_html_mail_renderers()
         if request.GET.get('renderer') in renderers:
             with rolledback_transaction():
@@ -801,13 +801,14 @@ class MailSettingsRendererPreview(MailSettingsPreview):
                     str(request.event.settings.mail_text_signature),
                     gettext('Your order: %(code)s') % {'code': order.code},
                     order,
-                    position=None
+                    position=None,
+                    context=context,
                 )
                 r = HttpResponse(v, content_type='text/html')
                 r._csp_ignore = True
                 return r
         else:
-            raise Http404(_('Unknown e-mail renderer.'))
+            raise Http404(_('Unknown email renderer.'))
 
 
 class TicketSettingsPreview(EventPermissionRequiredMixin, View):

src/pretix/control/views/orders.py

@@ -134,7 +134,7 @@ from pretix.control.signals import order_search_forms
 from pretix.control.views import PaginationMixin
 from pretix.helpers import OF_SELF
 from pretix.helpers.compat import CompatDeleteView
-from pretix.helpers.format import format_map
+from pretix.helpers.format import SafeFormatter, format_map
 from pretix.helpers.safedownload import check_token
 from pretix.presale.signals import question_form_fields
 
@@ -2351,7 +2351,7 @@ class OrderSendMail(EventPermissionRequiredMixin, OrderViewMixin, FormView):
                 'subject': mark_safe(_('Subject: {subject}').format(
                     subject=prefix_subject(order.event, escape(email_subject), highlight=True)
                 )),
-                'html': markdown_compile_email(email_content)
+                'html': format_map(markdown_compile_email(email_content), email_context, mode=SafeFormatter.MODE_RICH_TO_HTML)
             }
             return self.get(self.request, *self.args, **self.kwargs)
         else:

src/pretix/control/views/organizer.py

@@ -104,11 +104,11 @@ from pretix.control.forms.organizer import (
     CustomerCreateForm, CustomerUpdateForm, DeviceBulkEditForm, DeviceForm,
     EventMetaPropertyAllowedValueFormSet, EventMetaPropertyForm, GateForm,
     GiftCardAcceptanceInviteForm, GiftCardCreateForm, GiftCardUpdateForm,
-    MailSettingsForm, MembershipTypeForm, MembershipUpdateForm,
-    OrganizerDeleteForm, OrganizerFooterLinkFormset, OrganizerForm,
-    OrganizerSettingsForm, OrganizerUpdateForm, ReusableMediumCreateForm,
-    ReusableMediumUpdateForm, SalesChannelForm, SSOClientForm, SSOProviderForm,
-    TeamForm, WebHookForm,
+    KnownDomainFormset, MailSettingsForm, MembershipTypeForm,
+    MembershipUpdateForm, OrganizerDeleteForm, OrganizerFooterLinkFormset,
+    OrganizerForm, OrganizerSettingsForm, OrganizerUpdateForm,
+    ReusableMediumCreateForm, ReusableMediumUpdateForm, SalesChannelForm,
+    SSOClientForm, SSOProviderForm, TeamForm, WebHookForm,
 )
 from pretix.control.forms.rrule import RRuleForm
 from pretix.control.logdisplay import OVERVIEW_BANLIST
@@ -122,7 +122,7 @@ from pretix.control.views.mailsetup import MailSettingsSetupView
 from pretix.helpers import OF_SELF, GroupConcat
 from pretix.helpers.compat import CompatDeleteView
 from pretix.helpers.dicts import merge_dicts
-from pretix.helpers.format import format_map
+from pretix.helpers.format import SafeFormatter, format_map
 from pretix.helpers.urls import build_absolute_uri as build_global_uri
 from pretix.multidomain.urlreverse import build_absolute_uri
 from pretix.presale.forms.customer import TokenGenerator
@@ -357,9 +357,10 @@ class MailSettingsPreview(OrganizerPermissionRequiredMixin, View):
                                 highlight=True,
                             )
                         else:
-                            msgs[self.supported_locale[idx]] = markdown_compile_email(
-                                format_map(v, self.placeholders(preview_item))
-                            )
+                            placeholders = self.placeholders(preview_item)
+                            msgs[self.supported_locale[idx]] = format_map(markdown_compile_email(
+                                format_map(v, placeholders)
+                            ), placeholders, mode=SafeFormatter.MODE_RICH_TO_HTML)
 
         return JsonResponse({
             'item': preview_item,
@@ -447,6 +448,10 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
     def get_object(self, queryset=None) -> Organizer:
         return self.object
 
+    @cached_property
+    def domain_config(self):
+        return self.request.user.has_active_staff_session(self.request.session.session_key)
+
     @cached_property
     def sform(self):
         return OrganizerSettingsForm(
@@ -461,6 +466,8 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
         context = super().get_context_data(*args, **kwargs)
         context['sform'] = self.sform
         context['footer_links_formset'] = self.footer_links_formset
+        if self.domain_config:
+            context['domain_formset'] = self.domain_formset
         return context
 
     @transaction.atomic
@@ -483,6 +490,8 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
             self.request.organizer.log_action('pretix.organizer.footerlinks.changed', user=self.request.user, data={
                 'data': self.footer_links_formset.cleaned_data
             })
+        if self.domain_config and self.domain_formset.has_changed():
+            self._save_domain_config()
         if form.has_changed():
             self.request.organizer.log_action(
                 'pretix.organizer.changed',
@@ -493,10 +502,22 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
         messages.success(self.request, _('Your changes have been saved.'))
         return super().form_valid(form)
 
+    def _save_domain_config(self):
+        for form in self.domain_formset.initial_forms:
+            if form.instance.pk and form.has_changed():
+                self.object.domains.get(pk=form.instance.pk).log_delete(self.request.user)
+        self.domain_formset.save()
+        for new_obj in self.domain_formset.new_objects:
+            new_obj.log_create(self.request.user)
+        for ch_obj, form in self.domain_formset.changed_objects:
+            ch_obj.log_create(self.request.user)
+        self.request.organizer.cache.clear()
+        for ev in self.request.organizer.events.all():
+            ev.cache.clear()
+
     def get_form_kwargs(self):
         kwargs = super().get_form_kwargs()
         if self.request.user.has_active_staff_session(self.request.session.session_key):
-            kwargs['domain'] = True
             kwargs['change_slug'] = True
         return kwargs
 
@@ -508,7 +529,7 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
     def post(self, request, *args, **kwargs):
         self.object = self.get_object()
         form = self.get_form()
-        if form.is_valid() and self.sform.is_valid() and self.footer_links_formset.is_valid():
+        if form.is_valid() and self.sform.is_valid() and self.footer_links_formset.is_valid() and (not self.domain_config or self.domain_formset.is_valid()):
             return self.form_valid(form)
         else:
             return self.form_invalid(form)
@@ -519,6 +540,11 @@ class OrganizerUpdate(OrganizerPermissionRequiredMixin, UpdateView):
                                           organizer=self.object,
                                           prefix="footer-links", instance=self.object)
 
+    @cached_property
+    def domain_formset(self):
+        return KnownDomainFormset(self.request.POST if self.request.method == "POST" else None, prefix="domains",
+                                  instance=self.object, organizer=self.object)
+
     def save_footer_links_formset(self, obj):
         self.footer_links_formset.save()
 

src/pretix/control/views/users.py

@@ -145,7 +145,7 @@ class UserResetView(AdministratorPermissionRequiredMixin, RecentAuthenticationRe
 
         self.object.log_action('pretix.control.auth.user.forgot_password.mail_sent',
                                user=request.user)
-        messages.success(request, _('We sent out an e-mail containing further instructions.'))
+        messages.success(request, _('We sent out an email containing further instructions.'))
         return redirect(self.get_success_url())
 
     def get_success_url(self):

src/pretix/control/views/vouchers.py

@@ -50,7 +50,7 @@ from django.http import (
 from django.shortcuts import redirect, render
 from django.urls import resolve, reverse
 from django.utils.functional import cached_property
-from django.utils.html import escape, format_html
+from django.utils.html import format_html
 from django.utils.safestring import mark_safe
 from django.utils.timezone import now
 from django.utils.translation import gettext_lazy as _
@@ -59,12 +59,12 @@ from django.views.generic import (
 )
 from django_scopes import scopes_disabled
 
-from pretix.base.email import get_available_placeholders
 from pretix.base.models import (
     CartPosition, LogEntry, Voucher, WaitingListEntry,
 )
 from pretix.base.models.vouchers import generate_codes
 from pretix.base.services.mail import prefix_subject
+from pretix.base.services.placeholders import get_sample_context
 from pretix.base.services.vouchers import vouchers_send
 from pretix.base.templatetags.rich_text import markdown_compile_email
 from pretix.base.views.tasks import AsyncFormView
@@ -74,7 +74,7 @@ from pretix.control.permissions import EventPermissionRequiredMixin
 from pretix.control.signals import voucher_form_class
 from pretix.control.views import PaginationMixin
 from pretix.helpers.compat import CompatDeleteView
-from pretix.helpers.format import format_map
+from pretix.helpers.format import SafeFormatter, format_map
 from pretix.helpers.models import modelcopy
 from pretix.multidomain.urlreverse import build_absolute_uri
 
@@ -549,22 +549,10 @@ class VoucherBulkMailPreview(EventPermissionRequiredMixin, View):
 
     # get all supported placeholders with dummy values
     def placeholders(self, item):
-        ctx = {}
         base_ctx = ['event', 'name']
         if item == 'send_message':
             base_ctx += ['voucher_list']
-        for p in get_available_placeholders(self.request.event, base_ctx).values():
-            s = str(p.render_sample(self.request.event))
-            if s.strip().startswith('* ') or s.startswith('  '):
-                ctx[p.identifier] = '<div class="placeholder" title="{}">{}</div>'.format(
-                    _('This value will be replaced based on dynamic parameters.'),
-                    markdown_compile_email(s)
-                )
-            else:
-                ctx[p.identifier] = '<span class="placeholder" title="{}">{}</span>'.format(
-                    _('This value will be replaced based on dynamic parameters.'),
-                    escape(s)
-                )
+        ctx = get_sample_context(self.request.event, base_ctx)
         return self.SafeDict(ctx)
 
     def post(self, request, *args, **kwargs):
@@ -579,9 +567,10 @@ class VoucherBulkMailPreview(EventPermissionRequiredMixin, View):
                 highlight=True
             )
         else:
-            msgs["all"] = markdown_compile_email(
-                format_map(request.POST.get(preview_item), self.placeholders(preview_item))
-            )
+            placeholders = self.placeholders(preview_item)
+            msgs["all"] = format_map(markdown_compile_email(
+                format_map(request.POST.get(preview_item), placeholders)
+            ), placeholders, mode=SafeFormatter.MODE_RICH_TO_HTML)
 
         return JsonResponse({
             'item': preview_item,

src/pretix/control/views/waitinglist.py

@@ -304,7 +304,7 @@ class WaitingListView(EventPermissionRequiredMixin, WaitingListQuerySetMixin, Pa
         writer = csv.writer(output, quoting=csv.QUOTE_NONNUMERIC, delimiter=",")
 
         headers = [
-            _('Name'), _('E-mail address'), _('Phone number'), _('Product'), _('On list since'), _('Status'), _('Voucher code'),
+            _('Name'), _('Email address'), _('Phone number'), _('Product'), _('On list since'), _('Status'), _('Voucher code'),
             _('Language'), _('Priority')
         ]
         if self.request.event.has_subevents:

src/pretix/helpers/format.py

@@ -25,14 +25,29 @@ from string import Formatter
 logger = logging.getLogger(__name__)
 
 
+class PlainHtmlAlternativeString:
+    def __init__(self, plain, html, is_block=False):
+        self.plain = plain
+        self.html = html
+        self.is_block = is_block
+
+    def __repr__(self):
+        return f"PlainHtmlAlternativeString('{self.plain}', '{self.html}')"
+
+
 class SafeFormatter(Formatter):
     """
     Customized version of ``str.format`` that (a) behaves just like ``str.format_map`` and
     (b) does not allow any unwanted shenanigans like attribute access or format specifiers.
     """
-    def __init__(self, context, raise_on_missing=False):
+    MODE_IGNORE_RICH = 0
+    MODE_RICH_TO_PLAIN = 1
+    MODE_RICH_TO_HTML = 2
+
+    def __init__(self, context, raise_on_missing=False, mode=MODE_IGNORE_RICH):
         self.context = context
         self.raise_on_missing = raise_on_missing
+        self.mode = mode
 
     def get_field(self, field_name, args, kwargs):
         return self.get_value(field_name, args, kwargs), field_name
@@ -40,14 +55,22 @@ class SafeFormatter(Formatter):
     def get_value(self, key, args, kwargs):
         if not self.raise_on_missing and key not in self.context:
             return '{' + str(key) + '}'
-        return self.context[key]
+        r = self.context[key]
+        if isinstance(r, PlainHtmlAlternativeString):
+            if self.mode == self.MODE_IGNORE_RICH:
+                return '{' + str(key) + '}'
+            elif self.mode == self.MODE_RICH_TO_PLAIN:
+                return r.plain
+            elif self.mode == self.MODE_RICH_TO_HTML:
+                return r.html
+        return r
 
     def format_field(self, value, format_spec):
-        # Ignore format _spec
+        # Ignore format_spec
         return super().format_field(value, '')
 
 
-def format_map(template, context, raise_on_missing=False):
+def format_map(template, context, raise_on_missing=False, mode=SafeFormatter.MODE_IGNORE_RICH):
     if not isinstance(template, str):
         template = str(template)
-    return SafeFormatter(context, raise_on_missing).format(template)
+    return SafeFormatter(context, raise_on_missing, mode=mode).format(template)

src/pretix/locale/de/wordlist.txt

@@ -198,6 +198,7 @@ Mitgliedschafts
 Mitgliedschaftsdauer
 min
 Mo
+MobilePay
 MOTO
 Multibanco
 MwSt

src/pretix/locale/de_Informal/wordlist.txt

@@ -198,6 +198,7 @@ Mitgliedschafts
 Mitgliedschaftsdauer
 min
 Mo
+MobilePay
 MOTO
 Multibanco
 MwSt

src/pretix/locale/djangojs.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-11-08 13:45+0000\n"
+"POT-Creation-Date: 2024-11-19 15:34+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"

src/pretix/locale/es/LC_MESSAGES/djangojs.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2024-11-08 13:45+0000\n"
-"PO-Revision-Date: 2024-11-13 21:00+0000\n"
+"PO-Revision-Date: 2024-11-18 15:48+0000\n"
 "Last-Translator: CVZ-es <damien.bremont@casadevelazquez.org>\n"
 "Language-Team: Spanish <https://translate.pretix.eu/projects/pretix/"
 "pretix-js/es/>\n"
@@ -448,7 +448,7 @@ msgstr "Producto"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:103
 msgid "Product variation"
-msgstr "Ver variaciones del producto"
+msgstr "Variación del producto"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:107
 msgid "Gate"
@@ -645,7 +645,7 @@ msgstr ""
 #: pretix/static/pretixcontrol/js/ui/main.js:496
 #: pretix/static/pretixcontrol/js/ui/main.js:516
 msgid "Search query"
-msgstr "Consultar búsqueda"
+msgstr "Consulta de búsqueda"
 
 #: pretix/static/pretixcontrol/js/ui/main.js:514
 msgid "All"
@@ -1058,7 +1058,7 @@ msgstr "febrero"
 
 #: pretix/static/pretixpresale/js/widget/widget.js:80
 msgid "March"
-msgstr "marzo"
+msgstr "Marzo"
 
 #: pretix/static/pretixpresale/js/widget/widget.js:81
 msgid "April"

src/pretix/locale/fr/LC_MESSAGES/djangojs.po

@@ -7,8 +7,8 @@ msgstr ""
 "Project-Id-Version: French\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2024-11-08 13:45+0000\n"
-"PO-Revision-Date: 2024-11-15 11:19+0000\n"
-"Last-Translator: Eva-Maria Obermann <obermann@rami.io>\n"
+"PO-Revision-Date: 2024-11-16 05:00+0000\n"
+"Last-Translator: CVZ-es <damien.bremont@casadevelazquez.org>\n"
 "Language-Team: French <https://translate.pretix.eu/projects/pretix/pretix-js/"
 "fr/>\n"
 "Language: fr\n"
@@ -325,7 +325,7 @@ msgstr "Billets valides"
 
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:70
 msgid "Currently inside"
-msgstr "Présent actuellement"
+msgstr "Actuellement à l'intérieur"
 
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:71
 #: pretix/static/pretixcontrol/js/ui/question.js:137
@@ -457,7 +457,7 @@ msgstr "Pont"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:111
 msgid "Current date and time"
-msgstr "Date actuelle"
+msgstr "Date et heure actuelle"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:115
 msgid "Current day of the week (1 = Monday, 7 = Sunday)"
@@ -465,7 +465,7 @@ msgstr "Jour courant de la semaine (1 = Lundi, 7 = Dimanche)"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:119
 msgid "Current entry status"
-msgstr ""
+msgstr "Statut actuel de l'entrée"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:123
 msgid "Number of previous entries"
@@ -488,16 +488,12 @@ msgid "Number of days with a previous entry"
 msgstr "Nombre de jours avec entrée préalable"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:143
-#, fuzzy
-#| msgid "Number of days with a previous entry"
 msgid "Number of days with a previous entry since"
-msgstr "Nombre de jours avec entrée préalable"
+msgstr "Nombre de jours avec entrée préalable depuis"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:147
-#, fuzzy
-#| msgid "Number of days with a previous entry"
 msgid "Number of days with a previous entry before"
-msgstr "Nombre de jours avec entrée préalable"
+msgstr "Nombre de jours avec entrée préalable avant"
 
 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:151
 msgid "Minutes since last entry (-1 on first entry)"
@@ -650,7 +646,7 @@ msgstr ""
 #: pretix/static/pretixcontrol/js/ui/main.js:496
 #: pretix/static/pretixcontrol/js/ui/main.js:516
 msgid "Search query"
-msgstr "Recherche"
+msgstr "Requête de recherche"
 
 #: pretix/static/pretixcontrol/js/ui/main.js:514
 msgid "All"
@@ -708,7 +704,7 @@ msgid ""
 "complete your order as long as they’re available."
 msgstr ""
 "Les articles de votre panier ne vous sont plus réservés. Vous pouvez "
-"toujours terminer votre commande tant qu’ils sont disponibles."
+"toujours compléter votre commande tant qu'ils sont disponibles."
 
 #: pretix/static/pretixpresale/js/ui/cart.js:45
 msgid "Cart expired"

src/pretix/locale/hr/LC_MESSAGES/djangojs.po

@@ -8,17 +8,17 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2024-11-08 13:45+0000\n"
-"PO-Revision-Date: 2024-01-31 04:00+0000\n"
+"PO-Revision-Date: 2024-11-17 00:00+0000\n"
 "Last-Translator: Pavle Ergović <pavleergovic@gmail.com>\n"
-"Language-Team: Croatian <https://translate.pretix.eu/projects/pretix/pretix-"
-"js/hr/>\n"
+"Language-Team: Croatian <https://translate.pretix.eu/projects/pretix/"
+"pretix-js/hr/>\n"
 "Language: hr\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && "
 "n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
-"X-Generator: Weblate 5.3.1\n"
+"X-Generator: Weblate 5.8.3\n"
 
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:56
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:62
@@ -307,7 +307,7 @@ msgstr ""
 
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:65
 msgid "Order canceled"
-msgstr ""
+msgstr "Narudžba otkazana"
 
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:66
 msgid "Ticket code is ambiguous on list"

src/pretix/locale/hu/LC_MESSAGES/djangojs.po

@@ -8,16 +8,16 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2024-11-08 13:45+0000\n"
-"PO-Revision-Date: 2024-10-01 22:52+0000\n"
+"PO-Revision-Date: 2024-11-28 06:00+0000\n"
 "Last-Translator: Patrick Chilton <chpatrick@gmail.com>\n"
-"Language-Team: Hungarian <https://translate.pretix.eu/projects/pretix/pretix-"
-"js/hu/>\n"
+"Language-Team: Hungarian <https://translate.pretix.eu/projects/pretix/"
+"pretix-js/hu/>\n"
 "Language: hu\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 5.7.2\n"
+"X-Generator: Weblate 5.8.3\n"
 
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:56
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:62
@@ -779,7 +779,7 @@ msgstr "A kosár lejárt"
 #: pretix/static/pretixpresale/js/ui/main.js:588
 #: pretix/static/pretixpresale/js/ui/main.js:607
 msgid "Time zone:"
-msgstr ""
+msgstr "Időzona:"
 
 #: pretix/static/pretixpresale/js/ui/main.js:598
 msgid "Your local time:"