#!/usr/bin/perl # shop.cgi # basic online shop # module shop; use CGI; use DBI; require "tech/shopdefs.pl"; require "tech/taxship.pl"; # list cart contents with specified wrapper sub showcart { my ($wrapper, $itemform, $ordern) = @_; my ($wrap, $itemp, $Q, $sth, $rv, $itemhash); my ($item, $quantity, $tmpitem, $list); my ($Q2, $sth2, $rv2, $itemhash2, $price); my ($key, $val); (open WRAPPER, $wrapper) || (print "bad wrapper in showcart, $wrapper"); $wrap = ; close WRAPPER; open ITEM, ($itemform || "listitem.html"); $itemp = ; close ITEM; $Q = "select * from cart where user='$user' and ordern='$ordern'"; #print $Q; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q) ; $subtotal = 0; if ($rv > 0) { #print "getting contents..."; while ($itemhash = $sth->fetchrow_hashref()) { #print "looping..."; $item = $itemhash->{'item'}; #print $item; $tmpitem = $itemp; #print $tmpitem; #$tmpitem =~ s/@@(\w+)@@/$itemhash->{$1}/g; #print $tmpitem; $Q2 = "select * from items where item='$item'"; $sth2 = $dbh->prepare($Q2); ($rv2 = $sth2->execute()) || (print $Q2); $itemhash2 = $sth2->fetchrow_hashref(); # transfer from %itemhash to $itemhash2 foreach $key(keys %$itemhash) { $itemhash2->{$key} = $itemhash->{$key}; } # special case, linetotal $linetotal= $itemhash2->{'quantity'} * $itemhash2->{'price'}; $tmpitem =~ s/##linetotal##/$linetotal/g; #$tmpitem =~ s/##linetotal-(%\d\.\d\w)##/$linetotal/g; $tmpitem =~ s/##linetotal-(%\d\.\d\w)##/sprintf($1,$linetotal)/eg; # special case, blank picture $itemhash2->{'picture'} = $itemhash2->{'picture'} || $blank_image; #print $tmpitem; $tmpitem =~ s/##(\w+)##/$itemhash2->{$1}/g; #$tmpitem =~ s/##(\w+)-(%[\d.]*w)##/$itemhash->{$1}/g; $tmpitem =~ s/##(\w+)-(%[\d.]*w)##/sprintf($2,$itemhash->{$1})/eg; #print $tmpitem; $subtotal += $linetotal; $list .= $tmpitem; } } $list = $list || "Your basket is empty"; $sth->finish(); $wrap =~ s/##list##/$list/g; $wrap; } $cgi = new CGI; $dbh = DBI->connect($datasource, $dbusername, $dbauth) || ((print $cgi->header()),die $!); $user = $cgi->cookie("user") || $cgi->param("user"); # if new user, create user ID based on current time. if ($user == 0) { $user = time(); # record/verify this user ID $Q = "insert into user set user=$q$user$q"; while (($rv = $dbh->do($Q)) == 0) { $user ++; $Q = "insert into user set user=$q$user$q"; } } $ordern = $cgi->param("ordern"); $usercookie = $cgi->cookie(-name=>'user', -value=>$user); print $cgi->header(-cookie=>$usercookie); # read in shopfront page open SHOPFRONT, "shopfront.html"; $/ = ''; # slurp files $shopfront = ; close SHOPFRONT; { my ($ct); # list categories into var to be inserted into selection $Q = "select cat from categories order by cat"; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q); while (($ct) = $sth->fetchrow_array()) { $categories .= "$ct
\n"; } $sth->finish(); } # if a category is named but not an item, list items in that category $cat = $cgi->param('cat'); $item = $cgi->param('item'); if (($cat ne "") && ($item eq '')) { my ($wrap, $itemp, $tmpitem, $list); my ($Q, $sth, $rv, $itemhash); #my ($item, $name, $category, $picture, $descr, $price); open WRAPPER, "list.html"; $wrap = ; close WRAPPER; open ITEM, "listitem.html"; $itemp = ; close ITEM; $Q = "select * from items where cat='$cat' order by name"; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q); while ($itemhash = $sth->fetchrow_hashref()) { $tmpitem = $itemp; $itemhash->{'picture'} = $itemhash->{'picture'} || $blank_image; $tmpitem =~ s/##(\w+)##/$itemhash->{$1}/g; #$tmpitem =~ s/@@(\w+)@@//g; $list .= $tmpitem; } $sth->finish(); $wrap =~ s/##list##/$list/g; $selection = $wrap; } # list items currently in cart $cart = $cgi->param('cart'); $additem = $cgi->param('additem'); $remove = $cgi->param('remove'); $adjust = $cgi->param('adjust;'); if (($cart ne "") && ($selection eq '')) { # adding item to cart if ($additem) { $quantity = $cgi->param('quantity'); $Q = "insert into cart set user='$user', item='$item', quantity='$quantity'"; #print $Q; #debug ($rv = $dbh->do($Q)) || (print $Q); } # removing item if ($remove) { $Q = "delete from cart where user='$user' and item='$item'"; #print $Q; #debug ($rv = $dbh->do($Q)) || (print $Q); } if ($adjust) { $quantity = $cgi->param('quantity'); $Q = "update cart set qauntity='$quantity' where user='$user' and item='$item'"; #print $Q; #debug ($rv = $dbh->do($Q)) || (print $Q); } # print "showing cart..."; $selection = &showcart("cart.html", '', 0); } # if item specified, lookup and display if (($item != 0) && ($selection eq '')) { local ($itemhash); open ITEM, "item.html"; $selection = ; close ITEM; $Q = "select * from items where item='$item'"; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q); if ($rv > 0) { $itemhash = $sth->fetchrow_hashref(); $itemhash->{'picture'} = $itemhash->{'picture'} || $blank_image; $selection =~ s/##(\w+)##/$itemhash->{$1}/g; } $sth->finish(); } # if search entered, list items whose name or description match $search = $cgi->param('search'); if (($search ne "") && ($selection eq '')) { my ($wrap, $itemp, $tmpitem, $list); my ($Q, $sth, $rv); # my ($item, $name, $category, $picture, $descr, $price); open WRAPPER, "list.html"; $wrap = ; close WRAPPER; open ITEM, "listitem.html"; $itemp = ; close ITEM; $Q = "select * from items where cat like '%search%' or name like '%search%'". " or descr like '%search' order by name"; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q); while ($itemhash = $sth->fetchrow_hashref()) { $tmpitem = $itmp; $itemhash->{'picture'} = $itemhash->{'picture'} || $blank_image; $tmpitem =~ s/##(\w+)##/$itemhash->{$1}/g; #$tmpitem =~ s/@@(\w+)@@//g; $list .= $tmpitem; } $sth->finish(); $wrap =~ s/##cat##/Search($search)/g; $wrap =~ s/##list##/$list/g; $selection = $wrap; } # form to get info for checkout $checkout = $cgi->param('checkout'); if (($checkout == 1) && ($selection eq '')) { open CHECKOUT, "checkout1.html"; $selection = ; close CHECKOUT; } # record checkout info, calculate tax/shipping, display for verification $preview = $cgi->param('preview'); if (($preview ne "") && ($selection eq '')) { # record order info # get an order # $ordern = time(); $Q = "insert into orders set ordern='$ordern', user='$user'"; while (($rv = $dbh->do($Q)) == 0) { $ordern ++; $Q = "insert into orders set ordern='$ordern', user='$user'"; } # record the order $Q = "update orders set ("; undef @vals; undef @places; foreach $form($cgi->param) { if ($form =~ /form.(\w)/) { $val = $cgi->param($form); #$Q .= "$1, "; push @vals, $val; push @places, '?'; #$selection =~ s/##$1##/$val/g; $orderdat{$1} = $val; } } $Q .= ") values (". join (', ', @places). ") where ordern='$ordern' and user='$user'"; print "$Q

\n"; # debug # $rv = $dbh->do($Q, @vals); $Q = "update cart set ordern='$ordern' where ordern='0' and user='$user'"; # $rv = $dbh->do($Q); $selection = &showcart("preview.html", '', $ordern); $selection =~ s/##ordern##/$ordern/g; # calculate tax/shipping $state = $cgi->param('form.state'); $sstate = $cgi->param('form.sstate'); &dotax($state); &doship($sstate); &dototal(); $selection =~ s/##(\w+)##/$orderdat{$1}/g; } # make order. if (($checkout == 2) && ($selection eq '')) { open CHECKOUT, "checkout2.html"; $selection = ; close CHECKOUT; # recall order info. $orderform = &showcart("checkout.eml", 'checkoutline.eml', $ordern); $receipt = $orderform; $Q = "select * from orders where ordern='$ordern', user='$user'"; $sth = $dbh->prepare($Q); ($rv = $sth->execute()) || (print $Q); $orderhash = $sth->fetchrow_hashref(); $cardcrypt = $orderhash->{'card'}; $cardcrypt =~ /(\n+)(\n{4})/; ($hashes, $cardcrypt) = ($1, $2); $hashes =~ tr/\n/\*/; $receipt =~ s/##card##/$hashes$cardcrypt/g; $orderform =~ s/##to##/$shop_email/g; $receipt =~ s/##to##/$orderhash->{'email'}/g; $orderform =~ s/##(\w+)##/$orderhash->{$1}/g; $receipt =~ s/##(\w+)##/$orderhash->{$1}/g; $selection =~ s/##(\w+)##/$orderhash->{$1}/g; $sth->finish(); $Q = "update cart set ordern='$ordern' where ordern='0' and user='$user'"; # $rv = $dbh->do($Q); # order status from (p)ending to (c)omplete $Q = "update orders set status eq 'c' where ordern='$ordern' and user='$user'"; # $rv = $dbh->do($Q); &dotax($orderhash->{'state'}); &doship($orderhash->{'sstate'}); &dototal(); $orderform =~ s/##(\w+)##/${$1}/g; $receipt =~ s/##(\w+)##/${$1}/g; open SEND, "|sendmail -t"; print SEND $orderform; close SEND; #open SEND, "|sendmail -t"; #print SEND $receipt; #close SEND; } # show a page selection $page = $cgi->param('page'); if (($selection eq '') && ($page ne '')) { $page =~ /(.[\/])*([\w\.])/; $page = $2; open PAGE, $page; $selection = ; close PAGE; } # default if ($selection eq '') { open DEFAULT, "default.html"; $selection = ; close DEFAULT; } # plug in values $selection =~ s/##(\w+)##/${$1}/g; $shopfront =~ s/##(\w+)##/${$1}/g; print $shopfront; $dbh->disconnect();