#!/usr/bin/perl ####################################################### #thatsanorder_LE 1.0 # #by Command-O Software #http://www.command-o.com # #Programmer: Kendall Comey, kendall@command-o.com # #Copyright, 1999, All Rights Reserved # #By using this script Licensee agrees to all terms of the License #Agreement. # ####################################################### # Client Customization Variables $root="/home/virtual/crystalfanaticsclub.com/var/www/html"; require 'cgi-lib.pl'; ############################################################ # CHANGING ANYTHING BELOW THIS LINE WITHOUT THE EXPRESS PERMISSION # OF COMMAND-O SOFTWARE IS A VIOLATION OF THE LICENSE AGREEMENT ############################################################ #Turn off Perl buffering $| = 1; &ReadParse(*input); open (GROUP, ".user"); $username = ; close (GROUP); $server = "$ENV{'SERVER_NAME'}"; $script_secure = "/cgi-bin/thatsanorder_LE"; $server =~ s/^www\.//; $header = "$root/thatsanorder/header.html"; $footer = "$root/thatsanorder/footer.html"; $setup = "$root/thatsanorder/thatsanorder_LE.setup"; $email_txt = "$root/thatsanorder/cust_email.txt"; $script = "$ENV{'SCRIPT_NAME'}"; $dir_path = "$root/thatsanorder"; $db = "$root/thatsanorder/secure/prod.db"; $mailprog = '/usr/sbin/sendmail -t'; $email_db = "$root/thatsanorder/secure/email.db"; $master = "$root/thatsanorder/secure/master.db"; $order_number = "$root/thatsanorder/secure/order_num.SAVE"; $date_command = "/bin/date"; $date = `$date_command +"%D"`; ################################################################### unless (-e "$setup") { print &PrintHeader; &error("You must first set up That's An Order LE before you can open shop."); } if ($ENV{'QUERY_STRING'} =~ /^checkout/) { ($trash, $input{'userid'}, $input{'state'}, $input{'ship_method'}) = split(/\|/,$ENV{'QUERY_STRING'}); $secure = 1; print &PrintHeader; &SECURE_CHECKOUT; exit; } if ($input{'action'} ne "") { $action = $input{'action'}; $action =~ s/\s+/_/g; unless ($action eq "SECURE_CHECKOUT") { print &PrintHeader; } &$action; exit; } else { print &PrintHeader; &show_products; exit; } ############################################################ sub PLACE_SECURE_ORDER { $secure = 1; &check_order_info; &get_order_num; &email_customer_receipt; &email_admin_order; &write_master_file; &write_emails; &thank_you; &delete_cart; exit; } ############################################################ sub PLACE_ORDER { &check_order_info; &get_order_num; &email_customer_receipt; &email_admin_order; &write_master_file; &write_emails; &thank_you; &delete_cart; exit; } ############################################################ sub SECURE_CHECKOUT { unless ($secure == 1) { $script_secure = &get_ssl_url; if ($input{'state'} eq "Choose State") { print &PrintHeader; &error("Please choose a state for your order to be shipped to."); } if ($input{'ship_method'} eq "Choose Ship Method") { print &PrintHeader; &error("Please choose the shipping method you prefer for your order."); } &UPDATE_ORDER; print "Location: $script_secure?checkout|$input{'userid'}|$input{'state'}|$input{'ship_method'}\n\n"; } &get_order; &print_order; &checkout_form; #&footer; } ############################################################ sub REGULAR_CHECKOUT { if ($input{'state'} eq "Choose State") { &error("Please choose a state for your order to be shipped to."); } if ($input{'ship_method'} eq "Choose Ship Method") { &error("Please choose the shipping method you prefer for your order."); } &UPDATE_ORDER; &get_order; &print_order; &checkout_form; #&footer; } ############################################################ sub header { if ($secure != 1) { open (FILE, "$header") || die "Can't open $header"; flock(FILE, 2); while () { print "$_"; } flock(FILE, 8); close (FILE); } else { open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while () { if (/^USERNAME/) { ($trash, $username) = split(/\|/, $_); chomp($username); last; } } flock(FILE, 8); close (FILE); open (FILE, "$header") || die "Can't open $header"; flock(FILE, 2); while () { if (/img src/) { s/img src\s*=\s*"\/(.+?)"/img src = "\/$username\/$1"/; print "$_"; } else { print "$_"; } } flock(FILE, 8); close (FILE); } } ############################################################ sub footer { if ($secure != 1) { print <

EOT } else { print <

EOT } if ($secure != 1) { open (FILE, "$footer") || die "Can't open $footer"; flock(FILE, 2); while () { print "$_"; } flock(FILE, 8); close (FILE); } else { open (FILE, "$footer") || die "Can't open $footer"; flock(FILE, 2); while () { if (/img src/) { s/img src\s*=\s*"\/(.+?)"/img src = "\/$username\/$1"/; print "$_"; } else { print "$_"; } } flock(FILE, 8); close (FILE); } } ############################################################ sub show_products { open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while () { if (/^IMAGES/) { if (/yes/) { $images = 1; } } if (/^SIZES/) { if (/yes/) { $sizes = 1; } } if (/^COLORS/) { if (/yes/) { $colors = 1; } } if (/^DESC/) { if (/yes/) { $desc = 1; } } } flock(FILE, 8); close (FILE); open (FILE, "$db") || die "Can't open $db"; flock(FILE, 2); @prods = ; flock(FILE, 8); close (FILE); @prods = splice(@prods,0,25); $start = "1"; $end = @prods; $loop_start = $start - 1; &header; print < Displaying products $start-$end of $end
To order enter the desired quantity in the Qty. box and press the 'Order' button at the bottom of the page.

EOT print "

"; for ($i=$loop_start; $i<$end; $i++) { @fields = split(/\|/, $prods[$i]); if ($images == 1 && $fields[3] ne "http://pictures.axxs.net/thatsanorder/images/") { print ""; } else { print ""; } print "\n"; print "\n"; } print "
$fields[0] \$$fields[1]"; if ($desc == 1) { print "
$fields[2]

"; } else { print "

"; } print "Qty. "; if ($sizes == 1) { @sizes = split(/\:\:/, $fields[4]); @sizes = grep(/\w+/, @sizes); unless (scalar(@sizes) < 1) { print " "; } } if ($colors == 1) { chomp($fields[5]); @colors = split(/\:\:/, $fields[5]); @colors = grep(/\w+/, @colors); unless (scalar(@colors) < 1) { print ""; } } print "

"; print ""; print "

"; #&footer; } ############################################################ sub BACK_TO_PRODUCTS { &show_products; exit; } ############################################################ sub Order { if ($input{'userid'} eq "") { &create_userid; } &write_order; &get_order; &print_cart; } ############################################################ sub get_admin { open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while () { if (/^EMAIL/) { chomp ($_); ($trash, $email) = split(/\|/, $_); last; } } flock(FILE, 8); close (FILE); $admin = "$email"; } ############################################################ sub check_order { unless (-e "$root/thatsanorder/secure/orders") { $new_dir = "$root/thatsanorder/secure/orders"; mkdir ($new_dir, 0777) || die "Can't make directory"; } $order = "$root/thatsanorder/secure/orders/order"; } ############################################################ sub get_ssl_url { open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while () { if (/^MACHINE/) { chomp ($_); ($trash, $machine) = split(/\|/, $_); } if (/^USERNAME/) { chomp ($_); ($trash, $username) = split(/\|/, $_); } } flock(FILE, 8); close (FILE); $script_secure = "https://$machine.safe-order.net/cgi-$username/thatsanorder_LE"; } ############################################################ sub write_emails { if ($input{'email'} ne "") { if (-e $email_db) { open (DB, "$email_db"); flock(DB, 2); while () { if (/^$input{'email'}/) { $dup = 1; last; } } flock(DB, 8); close (DB); } if ($dup != 1) { open (DB, ">>$email_db"); flock(DB, 2); print DB "$input{'email'}\n"; flock(DB, 8); close (DB); } } } ############################################################ sub write_master_file { $date =~ s/(\d\d)\/(\d\d)\/(\d\d)/$3$1$2/; chomp($date); $input{'day_phone'} =~ s/\D//g; $input{'night_phone'} =~ s/\D//g; open (FILE, ">>$master"); flock(FILE, 2); print FILE "$order_num\|$input{'title'} $input{'first_name'} $input{'last_name'}\|$input{'company'}\|$input{'address1'}\|$input{'address2'}\|$input{'city'}\|$input{'state'}\|$input{'zip'}\|$input{'country'}\|$input{'day_phone'}\|$input{'day_exten'}\|$input{'night_phone'}\|$input{'night_exten'}\|$input{'fax'}\|$input{'email'}\|"; for ($i=0; $i<@order; $i++) { @fields = split(/\|/, $order[$i]); print FILE "$fields[0]::$fields[1],"; } $exp_date = "$input{'Expmonth'}" . "/" . "$input{'Expyear'}"; print FILE "\|$date\|"; print FILE "$input{'card_type'}\|$exp_date\|$subtotal\|$input{'tax'}\|$input{'ship_cost'}\|$total\|$input{'ship_method'}\n"; flock(FILE, 8); close (FILE); } ############################################################ sub get_order_num { if (-e $order_number) { open (FILE, "$order_number"); flock(FILE, 2); $order_num = ; flock(FILE, 8); close (FILE); } else { $order_num = "10000"; } $new_order_num = $order_num; $new_order_num++; open (FILE, ">$order_number"); flock(FILE, 2); print FILE "$new_order_num"; flock(FILE, 8); close (FILE); } ############################################################ sub shipping { $input{'ship_method'} =~ s/_/ /g; open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while() { $line = "$_"; chomp($line); if ($line =~ /SHIPRATE/) { @fields = split(/\|/, $line); if ($fields[1] eq "item") { if ($fields[2] eq $input{'ship_method'}) { $shipping = "$fields[3]"; $type_ship = 1; last; } } elsif ($fields[1] eq "percent") { if ($fields[2] eq $input{'ship_method'}) { $shipping = "$fields[3]"; $type_ship = 2; last; } } else { if ($fields[2] eq $input{'ship_method'}) { if ($fields[3] >= $input{'subtotal'} && $fields[4] <= $input{'subtotal'}) { $shipping = "$fields[5]"; $type_ship = 3; last; } } } } } flock(FILE, 8); close (FILE); } ############################################################ sub check_order_info { @REQUIRED = ("first_name","last_name","address1","city","zip","email","day_phone","card_no","name_on_card"); # Remove any fields that you do not want to make required %REQUIRED = ("first_name","First Name", "last_name","Last Name","address1","Address","city","City","zip","Zip Code","email","Email Address","day_phone","Daytime Phone","card_no","Credit Card Number","name_on_card","Name on Card"); foreach $require(@REQUIRED) { while (($key, $value) = each %input) { if ($key eq $require && $value eq "") { $incomplete = 1; push (@incomplete, "$require"); } } } if ($incomplete == 1) { &incomplete_form; } unless ($input{'email'} =~ /^(\w|\.|-)+@(\w|\.|-)+\.(\w|\.|-)+$/) { $error_message = "Invalid email address."; push (@errors, "email|$error_message"); } $day_phone = $input{'day_phone'}; $day_phone =~ s/\D//g; if (length($day_phone) < 10) { $error_message = "Invalid phone number. Please include your area code."; push (@errors, "day_phone|$error_message"); } &check_expiration_date; &validate_credit_card; if (scalar(@errors) >0) { &error_form; } } ############################################################ sub incomplete_form { if ($secure == 1) { #$script_secure = &get_ssl_url; $script = $script_secure; } &header; print <

Warning - Incomplete Form

Your order has not yet been processed. The following information is required.
Please complete the form and press the $type button at the bottom of the page. EOT print "
"; print ""; foreach $order_key(@incomplete) { print "\n"; } while (($key, $value) = each %input) { $no_answer = 0; foreach $order_key(@incomplete) { if ($key eq $order_key) { $no_answer = 1; last; } } if ($no_answer != 1) { print "\n"; } } print "
$REQUIRED{$order_key}:
"; if ($secure == 1) { print ""; } else { print ""; } print "

"; #&footer; exit; } ############################################################ sub error_form { if ($secure == 1) { #$script_secure = &get_ssl_url; $script = $script_secure; } &header; print <

Warning - Error on Form

Your order has not yet been processed. The following information is invalid. EOT print ""; print ""; while (($key, $value) = each %input) { $no_answer = 0; foreach $error(@errors) { ($error_key, $message) = split(/\|/, $error); if ($error_key eq $key) { print "\n"; if ($error_key eq "Expmonth") { print ""; $no_answer = 1; } else { print "\n"; $no_answer = 1; } } } if ($no_answer != 1) { unless ($key eq "Expyear" && $card_expire == 1) { print "\n"; } } } print "
$message
Expiration Date:
$REQUIRED{$key}:
"; if ($secure == 1) { print ""; } else { print ""; } print "

"; #&footer; exit; } ############################################################ sub delete_cart { while ($filename = <$dir_path/secure/orders/order.*>) { open (ORDERSLIST, $filename); if (-M $filename > .5) { unlink $filename; } } } ############################################################ sub thank_you { &header; print <

Thank You

Thank you for ordering from $storename. We appreciate your business.
You will receive an order confirmation via email.

EOT #&footer; } ############################################################ sub email_admin_order { $admin = &get_admin; open (MAIL, "|$mailprog") || die "Can't open $mailprog!\n"; print MAIL "From: $input{'email'}\n"; print MAIL "To: $admin\n"; print MAIL "Subject: Online Order from $storename\n"; print MAIL "Order Number: $order_num\n\n"; print MAIL "$input{'title'} $input{'first_name'} $input{'last_name'}\n"; if ($input{'company'} ne "") { print MAIL "$input{'company'}\n"; } print MAIL "$input{'address1'}\n"; if ($input{'address2'} ne "") { print MAIL "$input{'address2'}\n"; } print MAIL "$input{'city'}, $input{'state'} $input{'zip'} $input{'country'}\n"; print MAIL "Daytime Phone: $input{'day_phone'} "; if ($input{'day_exten'} ne "") { print MAIL "Ext. $input{'day_exten'} "; } if ($input{'night_phone'} ne "") { print MAIL "Evening Phone: $input{'night_phone'} "; if ($input{'night_exten'} ne "") { print MAIL "Ext. $input{'night_exten'} "; } } print MAIL "\n"; if ($input{'fax'} ne "") { print MAIL "Fax: $input{'fax'}\n"; } print MAIL "Email: $input{'email'}\n\n"; $input{'card_no'} =~ s/\D//g; $input{'card_no'} =~ /(\d\d\d\d)(\d\d\d\d)(\d\d\d\d)(\d+)/; $cc_num = "$1 $2 $3 $4"; print MAIL "$input{'card_type'} $cc_num $input{'Expmonth'}/$input{'Expyear'}\n"; print MAIL "Name on card: $input{'name_on_card'}\n\n"; $a = "=" x 75; print MAIL "$a\n"; print MAIL "Items Ordered:\n"; $subtotal = 0; for ($i=0; $i<@order; $i++) { @fields = split(/\|/, $order[$i]); $fields[4] =~ s/,//g; $prod_total = ($fields[0] * $fields[4]); $prod_line = "$fields[0] $fields[1] "; if ($fields[2] ne "" && $fields[3] eq "") { $prod_line .= "($fields[2])"; } if ($fields[3] ne "" && $fields[2] eq "") { $prod_line .= "($fields[3])"; } if ($fields[2] ne "" && $fields[3] ne "") { $prod_line .= "($fields[2], $fields[3])"; } print MAIL "$prod_line" . ' ' x (50 - length($prod_line)); printf MAIL "%.2f", $prod_total; print MAIL "\n"; $subtotal += $prod_total; } print MAIL "$a\n"; $total = $subtotal + $input{'tax'} + $input{'ship_cost'}; select (MAIL); $~ = "SUB"; write; select (STDOUT); select (MAIL); $~ = "SHIP"; write; select (STDOUT); select (MAIL); $~ = "TAX"; write; select (STDOUT); select (MAIL); $~ = "TOTAL"; write; select (STDOUT); print MAIL "Ship via $input{'ship_method'}\n"; print MAIL "$a\n\n"; print MAIL "Where did you hear about our site?\n"; print MAIL "$input{'source'}\n\n"; print MAIL "Special Requests:\n"; print MAIL "$input{'suggest'}\n"; close (MAIL); } ############################################################ sub email_customer_receipt { $admin = &get_admin; open (FILE, "$setup") || die "Can't open $setup"; flock(FILE, 2); while () { if (/STORENAME/) { chomp($_); ($trash, $storename) = split(/\|/, $_); last; } } flock(FILE, 8); close (FILE); $input{'day_phone'} =~ s/\D//g; $input{'night_phone'} =~ s/\D//g; $input{'day_phone'} =~ s/^(\d\d\d)(\d\d\d)(\d+)$/$1\-$2\-$3/; $input{'night_phone'} =~ s/^(\d\d\d)(\d\d\d)(\d+)$/$1\-$2\-$3/; open (MAIL, "|$mailprog") || die "Can't open $mailprog!\n"; print MAIL "Reply-to: $admin\n"; print MAIL "From: $admin\n"; print MAIL "To: $input{'email'}\n"; print MAIL "Subject: Confirmation of Online Order from $storename\n"; if (-e $email_txt) { open (FILE, "$email_txt") || die "Can't open $email_txt"; flock(FILE, 2); while () { print MAIL "$_"; } } flock(FILE, 8); close (FILE); print MAIL "\n\n"; print MAIL "Order Number: $order_num\n\n"; print MAIL "$input{'title'} $input{'first_name'} $input{'last_name'}\n"; if ($input{'company'} ne "") { print MAIL "$input{'company'}\n"; } print MAIL "$input{'address1'}\n"; if ($input{'address2'} ne "") { print MAIL "$input{'address2'}\n"; } print MAIL "$input{'city'}, $input{'state'} $input{'zip'} $input{'country'}\n"; print MAIL "Daytime Phone: $input{'day_phone'} "; if ($input{'day_exten'} ne "") { print MAIL "Ext. $input{'day_exten'} "; } if ($input{'night_phone'} ne "") { print MAIL "Evening Phone: $input{'night_phone'} "; if ($input{'night_exten'} ne "") { print MAIL "Ext. $input{'night_exten'} "; } } print MAIL "\n"; if ($input{'fax'} ne "") { print MAIL "Fax: $input{'fax'}\n"; } print MAIL "Email: $input{'email'}\n\n"; &get_order; $a = "=" x 75; print MAIL "$a\n"; print MAIL "Items Ordered:\n"; for ($i=0; $i<@order; $i++) { @fields = split(/\|/, $order[$i]); $fields[4] =~ s/,//g; $prod_total = ($fields[0] * $fields[4]); $prod_line = "$fields[0] $fields[1] "; if ($fields[2] ne "" && $fields[3] eq "") { $prod_line .= "($fields[2])"; } if ($fields[3] ne "" && $fields[2] eq "") { $prod_line .= "($fields[3])"; } if ($fields[2] ne "" && $fields[3] ne "") { $prod_line .= "($fields[2], $fields[3])"; } print MAIL "$prod_line" . ' ' x (50 - length($prod_line)); printf MAIL "%.2f", $prod_total; print MAIL "\n"; $subtotal += $prod_total; } print MAIL "$a\n"; $total = $subtotal + $input{'tax'} + $input{'ship_cost'}; select (MAIL); $~ = "SUB"; write; select (STDOUT); select (MAIL); $~ = "SHIP"; write; select (STDOUT); select (MAIL); $~ = "TAX"; write; select (STDOUT); select (MAIL); $~ = "TOTAL"; write; select (STDOUT); print MAIL "$a\n\n"; print MAIL "Thank you for your order. We appreciate your business!"; close (MAIL); } format SHIP = Shipping @###############.## $input{'ship_cost'} . format TAX = Tax @###############.## $input{'tax'} . format SUB = Subtotal @###############.## $subtotal . format TOTAL = Total @###############.## $total . ############################################################ sub checkout_form { if ($secure == 1) { $extra = "SECURE"; } print <Enter your shipping and payment information below, then press 'PLACE $extra ORDER' button. * Required information.
Shipping Address:
Title :
First Name *:
Last Name *:
Company:
Address *:
Address:
City *:
State : $input{'state'}
Zip Code *:
Email Address *:
Daytime Phone *: Extension:
Nighttime Phone: Extension:
Fax:
Credit Card Information:
Card Type:
Credit Card #:
Name on card:
Expiration Date:
Where did you hear about our site:

Special Requests:

EOT } ############################################################ sub create_userid { srand (time|$$); $userid = int (rand(100000)); $userid .= "$$"; $input{'userid'} = $userid; } ############################################################ sub write_order { $order = &check_order; while (($key, $value) = each %input) { if ($key =~ /quan\|(.+)/ && $value ne "") { push (@products, "$value\|$1"); } } while (($key, $value) = each %input) { if ($key =~ /(color)\|(.+)/) { $item{$2}{$1} = "$value"; } if ($key =~ /(size)\|(.+)/) { $item{$2}{$1} = "$value"; } } foreach $products(@products) { ($quan, $prodname) = split(/\|/, $products); if ($item{$prodname}{'size'} eq "Select size") { &error("Please select a size for the product '$prodname'"); } if ($item{$prodname}{'color'} eq "Select color") { &error("Please select a color for the product '$prodname'"); } } if (-e "$order.$input{'userid'}") { foreach $products(@products) { ($quan, $prodname) = split(/\|/, $products); open (ORDER, "$order.$input{'userid'}") || print "Can't open"; flock(ORDER, 2); while () { ($quantity, $prod_name, $prod_color, $prod_size) = split(/\|/, $_); chomp($prod_size); if ($prod_name eq $prodname && $item{$prodname}{'size'} eq $prod_size && $item{$prodname}{'color'} eq $prod_color) { $line = $_; last; } } flock(ORDER, 8); close (ORDER); if ($line ne "") { open (ORDER, "$order.$input{'userid'}"); flock(ORDER, 2); @lines = ; flock(ORDER, 8); close (ORDER); open (ORDER, ">$order.$input{'userid'}"); flock(ORDER, 2); foreach $lines(@lines) { unless ($line eq $lines) { print ORDER "$lines"; } } flock(ORDER, 8); close (ORDER); open (ORDER, ">>$order.$input{'userid'}"); flock(ORDER, 2); ($quantity, $trash) = split(/\|/, $line); $new_quan = $quan + $quantity; print ORDER "$new_quan\|$prodname\|$item{$prodname}{'color'}\|$item{$prodname}{'size'}\n"; flock(ORDER, 8); close (ORDER); } else { open (ORDER, ">>$order.$input{'userid'}"); flock(ORDER, 2); print ORDER "$quan\|$prodname\|$item{$prodname}{'color'}\|$item{$prodname}{'size'}\n"; flock(ORDER, 8); close (ORDER); } } } else { open (ORDER, ">>$order.$input{'userid'}"); flock(ORDER, 2); foreach $products(@products) { ($quan, $prodname) = split(/\|/, $products); print ORDER "$quan\|$prodname\|$item{$prodname}{'color'}\|$item{$prodname}{'size'}\n"; } flock(ORDER, 8); close (ORDER); } } ############################################################ sub UPDATE_ORDER { $order = &check_order; open (ORDER, "$order.$input{'userid'}") || die ("I am sorry, but I was unable to open the file."); flock(ORDER, 2); @old_order = ; flock(ORDER, 8); close (ORDER); while (($key, $value) = each %input) { if ($key =~ /(quan)\|(\d+)/) { $lines{$2}{$1} = $value; } } open (FILE, ">$order.$input{'userid'}"); flock(FILE, 2); for ($i=0; $i<@old_order; $i++) { @fields = split(/\|/, $old_order[$i]); unless ($lines{$i}{'quan'} eq "0" || $lines{$i}{'quan'} eq "") { $fields[0] = $lines{$i}{'quan'}; $new_line = join('|', @fields); print FILE "$new_line"; } } flock(FILE, 8); close (FILE); unless ($action eq "SECURE_CHECKOUT" || $action eq "REGULAR_CHECKOUT") { &get_order; &print_cart; } } ############################################################ sub get_state { print <