#!/usr/bin/perl ############################################################################# # Online Shopping Cart By JMS Online Systems - Since 1993 # # (c) 1993 - 2003 All rights reserved. # # www.jmsonline.net Custom ecommerce programming is our specialty! # # don't bother calling jim: it's been reworked so much he wouldn't recognize it # joseph frasier admin@cgimasters.com ############################################################################# # house webmaster ID my $default_wmid = 1045; # allow to see cross-sells when free product my $allow_xsell_on_free = 0; # allow foreign countries when free product (for domestic-only orders, value must equal 0) my $allow_foreign_on_free = 0; # if not allowed, what message should be displayed my $allow_foreign_on_free_denied_msg = "This product is available to domestic customers only."; # what processor to use at checkout ## use 'PROC' in FORM variables to determine merchant processor ## NB=Netbilling, GB=Globalbilling, AN=Authorizenet (untested) my $checkout_processor = ($FORM{'PROC'} ne '') ? $FORM{'PROC'} : $Processor; my $checkout_tag = "_Checkout"; our $checkout = $checkout_processor.$checkout_tag; ###### COOKIES FOR TRACKING - CJL my $COOKIE_DATA = $ENV{'HTTP_COOKIE'}; foreach (split(/;/, $COOKIE_DATA)) { # Extract each pair from the string my($NAME,$VALUE) = split(/=/, $_); # Split each pair into a NAME and a VALUE $NAME =~ s/\+/ /g; $NAME =~ s/%([0-9|A-F]{2})/pack(C,hex($1))/eg; $VALUE =~ s/\+/ /g; $VALUE =~ s/%([0-9|A-F]{2})/pack(C,hex($1))/eg; $COOKIE{$NAME} = $VALUE; # Assign the pair to an associative array } $SENDROIKWD = $COOKIE{' SENDROI20KWD'}; $SENDROICID = $COOKIE{'SENDROI20CID'}; $SENDROIREFER = $COOKIE{' SENDROI20REF'}; ###### COOKIES FOR TRACKING - CJL print "Content-type: text/html \n\n"; # # # global settings require '/host/users/herbalo/herbalo.com/purecart/shared_subs.pl'; # # per-site settings require $purecart_site_dir . 'pathinfo.pl' if ($website ne ''); if ($FORM{cid} > 0) {$cid = $FORM{cid};} # the exit pops are in the headers: this is for the links and form submits here unless ($FORM{NoPop} ne '') { $link_tag = ' onclick="exit=false;" '; $form_tag = ' onsubmit="exit=false;" '; } if ($FORM{CartID} ne '') # been here before {($FORM{wmid}, $trash) = split(/_/, $FORM{CartID});} else # first time { if ($FORM{ID} ne '') {$FORM{wmid} = $FORM{ID};} else { unless ($FORM{wmid} ne '') {$FORM{wmid} = $default_wmid ;} } # the "unless" is a precaution $FORM{CartID} = $FORM{wmid} . "_" . time(); $FORM{banner} = substr($FORM{wmid},4); ##-removed by wtorres-## # $FORM{wmid} = substr($FORM{wmid},0,4); # wmid can be bigger than 4 values unless ($FORM{banner} > 0) {$FORM{banner} = '000';} my ($timestamp, $hour, $period) = &DateHourPeriod; $timestamp .= $hour; unless ($dbh) { $dbh = &OpenSQL(purecart); } my $sql_st = qq~SELECT hits FROM traffic WHERE wmid=? AND banner=? AND timestamp=?~; my $sth = $dbh->prepare($sql_st); $sth->execute($FORM{wmid}, $FORM{banner}, $timestamp) or die "can't execute the query: " . $sth->errstr; my ($hits) = $sth->fetchrow_array; $sth->finish; $hits++; if ($hits > 1) {$sql_st = qq~UPDATE traffic SET hits=$hits WHERE wmid='$FORM{wmid}' AND timestamp='$timestamp'~;} else {$sql_st = qq~INSERT INTO traffic (wmid, banner, timestamp, period, hits) VALUES ('$FORM{wmid}','$FORM{banner}','$timestamp','$period','1')~;} $sth = $dbh->prepare($sql_st); $sth->execute() or die "can't execute the query: " . $sth->errstr; $sth->finish; } # populate stuff $CartID = $FORM{'CartID'}; $LinkID = $FORM{'LK'}; $DeptID = $FORM{'Dept'}; $ItemID = $FORM{'IT'}; $ReDo = $FORM{'RD'}; $ChkOut = $FORM{'CK'}; $Cancel = $FORM{'CL'}; $AddItem = $FORM{'OR'}; $ItemOrd = $FORM{'IO'}; $KeyWord = $FORM{'KeyWord'}; $PayHow = $FORM{'PayHow'}; $NewOrder = $FORM{'NewOrder'}; $Referer = (($FORM{'Referer'} ne '') && ($FORM{'Referer'} ne '(none)')) ? $FORM{'Referer'} : $ENV{'HTTP_REFERER'}; $PROC = ($FORM{'PROC'} ne '') ? $FORM{'PROC'} : $Processor; if($ReDo eq "UPDATE"){ &RePost; } # ths sub followed by PrintShipTo if($PayHow eq "1") { &PrintCheck; } if($FORM{DeptID} ne "") { &PrintDept; } if($ItemID ne "") { &PrintItem; } if($LinkID ne "") { &PrintMenu; } if($Cancel eq "1") { &ResetCart; } if($KeyWord ne "") { &PrintSearch; } print qq~ ~; if($AddItem eq "1") # after adding do we { if ($NewOrder eq "1"){&ResetCartShip;} if ($FORM{Xsold} ne '') #if (($FORM{Xsold} eq 1) || ($FORM{Xsold} eq 2)) { &PostItemOrder; &PrintOrder; exit; } # go to payment page? else { &PostItemOrder; &PrintShipTo; exit; } # or go to shipping page? } if($ChkOut eq "1") { &PrintOrder; } # none of the above? $FORM{Dept} = 1; &PrintDept; #&PrintMenu; ##### sub RePost { print qq~~; open(CART,"$CartDir/$CartID.txt"); @ITEMS = ; close(CART); $NewCart = ""; foreach $row (@ITEMS) { ($Item,$Name,$Desc,$Price,$ShipD,$ShipG,$Qty) = split(/\|/,$row); next if ($NoDups{$Item}); $NoDups{$Item} = 1; $ItemDel = $Item . R; $ItemQuan = $Item . Q; $Quantity = $FORM{$ItemQuan}; $Remove = $FORM{$ItemDel}; if($Remove eq "1") # this actually means keep it... { $NewCart .= qq~$Item|$Name|$Desc|$Price|$ShipD|$ShipG|$Quantity|\n~; $FORM{$ItemDel} = 0; } } open(NCART,">$CartDir/$CartID.txt"); print NCART "$NewCart"; close(NCART); &PrintShipTo; exit; } ##### sub PrintMenu { &PrintHead if ($website ne ''); print qq~
~; open(DATA,$DataBase); @ROWS = ; close(DATA); @ROWS = sort(@ROWS); foreach $line (@LINES) { ($Dept,$Name) = split(/\|/,$line); if($Name ne "") { print ""; } print "

    $Name
      "; } foreach $row (@ROWS) { ($Dep,$Item,$Nam,$Desc,$Opt1,$Opt2,$Opt3,$Weight,$Price,$Ship,$Url,$Image,$Tax,$Invt) = split(/\|/,$row); if($Dep eq "$Dept") { print "
    • $Nam
      \n"; } } print "

"; &PrintFoot if ($website ne ''); exit; } ##### sub PrintDept { &PrintHead(products_page) if ($website ne ''); print qq~
~; # table outside form print "\n" unless ($product_form_outside_table); # get list of product groups (if any) my (@prodgroup) = &GetProductGroups("$website","$FORM{Dept}"); my %prodprices, $order_prod_by; # get list of products for site if (@prodgroup) { # to have proper grouping, we must sort by order_in_cart $order_prod_by = "order_in_cart,pid asc"; } else { # otherwise, just go with most expensive first $order_prod_by = "price desc"; } my @ROWS = &ItemList("$website", "$FORM{Dept}", "$order_prod_by"); # send site and dept. and order # if we have groups, prune list of products, and group if (@prodgroup) { my($newrows, $pgprices) = &prune_product_rows(\@prodgroup, \@ROWS); @ROWS = @{ $newrows }; %prodprices = %{ $pgprices }; } my $cg = 0 if (@prodgroup); my $prodnum = 0; foreach $row (@ROWS) { $prodnum++; ($Dept,$Item,$Name,$Desc,$Blurb,$Price,$ShipD,$ShipG,$Url) = split(/\|/,$row); $ItemQuan = $Item . 'Q'; my ($width,$height) = (0,0); # if ($Url ne "") { print qq~larger image~; } ## ## set some variables to use later ## # set cart info my $cart_form = "\n\n"; $cart_form .= "
\n" if ($product_form_outside_table); $cart_form .= "\t\n"; $cart_form .= "\t\n"; $cart_form .= "\t\n"; $cart_form .= "\t\n"; $cart_form .= "\t\n"; $cart_form .= "\t\n"; # if no groups, set product ID from current item $cart_form .= "\n\t\n\t\n" unless(@prodgroup); # # set image dimensions ($width,$height) = &GifSize("$ImagePath/$Item.gif") if (-e "$ImagePath/$Item.gif"); # # set product blurb my $cart_blurb = "\n\t\n\t\n" if (@prodgroup); # # set description or image my $cart_desc; if (-e "$ImagePath/$Item.gif") { $cart_desc .= "\t\n"; } else { $cart_desc .= "\t\n"; } # # set product group based dropdown my $cart_menu = &get_dropdown_products($cg, \%prodprices) if (@prodgroup); # # set order button/end of form my $cart_order; $cart_order .= "\n\t\n
\n\t\t
\n"; $cart_blurb .= "\t\t\t$Blurb\n"; $cart_blurb .= "\t\t
\n"; $cart_blurb .= "\t
\n"; $cart_desc .= "\t\t\n"; $cart_desc .= "\t
\n"; $cart_desc .= "\t\t$Name$Desc
\n"; $cart_desc .= "\t\tPrice: \$$Price\n"; $cart_desc .= "\t
\n" if (@prodgroup); $cart_order .= "\t\t
\n"; if ($product_form_outside_table) { $cart_order .= "\t\t
\n\n\t
\n"; } else { $cart_order .= "\t\t\n\t\n\t
\n"; } ## begin displaying the cart # first form print qq~$cart_form\n~; # if in group, blurb next print qq~$cart_blurb\n~ if (@prodgroup); # description/image print qq~$cart_desc\n~; # cart menu, grouped products print qq~$cart_menu\n~ if ($cart_menu); # if not in group, blurb after desc print qq~$cart_blurb\n~ if (!@prodgroup); # end of cart print qq~$cart_order\n~; $cg++ if (@prodgroup); } if ($product_form_outside_table) { print "

\n"; } else { print "\n
\n"; } &PrintFoot(products_page) if ($website ne ''); exit; } ##### sub PrintItem { &PrintHead if ($website ne ''); print qq~
~; open(DATA,$DataBase); @ROWS = ; close(DATA); foreach $row (@ROWS) { ($Dept,$Item,$Name,$Desc,$Opt1,$Opt2,$Opt3,$Weight,$Price,$Ship,$Url,$Image,$Tax,$Invt) = split(/\|/,$row); $ItemQuan = $Item . Q; # this was already turned off # if ($Invt > 0) { if ($ItemID eq "$Item") { print qq~ ~; if ($Image ne "") { if (-e "$ImagePath/$Image") { print "\n"; } else { print "\n"; } } print ""; } # } } print "
Browse:
Search:
$Name

$Desc
\n~; if ($Url ne "") { print "larger image\n"; } print qq~

~; # if ($Invt ne "") { print "In Stock: $Invt
"; } print qq~ Price: \$$Price

"; if ($Url ne "") { print ""; } print "\"$Name\""; if ($Url ne "") { print ""; } print "
\ \;

\n"; &PrintFoot if ($website ne ''); exit; } ##### sub PostItemOrder # add an item to cart { my $add_freebe; print qq~~; unless (-e "$CartDir/$CartID.txt") # first time, check for freebe {$add_freebe = 1;} open(CART, ">>$CartDir/$CartID.txt"); if ($add_freebe ne '') { @ROWS = &ItemList("$website","0"); # dept 0 is free stuff foreach $row (@ROWS) { ($trash,$Item,$Name,$Desc,$trash,$Price,$ShipD,$ShipG,$Url) = split(/\|/,$row); print CART qq~$Item|$Name|$Desc|$Price|$ShipD|$ShipG|1|\n~; } } ($Dept,$Item,$Name,$Desc,$trash,$Price,$ShipD,$ShipG,$Url) = &OneItem("$ItemOrd"); $ItemQuan = $Item . "Q"; $Quantity = $FORM{$ItemQuan}; unless ($Quantity > 1) {$Quantity = 1;} print CART qq~$Item|$Name|$Desc|$Price|$ShipD|$ShipG|$Quantity|\n~; close(CART); } ##### sub PrintShipTo # the "view cart" page { require $purecart_dir . 'SelectStateCountry.pl'; $SubTotal = "0.00"; $ItemCount = "0"; my $dbh = &OpenSQL("purecart"); &PrintHead(ship_page) if ($website ne ''); # they could be returning to this page: see if info already in DB if ($FORM{cid} > 0) { $sql_st = qq~SELECT FirstName, LastName, Email, Phone, Address, Address2, City, State, Zip, Country, ShipFirstName, ShipLastName, ShipEmail, ShipPhone, ShipAddress, ShipAddress2, ShipCity, ShipState, ShipZip, ShipCountry FROM customers WHERE ID='$FORM{cid}'~; $sth = $dbh->prepare($sql_st); $sth->execute() or die "can't execute the query: " . $sth->errstr; ($FirstName, $LastName, $Email, $Phone, $Address, $Address2, $City, $State, $Zip, $Country, $ShipFirstName, $ShipLastName, $ShipEmail, $ShipPhone, $ShipAddress, $ShipAddress2, $ShipCity, $ShipState, $ShipZip, $ShipCountry) = $sth->fetchrow_array; $sth->finish; } else { $ShipFirstName = $FORM{'x_Ship_To_FirstName'} if ($FORM{'x_Ship_To_FirstName'} ne ''); $ShipLastName = $FORM{'x_Ship_To_LastName'} if ($FORM{'x_Ship_To_LastName'} ne ''); $ShipAddress = $FORM{'x_Ship_To_Address'} if ($FORM{'x_Ship_To_Address'} ne ''); $ShipAddress2 = $FORM{'x_Ship_To_Address2'} if ($FORM{'x_Ship_To_Address2'} ne ''); $ShipCity = $FORM{'x_Ship_To_City'} if ($FORM{'x_Ship_To_City'} ne ''); $ShipState = uc($FORM{'x_Ship_To_State'}) if ($FORM{'x_Ship_To_State'} ne ''); $ShipProvince = $FORM{'x_Ship_To_Province'} if ($FORM{'x_Ship_To_Province'} ne ''); $ShipZip = $FORM{'x_Ship_To_Zip'} if ($FORM{'x_Ship_To_Zip'} ne ''); $ShipCountry = $FORM{'x_Ship_To_Country'} if ($FORM{'x_Ship_To_Country'} ne ''); $ShipPhone = $FORM{'x_Ship_To_Phone'} if ($FORM{'x_Ship_To_Phone'} ne ''); $ShipEmail = $FORM{'x_Ship_To_Email'} if ($FORM{'x_Ship_To_Email'} ne ''); $ShipCountry = "US" if (($FORM{'x_Ship_To_Country'} eq '') && ($ShipAddress ne '') && ($ShipCity ne '') && ($ShipState ne '') && ($ShipZip ne '')); $FORM{'x_Ship_To_Country'} = $ShipCountry if ($FORM{'x_Ship_To_Country'} eq ''); } print qq~
~; $Back = 'http://' . $ENV{'HTTP_HOST'} . $ENV{'SCRIPT_NAME'} . '?Dept=' . $FORM{'Dept'} . '&CartID=' . $CartID . '&NoPop=' . $FORM{'NoPop'}; if($ItemCount eq "1") { $STotal = sprintf "%.2f",$SubTotal; print qq~ ~; print qq~ ~ if (($SubTotal > 0) || ($allow_foreign_on_free)); print qq~
Items Ordered
~; if(-e "$CartDir/$CartID.txt") { open(TEMP, "$CartDir/$CartID.txt"); @ROWS = ; close(TEMP); foreach $row (@ROWS) { ($Item,$Name,$Desc,$Price,$ShipD,$ShipG,$Qty) = split(/\|/,$row); $max_shipD = $ShipD if ($max_shipD , $ShipD); $max_shipG = $ShipG if ($max_shipG , $ShipG); $SubTotal += ($Price * $Qty); $Remove = $Item . 'R'; $Quantity = $Item . 'Q'; if($Price ne "") { print qq~

$Qty of $Name
$Desc
Price:\$$Price ea.

~; $ItemCount = "1"; $AlreadyOrdered{$Item} = "1"; } } } print qq~
Order Subtotal
Subtotal:

\$$STotal
U.S. Shipping:

\$$max_shipD
Global Shipping:

\$$max_shipG
~; } else { print qq~

Your Shopping Cart Is Empty

Continue Shopping

~; } print qq~
~; # crosssells? if (!($SubTotal) && !($allow_xsell_on_free)) { @ROWS = (); } else { @ROWS = &ItemList("$website","99"); # dept 99 Crosssells ##CJL } foreach $row (sort @ROWS) ##CJL { ##CJL ($trash,$Item,$Name,$Desc,$trash,$Price,$ShipD,$ShipG,$Url) = split(/\|/,$row); ##$sql_st = "SELECT products FROM crosssells WHERE website='$website' AND step='1'"; ##$sth = $dbh->prepare($sql_st); ##$sth->execute(); ##while ($pid = $sth->fetchrow_array) ##{ undef ($width); undef ($height); unless($top_printed) { $top_printed = 1; print qq~
Customers who've purchased this product have also bought
~; } ##next if ($AlreadyOrdered{$pid}); next if ($AlreadyOrdered{$Item}); ##$sql_st2 = "SELECT name, description, price FROM products WHERE pid='$pid'"; ##$sth2 = $dbh->prepare($sql_st2); ##$sth2->execute(); ##($name, $description, $price) = $sth2->fetchrow_array; ##$sth2->finish; ##$link = qq~$CartAction?CartID=$CartID&NoPop=$FORM{NoPop}&Dept=$FORM{Dept}&cid=$FORM{cid}&IO=$pid&OR=1~; $link = qq~$CartAction?CartID=$CartID&NoPop=$FORM{NoPop}&Dept=$FORM{Dept}&cid=$FORM{cid}&IO=$Item&OR=1~; if (-e "$ImagePath/xsell_$Item.gif") { ($width, $height) = GifSize("$ImagePath/xsell_$Item.gif"); } ## print qq~ ## ## ## ## ## ## ## ~; print qq~ ~; } ## $sth->finish; if ($top_printed) # started a table, better close it {print qq~
$description$name
## Price: \$$price ea.
$Desc $Name
Price: \$$Price ea.
~;} print qq~
~; if (!($SubTotal) && !($allow_foreign_on_free)) { print qq~
Shipping Information

First:

Last:

Address1:

Address2:

City:

State:

Zip:

Country:

Phone:
(xxx-xxx-xxxx)

E-mail:
(Required for confirmation)
~; &PrintFoot(ship_page) if ($website ne ''); } ##### sub PrintOrder # pay_page: enter billing info { my $dbh = &OpenSQL("purecart"); require $purecart_dir . 'SelectStateCountry.pl'; &PrintHead(pay_page) if ($website ne ''); print qq~~; my $Blank; my $back_link = 'javascript:history.back(1)'; $Hide = ""; unless ($FORM{NoPop} ne '') {$back_link .= '" onclick="exit=false; ';} # ok, if he hit this page direct from the Ship to page then we're getting all his # shipping info, BUT he may be here because he clicked the pay page xsell, in which case # the shipping info will not be in %FORM, but will be in DB # # if Xsold == 2, then # user is not in DB # shipping info came from POST to cart # pre-fill billing info from shipping info if (($FORM{Xsold} eq 1) && ($FORM{cid} > 0)) { $sql_st = qq~SELECT ShipFirstName, ShipLastName, ShipEmail, ShipPhone, ShipAddress, ShipAddress2, ShipCity, ShipState, ShipZip, ShipCountry FROM customers WHERE ID='$FORM{cid}'~; $sth = $dbh->prepare($sql_st); $sth->execute() or die "can't execute the query: " . $sth->errstr; ($x_Ship_To_FirstName, $x_Ship_To_LastName, $x_Ship_To_Email, $x_Ship_To_Phone, $x_Ship_To_Address, $x_Ship_To_Address2, $x_Ship_To_City, $x_Ship_To_State, $x_Ship_To_Zip, $x_Ship_To_Country) = $sth->fetchrow_array; $sth->finish; $FORM{'x_Ship_To_FirstName'} = $x_Ship_To_FirstName; $FORM{'x_Ship_To_LastName'} = $x_Ship_To_LastName; $FORM{'x_Ship_To_Address'} = $x_Ship_To_Address; $FORM{'x_Ship_To_Address2'} = $x_Ship_To_Address2; $FORM{'x_Ship_To_City'} = $x_Ship_To_City; $FORM{'x_Ship_To_State'} = $x_Ship_To_State; $FORM{'x_Ship_To_Zip'} = $x_Ship_To_Zip; $FORM{'x_Ship_To_Country'} = $x_Ship_To_Country; $FORM{'x_Ship_To_Province'} = $x_Ship_To_Province; $FORM{'x_Ship_To_Phone'} = $x_Ship_To_Phone; $FORM{'x_Ship_To_Email'} = $x_Ship_To_Email; } elsif (($FORM{'Xsold'} eq 2) || ($FORM{'cid'} eq '')) { $FORM{'x_FirstName'} = $FORM{'x_Ship_To_FirstName'} if (($FORM{'x_FirstName'} eq '') && ($FORM{'x_Ship_To_FirstName'} ne '')); $FORM{'x_LastName'} = $FORM{'x_Ship_To_LastName'} if (($FORM{'x_LastName'} eq '') && ($FORM{'x_Ship_To_LastName'} ne '')); $FORM{'x_Address'} = $FORM{'x_Ship_To_Address'} if (($FORM{'x_Address'} eq '') && ($FORM{'x_Ship_To_Address'} ne '')); $FORM{'x_Address2'} = $FORM{'x_Ship_To_Address2'} if (($FORM{'x_Address2'} eq '') && ($FORM{'x_Ship_To_Address2'} ne '')); $FORM{'x_City'} = $FORM{'x_Ship_To_City'} if (($FORM{'x_City'} eq '') && ($FORM{'x_Ship_To_City'} ne '')); $FORM{'x_Ship_To_State'} = uc($FORM{'x_Ship_To_State'}) if ($FORM{'x_Ship_To_State'} ne ''); $FORM{'x_State'} = $FORM{'x_Ship_To_State'} if (($FORM{'x_State'} eq '') && ($FORM{'x_Ship_To_State'} ne '')); $FORM{'x_Zip'} = $FORM{'x_Ship_To_Zip'} if (($FORM{x_Zip} eq '') && ($FORM{'x_Ship_To_Zip'} ne '')); $FORM{'x_Ship_To_Country'} = "US" if (($FORM{'x_Ship_To_Country'} eq '') && ($FORM{'x_Ship_To_Address'} ne '') && ($FORM{'x_Ship_To_City'} ne '') && ($FORM{'x_Ship_To_State'} ne '') && ($FORM{'x_Ship_To_Zip'} ne '')); $FORM{'x_Country'} = $FORM{'x_Ship_To_Country'} if (($FORM{'x_Country'} eq '') && ($FORM{'x_Ship_To_Country'} ne '')); $FORM{'x_Province'} = $FORM{'x_Ship_To_Province'} if (($FORM{'x_Province'} eq '') && ($FORM{'x_Ship_To_Province'} ne '')); $FORM{'x_Phone'} = $FORM{'x_Ship_To_Phone'} if (($FORM{'x_Phone'} eq '') && ($FORM{'x_Ship_To_Phone'} ne '')); $FORM{'x_Email'} = $FORM{'x_Ship_To_Email'} if (($FORM{'x_Email'} eq '') && ($FORM{'x_Ship_To_Email'} ne '')); } # check input if ($FORM{'x_Ship_To_FirstName'} eq "") { $Blank = "First Name"; } if ($FORM{'x_Ship_To_LastName'} eq "") { $Blank = "Last Name"; } if ($FORM{'x_Ship_To_Address'} eq "") { $Blank = "Street Address"; } if ($FORM{'x_Ship_To_City'} eq "") { $Blank = "City"; } if ($FORM{'x_Ship_To_State'} eq "") { if ($FORM{'x_Ship_To_Province'} eq "") { $Blank = "State or Provience"; } } if ($FORM{'x_Ship_To_Zip'} eq "") { $Blank = "Zip code"; } if ($FORM{'x_Ship_To_Country'} eq "") { $Blank = "Country"; } if ($FORM{'x_Ship_To_Email'} !~ /.+\@.+\..+/) { $Blank = "Valid Email Address"; } # if ($FORM{'x_Ship_To_Phone'} eq "") { $Blank = "Phone Number"; } #for (keys %FORM) #{ if ($_ =~ /^x_/) {print qq~\n~} } if ($Blank ne '') { $ErrorMessage = qq~Please Go Back and enter your $Blank.~; &PrintError; exit; } if ($FORM{'x_Ship_To_Country'} =~ /^US$/) {$TShip = $FORM{'shipcostD'}} else {$TShip = $FORM{'shipcostG'}} # store what we got so far, if haven't already if ($FORM{'cid'} > 0) {$cid = $FORM{'cid'};} else { ($FORM{'wmid'}, $trash) = split(/_/, $CartID); $sql_st = qq~ INSERT INTO customers (WMID, FirstName, LastName, Email, Phone, Address, Address2, City, State, Zip, Country, ShipFirstName, ShipLastName, ShipEmail, ShipPhone, ShipAddress, ShipAddress2, ShipCity, ShipState, ShipZip, ShipCountry, IP) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?) ~; $sth = $dbh->prepare($sql_st); $sth->execute($FORM{'wmid'}, $FORM{'x_FirstName'}, $FORM{'x_LastName'}, $FORM{'x_Email'}, $FORM{'x_Phone'} || $FORM{'x_Ship_To_Phone'}, $FORM{'x_Address'}, $FORM{'x_Address2'}, $FORM{'x_City'}, $FORM{'x_State'}, $FORM{'x_Zip'}, $FORM{'x_Country'}, $FORM{'x_Ship_To_FirstName'}, $FORM{'x_Ship_To_LastName'}, $FORM{'x_Ship_To_Email'}, $FORM{'x_Ship_To_Phone'} || $FORM{'x_Phone'}, $FORM{'x_Ship_To_Address'}, $FORM{'x_Ship_To_Address2'} || '-', $FORM{'x_Ship_To_City'}, $FORM{'x_Ship_To_State'}, $FORM{'x_Ship_To_Zip'}, $FORM{'x_Ship_To_Country'}, $ENV{'REMOTE_ADDR'}) or die "can't execute the query: " . $sth->errstr; $sth->finish; $cid = $dbh->last_insert_id(undef, undef, 'customers', 'ID'); if (($cid eq "") || ($cid < 1000)) { $sql_st = "SELECT MAX(ID) FROM customers WHERE IP=? AND WMID=?"; $sth = $dbh->prepare($sql_st); $sth->execute($ENV{'REMOTE_ADDR'}, $FORM{'wmid'}); $cid = $sth->fetchrow_array; $sth->finish; } } $Back = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?Dept=$FORM{Dept}&CartID=$CartID&NoPop=$FORM{NoPop}"; # for (keys %FORM) # { if ($_ =~ /^x_/) {print qq~\n~} } ##-why-is-this-here?-## print "\n\n"; print qq~

Shipping Information Payment Information

Ship From: $ENV{HTTP_HOST}

Ship To:
$FORM{'x_Ship_To_FirstName'} $FORM{'x_Ship_To_LastName'}
$FORM{'x_Ship_To_Address'}
$FORM{'x_Ship_To_Address2'}
$FORM{'x_Ship_To_City'}, $FORM{'x_Ship_To_State'} $FORM{'x_Ship_To_Zip'}
$FORM{'x_Ship_To_Country'}
$FORM{x_Ship_To_Email}
$FORM{x_Ship_To_Phone}
~; my $cartShip = 0; if(-e "$CartDir/$CartID.txt") { print qq~~; $Count = 1; open(TEMP, "$CartDir/$CartID.txt"); @ROWS = ; close(TEMP); foreach $row (@ROWS) { ($Item,$Name,$Desc,$Price,$ShipD,$ShipG,$Qty) = split(/\|/,$row); # if ($Ship ne "") { $SShip += ($Ship * $Qty); } # if ($Weight ne "") { $Tweight += ($Weight * $Qty); } $ITotal = ($Price * $Qty); $SubTotal += ($Price * $Qty); $PTotal = sprintf "%.2f",$ITotal; $Number = "X-$Count"; if($Price ne "") { print qq~ ~; $OrderString .= "$Item\~$Name\~$Price\~$Qty\~N\~\;"; $OrderDesc .= "$Qty $Item $Name\, "; $Count++; $AlreadyOrdered{$Item} = "1"; } $cartShip += ($FORM{x_Ship_To_Country} =~ /^US$/) ? $ShipD : $ShipG; } print qq~
$Qty #$Item $Name \$$PTotal
~; } $TShip = $cartShip if ($TShip == 0 && $cartShip gt 0); if ($FORM{x_Ship_To_State} =~ /^CA$/) {$STax = (.0925 * $SubTotal);} else {$Stax = 0;} $Total = ($SubTotal + $TShip + $STax); $TTotal = sprintf "%.2f",$Total; $STotal = sprintf "%.2f",$SubTotal; $SSTax = sprintf "%.2f",$STax; $TTShip = sprintf "%.2f",$TShip; my $xsell_displayed = 0; # crosssells? if (!($SubTotal) && !($allow_xsell_on_free)) { @ROWS = (); } else { @ROWS = &ItemList("$website","99"); # dept 99 Crosssells ##CJL } foreach $row (@ROWS) ##CJL { ##CJL ($trash,$Item,$Name,$Desc,$trash,$Price,$ShipD,$ShipG,$Url) = split(/\|/,$row); ##$sql_st = "SELECT products FROM crosssells WHERE website='$website' AND step='2'"; ##$sth = $dbh->prepare($sql_st); ##$sth->execute(); ##while ($pid = $sth->fetchrow_array) ##{ undef ($width); undef ($height); ##next if ($AlreadyOrdered{$pid}); next if ($AlreadyOrdered{$Item}); ##$sql_st2 = "SELECT name, description, price FROM products WHERE pid='$pid'"; ##$sth2 = $dbh->prepare($sql_st2); ##$sth2->execute(); ##($name, $description, $price) = $sth2->fetchrow_array; ##$sth2->finish; ##$link = qq~$CartAction?CartID=$CartID&NoPop=$FORM{NoPop}&Dept=$FORM{Dept}&cid=$FORM{cid}&IO=$pid&OR=1~; $link = qq~$CartAction?CartID=$CartID&NoPop=$FORM{NoPop}&Dept=$FORM{Dept}&cid=$FORM{cid}&IO=$Item&OR=1~; if (-e "$ImagePath/xsell_$Item.gif") { ($width, $height) = &GifSize("$ImagePath/xsell_$Item.gif"); } unless($top_printed2) { $top_printed2 = 1; print qq~
~; } print qq~
$Name
$Desc		 Price:\$$Price
~; $xsell_displayed++; } ##$sth->finish; # if all cross-sells have been added, tables are misformated. # this insures theres an empty table where cross-sells would have been unless ($xsell_displayed) { print qq~
 
~; } print qq~
Sub Total:\$$STotal
Shipping:\$$TTShip
Tax:\$$SSTax
Total Order:\$$TTotal
~; print qq~\n~; if (($FORM{'x_Ship_To_Address2'} eq '') && ($FORM{'Xsold'} ne 2)) {print qq~ ~;} elsif ($FORM{'Xsold'} eq 2) {print qq~ ~;} print qq~ ~; if (!($SubTotal) && !($allow_foreign_on_free)) { print qq~ ~; print qq~
Email:
First Name:
Last Name:
Address1:
Address2:
Address2:
City:
State:
Zip Code:
Country:
Phone: \(xxx-xxx-xxxx\)
\n~; if ($FORM{'x_Ship_To_Email'} =~ /$Processor_TestEmail$/) { print qq~ \n~; print qq~ \n~; print qq~ \n~; print qq~ \n~; } else { $checkout = $PROC.$checkout_tag; print qq~ \n~; } print qq~

Payment By:
Credit Card:
Credit Card:
Credit Card:
Credit Card:
Credit Card:


~; #open(TQUE,">>paytemp.txt"); #print TQUE qq~$InvID|$CartID|$FORM{'x_Ship_To_FirstName'}|$FORM{'x_Ship_To_LastName'}|$FORM{'x_Ship_To_Address'}|$FORM{'x_Ship_To_City'}|$FORM{'x_Ship_To_State'}|$FORM{'x_Ship_To_Zip'}|~; #print TQUE qq~$FORM{'x_Ship_To_Country'}|$FORM{'x_Ship_To_Country'}|$FORM{'x_Ship_To_Email'}|$FORM{'x_Ship_To_Phone'}|$FORM{'x_Ship_To_FirstName'}|$FORM{'x_Ship_To_LastName'}|$FORM{'x_Ship_To_Address'}|$FORM{'x_Ship_To_City'}|$FORM{'x_Ship_To_State'}|$FORM{'x_Ship_To_Zip'}|~; #print TQUE qq~$TTShip|$ShipType|$TTax|$TTotal|$OrderDesc|$OrderString|\n~; #close(TQUE); &PrintFoot(pay_page) if ($website ne ''); exit; } ##### sub ResetCartShip { if (-e "$CartDir/$CartID.txt") { unlink ("$CartDir/$CartID.txt"); } } sub ResetCart { &PrintHead(ship_page) if ($website ne ''); if (-e "$CartDir/$CartID.txt") { unlink ("$CartDir/$CartID.txt"); } # was it getting anything useful from setup.txt except $Back, which i have replaced? #open(INFO,"setup.txt"); #while () # { # $Line = $_; # chop($Line); # ($MID,$Us,$Pa,$Comp,$CAddr,$Cit,$Sta,$Zp,$Tax,$Em,$Site,$Home,$Back,$PHead,$PFoot) = split(/\|/,$Line); # } #close(INFO); $Back = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?Dept=$FORM{Dept}&CartID=$CartID"; print qq~

Your Cart Is Now Empty

Continue Shopping

~; &PrintFoot(ship_page) if ($website ne ''); } ##### sub PrintError { print qq~

$ErrorMessage

~; &PrintFoot if ($website ne ''); } ##### sub DeptList { my $dept; my @LINES; unless ($dbh) { $dbh = &OpenSQL(purecart); } my $sql_st = "SELECT DISTINCT(number), dept FROM departments WHERE website='$website' ORDER BY dept"; my $sth = $dbh->prepare($sql_st); $sth->execute() or die "can't execute the query: " . $sth->errstr; while (my ($number, $dept) = $sth->fetchrow_array) {push (@LINES, "$number|$dept");} $sth->finish; return @LINES; } ##### ##### sub PrintSearch { &PrintHead if ($website ne ''); print qq~
~; $Count = 1; $IItems = "0"; open(DATA,$DataBase); @ROWS = ; close(DATA); foreach $row (@ROWS) { ($Dept,$Item,$Name,$Desc,$Opt1,$Opt2,$Opt3,$Weight,$Price,$Ship,$Url,$Image,$Tax,$Invt) = split(/\|/,$row); $SLine = $row; $TName = $Name; $TDesc = $Desc; $SLine =~ tr/a-z/A-Z/; $InKey = "$KeyWord"; $InKey =~ tr/a-z/A-Z/; if ($SLine =~ /$InKey/) { $IItems++; print qq~ ~; $Count++; } } print "
Browse:
Search:

$Name
$Item - $Desc


"; if($IItems eq "0") { &NoMatch; } &PrintFoot if ($website ne ''); } ##### sub NoMatch { print "

\n"; print "Sorry, no match was found for $KeyWord
Please try another keyword, part of a keyword or item number.





"; &PrintFoot if ($website ne ''); exit; }