Site hosted by Angelfire.com: Build your free website today!
#! /usr/local/bin/perl # $PerlShop_version = 3.2; ############################################################################ require 5.000; ## This script requires perl version 5.000 or higher $|=1; ## Don't buffer output $testing = 'no'; ## yes, no $use_cgiwrap = 'no'; ## yes, no $use_secure_server = 'yes'; ## yes, no $add_navigation = 'yes'; ## yes, no (if yes, first line of script will have prev,next page info) $use_cookies = 'yes'; ## yes, no $cookie_expire_days = 30; $allow_ssi_cgi = 'no'; ## Do NOT set this to 'yes' unless you are sure, it can create a big security hole. $cardno_on_email = 'no'; ## Do NOT set this to 'yes' unless you are sure, it can create a big security hole. $allow_fractional_qty = 'no'; &ReadParse(*input); ### Subroutine ReadParse is part of cgi-lib.pl library, Copyright 1993 Steven E. Brenner (see full text below) print "Content-type: text/html\n"; if (lc $use_cookies ne 'yes') {print "\n";} ### When using cgiwrap, this script's permissions should be set to 700 so that the ## ### script would not even run unless cgiwrap were used, but in case you forgot to ## ### set the permission to 700, the following fail-safe check is used. ## if (($< == 65534) && ($use_cgiwrap eq 'yes')) { print "Attempt to bypass Cgiwrap!\n"; exit; } ###---------- Get the Current Directory and program title ---------- $curr_dir = ''; $windows = 0; if (index($0,'\\') != -1) #### True if running on Dos/Windows { $program_title = substr($0, rindex($0, '\\') + 1); $curr_dir = substr($0,0,-(length($0) - rindex($0, '\\') - 1)); $windows = 1; } else #### else running on *nix {$program_title = substr($0, rindex($0, '/') + 1);} ###----------------------------------------------------------------- ########################################################################## ################### Server Customization Variables ####################### ########################################################################## $server_address = 'www.angelfire.com/ut/chaserspage/cart2.html'; $secure_server_address = "https://ssl3.pair.com"; ## "https://ssl.pair.com/taussig" $cgi_directory = '/cgi-bin/MyStore'; ###must be actual cgi directory name (not 'cgi-bin' if aliased) $mail_via = 'sockets'; ### Either 'sockets' or 'sendmail' or 'blat' $blat_loc = 'c:\\winnt35\\system32\\blat'; $sendmail_loc = '/usr/sbin/sendmail'; $smtp_addr = '209.68.1.29'; ### must use ip address on Win95, not hostname (hostname ok on NT) $catalog_home = '/PolishBooks'; ### This is a Subdirectory of Public_Html, NOT cgi-bin!!! $home_page = 'demo.html'; $image_directory = '/MyStore/images'; ### This is a Subdirectory of Public_Html, NOT cgi-bin!!! $secure_image_directory = '/taussig/PolishBooks/images'; $image_location = "http://$server_address$image_directory"; $home_icon = 'home.gif'; ### must reside in $image_directory if it exists. $create_page_log = 'yes'; ### ("yes" or "no") $create_search_log = 'yes'; ###----------------------------------------------------------- ### Assume that following subdirectories are directly under ### the (cgi-bin) directory this script is running in. If not, ### change the value of $curr_dir to the desired directory title ### Here (and include the trailing '/'). ###----------------------------------------------------------- $customers_directory = $curr_dir . 'customers'; $orders_directory = $curr_dir . 'orders'; $catalog_directory = $curr_dir . 'catalog'; $token_directory = $curr_dir . 'tokens'; $temp_customers_directory = $curr_dir . 'temp_customers'; $temp_orders_directory = $curr_dir . 'temp_orders'; $log_directory = $curr_dir . 'log'; ###----------------------------------------------------------- ###push (@INC, $cgi_directory); if ($use_cgiwrap eq 'yes') { umask 077; ## make readable/writeable by owner only $cgi_prog_location = $server_address . $cgiwrap_directory . "/$program_title"; } else {$cgi_prog_location = $server_address . $cgi_directory . "/$program_title";} $delim = chr(1); $convert_delim_to_commas = 'yes'; $menu_bar = ""; #must be empty string here $id_length = 9; #length of unique order id key, must be > 3. $catalog_page = ""; ###--------For Secure Server Setup---------------------------- if ($use_cgiwrap eq 'yes') {$secure_prog_location = "$secure_server_address$cgiwrap_directory/$program_title";} else {$secure_prog_location = "$secure_server_address$cgi_directory/$program_title";} $secure_image_location= "$secure_server_address$secure_image_directory"; ###----------------------------------------------------------- ########################################################################## ################### Company Customization Variables ###################### ########################################################################## #==== To Include an Image on your pages =============# $banner = 'arpanet.gif'; ### arpanet.gif $hspace = '5'; $vspace = '5'; $border = '0'; $height = '111'; $width = '111'; $align = 'center'; #====================================================# #==== To Add background image or change color =======# $background = 'good1.jpg'; ### good1.jpg $text_color = ""; $background_color = ""; ### white=#FFFFFF $link_color = ""; $vlink_color = ""; $alink_color = ""; #====================================================# $company_name = 'Reptile Isle'; $company_address = '182 5th Ave., # 1R
Brooklyn NY 11217
(718)399-0460 (9:00am-5:00pm est.)'; $company_email = 'sales@reptile-isle.com'; $mail_order_to = 'orders@reptile-isle.com'; $line_length = 80; @accept_payment_by = ('Credit', 'Check', 'COD', 'Money Order'); ### valid types are: Credit, Check, COD, Money Order ### if only one entry in @accept_payment_by, it will be the default and user will not have to choose it on order form. @valid_credit_cards = ('Visa', 'MasterCard', 'American Express', 'Discover'); ### valid types are: MasterCard, Visa, American Express, Optima, Carte Blanche, Diners Club, Discover, JCB. $online_credit_verify = 'SecureOrder'; ## Options are: 'no', 'SecureOrder' $online_check_verify = 'no'; ## Options are: 'no', 'SecureOrder' (not implemented yet) $accept_first_virtual = 'no'; ## 'yes', 'no' ###--------First Virtual Configuration Section----------------- $fv_aab_url = "http://www.fv.com/fv/aab"; ### for Production ## ##$fv_seller_pin = 'test-sums-testseller'; ### Set ONLY if First Virtual is valid payment option!!!! ##$fv_ips = "card.com"; ### for Testing ## $fv_seller_pin = 'test-seize-programmer'; ### Set ONLY if First Virtual is valid payment option!!!! $fv_ips = "test.card.com"; ###----------------------------------------------------------- ###-------SecureOrder Configuration Section------------------- $SecureOrder_id = "TEST1"; ### The 5 character alphanumeric string that is your MER_ID ## for Production ## ##$SecureOrder_check_url = "https://www.atsbank.com/cgi-bin/strcheck"; ##$SecureOrder_credit_url = "https://www.atsbank.com/cgi-bin/strcredit"; ## for Testing ## $SecureOrder_check_url = "http://www.atsbank.com/cgi-bin/strtcheck"; $SecureOrder_credit_url = "http://www.atsbank.com/cgi-bin/strtcred"; ###----------------------------------------------------------- $cod_charge = 0.00; ### amount to add to order (0.00 if none) @Handling_table = ( ### amount to add to order (0.00 if none) ['US', 2.75], ['CA', 5.00], ['OTHER', 10.00], ); $Pay_checks_to = 'Reptile Isle'; $return_policy = 'All Sales are final. We will be glad to exchange defective items only within 30 days from date of '; $return_policy .= 'sale. Any items returned must be sent back prepaid in the same condition as when originally shipped. '; $return_policy .= 'Shipping and handling charges are not refundable.'; $catalog_country = 'US'; ### must be all capital letters, 2 letter country code. $accept_any_country = 'yes'; ### ('yes' or 'no') #Allow orders from countries not specifically listed in shipping rates table? $local_currency = 'USD'; $currency_decimal = '.'; ### decimal separator for currency format $currency_separator = ','; ### thousands separator for currency format $currency_symbol = '$'; ### Symbol for currency $local_weight = 'lbs.'; ### Unit of measure for WEIGHT field if used. $local_time = 'MST'; ### The time zone your <> is located in (eg: est, pst) $date_format = 'mmddyyyy';### options are: mmddyy, ddmmyy, mmddyyyy, ddmmyyyy $date_separator = '/'; ###----------------------------------------------------------- ### Leave blank (i.e. = '';) to use default submit buttons ### To use an image, jut use the file title (i.e. = 'update.gif';) $button_image{'UPDATE'} = ''; $button_image{'HOME'} = ''; $button_image{'VIEW ORDERS'} = ''; $button_image{'CHECK OUT'} = ''; $button_image{'SECURE CHECK OUT'} = ''; $button_image{'SUBMIT'} = ''; $button_image{'SECURE SUBMIT'} = ''; $button_image{'PLACE ORDER'} = ''; $button_image{'SEARCH'} = ''; $button_image{'SEARCH CATALOG'} = ''; $button_image{'SHIPPING RATES'} = ''; $button_image{'CONTINUE SHOPPING'} = ''; ###----------------------------------------------------------- # If the WEIGHT or OPTION hidden input fields exist on the catalog page, # then you MUST enter a value for the caption below, otherwise it must be blank (i.e. ''). $weight_caption = 'Weight'; # e.g. 'Weight' $option1_caption = 'Color'; # e.g. 'Color' $option2_caption = 'Size'; # e.g. 'Size' $option3_caption = ''; $shipping_type = 'quantity'; ### shipping_type is either 'price' or 'quantity' or 'weight' or 'included' or 'none' ### price or quantity means the minimum/maximum refers to total prices or total quantities respectively. ### '+' means add the Amount specified to the order total ### '*' means multiply the Amount times the Number of items ordered. ### '%' means take the given percentage of the total Amount ordered. ### Country, Ship via, Minimum, Maximum, Add or Multiply or Percentage, Amount ### @Shipping_Rates = ( [$catalog_country, 'UPS Ground', 0, 2, '+', 5.00], ### Index must start at 0 in case $shipping_type='weight' [$catalog_country, 'UPS Ground', 3, 5, '+', 10.00], ### Min. should be .01 more that prev max. if based on price [$catalog_country, 'UPS Ground', 6, 99999999,'*', 2.00], [$catalog_country, 'UPS Blue', 0, 2, '+', 10.00], [$catalog_country, 'UPS Blue', 3, 5, '+', 15.00], [$catalog_country, 'UPS Blue', 6, 99999999, '*', 3.00], [$catalog_country, 'FedEx', 0, 99999999, '+', 10], ['ALL', 'Airborne Express',0, 2, '+', 7.00], ### 'ALL' applies to any country (but is overriden by $accept_any_country = 'no') ['ALL', 'Airborne Express',3, 99999999, '*', 5.00], ### 'ALL' applies to any country ['OTHER','DHL', 0, 3, '*', 5.00], ### Default for any country not specfically listed above. ['OTHER','DHL', 4, 99999999, '*', 4.00], ### Default for any country not specfically listed above. ); $discount_type = 'quantity'; ### $discount_type is either 'quantity' or 'price' or 'none'. @Discount_Rates = ( ### For no discount use: $discount_type = 'none'; [1, 3, 0.00], ### Min. should be .01 more that prev max. if based on price [4, 99999999, 10.00], ); @Tax_States = ("NY 8.25", "TX 7.00"); ### List of: State to Apply Tax to, and Tax Rate (NOT percentage!) separated by a singe space ### e.g. @Tax_States = ("NY 8.25", "CA 4.5"); $stay_on_page = 'no'; ### ('yes' or 'no') #if 'yes', adds cart to current page ### this default can be overriden by cgi input field StayOnPage = YES ${SO} = ''; ${SE} = ''; ### Starting/Ending highlight tag for search results ########################################################################## ############# END OF CUSTOMIZATION AREAS ######################### ########################################################################## ###----------------------------------------------------------- $action = $input{'ACTION'}; ### Create a unique order ID for each user to pass along to each form ### and to use as the file title to store the items ordered if ( (uc substr($action,0,5) eq 'ENTER') || (uc substr($action,0,5) eq 'GO TO') || ( substr($action,0,2) eq '->') || ( substr($action,0,1) eq '[') ) { if ($input{'ORDER_ID'} eq '!ORDERID!') { $token_exists = 0; if ((lc $use_cookies eq 'yes') && (defined($ENV{'HTTP_COOKIE'})) ) { ### RETRIEVE COOKIE HERE AND CHECK IF TOKEN & TEMP_ORDER ### STILL EXISTS AND ASK IF USER WANTS TO CONTINUE OLD ORDER %Cookies = map split (/=/), split (/; /,$ENV{HTTP_COOKIE}); if (defined($Cookies{'orderid'})) { $unique_id = $Cookies{'orderid'}; if ( $unique_id !~ /\d{$id_length}?/ ) {&Transmission_error(0);} $token_file_name = "$token_directory/$unique_id"; $order_file_name = "$temp_orders_directory/$unique_id"; $customer_file_name = "$temp_customers_directory/$unique_id"; if (-e $token_file_name) { $token_exists = 1; if (-e $order_file_name) { unlink $customer_file_name; print "\n"; print "\n"; print "Previous Order Selections\n"; &add_menu_bar('CONTINUE SHOPPING'); &add_company_header; ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $mtime, $ctime) = stat(_); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($atime); $mon++; print "
You have an Existing Order placed on: $mon/$mday/$year, as Shown Below.
"; print "If you do Not want to finish this order Press the RESTART button to delete
"; print "this order and go to the first catalog page to start a new order.

"; print "
"; print "
"; if ($button_image{'RESTART'} eq '') {print "
";} else { print ""; print ""; } print ""; print "
"; print '
'; $add_cart = 1; $resuming_order = 1; &view_cart; &add_button_bar('CONTINUE SHOPPING'); &add_company_footer; exit; } #order file exists } # token file exists }#using cookies and found perlshop cookie } ##using cookies and have a cookie if ($token_exists == 0) { srand(time() ^ ($$ + ($$ << 15))); $rand_len = '9' x ($id_length - 3); do { $unique_id = &zero_fill(abs($$),3) . &zero_fill(int(rand($rand_len)),$id_length - 3); $token_file_name = "$token_directory/$unique_id"; } until (! (-e $token_file_name)); ### Now check if really unique (i.e. does it already exist?) ### Create a random token to use with SHA signature $token = int(rand(1000000)); open(token_file, ">$token_file_name") || &err_trap("Cannot open $token_file_name for writing\n"); print(token_file "$token\n"); close token_file; } if (lc $use_cookies eq 'yes') { &create_cookie('orderid', $unique_id, $cookie_expire_days); print "\n"; } } else {&Transmission_error(1);} } else { if ( (! defined $input{'ACTION'}) && ((lc $online_credit_verify eq 'secureorder') || (lc $online_check_verify eq 'secureorder')) && ($ENV{'QUERY_STRING'} =~ /^(\d+)\&(a|i|d|b){1}?\&(.*)/i) ) { if ($use_secure_server eq 'yes') { if ($ENV{'HTTP_REFERER'} ne $secure_prog_location) {&Transmission_error;} } else { if ($ENV{'HTTP_REFERER'} ne "http://$cgi_prog_location") {&Transmission_error;} } if (length($1) > $id_length) {$unique_id = substr($1, - $id_length);} else {$unique_id = '0' x ($id_length - length($1)); $unique_id .= $1;} $SecureOrder_return_code = $2; $SecureOrder_return_msg = $3; if ($SecureOrder_return_code eq 'a') {$action = 'PLACE ORDER';} elsif ($SecureOrder_return_code eq 'd') { print "\n\n"; print "SecureOrder Error\n"; print "
Sorry, your Charge was declined. "; print "You can go back and try another card, or try again later.
Thank you.

"; exit; } else { print "\n\n"; print "SecureOrder Error\n"; print "
The following error was encounterd in attempting to process your "; print "charge, please press your browser's BACK button, and go back and correct the information.
Thank you.

"; print "
Error: $SecureOrder_return_msg

"; exit; } } else {$unique_id = $input{'ORDER_ID'};} if (($unique_id eq '!ORDERID!') || ( $unique_id !~ /\d{$id_length}?/ )) {&Transmission_error(3);} if (lc $use_cookies eq 'yes') { if ($action eq 'RESTART') {&create_cookie('orderid', $unique_id, $cookie_expire_days);} ## Reset Expiration date elsif ($action eq 'PLACE ORDER') {&create_cookie('orderid', $unique_id, -1);} ## 'delete' cookie print "\n"; } $token_file_name = "$token_directory/$unique_id"; if ( !(-e $token_file_name) ) { print "\n"; print "Already Checked Out\n"; print "\n"; print "

You cannot revise an order after checking out. You must enter the shop "; print "again if you wish to order more items, or contact the merchant directly if you "; print "need to cancel an order.


"; print "
Press the button below if you wish to start a new shopping session.


"; $unique_id = '!ORDERID!'; &add_button_bar(); print "\n"; print "\n"; exit; } } $order_file_name = "$temp_orders_directory/$unique_id"; $customer_file_name = "$temp_customers_directory/$unique_id"; $token_file_name = "$token_directory/$unique_id"; if (uc substr($action,0,6) eq 'SECURE') {$image_location=$secure_image_location;} if ( (uc substr($action,0,5) eq 'ORDER') || (uc substr($action,0,3) eq 'ADD') || (uc substr($action,0,3) eq 'PUT') || (uc substr($action,0,3) eq 'BUY') ) ### write out the order to a file in comma delimited, quoted format (CSV) { ### check for duplicates first if (-e $order_file_name) { open (order_file, $order_file_name)|| &err_trap( "Cannot open $order_file_name for reading\n" ); while () { chop; ($order_id, $item_id, $item_name, $item_price, $item_qty, $item_weight, $item_taxtype, $item_option1, $item_option2, $item_option3) = split(/$delim/,$_); &UnQuote($item_id); &UnQuote($item_option1); &UnQuote($item_option2); &UnQuote($item_option3); #Remove surrounding Quotation marks $index=""; do { if (! defined $input{'ITEM_OPTION1'.$index}) {$input{'ITEM_OPTION1'.$index} = "";} if (! defined $input{'ITEM_OPTION2'.$index}) {$input{'ITEM_OPTION2'.$index} = "";} if (! defined $input{'ITEM_OPTION3'.$index}) {$input{'ITEM_OPTION3'.$index} = "";} if ( ($input{'QTY'.$index} > 0) && ($item_id eq $input{'ITEM_ID'.$index}) && (lc $item_option1 eq lc $input{'ITEM_OPTION1'.$index}) && (lc $item_option2 eq lc $input{'ITEM_OPTION2'.$index}) && (lc $item_option3 eq lc $input{'ITEM_OPTION3'.$index}) ) { print "\n"; print "Duplicate Item\n"; print "\n"; print "

The Item: \"$input{'ITEM_NAME'.$index}\""; if ($item_option1 ne "") {print ", $item_option1";} if ($item_option2 ne "") {print ", $item_option2";} if ($item_option3 ne "") {print ", $item_option3";} print ' Has Already Been Ordered!

'; print "You May Change the Quantity ordered by pressing the VIEW ORDERS button below.


"; &add_button_bar('CONTINUE SHOPPING', 'VIEW ORDERS'); print "\n"; print "\n"; exit; } if ($index eq "") {$index = 1;} else {$index++;} } until (! defined $input{'ITEM_ID'.$index}); }#while order_file close order_file; }#if file exists ### Check if the Item # and Price have been tampered with !!! if (-e $token_file_name) { open(token_file, $token_file_name) || &err_trap("Cannot open token file: $token_file_name"); $token = ; chop($token); $index=""; $item_code=""; $items_ordered=0; do { &Check_Valid_Quantity($input{'QTY'.$index}, $input{'ITEM_NAME'.$index}); ### exit with err msg if not valid quantity if ($input{'QTY'.$index} > 0) {$items_ordered++;} if (! defined $input{'ITEM_WEIGHT'.$index}) {$input{'ITEM_WEIGHT'.$index} = 0;} if (! defined $input{'ITEM_TAXTYPE'.$index}) {$input{'ITEM_TAXTYPE'.$index} = "";} $input{'ITEM_PRICE'.$index} = &UnCurrency($input{'ITEM_PRICE'.$index}); $item_code .= $input{'ITEM_ID'.$index} . $input{'ITEM_PRICE'.$index} . $input{'ITEM_WEIGHT'.$index} . $input{'ITEM_TAXTYPE'.$index}; if ($index eq "") {$index = 1;} else {$index++;} } until (! defined $input{'ITEM_ID'.$index}); $item_code = &SHA( $ENV{'REMOTE_ADDR'} . $item_code . $token); if ($item_code ne $input{'ITEM_CODE'}) {&Transmission_error(4);} } if ($items_ordered == 0) { print "\n"; print "No Items Ordered\n"; print "\n"; print "

All Quantities Were Zero (0), Please go back and enter a valid "; print "quantity for at least one item

"; &add_button_bar('CONTINUE SHOPPING', 'VIEW ORDERS'); print "\n"; print "\n"; exit; } $index=""; open(order_file, ">>$order_file_name") || &err_trap("Cannot open $order_file_name for writing\n"); do { if ($input{'QTY'.$index} > 0) { ### now append the data to the file if (! defined $input{'ITEM_WEIGHT'.$index}) {$input{'ITEM_WEIGHT'.$index} = 0;} if (! defined $input{'ITEM_TAXTYPE'.$index}) {$input{'ITEM_TAXTYPE'.$index} = "";} if (! defined $input{'ITEM_OPTION1'.$index}) {$input{'ITEM_OPTION1'.$index} = "";} if (! defined $input{'ITEM_OPTION2'.$index}) {$input{'ITEM_OPTION2'.$index} = "";} if (! defined $input{'ITEM_OPTION3'.$index}) {$input{'ITEM_OPTION3'.$index} = "";} print(order_file "\"$unique_id\"$delim"); print(order_file "\"$input{'ITEM_ID'.$index}\"$delim"); print(order_file "\"$input{'ITEM_NAME'.$index}\"$delim"); print(order_file "\"$input{'ITEM_PRICE'.$index}\"$delim"); print(order_file "\"$input{'QTY'.$index}\"$delim"); print(order_file "\"$input{'ITEM_WEIGHT'.$index}\"$delim"); print(order_file "\"$input{'ITEM_TAXTYPE'.$index}\"$delim"); print(order_file "\"$input{'ITEM_OPTION1'.$index}\"$delim"); print(order_file "\"$input{'ITEM_OPTION2'.$index}\"$delim"); print(order_file "\"$input{'ITEM_OPTION3'.$index}\"\n"); } if ($index eq "") {$index = 1;} else {$index++;} } until (! defined $input{'ITEM_ID'.$index}); ### now output the order details page close order_file; if (($stay_on_page eq 'yes') || (uc $input{'STAYONPAGE'} eq 'YES')) {$add_cart = 1;} else { &view_cart; exit; } } elsif ($action eq 'VIEW ORDERS') { &view_cart; exit; } elsif ($action eq 'UPDATE') { foreach $index(1..$input{'NUM_ITEMS'} - 1) { &Check_Valid_Quantity($input{'QTY'.$index}, $input{'ITEM_NAME'.$index}); ### exit with err msg if not valid quantity } ### update order file with updated order info $tempfile = $order_file_name . '.bak'; rename($order_file_name, $tempfile); open (order_file, $tempfile)|| &err_trap("Cannot open $order_file_name for reading\n"); open (out_file, ">$order_file_name"); $index = 1; ### if input item is not in order file, ignore it, View Orders page may have been tampered with ### and take all data except Quantity from input file, not from web page, to prevent tampering. while () { chop; ($order_id, $item_id, $item_name, $price, $quantity, $weight, $item_taxtype, $option1, $option2, $option3) = split(/$delim/,$_); &UnQuote($item_id); &UnQuote($option1); &UnQuote($option2); &UnQuote($option3); if ( ($item_id eq $input{'ITEM_ID'.$index}) && ($option1 eq $input{'ITEM_OPTION1'.$index}) && ($option2 eq $input{'ITEM_OPTION2'.$index}) && ($option3 eq $input{'ITEM_OPTION3'.$index}) ) { if ($input{'QTY'.$index} > 0) { print(out_file "\"$unique_id\"$delim"); print(out_file "\"$item_id\"$delim"); print(out_file "$item_name$delim"); print(out_file "$price$delim"); print(out_file "\"$input{'QTY'.$index}\"$delim"); print(out_file "$weight$delim"); print(out_file "$item_taxtype$delim"); print(out_file "\"$option1\"$delim"); print(out_file "\"$option2\"$delim"); print(out_file "\"$option3\"\n"); } } $index += 1; } close out_file; close order_file; unlink $tempfile; if ((($stay_on_page eq 'yes') || (uc $input{'STAYONPAGE'} eq 'YES')) && (! -e $customer_file_name)) {$add_cart = 1;} else { &view_cart; exit; } } elsif (($action eq 'CHECK OUT') or ($action eq 'SECURE CHECK OUT')) { &display_order_form; exit; } elsif (($action eq 'SUBMIT') or ($action eq 'SECURE SUBMIT')) { ### Validate & Save Order (Shipping & Payment) info, and make sure ### it's linked to an Order Number! (i.e. that an order file exists). &check_if_orders_exist; &self_test; $error_msg = ""; &require("First Name", $input{'FNAME'}); &require("Last Name", $input{'LNAME'}); &require("Street1", $input{'STREET1'}); &require("City", $input{'CITY'}); &require("State/Province", $input{'STATE'}); &require("Zip Code", $input{'ZIP'}); &check_country($input{'COUNTRY'}); &require("Country", $input{'COUNTRY'}); &require("Email Address", $input{'EMAIL'}); &check_zip($input{'ZIP'}, $input{'COUNTRY'}); $input{'STATE'} = &check_state($input{'STATE'}, $input{'COUNTRY'}); &check_email($input{'EMAIL'}); if (($input{'PAYBY'} eq 'CREDIT') && ((lc $online_credit_verify eq 'secureorder') || (lc $online_check_verify eq 'secureorder')) && (($input{'DPHONE'} eq '') && ($input{'NPHONE'} eq ''))) {&require("Daytime or Nighttime Phone", $input{'DPHONE'});} $input{'DPHONE'} = &check_phone($input{'DPHONE'}, $input{'COUNTRY'}); $input{'NPHONE'} = &check_phone($input{'NPHONE'}, $input{'COUNTRY'}); $input{'FAX'} = &check_phone($input{'FAX'}, $input{'COUNTRY'}); if (not (exists $input{'PAYBY'})) { $input{'PAYBY'} = uc @accept_payment_by[0]; } if ($input{'PAYBY'} ne 'CREDIT') { if ($input{'CARDNO'} ne "") { $error_msg .= "
  • Credit Card number entered, but Pay By [Credit] not selected."; } } else { &require("Card Type", $input{'CARDTYPE'}); &require("Credit Card #", $input{'CARDNO'}); &require("Expiration Month", $input{'EXPMONTH'}); &require("Expiration Year", $input{'EXPYEAR'}); &check_card_num($input{'CARDNO'}, $input{'CARDTYPE'}); &check_expire_date($input{'EXPMONTH'}, $input{'EXPYEAR'}); } if ($shipping_type ne 'none') { if (($input{'STREET1'} =~ /(^.*[\s.]+|^)box\s+\d+/i ) && ( substr($input{'SHIPTYPE'},0,3) eq 'UPS' || substr($input{'SHIPTYPE'},0,3) eq 'DHL' || substr($input{'SHIPTYPE'},0,5) eq 'FedEx') ) { $error_msg .="
  • $input{'SHIPTYPE'} cannot ship to a P.O. Box. Enter a valid Street address."; } $country_uc = uc($input{'COUNTRY'}); $shipper_found = 0; $country_found = 0; foreach $index(0..$#Shipping_Rates) { ($Ship_Country, $Shipper, $Ship_Min, $Ship_Max, $Ship_Mul, $Ship_Amt) = @{$Shipping_Rates[$index]}; if ( (($country_uc eq uc $Ship_Country) || ($Ship_Country eq 'ALL')) && ($input{'SHIPTYPE'} eq $Shipper) ) {$shipper_found = 1;} if ($country_uc eq uc $Ship_Country) {$country_found = 1;} } if ($shipper_found == 0) { if ($accept_any_country eq 'no') {$error_msg .= "
  • Orders from: $country_uc cannot be accepted at this time, Sorry.
    ";} else { ### If country not in table, make sure Shipper entered is the one in the table for 'OTHER' (last one in table) ($Ship_Country, $Shipper, $Ship_Min, $Ship_Max, $Ship_Mul, $Ship_Amt) = @{$Shipping_Rates[$#Shipping_Rates]}; if (($input{'SHIPTYPE'} ne $Shipper) || ($country_found == 1)) { $valid_shippers = ""; if ($country_found == 0) {$valid_shippers = $Shipper;} $prev_Shipper = ""; foreach $index(0..$#Shipping_Rates) { ($Ship_Country, $Shipper, $Ship_Min, $Ship_Max, $Ship_Mul, $Ship_Amt) = @{$Shipping_Rates[$index]}; if (((uc $Ship_Country eq 'ALL') || ($country_uc eq $Ship_Country)) && ($Shipper ne $prev_Shipper)) { if ($valid_shippers eq "") {$valid_shippers = $Shipper;} else {$valid_shippers .= ', or ' . $Shipper;} } $prev_Shipper = $Shipper; }#foreach $error_msg .= "
  • $input{'SHIPTYPE'} is not a valid Shipper for $country_uc, Only $valid_shippers is.
    "; }#if }#else }#if }#shipping ne none if ($error_msg ne "") { print "\n"; print "Errors on Order Form\n"; print "\n"; print "

    The Following Errors Were Encountered!


    "; print "
    Press your browser's BACK button to Go back to the CheckOut form and fix them. Thank you.

    "; print "

      $error_msg


    "; print "\n"; print "\n"; if ($testing ne 'yes') { exit; } } open(customer_file, ">$customer_file_name") || &err_trap("Cannot open $customer_file_name for writing\n"); print(customer_file "\"$unique_id\"$delim"); print(customer_file "\"$ENV{'REMOTE_ADDR'}\"$delim"); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); $mon++; &Year2000($year); if ($date_format eq 'mmddyy' || $date_format eq 'mmddyyyy') {print(customer_file "\"$mon$date_separator$mday$date_separator$year\"$delim");} elsif ($date_format eq 'ddmmyy' || $date_format eq 'ddmmyyyy') {print(customer_file "\"$mday$date_separator$mon$date_separator$year\"$delim");} print(customer_file "\"$hour:$min:$sec\"$delim"); print(customer_file "\"$input{'TITLE'}\"$delim"); print(customer_file "\"$input{'FNAME'}\"$delim"); print(customer_file "\"$input{'LNAME'}\"$delim"); print(customer_file "\"$input{'COMPANY'}\"$delim"); print(customer_file "\"$input{'STREET1'}\"$delim"); print(customer_file "\"$input{'STREET2'}\"$delim"); print(customer_file "\"$input{'CITY'}\"$delim"); print(customer_file "\"$input{'STATE'}\"$delim"); print(customer_file "\"$input{'ZIP'}\"$delim"); print(customer_file "\"$input{'COUNTRY'}\"$delim"); print(customer_file "\"$input{'EMAIL'}\"$delim"); print(customer_file "\"$input{'DPHONE'}\"$delim"); print(customer_file "\"$input{'DEXTEN'}\"$delim"); print(customer_file "\"$input{'NPHONE'}\"$delim"); print(customer_file "\"$input{'NEXTEN'}\"$delim"); print(customer_file "\"$input{'FAX'}\"$delim"); print(customer_file "\"$input{'SHIPTYPE'}\"$delim"); print(customer_file "\"$input{'PAYBY'}\"$delim"); print(customer_file "\"$input{'CARDTYPE'}\"$delim"); print(customer_file "\"$input{'CARDNO'}\"$delim"); print(customer_file "\"$input{'EXPMONTH'}\"$delim"); print(customer_file "\"$input{'EXPYEAR'}\"$delim"); print(customer_file "\"$input{'SOURCE'}\"$delim"); $input{'SUGGEST'} =~ tr/\"\n\r/\` /d; print(customer_file "\"$input{'SUGGEST'}\"$delim"); print(customer_file "\"$input{'FVPIN'}\"\n"); close customer_file; &view_cart; exit; } elsif ($action eq 'PLACE ORDER') { &send_confirmation; open (order_file, $order_file_name)|| &err_trap("Cannot open $order_file_name for reading\n"); open (out_file, ">$orders_directory/$unique_id"); while () { if ($convert_delim_to_commas eq 'yes') {$_ =~ eval "tr/$delim/,/";} print(out_file $_); } close out_file; open (customer_file, $customer_file_name)|| &err_trap("Cannot open $customer_file_name for reading\n"); open (out_file, ">$customers_directory/$unique_id"); while () { chop; if ($convert_delim_to_commas eq 'yes') {$_ =~ eval "tr/$delim/,/";} $sub_total = sprintf("%.2f", $sub_total); $tax = sprintf("%.2f", $tax); $shipping = sprintf("%.2f", $shipping); $grand_total = sprintf("%.2f", $grand_total); $total_discount = sprintf("%.2f", $total_discount); if ($Payby eq 'COD') {$cod_charge = sprintf("%.2f", $cod_charge);} else {$cod_charge = 0;} $Handling = sprintf("%.2f", $Handling); print(out_file "$_,\"$sub_total\",\"$tax\",\"$shipping\",\"$grand_total\",\"$total_discount\",\"$cod_charge\",\"$Handling\"\n"); } close out_file; if ($testing ne 'yes') { unlink $token_file_name; ##delete token file unlink $order_file_name; unlink $customer_file_name; } exit; } elsif ($action eq 'SHIPPING RATES') { &show_shipping_rates; exit; } elsif ($action eq 'SEARCH') { print "\n"; print "Search the Catalog\n"; &add_menu_bar('CONTINUE SHOPPING'); &add_company_header; &add_search_screen; &add_company_footer; exit; } elsif (($action eq 'SEARCH CATALOG') || ($input{'DOSEARCH'} eq 'SEARCH CATALOG')) { print "\n"; print "Search Results\n"; &add_menu_bar('SEARCH', 'CONTINUE SHOPPING'); &add_company_header; $found = 0; $pattern = $input{'SEARCH STRING'}; if ($pattern eq "") { print "You did not enter a pattern to search for!"; &add_button_bar('SEARCH', 'CONTINUE SHOPPING'); &add_company_footer; exit; } if ($input{'REGEXP'} ne 'TRUE') {$pattern = "\Q$pattern\E";} if ($input{'MATCHWORD'} eq 'TRUE') {$pattern = '(^|\b)+' . $pattern . '($|\b)+';} if ($input{'MATCHCASE'} ne 'TRUE') {$pattern = '(?i)' . $pattern;} ### Match pattern only if it is not part of a valid HTML tag, ### ### then Remove all HTML tags from matched line ### $matches = 0; &matchfile($catalog_directory); if ($matches == 0) {print "

    The pattern: \"$input{'SEARCH STRING'}\" was Not found!


    ";} else {print '
    ';} &add_search_screen; &add_button_bar('CONTINUE SHOPPING'); &add_company_footer; if ($create_search_log eq 'yes') {&create_log("Searches", $input{'SEARCH STRING'}, $matches );} exit; } elsif ($action eq 'RESTART') { unlink $order_file_name; } #------------------------------------------------------------------# if (defined($input{'THISPAGE'})) { ### Send a catalog page back with the unique ID set $catalog_page = "$catalog_directory/$input{'THISPAGE'}"; if (-e $catalog_page) { open(TEMPLATE, $catalog_page) || &err_trap("cannot open template file: $catalog_page"); } $prev_page = ""; $next_page= ""; if ($add_navigation eq 'yes') { $temp =