#!/usr/bin/perl ## Copywrite by RSH Web Services ## $| = 1; $time = time; &require_supporting_libraries (__FILE__, __LINE__, "Admin_files/Store_user_lib.pl"); &require_supporting_libraries (__FILE__, __LINE__, "Library/web_store.setup.db"); &require_supporting_libraries (__FILE__, __LINE__, "Library/web_store_order_lib.pl"); &require_supporting_libraries (__FILE__, __LINE__, "$sc_cgi_lib_path", "$sc_html_setup_file_path", "$sc_mail_lib_path", "$sc_cookie_lib", "$sc_Store_subs_path"); &read_and_parse_form_data; &get_cookie; &require_supporting_libraries (__FILE__, __LINE__, "./Library/special_library.pl"); $page = $form_data{'page'}; $page =~ /([\w\-\=\+\/]+)\.(\w+)/; $page = "$1.$2"; $page = "" if ($page eq "."); $page =~ s/^\/+//; # Get rid of any residual / prefix $search_request = $form_data{'search_request_button'}; $cart_id = $form_data{'cart_id'}; if ($cart_id =~ /^(\w+)$/) { $cart_id = $1; } else { $cart_id = ""; } $sc_cart_path = "$sc_user_carts_directory_path/$cart_id.cart"; &error_check_form_data; if ($cookie{'cart_id'} eq "" && $form_data{'cart_id'} eq "") { &delete_old_carts; &assign_a_unique_shopping_cart_id; } if ($form_data{'cart_id'} eq "") { $cart_id = $cookie{'cart_id'}; $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart"; } else { $cart_id = $form_data{'cart_id'}; $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart"; } print "Content-type: text/html\n\n"; $are_any_query_fields_filled_in = "no"; foreach $query_field (@sc_db_query_criteria) { @criteria = split(/\|/, $query_field); if ($form_data{$criteria[0]} ne "") { $are_any_query_fields_filled_in = "yes"; } } if ($form_data{'add_to_cart_button'} ne "") { &add_to_the_cart; exit; } elsif ($form_data{'modify_cart_button'} ne "") { &display_cart_contents; exit; } elsif ($form_data{'change_quantity_button'} ne "") { &output_modify_quantity_form; exit; } elsif ($form_data{'submit_change_quantity_button'} ne "") { &modify_quantity_of_items_in_cart; exit; } elsif ($form_data{'delete_item_button'} ne "") { &output_delete_item_form; exit; } elsif ($form_data{'submit_deletion_button'} ne "") { &delete_from_cart; exit; } elsif ($form_data{'order_form_button'} ne "") { &require_supporting_libraries (__FILE__, __LINE__, "$sc_order_lib_path"); &display_order_form; exit; } elsif ($form_data{'submit_order_form_button'} ne "") { &require_supporting_libraries (__FILE__, __LINE__, "$sc_order_lib_path"); &process_order_form; exit; } elsif (($page ne "" || $form_data{'search_request_button'} ne "" || $form_data{'continue_shopping_button'} || $are_any_query_fields_filled_in =~ /yes/i) && ($form_data{'return_to_frontpage_button'} eq "")) { &display_products_for_sale; exit; } elsif ($form_data{'RESPONSECODE'} eq "T" || $form_data{'RESPONSECODE'} eq "P") { $cart_id = $form_data{'USER6'}; $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart"; &logOrder; exit; } else { &output_frontpage; exit; } ####################################################################### # Require Supporting Libraries. # ####################################################################### sub require_supporting_libraries { local ($file, $line, @require_files) = @_; local ($require_file); foreach $require_file (@require_files) { if (-e "$require_file" && -r "$require_file") { require "$require_file"; } else { print "I am sorry but I was unable to require $require_file at line $line in $file. Would you please make sure that you have the path correct and that the permissions are set so that I have read access? Thank you."; exit; } } # End of foreach $require_file (@require_files) } # End of sub require_supporting_libraries ####################################################################### # Read and Parse Form Data. # ####################################################################### sub read_and_parse_form_data { &ReadParse(*form_data); } ####################################################################### # Error Check Form Data. # ####################################################################### sub error_check_form_data { foreach $file_extension (@acceptable_file_extensions_to_display) { if ($page =~ /$file_extension/ || $page eq "") { $valid_extension = "yes"; } } if ($valid_extension ne "yes") { print "$sc_page_load_security_warning"; &update_error_log("PAGE LOAD WARNING", __FILE__, __LINE__); exit; } } ####################################################################### # Delete Old Carts. # ####################################################################### sub delete_old_carts { opendir (USER_CARTS, "$sc_user_carts_directory_path") || &file_open_error("$sc_user_carts_directory_path", "Delete Old Carts", __FILE__, __LINE__); @carts = grep(/\.cart/,readdir(USER_CARTS)); closedir (USER_CARTS); foreach $cart (@carts) { if ($cart =~ /^(\w+)$/) { $cart = $1; if (-M "$sc_user_carts_directory_path/$cart" > $sc_number_days_keep_old_carts) { unlink("$sc_user_carts_directory_path/$cart"); } } } # end of foreach } # End of sub delete_old_carts ####################################################################### # Assign a Shopping Cart. # ####################################################################### sub assign_a_unique_shopping_cart_id { if ($sc_shall_i_log_accesses eq "yes") { $date = &get_date; &get_file_lock("$sc_access_log_path.lockfile"); open (ACCESS_LOG, ">>$sc_access_log_path"); $remote_addr = $ENV{'REMOTE_ADDR'}; $request_uri = $ENV{'REQUEST_URI'}; $http_user_agent = $ENV{'HTTP_USER_AGENT'}; if ($ENV{'HTTP_REFERER'} ne "") { $http_referer = $ENV{'HTTP_REFERER'}; } else { $http_referer = "possible bookmarks"; } $remote_host = $ENV{'REMOTE_HOST'}; $shortdate = `date +"%T"`; chop ($shortdate); $unixdate = time; $new_access = "$form_data{'url'}\|$shortdate\|$request_uri\|$cookie{'visit'}\|$remote_addr\|$http_user_agent\|$http_referer\|$unixdate\|"; chop $new_access; print ACCESS_LOG "$new_access\n"; close (ACCESS_LOG); &release_file_lock("$sc_access_log_path.lockfile"); } srand (time|$$); $cart_id = int(rand(10000000)); $cart_id .= "_$$"; $cart_id =~ s/-//g; $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart"; $cart_count = 0; while (-e "$sc_cart_path") { if ($cart_count == 3) { print "$sc_randomizer_error_message"; &update_error_log("COULD NOT CREATE UNIQUE CART ID", __FILE__, __LINE__); exit; } $cart_id = int(rand(10000000)); $cart_id .= "_$$"; $cart_id =~ s/-//g; $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart"; $cart_count++; } # End of while (-e $sc_cart_path) &SetCookies; } ####################################################################### # Output Frontpage. # ####################################################################### sub output_frontpage { &display_page("$sc_store_front_path", "Output Frontpage", __FILE__, __LINE__); } ####################################################################### # Add to Shopping Cart # ####################################################################### sub add_to_the_cart { open (CART, "+>>$sc_cart_path") || &file_open_error("$sc_cart_path", "Add to Shopping Cart", __FILE__, __LINE__); $highest_item_number = 100; # init highest item number (start at 100) seek (CART, 0, 0); # make sure we're positioned at top of file while () # loop on cart contents, if any { chomp $_; # get rid of terminating newline my @row = split (/\|/, $_); # split cart row into fields my $item_number = pop (@row); # get item number of row (last field) $highest_item_number = $item_number if ($item_number > $highest_item_number); } seek (CART, 0, 2); # position to end of file @items_ordered = keys (%form_data); foreach $item (@items_ordered) { if (($item =~ /^item-/i || $item =~ /^option/i) && $form_data{$item} ne "") { $item =~ s/^item-//i; if ($item =~ /^option/i) { push (@options, $item); } else { if (($form_data{"item-$item"} =~ /\D/) || ($form_data{"item-$item"} == 0)) { &bad_order_note; } else { $quantity = $form_data{"item-$item"}; push (@items_ordered_with_options, "$quantity\|$item\|"); } } } # End of if ($item ne "$variable" && $form_data{$item} ne "") } #End of foreach $item (@items_ordered) foreach $item_ordered_with_options (@items_ordered_with_options) { $options = ""; $option_subtotal = ""; $option_grand_total = ""; $item_grand_total = ""; $item_ordered_with_options =~ s/~qq~/\"/g; $item_ordered_with_options =~ s/~gt~/\>/g; $item_ordered_with_options =~ s/~lt~/\>$sc_cart_path") || &file_open_error("$sc_cart_path", "Add to Shopping Cart", __FILE__, __LINE__); print CART "$cart_row"; close (CART); } else { open (CART, ">$sc_cart_path") || &file_open_error("$sc_cart_path", "Add to Shopping Cart", __FILE__, __LINE__); print CART "$cart_row"; close (CART); } if ($sc_use_html_product_pages eq "yes") { if ($sc_should_i_display_cart_after_purchase eq "yes") { &display_cart_contents; } else { &display_page("$sc_html_product_directory_path/$page", "Display Products for Sale"); } } else { if ($sc_should_i_display_cart_after_purchase eq "yes") { &display_cart_contents; } elsif ($are_any_query_fields_filled_in =~ /yes/i) { $page = ""; &display_products_for_sale; } else { &create_html_page_from_db; } } } ####################################################################### # Output Modify Quantity Form # ####################################################################### sub output_modify_quantity_form { &standard_page_header("Change Quantity"); &display_cart_table("changequantity"); &modify_form_footer; } ####################################################################### # Modify Quantity of Items in the Cart # ####################################################################### sub modify_quantity_of_items_in_cart { @incoming_data = keys (%form_data); foreach $key (@incoming_data) { if ((($key =~ /[\d]/) && ($form_data{$key} =~ /\D/)) || $form_data{$key} eq "0") { &update_error_log("BAD QUANTITY CHANGE", __FILE__, __LINE__); &bad_order_note("change_quantity_button"); } unless ($key =~ /[\D]/ && $form_data{$key} =~ /[\D]/) { if ($form_data{$key} ne "") { push (@modify_items, $key); } } } # End of foreach $key (@incoming_data) # Then, the script must open up the client's cart and go # through it line by line. File open problems are # handled by file_open_error as usual. open (CART, "<$sc_cart_path") || &file_open_error("$sc_cart_path", "Modify Quantity of Items in the Cart", __FILE__, __LINE__); while () { @database_row = split (/\|/, $_); $cart_row_number = pop (@database_row); push (@database_row, $cart_row_number); $old_quantity = shift (@database_row); chop $cart_row_number; foreach $item (@modify_items) { if ($item eq $cart_row_number) { $shopper_row .= "$form_data{$item}\|"; foreach $field (@database_row) { $shopper_row .= "$field\|"; } $quantity_modified = "yes"; chop $shopper_row; # Get rid of last pipe symbol but not the # newline character } # End of if ($item eq $cart_row_number) } # End of foreach $item (@modify_items) if ($quantity_modified ne "yes") { $shopper_row .= $_; } $quantity_modified = ""; } # End of while () close (CART); open (CART, ">$sc_cart_path") || &file_open_error("$sc_cart_path", "Modify Quantity of Items in the Cart", __FILE__, __LINE__); print CART "$shopper_row"; close (CART); &display_cart_contents; } # End of if ($form_data{'submit_change_quantity'} ne "") ####################################################################### # Output Delete Item Form # ####################################################################### sub output_delete_item_form { &standard_page_header("Delete Item"); &display_cart_table("delete"); &delete_form_footer; } # End of if ($form_data{'delete_item'} ne "") ####################################################################### # Delete Item From Cart # ####################################################################### sub delete_from_cart { @incoming_data = keys (%form_data); foreach $key (@incoming_data) { unless ($key =~ /[\D]/) { if ($form_data{$key} ne "") { push (@delete_items, $key); } } # End of unless ($key =~ /[\D]/... } # End of foreach $key (@incoming_data) open (CART, "<$sc_cart_path") || &file_open_error("$sc_cart_path", "Delete Item From Cart", __FILE__, __LINE__); while () { @database_row = split (/\|/, $_); $cart_row_number = pop (@database_row); $db_id_number = pop (@database_row); push (@database_row, $db_id_number); push (@database_row, $cart_row_number); chop $cart_row_number; $old_quantity = shift (@database_row); $delete_item = ""; foreach $item (@delete_items) { if ($item eq $cart_row_number) { $delete_item = "yes"; } } # End of foreach $item (@add_items) if ($delete_item ne "yes") { $shopper_row .= $_; } } # End of while () close (CART); open (CART, ">$sc_cart_path") || &file_open_error("$sc_cart_path", "Delete Item From Cart", __FILE__, __LINE__); print CART "$shopper_row"; close (CART); &display_cart_contents; } # End of if ($form_data{'submit_deletion'} ne "") ####################################################################### # Display Products for Sale # ####################################################################### sub display_products_for_sale { if ($sc_use_html_product_pages eq "yes") { if ($form_data{'search_request_button'} ne "") { &standard_page_header("Search Results"); require "$sc_html_search_routines_library_path"; &html_search; &html_search_page_footer; exit; } &display_page("$sc_html_product_directory_path/$page", "Display Products for Sale", __FILE__, __LINE__); } else { &create_html_page_from_db; } } ####################################################################### # create_html_page_from_db Subroutine # ####################################################################### sub create_html_page_from_db { local (@database_rows, @database_fields, @item_ids, @display_fields); local ($total_row_count, $id_index, $display_index); local ($row, $field, $empty, $option_tag, $option_location, $output); if ($page ne "" && $form_data{'search_request_button'} eq "" && $form_data{'continue_shopping_button'} eq "") { &display_page("$sc_html_product_directory_path/$form_data{'page'}", "Display Products for Sale", __FILE__, __LINE__); exit; } &product_page_header($sc_product_display_title); if ($form_data{'add_to_cart_button'} ne "" && $sc_shall_i_let_client_know_item_added eq "yes") { print "$sc_item_ordered_message"; } if (!($sc_db_lib_was_loaded =~ /yes/i)) { &require_supporting_libraries (__FILE__, __LINE__, "$sc_db_lib_path"); } ($status,$total_row_count) = &submit_query(*database_rows); foreach $row (@database_rows) { @database_fields = split (/\|/, $row); foreach $field (@database_fields) { if ($field =~ /^%%OPTION%%/) { ($empty, $option_tag, $option_location) = split (/%%/, $field); $field = ""; open (OPTION_FILE, "<$sc_options_directory_path/$option_location") || &file_open_error ("$sc_options_directory_path/$option_location", "Display Products for Sale", __FILE__,__LINE__); while () { s/%%PRODUCT_ID%%/$database_fields[$sc_db_index_of_product_id]/g; $field .= $_; } close (OPTION_FILE); } # End of if ($field =~ /^%%OPTION%%/) } # End of foreach $field (@database_fields) @display_fields = (); @temp_fields = @database_fields; foreach $display_index (@sc_db_index_for_display) { if ($display_index == $sc_db_index_of_price) { $temp_fields[$sc_db_index_of_price] = &display_price($temp_fields[$sc_db_index_of_price]); } push(@display_fields, $temp_fields[$display_index]); } @item_ids = (); foreach $id_index (@sc_db_index_for_defining_item_id) { $database_fields[$id_index] =~ s/\"/~qq~/g; $database_fields[$id_index] =~ s/\>/~gt~/g; $database_fields[$id_index] =~ s/\ ENDOFTEXT exit; } ####################################################################### # display_cart_contents Subroutine # ####################################################################### sub display_cart_contents { # The subroutine begins by defining some working variables # as local to the subroutine. local (@cart_fields); local ($field, $cart_id_number, $quantity, $display_number, $unformatted_subtotal, $subtotal, $unformatted_grand_total, $grand_total); &standard_page_header("View/Modify Cart"); &display_cart_table(""); &cart_footer; exit; } # End of sub display_cart_contents ####################################################################### # file_open_error Subroutine # ####################################################################### sub file_open_error { local ($bad_file, $script_section, $this_file, $line_number) = @_; &update_error_log("FILE OPEN ERROR-$bad_file", $this_file, $line_number); open(ERROR, $error_page); while () { print $_; } close (ERROR); } ####################################################################### # display_page Subroutine # ####################################################################### sub display_page { local ($page, $routine, $file, $line) = @_; # the subroutine begins by opening the requested file for # reading, exiting with file_open_error if there is a # problem as usual. open (PAGE, "<$page") || &file_open_error("$page", "$routine", $file, $line); while () { s/cart_id=/cart_id=$cart_id/g; s/%%cart_id%%/$cart_id/g; s/%%page%%/$form_data{'page'}/g; s/%%date%%/$date/g; if ($form_data{'add_to_cart_button'} ne "" && $sc_shall_i_let_client_know_item_added eq "yes") { if ($_ =~ /
>$sc_error_log_path") || &CgiDie ("The Error Log could not be opened"); foreach $variable (@env_vars) { $log_entry .= "$ENV{$variable}\|"; } print ERROR_LOG "$log_entry\n"; close (ERROR_LOG); &release_file_lock("$sc_error_log_path.lockfile"); } # End of if ($sc_shall_i_log_errors eq "yes") if ($sc_shall_i_email_if_error eq "yes") { $email_body = "$type_of_error\n\n"; $email_body .= "FILE = $file_name\n"; $email_body .= "LINE = $line_number\n"; $email_body .= "DATE=$date\|"; foreach $variable (@env_vars) { $email_body .= "$variable = $ENV{$variable}\n"; } &send_mail("$sc_admin_email", "$sc_admin_email", "Web Store Error", "$email_body"); } # End of if ($sc_shall_i_email_if_error eq "yes") } ################################################################# # get_date Subroutine # ################################################################# sub get_date { # The subroutine begins by defining some local working # variables local ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst,$date); local (@days, @months); @days = ('Sunday','Monday','Tuesday','Wednesday','Thursday', 'Friday','Saturday'); @months = ('January','February','March','April','May','June','July', 'August','September','October','November','December'); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); if ($hour < 10) { $hour = "0$hour"; } if ($min < 10) { $min = "0$min"; } if ($sec < 10) { $sec = "0$sec"; } $year = ($sc_current_century-1) . "$year"; $date = "$days[$wday], $months[$mon] $mday, $year at $hour\:$min\:$sec"; return $date; } ################################################################# # display_price Subroutine # ################################################################# sub display_price { local ($price) = @_; local ($format_price); if ($sc_money_symbol_placement eq "front") { $format_price = "$sc_money_symbol $price"; } else { $format_price = "$price $sc_money_symbol"; } return $format_price; } ####################################################################### # get_file_lock # ####################################################################### sub get_file_lock { local ($lock_file) = @_; local ($endtime); $endtime = 20; $endtime = time + $endtime; while (-e $lock_file && time < $endtime) { sleep(1); } open(LOCK_FILE, ">$lock_file") || &CgiDie ("I could not open the lock file"); # flock(LOCK_FILE, 2); # 2 exclusively locks the file } ####################################################################### # release_file_lock # ####################################################################### # &release_file_lock("file.name"); sub release_file_lock { local ($lock_file) = @_; # flock(LOCK_FILE, 8); # 8 unlocks the file close(LOCK_FILE); unlink($lock_file); } ####################################################################### # format_price # ####################################################################### sub format_price { local ($unformatted_price) = @_; local ($formatted_price); $formatted_price = sprintf ("%.2f", $unformatted_price); return $formatted_price; } sub format_text_field { local($value, $width) = @_; $width = 25 if (!$width); # # Very simple. We return the value in # $value plus a string of 25 spaces which # has been truncated by the length of # the $value string. # # This results in a left justified # field of width = 25. # return ($value . (" " x ($width - length($value)))); } # End of format_text_field