#!/usr/bin/perl ############################################################################## require "/home/sites/site1/users/configstore/smodels/config.pl"; use Socket; use DBI; $dbh = DBI->connect("DBI:mysql:host=localhost;database=$dbname", "$dbuser","$dbpass", {PrintError => 0, RaiseError => 1}); ########################################################### ### program start if (!(-e "setdb.lock")){ print "Content-type: text/html\n\n"; print "The database has not been configured."; exit(0); } # get input if any &get_data; # check to see if user has established ID. If not, establish one if ($FORM{'uid'} eq "") { # get the cookie @cookievalues=split(/;/,$ENV{'HTTP_COOKIE'}); foreach $value (@cookievalues) { if ($value=~/storecustomer=/) { @cookie=split(/=/,$value); $FORM{'uid'}=$cookie[1]; chomp($FORM{'uid'}); } } $customer_id=$FORM{'uid'}; # no cookie data? Establish one if ($FORM{'uid'} eq "") { $FORM{'uid'}=&key_counter; print "Set-Cookie: storecustomer=$FORM{'uid'}; path=/; expires=Tue, 04-Oct-2061 12:00:00 GMT;\n"; } } # Log in if ($FORM{'login'} eq "yes") { $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT name,password FROM $name WHERE email="$FORM{'email'}"}); $sth->execute(); my @field=$sth->fetchrow_array(); if ($FORM{'password'} eq $field[1]){ print "Set-Cookie: email=$field[0]; path=/; expires=Tue, 04-Oct-2061 12:00:00 GMT;\n"; print "Set-Cookie: password=$FORM{'password'}; path=/; expires=Tue, 04-Oct-2061 12:00:00 GMT;\n"; } else { $FORM{'login'}="no"; } } # no affiliate cookie data? Establish one if ($FORM{'affiliate_id'} ne "") { print "Set-Cookie: affiliate_id=$FORM{'affiliate_id'}; path=/;\n"; print "Set-Cookie: direct_sku=$FORM{'direct_sku'}; path=/;\n"; $name=$dbprefix; $name.="affiliate"; $sth=$dbh->prepare(qq{SELECT click_counter FROM $name WHERE affiliate_id="$FORM{'affiliate_id'}"}); $sth->execute(); $counter=$sth->fetchrow_array(); $counter++; $dbh->do(qq{UPDATE $name SET click_counter="$counter" WHERE affiliate_id="$FORM{'affiliate_id'}"}); } if ($FORM{'logout'} eq 'yes'){ print "Set-Cookie: email=1; path=/; expires=Wed, 25-Sep-2002 12:00:00 GMT;\n"; print "Set-Cookie: password=1; path=/; expires=Wed, 25-Sep-2002 12:00:00 GMT;\n"; $FORM{'action'}=""; } # done shopping? No more cart if ($FORM{'action'} eq "purchase") { print "Set-Cookie: storecustomer=$FORM{'uid'}; path=/; expires=Tue, 01-Jan-1980 12:00:00 GMT;\n"; } # send content header right away print "Content-type: text/html\n\n"; $top_page=top_page($template_file); $middle_page=middle_page($template_file); $bottom_page=bottom_page($template_file); if ($FORM{'login_id'} eq ''){ my ($email, $password); @cookievalues=split(/;/,$ENV{'HTTP_COOKIE'}); foreach $value (@cookievalues) { if ($value=~/email=/) { @cookie=split(/=/,$value); $email=$cookie[1]; chomp($email); } if ($value=~/password=/) { @cookie=split(/=/,$value); $password=$cookie[1]; chomp($password); } } $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT customer_id FROM $name WHERE name="$email" AND password="$password"}); $sth->execute(); $FORM{'login_id'}=$sth->fetchrow_array(); } $menu=&menu; ## If no action is specified, show opening page if ($FORM{'action'} eq "") { open(HOME,"frontpage.html") or @front_page=""; @front_page=; close(HOME); print qq| $top_page $menu $middle_page @front_page $bottom_page |; } if ($FORM{'action'} eq "order") { open(HOME,"order.html") or $front_page=""; $front_page=; close(HOME); print qq| $top_page $menu $middle_page $front_page $bottom_page |; } ## if action is login display form if ($FORM{'action'} eq "login" or $FORM{'login'} eq 'no') { if ($FORM{'login'} eq ''){ print qq| $top_page $menu $middle_page

Customer Login

E-mail:
Password:
$font Not registered yet? $bottom_page |; } elsif ($FORM{'login'} eq 'yes') { $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT name FROM $name WHERE email="$FORM{'email'}"}); $sth->execute(); $welcome=$sth->fetchrow_array(); print qq| $top_page $menu $middle_page $welcome, you have successfully logged in. Continue Shopping. $bottom_page |; } elsif ($FORM{'login'} eq 'no') { print qq| $top_page $menu $middle_page Your username or password is incorrect. Please hit the back button on your browser to try again. $bottom_page |; } } ## if action is search display search results if ($FORM{'action'} eq "search") { $name=$dbprefix; $name.="products"; $sth = $dbh->prepare(qq{SELECT sku, brand_name, product_name, short_desc, long_desc, category, price, shipping, image, thumbnail, choice1_name, choice1_option1, choice1_price1, choice1_option2, choice1_price2, choice1_option3, choice1_price3, choice1_option4, choice1_price4, choice1_option5, choice1_price5, choice1_option6, choice1_price6, choice1_option7, choice1_price7, choice1_option8, choice1_price8, choice1_option9, choice1_price9, choice1_option10, choice1_price10, choice2_name, choice2_option1, choice2_price1, choice2_option2, choice2_price2, choice2_option3, choice2_price3, choice2_option4, choice2_price4, choice2_option5, choice2_price5, choice2_option6, choice2_price6, choice2_option7, choice2_price7, choice2_option8, choice2_price8, choice2_option9, choice2_price9, choice2_option10, choice2_price10, choice3_name, choice3_option1, choice3_price1, choice3_option2, choice3_price2, choice3_option3, choice3_price3, choice3_option4, choice3_price4, choice3_option5, choice3_price5, choice3_option6, choice3_price6, choice3_option7, choice3_price7, choice3_option8, choice3_price8, choice3_option9, choice3_price9, choice3_option10, choice3_price10, amount_per_case FROM $name}); $sth->execute(); while (@field=$sth->fetchrow_array ()){ if ($FORM{'keyword'} ne "") { $FORM{'keyword'}=lc($FORM{'keyword'}); if (lc($field[1]) =~ /$FORM{'keyword'}/ or lc($field[2]) =~ /$FORM{'keyword'}/ or lc($field[3]) =~ /$FORM{'keyword'}/ or lc($field[4]) =~ /$FORM{'keyword'}/) { $results[$z]=&short_display; $z++; if ($z==1) {$first_sku=$field[0];} } } if ($FORM{'category'} ne "") { @category=split(/\//,$field[5]); foreach $key (@category){ if (lc($key) eq lc($FORM{'category'}) and lc($key) ne lc($field[5])) { $results[$z]=&short_display; $z++; if ($z==1) {$first_sku=$field[0];} } } if (lc($FORM{'category'}) eq lc($field[5])){ $results[$z]=&short_display; $z++; if ($z==1) {$first_sku=$field[0];} } } if ($FORM{'listall'} ne "") { $results[$z]=&short_display; $z++; if ($z==1) {$first_sku=$field[0];} } } # end of while loop $z=""; if ($FORM{'category'} ne "") { $results_title="$title_front $FORM{'category'} $title_back "; } else { $results_title="$title_front Search Results $title_back "; } $array_length=@results; # if there is only one result, display the link, otherwise display the thumbnail page if ($array_length==1) { $FORM{'sku'}="$first_sku"; $FORM{'action'}="link"; } else { $FORM{'keyword'}=~s/ /+/g; $FORM{'category'}=~s/ /+/g; $FORM{'skucategory'}=~s/ /+/g; if ($FORM{'startlist'} eq "") {$FORM{'startlist'}=0;} $items_per_page=$display_rows * $display_columns; $next_page_start=$FORM{'startlist'}+$items_per_page; $prev_page_start=$FORM{'startlist'}-$items_per_page; if ($prev_page_start >= 0) { $previous=qq|<- Previous Page |; } if ($next_page_start < $array_length) { $next=qq|Next Page -> |; } $number_displayed=$array_length-$FORM{'startlist'}; if ($number_displayed > $items_per_page) {$number_displayed=$items_per_page;} print qq| $top_page $menu $middle_page $results_title Displaying $number_displayed of $array_length
$font $previous$font $next
|; $y=$FORM{'startlist'}; for($x=0;$x<$display_rows;$x++) { print ""; for($z=0;$z<$display_columns;$z++) { print "$results[$y]"; $y++; } print ""; } print qq|
$font $previous$font $next
$statgraphic $bottom_page|; } # end of else } ## if action is link display selected page if ($FORM{'action'} eq "link") { @field=&get_sku($FORM{'sku'}); print qq| $top_page $menu $middle_page |; if ($field[9] ne "") {$photo=qq| |;} print qq|$photo $font

$field[1] $field[2]

$field[4]

\$$field[6]

SKU\#: $field[0]
|; if ($field[10] ne "") { print qq| "; } if ($field[31] ne "") { print qq| "; } if ($field[52] ne "") { print qq| "; } # if ($field[73] ne ""){ # print qq|
$font $field[10]:  
$font $field[31]:  
$font $field[52]:  
$font $field[73] items per case.
Minimal ordering quantity is 1 case
Quantity of cases:  
|; # } else { print qq| $font Quantity:  |; # } print qq|

Back View Your Shopping Cart $bottom_page |; # } ## if action is add_to_cart get that taken care of if ($FORM{'action'} eq "add_to_cart") { @field=&get_sku($FORM{'sku'}); if ($FORM{'quantity'} eq 0){ print "$top_page $menu $middle_page You have to enter a valid quantity. $bottom_page"; } else { if($field[10] ne "") { $option[0]=" $FORM{$field[10]}"; for($x=11;$x<31;$x=$x+2){ if ($field[$x] eq $FORM{$field[10]}) {$field[6]=$field[6]+$field[$x+1];} } } if($field[31] ne "") { $option[1]=" $FORM{$field[31]}"; for($x=32;$x<52;$x=$x+2){ if ($field[$x] eq $FORM{$field[31]}) {$field[6]=$field[6]+$field[$x+1];} } } if($field[52] ne "") { $option[2]=" $FORM{$field[52]}"; for($x=53;$x<73;$x=$x+2){ if ($field[$x] eq $FORM{$field[52]}) {$field[6]=$field[6]+$field[$x+1];} } } # if ($field[73] ne "") { $FORM{'quantity'}=$FORM{'quantity'}*$field[73]; } @months = ('Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec'); @date=gmtime(time); $date=$months[$date[4]]; $date.="-"; $date.=$date[5]+1900; $name=$dbprefix; $name.="cart"; &get_affiliate_id; if($FORM{'direct_sku'} eq $field[0]){ $sales_type='direct'; } else { $sales_type='indirect'; } $dbh->do(qq{INSERT INTO $name (cart_id, status, sku, brand_name, product_name, option1, option2, option3, price, quantity, affiliate_id, commission_type, date, paid) VALUES("$FORM{'uid'}", "open", "$field[0]", "$field[1]", "$field[2]", "$option[0]", "$option[1]", "$option[2]", "$field[6]", "$FORM{'quantity'}", "$FORM{'affiliate_id'}", "$sales_type", "$date", "not yet paid")}); @summary=&get_cart($FORM{'uid'}); print qq | $top_page $menu $middle_page $title_front Shopping Cart $title_back Below is a summary of what you have placed in your shopping cart so far.

$summary[0]
$font Total:   $font \$$summary[1]
$bottom_page |; } } ## if action is clear cart then do it if ($FORM{'action'} eq "clear_cart") { $name=$dbprefix; $name.="cart"; $dbh->do(qq{DELETE FROM $name WHERE cart_id="$FORM{'uid'}" AND status="open"}); print qq| $top_page $menu $middle_page $title_front Shopping Cart Emptied $title_back Your shopping cart has been emptied. Continue shopping. $bottom_page |; } ## view the cart if ($FORM{'action'} eq "view_cart") { if ($FORM{'chq'} eq 'yes'){ $name=$dbprefix; $name.="cart"; if ($FORM{'quantity'} ne ''){ $dbh->do(qq{UPDATE $name SET quantity="$FORM{'quantity'}" WHERE sku="$FORM{'sku'}" AND cart_id="$FORM{'uid'}" LIMIT 1}); } } if ($FORM{'rmi'} eq 'yes'){ $name=$dbprefix; $name.="cart"; if ($FORM{'quantity'} ne ''){ $dbh->do(qq{DELETE FROM $name WHERE sku="$FORM{'sku'}" AND cart_id="$FORM{'uid'}" AND quantity="$FORM{'quantity'}" LIMIT 1}); } } @summary=&get_cart($FORM{'uid'}); if ($summary[2]==1) { print qq| $top_page $menu $middle_page $title_front Shopping Cart Empty $title_back Your shopping cart does not currently have any items in it. Continue shopping. $bottom_page |; } else { print qq | $top_page $menu $middle_page $title_front Shopping Cart $title_back Below is a summary of what you have placed in your shopping cart so far.

$summary[0]
$font Total:   $font \$$summary[1]
$bottom_page |; # Fuckity Fuck } } ########################################################## ## Check Out if ($FORM{'action'} eq "finalize") { $sth = $dbh->prepare(qq{SELECT method_1, method_1_low_1, method_1_high_1, method_1_rate_1, method_1_low_2, method_1_high_2, method_1_rate_2, method_1_low_3, method_1_high_3, method_1_rate_3, method_1_low_4, method_1_high_4, method_1_rate_4, method_1_low_5, method_1_high_5, method_1_rate_5, method_2, method_2_low_1, method_2_high_1, method_2_rate_1, method_2_low_2, method_2_high_2, method_2_rate_2, method_2_low_3, method_2_high_3, method_2_rate_3, method_2_low_4, method_2_high_4, method_2_rate_4, method_2_low_5, method_2_high_5, method_2_rate_5, method_3, method_3_low_1, method_3_high_1, method_3_rate_1, method_3_low_2, method_3_high_2, method_3_rate_2, method_3_low_3, method_3_high_3, method_3_rate_3, method_3_low_4, method_3_high_4, method_3_rate_4, method_3_low_5, method_3_high_5, method_3_rate_5, method_4, method_4_low_1, method_4_high_1, method_4_rate_1, method_4_low_2, method_4_high_2, method_4_rate_2, method_4_low_3, method_4_high_3, method_4_rate_3, method_4_low_4, method_4_high_4, method_4_rate_4, method_4_low_5, method_4_high_5, method_4_rate_5 FROM shipping WHERE name="$dbprefix" }); $sth->execute(); @field=$sth->fetchrow_array(); if ($tax_states[0] ne "" || $field[0] ne "") { print qq | $top_page $menu $middle_page $title_front Check Out Info $title_back
|; if ($tax_states[0]) { print qq | Please select your State:

Outside the United States|; } if ($field[0] ne "") { print qq | Please select a shipping option:
|; } print qq|
$bottom_page |; } else { $FORM{'action'}="check_out"; $shipping=$field[0]; } } ########################################################## ## Finalize an Order if ($FORM{'action'} eq "check_out") { @summary=&get_summary($FORM{'uid'}); # Shipping Info $sth = $dbh->prepare(qq{SELECT method_1, method_1_low_1, method_1_high_1, method_1_rate_1, method_1_low_2, method_1_high_2, method_1_rate_2, method_1_low_3, method_1_high_3, method_1_rate_3, method_1_low_4, method_1_high_4, method_1_rate_4, method_1_low_5, method_1_high_5, method_1_rate_5, method_2, method_2_low_1, method_2_high_1, method_2_rate_1, method_2_low_2, method_2_high_2, method_2_rate_2, method_2_low_3, method_2_high_3, method_2_rate_3, method_2_low_4, method_2_high_4, method_2_rate_4, method_2_low_5, method_2_high_5, method_2_rate_5, method_3, method_3_low_1, method_3_high_1, method_3_rate_1, method_3_low_2, method_3_high_2, method_3_rate_2, method_3_low_3, method_3_high_3, method_3_rate_3, method_3_low_4, method_3_high_4, method_3_rate_4, method_3_low_5, method_3_high_5, method_3_rate_5, method_4, method_4_low_1, method_4_high_1, method_4_rate_1, method_4_low_2, method_4_high_2, method_4_rate_2, method_4_low_3, method_4_high_3, method_4_rate_3, method_4_low_4, method_4_high_4, method_4_rate_4, method_4_low_5, method_4_high_5, method_4_rate_5 FROM shipping WHERE name="$dbprefix" }); $sth->execute(); @field=$sth->fetchrow_array(); if ($FORM{'shipping_option'} ne "") { if ($FORM{'shipping_option'} eq $field[0]) { for($x=1;$x<16;$x=$x+3) { if ($summary[1] >= $field[$x] && $summary[1] <= $field[$x+1]) {$shipping=$field[$x+2]; } } } elsif ($FORM{'shipping_option'} eq $field[16]) { for($x=17;$x<32;$x=$x+3) { if ($summary[1] >= $field[$x] && $summary[1] <= $field[$x+1]) {$shipping=$field[$x+2]; } } } elsif ($FORM{'shipping_option'} eq $field[32]) { for($x=33;$x<48;$x=$x+3) { if ($summary[1] >= $field[$x] && $summary[1] <= $field[$x+1]) {$shipping=$field[$x+2]; } } } elsif ($FORM{'shipping_option'} eq $field[48]) { for($x=49;$x<64;$x=$x+3) { if ($summary[1] >= $field[$x] && $summary[1] <= $field[$x+1]) {$shipping=$field[$x+2]; } } } } else { $FORM{'shipping_option'}="Shipping"; $shipping=$file[0]; } $total=$shipping+$summary[1]; $name=$dbprefix; $name.="country"; $sth = $dbh->prepare(qq{SELECT value,type FROM counter WHERE name="$name"}); $sth->execute(); @file=$sth->fetchrow_array(); $file[0]=sprintf("%.2f", $file[0]); $iftax=$file[1]; $tax=$total*$file[0]; $total=sprintf("%.2f", $total); $shipping=sprintf("%.2f", $shipping); $order=qq|$summary[0] |; if ($FORM{'login_id'} eq ''){ print qq | $top_page $menu $middle_page $title_front Check Out $title_back

Registered customers, enter your e-mail and password in the box below to make a purchase.
$font Subtotal:   $font \$$summary[1]
$font Shipping: $FORM{'shipping_option'}   $font \$$shipping
E-mail:
Password:


If you are not a registered customer of $store_name, please fill out the form below and submit it.
$order

$font Your Name:   
$font Email Address:   
$font

Shipping Information
$font Ship To:   
$font Shipping Address:   
$font City:   
$font State:   
Outside the United States
$font Zip:   
$font Country:   
$bottom_page |; } else { $FORM{'action'}="purchase"; $FORM{'uid'}=$FORM{'uid'}; $FORM{'order'}=$order; $FORM{'total'}=$total; $FORM{'tax'}=$tax; $FORM{'iftax'}=$iftax; $FORM{'shipping'}=$shipping; } } ## Make the purchase if ($FORM{'action'} eq "purchase") { if ($FORM{'iftax'} eq $FORM{'shipping_country'}){ $FORM{'order'}.=qq|$font Sales Tax:   $font \$$FORM{'tax'}|; $FORM{'total'}=$FORM{'total'}+$FORM{'tax'}; $FORM{'total'}=sprintf("%.2f", $FORM{'total'}); chomp($FORM{'order'}); } $FORM{'order'}.=qq|$font Total:   $font \$$FORM{'total'} |; chomp($FORM{'order'}); if ($FORM{'login_id'} ne ''){ $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT customer_id, password, name, email, ship_name, ship_address, city, state, country, ZIP FROM $name WHERE customer_id="$FORM{'login_id'}"}); $sth->execute(); @field=$sth->fetchrow_array(); $FORM{'name'}=$field[2]; $FORM{'email'}=$field[3]; $FORM{'shipping_name'}=$field[4]; $FORM{'shipping_address'}=$field[5]; $FORM{'shipping_city'}=$field[6]; $FORM{'shipping_state'}=$field[7]; $FORM{'shipping_country'}=$field[8]; $FORM{'shipping_zip'}=$field[9]; } elsif ($FORM{'reg_email'} ne ''){ $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT customer_id, password, name, email, ship_name, ship_address, city, state, country, ZIP FROM $name WHERE email="$FORM{'reg_email'}"}); $sth->execute(); @field=$sth->fetchrow_array(); if ($FORM{'reg_password'} eq $field[1]){ $FORM{'name'}=$field[2]; $FORM{'email'}=$field[3]; $FORM{'shipping_name'}=$field[4]; $FORM{'shipping_address'}=$field[5]; $FORM{'shipping_city'}=$field[6]; $FORM{'shipping_state'}=$field[7]; $FORM{'shipping_country'}=$field[8]; $FORM{'shipping_zip'}=$field[9]; } else { $message.="
  • Your e-mail or password is incorrect.

    "; } } else { if ($FORM{'name'} eq "") { $message.="
  • You must enter your name.

    "; } if (&check_email($FORM{'email'}) != 1) { $message.="
  • You must enter your email address in proper format.

    "; } if ($FORM{'shipping_address'} eq "") { $message.="
  • You must enter your shipping address.

    "; } if ($FORM{'shipping_city'} eq "") { $message.="
  • You must enter your city.

    "; } if ($FORM{'shipping_state'} eq "") { $message.="
  • You must enter your state or indicate you live outside the United States.

    "; } if ($FORM{'shipping_country'} eq "") { $message.="
  • You must enter your country.

    "; } if ($FORM{'shipping_zip'} eq "" ) { # or $FORM{'shipping_zip'} !~ /^0-9/ $message.="
  • You must enter a valid zip code.

    "; } } if ($message ne "") { print qq| $top_page $menu $middle_page $title_front Sorry! $title_back The following problems existed with your purchase information:
      $message
    Please click your browser's back button to return to the form and complete it properly.

    $bottom_page |; } else { $FORM{'comments'}=~s/[\r\n]/
    /g; if ($FORM{'shipping_name'} eq "same as above") {$FORM{'shipping_name'}="$FORM{'name'}";} $order_date=&get_date; $name=$dbprefix; $name.="orders"; $dbh->do(qq{INSERT INTO $name (cart_id, name, email, ship_name, ship_address, city, state, country, date, ship_date, ZIP, status, total) VALUES("$FORM{'uid'}", "$FORM{'name'}", "$FORM{'email'}", "$FORM{'shipping_name'}", "$FORM{'shipping_address'}", "$FORM{'shipping_city'}", "$FORM{'shipping_state'}", "$FORM{'shipping_country'}", "$order_date", "not yet shipped", "$FORM{'shipping_zip'}", "open", "$FORM{'total'}")}); $sth=$dbh->prepare(qq{SELECT order_id FROM $name WHERE cart_id="$FORM{'uid'}" AND name="$FORM{'name'}" AND email="$FORM{'email'}" AND ship_name="$FORM{'shipping_name'}" AND ship_address="$FORM{'shipping_address'}" AND city="$FORM{'shipping_city'}" AND state="$FORM{'shipping_state'}" AND country="$FORM{'shipping_country'}" AND date="$order_date" AND ship_date="not yet shipped" AND ZIP="$FORM{'shipping_zip'}" AND status="open" AND total="$FORM{'total'}"}); $sth->execute(); $order_number=$sth->fetchrow_array(); # send email notification that order has taken place $to=$customer_service; $from=$FORM{'email'}; $subject="Order Completed"; $body="An order has been received from the $site_name web site. Go to $office_url to view the order. "; &sendmail($to,$from,$subject,$body); # send email confirmation to customer $to=$FORM{'email'}; $from=$customer_service; $subject="Thank You!"; $body="Dear $FORM{'name'}, Thank you for ordering from $site_name. We appreciate your business! Your order number is: $order_number To check on the status of your order at any time go to: $order_url?order_number=$order_number Feel free to contact us with any questions at $customer_service "; &sendmail($to,$from,$subject,$body); print qq| $top_page $menu $middle_page $title_front Thank You! $title_back $FORM{'name'}, here is the summary of your order.

    To pay by Credit Card click here.
    To pay by Check click here.
    Order Date: $order_date

    $FORM{'order'}
    This order will be shipped to:

    $FORM{'shipping_name'}
    $FORM{'shipping_address'}
    $FORM{'shipping_city'}, $FORM{'shipping_state'}
    $FORM{'shipping_country'}
    $FORM{'shipping_zip'}

    $bottom_page |; } # end of else } ##################################################### ## Sign-up Form if($FORM{'action'} eq "signup"){ print qq| $top_page $menu $middle_page

    Customer Sign-up

    Fill in the following form. All fields are required.
    We will not give away any information to a third party.
    $font Your Name:   
    $font Email Address:   
    $font Password:   
    $font Password (again):   
    $font

    Shipping & Payment Information
    $font Shipping:   
    $font Shipping Address:   
    $font City:   
    $font State:   
    Outside the United States
    $font Zip:   
    $font Country:   
    $bottom_page |; } ##################################################### ## Process Sign-up if($FORM{'action'} eq "proc_signup"){ if ($FORM{'name'} eq "") { $message.="
  • You must enter your name.

    "; } if (&check_email($FORM{'email'}) != 1) { $message.="
  • You must enter your email address in proper format.

    "; } $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT email FROM $name}); $sth->execute(); while($buffer=$sth->fetchrow_array()){ if ($FORM{'email'} eq $buffer) { $message.="
  • Your email is already registered in our database.

    "; } } if ($FORM{'shipping_address'} eq "") { $message.="
  • You must enter your shipping address.

    "; } if ($FORM{'shipping_city'} eq "") { $message.="
  • You must enter your city.

    "; } if ($FORM{'shipping_state'} eq "") { $message.="
  • You must enter your state or indicate you live outside the United States.

    "; } if ($FORM{'shipping_country'} eq "") { $message.="
  • You must enter your country.

    "; } if ($FORM{'shipping_zip'} eq "" ) { # or $FORM{'shipping_zip'} !~ /^0-9/ $message.="
  • You must enter a valid zip code.

    "; } if ($FORM{'password'} ne $FORM{'password_check'} ) { $message.="
  • Your passwords do not match.

    "; } if ($message ne "") { print qq| $top_page $menu $middle_page $title_front Sorry! $title_back The following problems existed with your purchase information:
      $message
    Please click your browser's back button to return to the form and complete it properly.

    $bottom_page |; } else { $FORM{'comments'}=~s/[\r\n]/
    /g; if ($FORM{'shipping_name'} eq "same as above") {$FORM{'shipping_name'}="$FORM{'name'}";} #$FORM{'password'}=crypt($FORM{'password'},'KP'); $name=$dbprefix; $name.="customer"; $dbh->do(qq{INSERT INTO $name (password, name, email, ship_name, ship_address, city, state, country, ZIP) VALUES("$FORM{'password'}","$FORM{'name'}", "$FORM{'email'}", "$FORM{'shipping_name'}", "$FORM{'shipping_address'}", "$FORM{'shipping_city'}", "$FORM{'shipping_state'}", "$FORM{'shipping_country'}", "$FORM{'shipping_zip'}")}); print qq| $top_page $menu $middle_page

    Customer Sign-up

    $font You are now registered as a customer of $store_name. Click here to log in, or here to continue shopping. $bottom_page|; } } ##################################################### ## Update if($FORM{'action'} eq "update"){ if($FORM{'update'} ne 'yes'){ $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT customer_id, password, name, email, ship_name, ship_address, city, state, country, ZIP FROM $name WHERE customer_id="$FORM{'login_id'}"}); print qq| $top_page $menu $middle_page

    Your Information

    Edit your information using the following form.
    $font Your Name:   
    $font Email Address:   
    $font Old Password:   
    $font New Password:   
    $font New Password (again):   
    $font

    Shipping & Payment Information
    $font Shipping Name:   
    $font Shipping Address:   
    $font City:   
    $font State:   
    Outside the United States
    $font Zip:   
    $font Country:   
    $bottom_page |; } else { $name=$dbprefix; $name.="customer"; $sth=$dbh->prepare(qq{SELECT password FROM $name WHERE customer_id="$FORM{'id'}"}); $sth->execute(); $password=$sth->fetchrow_array(); if ($FORM{'old_password'} eq $password){ if ($FORM{'name'} eq "") { $message.="
  • You must enter your name.

    "; } if (&check_email($FORM{'email'}) != 1) { $message.="
  • You must enter your email address in proper format.

    "; } if ($FORM{'shipping_address'} eq "") { $message.="
  • You must enter your shipping address.

    "; } if ($FORM{'shipping_city'} eq "") { $message.="
  • You must enter your city.

    "; } if ($FORM{'shipping_state'} eq "") { $message.="
  • You must enter your state or indicate you live outside the United States.

    "; } if ($FORM{'shipping_country'} eq "") { $message.="
  • You must enter your country.

    "; } if ($FORM{'shipping_zip'} eq "" ) { # or $FORM{'shipping_zip'} !~ /^0-9/ $message.="
  • You must enter a valid zip code.

    "; } if ($FORM{'password'} ne $FORM{'password_check'}) { $message.="
  • Your passwords do not match.

    "; } if ($message ne "") { print qq| $top_page $menu $middle_page $title_front Sorry! $title_back The following problems existed with your purchase information:
      $message
    Please click your browser's back button to return to the form and complete it properly.

    $bottom_page |; } else { $FORM{'comments'}=~s/[\r\n]/
    /g; #$FORM{'password'}=crypt($FORM{'password'},'KP'); $name=$dbprefix; $name.="customer"; if ($FORM{'password'} eq "") { $dbh->do(qq{UPDATE $name SET name="$FORM{'name'}", email="$FORM{'email'}", check_name="$FORM{'shipping_name'}", address="$FORM{'shipping_address'}", city="$FORM{'shipping_city'}", state="$FORM{'shipping_state'}", country="$FORM{'shipping_country'}", ZIP="$FORM{'shipping_zip'} WHERE affiliate_id="$FORM{'affiliate_id'}"}); } else { $dbh->do(qq{UPDATE $name SET password="$FORM{'password'}", name="$FORM{'name'}", email="$FORM{'email'}", check_name="$FORM{'shipping_name'}", address="$FORM{'shipping_address'}", city="$FORM{'shipping_city'}", state="$FORM{'shipping_state'}", country="$FORM{'shipping_country'}", ZIP="$FORM{'shipping_zip'} WHERE affiliate_id="$FORM{'affiliate_id'}"}); } print qq| $top_page $menu $middle_page

    Information Changed

    $font You have successfully changed your information. Click here to continue shopping. $bottom_page|; } } else { print qq| $top_page $menu $middle_page

    Error

    $font Your password is incorrect. $bottom_page|; } } } # Increments key counter and returns value sub key_counter { my $keycounter; $sth = $dbh->prepare(qq{SELECT value FROM counter WHERE name="$dbprefix" AND type="cart"}); $sth->execute(); $keycounter=$sth->fetchrow_array(); $keycounter++; $dbh->do(qq{UPDATE counter SET value="$keycounter" WHERE name="$dbprefix" AND type="cart"}); return ($keycounter); } ######################################## ## Returns all categories in the product file as an array sub get_categories { my ($x, $marker); my ($field, @categories); $name=$dbprefix; $name.="products"; $sth = $dbh->prepare(qq{SELECT category FROM $name}); $sth->execute(); while ($field=$sth->fetchrow_array()) { foreach $category (@categories) { if ($field eq $category) {$marker=1;} } if ($marker!=1) { $categories[$x]=$field; $x++; } $marker=""; } @categories=sort(@categories); return (@categories); } ##################################################### ## Returns the format of a short display sub short_display { my $return; my $photo; if ($field[9] ne "") {$photo=qq|
    |;} # KEY $return=qq|$photo $font $field[1] $field[2]
    $field[3]
    $font \$$field[6]
    $font SKU: $field[0]|; return($return); } ##################################################### ## Returns an array full of values for a SKU sub get_sku { my @return; my $sku=$_[0]; $name=$dbprefix; $name.="products"; $sth = $dbh->prepare(qq{SELECT sku, brand_name, product_name, short_desc, long_desc, category, price, shipping, image, thumbnail, choice1_name, choice1_option1, choice1_price1, choice1_option2, choice1_price2, choice1_option3, choice1_price3, choice1_option4, choice1_price4, choice1_option5, choice1_price5, choice1_option6, choice1_price6, choice1_option7, choice1_price7, choice1_option8, choice1_price8, choice1_option9, choice1_price9, choice1_option10, choice1_price10, choice2_name, choice2_option1, choice2_price1, choice2_option2, choice2_price2, choice2_option3, choice2_price3, choice2_option4, choice2_price4, choice2_option5, choice2_price5, choice2_option6, choice2_price6, choice2_option7, choice2_price7, choice2_option8, choice2_price8, choice2_option9, choice2_price9, choice2_option10, choice2_price10, choice3_name, choice3_option1, choice3_price1, choice3_option2, choice3_price2, choice3_option3, choice3_price3, choice3_option4, choice3_price4, choice3_option5, choice3_price5, choice3_option6, choice3_price6, choice3_option7, choice3_price7, choice3_option8, choice3_price8, choice3_option9, choice3_price9, choice3_option10, choice3_price10, amount_per_case FROM $name WHERE sku="$sku"}); $sth->execute(); @return=$sth->fetchrow_array(); return(@return); } ##################################################### ## Returns order summary sub get_summary { my $total_quantity=0; my $cart; my (@product,@item); my ($return,$line_total,$total,$empty); my $count=0; my $customer_id=$_[0]; $name=$dbprefix; $name.="cart"; $sth=$dbh->prepare(qq{SELECT cart_id, status, sku, brand_name, product_name, option1, option2, option3, price, quantity, affiliate_id FROM $name WHERE status="open" AND cart_id="$customer_id"}); $sth->execute(); $return="$font SKU Code$font Description$font Price$font Quantity$font Total"; while(@item = $sth->fetchrow_array()){ $line_total=$item[8]*$item[9]; $line_total=sprintf("%.2f", $line_total); $item[8]=sprintf("%.2f", $item[8]); $return.="$font $item[2]$font $item[3] $item[4] $font \$$item[8]$font $item[9]$font \$$line_total"; chomp($return); $total_quantity=$total_quantity+$item[8]; $total=$total+$line_total; $count++; } if ($count == 0){$empty=1;} $total=sprintf("%.2f", $total); return($return, $total, $empty, $total_quantity); } ##################################################### ## Returns order summary sub get_cart { my $total_quantity=0; my $cart; my (@product,@item); my ($return,$line_total,$total,$empty); my $count=0; my $customer_id=$_[0]; $name=$dbprefix; $name.="cart"; $sth=$dbh->prepare(qq{SELECT cart_id, status, sku, brand_name, product_name, option1, option2, option3, price, quantity, affiliate_id FROM $name WHERE status="open" AND cart_id="$customer_id"}); $sth->execute(); $return="$font Description$font Quantity$font Delete Item$font Total"; while(@item = $sth->fetchrow_array()){ $line_total=$item[8]*$item[9]; $line_total=sprintf("%.2f", $line_total); $item[8]=sprintf("%.2f", $item[8]); $count++; $return.="$font $count. $item[3]
    $item[4]
    SKU code: $item[2]
    $font Price: \$$item[8]

    $font  
    $font
    $font \$$line_total"; chomp($return); $total_quantity=$total_quantity+$item[8]; $total=$total+$line_total; } if ($count == 0){$empty=1;} $total=sprintf("%.2f", $total); return($return, $total, $empty, $total_quantity); } ###################################################### ## Send Email (to,from,subject,body) $SMTP_SERVER must ## be a global variable assigned with a valid smtp server sub sendmail { local($to, $from, $subject, $body) = @_; open(MAIL, "|/usr/lib/sendmail -t"); print MAIL "To: $to\r\nFrom: $from\r\nSubject: $subject\r\n\r\n$body\r\n\r\n"; close (MAIL); } ##################################################### ## Check for valid email address sub check_email { local($email) = $_[0]; # Check that the email address doesn't have 2 @ signs, a .., a @., a # .@ or begin or end with a . if ($email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)|(\.$)/ || # Allow anything before the @, but only letters numbers, dashes and # periods after it. Also check to make sure the address ends in 2 or # three letters after a period and allow for it to be enclosed in [] # such as [164.104.50.1] ($email !~ /^.+\@localhost$/ && $email !~ /^.+\@\[?(\w|[-.])+\.[a-zA-Z]{2,3}|[0-9]{1,3}\]?$/)) { return(0); } # If it passed the above test, it is valid. else { return(1); } } sub get_affiliate_id { # get the cookie @cookievalues=split(/;/,$ENV{'HTTP_COOKIE'}); foreach $value (@cookievalues) { if ($value=~/affiliate_id=/) { @cookie=split(/=/,$value); $FORM{'affiliate_id'}=$cookie[1]; chomp($FORM{'affiliate_id'}); } if ($value=~/direct_sku=/) { @cookie=split(/=/,$value); $FORM{'direct_sku'}=$cookie[1]; chomp($FORM{'direct_sku'}); } } } sub get_date { my ($time); $_[0] ? ($time = $_[0]) : ($time = time()); my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime ($time); $year = $year + 1900; ($mday < 10) and ($mday = "0$mday"); my @months = qw!Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec!; return "$mday-$months[$mon]-$year"; }