#!/usr/bin/perl ########################################################################### # S-Mart Shopping Cart Script v1.9.5 my $version = '1.9.5'; # Shop smart. Shop S-Mart. # Written by Barry Robison. (brobison@rcinet.com) # This script uses code written by Matt Wright. # Please visit his site at http://worldwidemart.com # This script is mailware. Please e-mail me if you use it. # # Selling the code for this program without prior written consent is # expressly forbidden. In other words, please ask first before you try and # make money off of my program. # # Obtain permission before redistributing this software over the Internet or # in any other medium. In all cases copyright and header must remain intact. ########################################################################### # Custimization portion - All Options are set in smart.cfg !! ########################################################################### # Measure CPU time usage; my $start = (times)[0]; # Unbuffer the output; $| = 1; # Read in user prefs require 'config.cfg'; ########################################################################### # Done. Make no changes below this line, unless you know what you are doing. ########################################################################### use vars qw($conver $debug $tmpdir $storename %shipping2 %shipping3 $trackurl $useverify $usertime $orderdir $usercurr $trackdb $numtolist); my($incoming, @pairs, %FORM); $incoming = $ENV{'QUERY_STRING'}; #$incoming = $ENV{'PATH_INFO'}; @pairs = split(/&/, $incoming); #@pairs = split(/\//, $incoming); foreach (@pairs) { my($name, $value) = split(/=/, $_); # my($name, $value) = split(/\./, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; } # Debug stuff # Print version number if ($FORM{'command'} eq 'debug' && $debug == 1) { print "Content-type: text/plain\n\n"; print "S-Mart Shopping Cart v$version.\nConfig file $conver.\n"; my $path = `pwd`; print "Path: $path\n"; my $perl = `which perl`; print "Perl: $perl\n"; my $sendmail = `which sendmail`; print "Sendmail: $sendmail\n"; my $dir = `ls -al`; print "Dir: $dir\n"; exit; } if ($ARGV[0] eq '-v') { print "S-Mart Shopping Cart v$version.\nConfig file $conver.\n"; exit; } # Get command variables my $command = $FORM{'command'}; my $pos = $FORM{'pos'}; my $type = $FORM{'type'}; # Parse form input &parse_form; # Get the date &get_date; &get_host; # See if they have a cart already, if not, make one &check_file; # See what they want to do. # Add an item to the cart. if ($command eq 'add') { &add_item; } # Change a quantity of an item in the cart, if at zero, delete it elsif ($command eq 'change') { &change_items; } # Show the order form. Get their name, phone number, CC info, etc.. elsif ($command eq 'buy1') { &buy_items1; } # Process the order form info, mail out receipt, and order elsif ($command eq 'buy2') { &buy_items2; } # Show current cart elsif ($command eq 'review') { &review_items; } # List items, based on database call elsif ($command eq 'listitems') { &gen_page; } # Show a databae frontend. elsif ($command eq 'showstore') { &show_store; } # Delete a whole cart elsif ($command eq 'delete') { &delete_cart; } elsif ($command eq 'deleteitem') { &delete_item; } else { &show_store; } # Subroutines: # Generate page, based on database search sub gen_page { my($SIZE,$i); &print_header; # Table header, change this for table options! print "\n"; print "

\n"; open (FILE,"$basepath$delim$resourcedb") || die "Content-type: text/html\n\nCan't Open $resourcedb(r): $!\n"; my(@LINES)=; close(FILE); $SIZE=@LINES; if ($type eq 'all') { my($max) = $pos + $numtolist; if ($max > $SIZE) { $max = $SIZE; } for ($i=$pos;$i<$max;$i++) { my(%ITEM); ($ITEM{'itemid'}, $ITEM{'name'}, $ITEM{'price'}, $ITEM{'descrip'}, $ITEM{'quantity'}, $ITEM{'image'}, $ITEM{'weight'}, $ITEM{'itemurl'}, $ITEM{'group'}) = split(/\|/,$LINES[$i]); &print_item(\%ITEM); } print "

\n"; if ($max < $SIZE) { print "Next $numtolist items\n"; } } elsif ($type eq 'search') { my($matches) = 0; my($i) = $pos; while (($matches < $numtolist) && ($i < $SIZE)) { if (index(lc $LINES[$i],lc $FORM{'search'}) >= 0) { $matches++; my(%ITEM); ($ITEM{'itemid'}, $ITEM{'name'}, $ITEM{'price'}, $ITEM{'descrip'}, $ITEM{'quantity'}, $ITEM{'image'}, $ITEM{'weight'}, $ITEM{'itemurl'}, $ITEM{'group'}) = split(/\|/,$LINES[$i]); &print_item(\%ITEM); } $i++; } print "\n"; if ($i < $SIZE) { print "

\n"; print "\n"; print "\n"; print "\n"; } } elsif ($type eq 'group') { my($matches) = 0; my($i) = $pos; while (($matches < $numtolist) && ($i < $SIZE)) { $_=$LINES[$i]; my(%ITEM); ($ITEM{'itemid'}, $ITEM{'name'}, $ITEM{'price'}, $ITEM{'descrip'}, $ITEM{'quantity'}, $ITEM{'image'}, $ITEM{'weight'}, $ITEM{'itemurl'}, $ITEM{'group'}) = split(/\|/,$_); my(@groups) = split(/,/,$ITEM{'group'}); my(%is_group); undef %is_group; for (@groups) { $is_group{$_} = 1 } if ($is_group{$FORM{'group'}}) { $matches++; &print_item(\%ITEM); } $i++; } print "\n"; if ($i < $SIZE) { print "Continue Search\n"; } } &print_footer; # This is where you want to customize your generated pages!! # Basically the top part will write out the header, then the table header # Change the table header for options like spacing, borders, etc... sub print_item { local(*ITEM) = shift; print "

\n"; # Hide the weight for later use print "\n"; print "\n"; print "\n"; # For showing product images if ($ITEM{'image'}) { print "\n"; } else { print "\n"; } #if ($ITEM{'image'}) { # print "\n"; # } # else { # print "\n"; # } # If the item has a URL, make it a link print "\n"; if ($ITEM{'itemurl'}) { print "\n"; } else { print "\n"; } #if ($ITEM{'itemurl'}) { # print "\n"; # } # else { # print "\n"; # } print "\n"; # Print other info #Description print "\n"; #print "\n"; print "\n"; #Available print "\n"; print "\n"; #Price print "\n"; #print "\n"; print "\n"; #Add button print "

		Product:	$ITEM{'name'}	$ITEM{'name'}	$ITEM{'name'}	$ITEM{'name'}
		Description	$ITEM{'descrip'}
$ITEM{'descrip'}
Number Available	$ITEM{'quantity'}
Price	\Ł $ITEM{'price'}	Number Available: $ITEM{'quantity'} Price: \Ł $ITEM{'price'}

\n"; } ## END print_item print "\n"; } ## END gen_page # Show front end of database store. sub show_store { &print_header; #print "\n"; print "

Stretch your IT Budget further by buying 2nd user Hardware!
We have an active database of over 1000 traders worldwide. This enables us to buy at the best possible prices regardless of market conditions. We source form Brokers, Dealers and Buy Back contracts with companies across Europe and America. We deal with branded manufacturers products, our regular clients believe 2nd user does not mean second best but does give excellent value for money.

\n"; #\n"; print "Save money on 2nd user IT equipment

\n\n"; print "If you would like a quotation for any 2nd user or refurbished I.T. equipment please email us your requirements on the form below. You will be pleasantly surprised at the savings you can make.............stretching your IT budget even further!

\n"; #print "List all items in stock
\n #
\n # # # # #
Search for a particular item(s): #
#
\n"; #print " # #\n
List all: #
#
\n"; #print "
\n
"; if ($usetrack eq 1) { print "
Track an Order
\n"; } #print "\n"; &print_footer; } ## END show_store # Print the HTML header sub print_header { print "Content-type: text/html\n\n"; open (HEADER,"$basepath$delim$header") || print "Could not open $basepath$delim$header $! \n"; while (

) { print $_; } close(HEADER); } ## END print_header; #Print the HTML footer sub print_footer { open (FOOTER,"$basepath$delim$footer") || print "Could not open $basepath$delim$footer $! \n"; while (

) { print $_; } close(FOOTER); $end = (times)[0]; #print "

"; } ## END print_footer # List items in cart. sub list_items { my($totalprice,$totalquant,$totalweight) = 0; open (REFFILE,"$reffile") || die "Content-type: text/html\n\nCan't Open $reffile(r): $!\n"; my(@LINES)=; close(REFFILE); $SIZE=@LINES; print "\n"; print "\n"; if ($useimage eq '1') { print ""; } if ($useid eq '1') { print ""; } print ""; for ($i=1;$i<$SIZE;$i++) { $_=$LINES[$i]; ($itemname, $itemprice, $itemquant, $weight, $itemid) = split(/\|/,$_); $tmpprice = ($itemprice*$itemquant); $tmpprice = round($tmpprice); $tmpprice = pad($tmpprice); $totalprice += $tmpprice; $totalquant += $itemquant; $totalweight += ($weight*$itemquant); print ""; if ($useimage eq '1') { if ($image) { print "\n"; } else { print ""; } } if ($useid eq '1') { print "\n"; } print "\n"; } $totalprice = round($totalprice); $totalprice = pad($totalprice); print ""; print "\n"; if ($multicurr eq 1) { print ""; my($path) = $basepath . $delim . $currdb; open (CURRDB, "$path"); my(@CURR) = ; close(CURRDB); print "\n"; $totalprice *= $usercurr; $totalprice = int($totalprice * (10 ** 2) + .5) / (10 ** 2); if (index($totalprice,".") >= 0) { my($left,$right) = split(/\./,$totalprice); if (length($right) == 0) { $totalprice = $totalprice . "00"; } elsif (length($right) == 1) { $totalprice = $totalprice . "0"; } } else { $totalprice = $totalprice . ".00"; } print "\n"; } print "
Item ID Item Name Price Quantity
$itemid $itemname \Ł $itemprice \Ł $tmpprice
Total price: \Ł $totalprice
Total price in
selected currency: \Ł $totalprice

\n"; } # Review all items in cart. Can modify quantities. sub review_items { &print_header; &list_items; print "

\n"; print "\n"; &print_footer; } # Add a item to the cart, show review page, unless they included a redirect variable. sub add_item { open (REFFILE,">>$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; print REFFILE join "\|", $FORM{'itemname'},$FORM{'itemprice'},$FORM{'itemquant'},$FORM{'weight'},$FORM{'itemid'},"\|\n"; close(REFFILE); if ($useredirect eq '1') { print "Content-type: text/html\n\n Item added.
If you browser does not support Javascript, please press BACK now.\n"; } elsif ($FORM{'redirect'}) { print "Location: $FORM{'redirect'} \n\n"; } else { &review_items; } } # Change quanities of items, delete zero quantity items. sub change_items { open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; my(@LINES)=; close(REFFILE); $SIZE=@LINES; open (REFFILE,">$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|$FORM{'curropt'}\|$FORM{'shipopt'}\|$FORM{'taxopt'}\|\n"; for ($i=1;$i<$SIZE;$i++) { local($itemq) = "item$i"; $_=$LINES[$i]; my($itemname, $itemprice, $itemquant, $weight, $itemid) = split(/\|/,$_); if ($FORM{$itemq} > 0) { print REFFILE join "\|", $itemname,$itemprice,$FORM{$itemq},$weight,$itemid,"\|\n"; } } close(REFFILE); print "Location: $cgiurl\?command=review\n\n"; } # Show the order form sub buy_items1 { &print_header; &list_items; open (ORDER,"$basepath$delim$order") || print "Could not open $basepath$delim$order $! \n"; while () { print $_; } close(ORDER); &print_footer; } # Process the order form sub buy_items2 { &check_required; &print_header; if ($useverify eq '1' && ($cardtype eq 'visa' || $cardtype eq 'mastercard' || $cardtype eq 'novus' || $cardtype eq 'amex')) { &CC_Verify; } if ($usetrack eq 1) { &track_order; } &send_order; &send_verify; print "You have successfully enquired about the following:

\n"; &list_items; print "

\n"; if ($usetrack eq 1) { my($sys) = "mv $reffile $basepath/$orderdir/$storename-$orderid"; system($sys); print "$trackurlTrack your order
"; } unlink($reffile); &print_footer; } # parse form input sub parse_form { my(@pairs); if ($ENV{'REQUEST_METHOD'} eq 'POST') { # Get the input read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); # Split the name-value pairs @pairs = split(/&/, $buffer); } foreach $pair (@pairs) { my($name, $value) = split(/=/, $pair); $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # If they try to include server side includes, erase them, so they # arent a security risk if the html gets returned. Another # security hole plugged up. $value =~ s///g; # Create two associative arrays here. One is a configuration array # which includes all fields that this form recognizes. The other # is for fields which the form does not recognize and will report # back to the user in the html return page and the e-mail message. # Also determine required fields. if ($name eq 'bgcolor' || $name eq 'background' || $name eq 'link_color' || $name eq 'vlink_color' || $name eq 'text_color' || $name eq 'alink_color' || $name eq 'title' || $name eq 'sort' || $name eq 'print_config' || $name eq 'return_link_title' || $name eq 'return_link_url' && ($value)) { $CONFIG{$name} = $value; } elsif ($name eq 'required') { @required = split(/,/,$value); } elsif ($name eq 'exclude') { @exclude = split(/,/,$value); } else { if ($FORM{$name} && ($value)) { $FORM{$name} = "$FORM{$name}, $value"; } elsif ($value) { $FORM{$name} = $value; } } } } # Send the order sub send_order { open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; my(@LINES)=; close(REFFILE); $SIZE=@LINES; my($totalquant,$totalprice,$totalweight) = 0; # Open The Mail Program #open(MAIL,"|$mailprog -t"); # print MAIL "To: $FORM{'recipient'}\n"; # print MAIL "From: $FORM{'email'} ($FORM{'realname'})\n"; # print MAIL "Subject: $FORM{'subject'}"; # if ($usetrack eq 1) { print MAIL "\#$orderid"; } # print MAIL "\n\n"; # print MAIL "Below is the result of the purchase form. It was "; # print MAIL "submitted by $FORM{'realname'} ($FORM{'email'}) on "; # print MAIL "$date\n"; # print MAIL "----------------------------------------------------------------\n"; # print MAIL "Buyer info:\n"; # print MAIL "Remote Host: $userhost\n"; # print MAIL "Buyer Agent: $useragent\n"; # print MAIL "\n\n"; # print MAIL "The enquiry is:\n\n"; #print MAIL sprintf "%-28.28s", "Item Name"; #print MAIL sprintf "%14.14s", "Item Price"; #print MAIL sprintf "%10.10s", "Quantity"; #print MAIL sprintf "%18.18s", "Item Total"; #print MAIL "\n"; #print MAIL "----------------------------------------------------------------------\n"; #for ($i=1;$i<$SIZE;$i++) { # $_=$LINES[$i]; # ($itemname, $itemprice, $itemquant, $weight, $itemid) = split(/\|/,$_); # $tmpprice = $itemprice*$itemquant; # $tmpprice = round($tmpprice); # $totalprice += $tmpprice; # $totalquant += $itemquant; # $totalweight += ($weight*$itemquant); # print MAIL sprintf "%-6.6s", $itemid; # print MAIL sprintf "%-18.18s", $itemname; # print MAIL sprintf "%13.13s", "\Ł$itemprice"; # print MAIL sprintf "%10.10s", $itemquant; # print MAIL sprintf "%18.18s", "\Ł$tmpprice"; # print MAIL "\n"; # } # #print MAIL "----------------------------------------------------------------------\n"; #print MAIL "Total Price:"; $totalprice = pad($totalprice); #print MAIL sprintf "%57.57s", "\Ł$totalprice\n"; if ($shipping eq '0') { # Print Nothing } elsif ($shipping eq '1') { my($low,@prices,$price); @prices = sort number keys %shipping; $low = $prices[0]; foreach $price (@prices) { if ($price > $low && $price <= $totalquant) {$low = $price}; } $shipamt = $shipping{$low}; $totalprice += $shipamt; } elsif ($shipping eq '2') { $totalprice += $shipamt; } elsif ($shipping eq '3') { my($low,@weights,$weight); @weights = sort number keys %shipping; $low = $weights[0]; foreach $weight (@weights) { if ($weight > $low && $weight <= $totalweight) {$low = $weight}; } $shipamt = $shipping{$low}; $totalprice += $shipamt; } elsif ($shipping eq '4') { my($low,@prices); @prices = sort number keys %shipping; $low = $prices[0]; foreach $price (@prices) { if ($price > $low && $price <= $totalprice) {$low = $price}; } $shipamt = $shipping{$low}; $totalprice += $shipamt; } if ($multiship eq 1) { my($path) = $basepath . $delim . $shipdb; open (SHIPDB, "$path"); my(@SHIP) = ; close(SHIPDB); print ""; foreach $ship (@SHIP) { my(@ships)=split(/\|/,$ship); if ($usership eq $ships[0]) { $shipamt += $ships[2]; $totalprice += $ships[2]; } } } $shipamt = round($shipamt); $shipamt = pad($shipamt); ### Taxes if ($tax eq '0') { # Do nothing } ## For tax by state elsif ($tax eq '1') { if (defined $taxes{$FORM{'state'}}) { $taxamt = $taxes{$FORM{'state'}}; } $taxtotal = $totalprice * $taxamt; $taxtotal = int($taxtotal * (10 ** 2) + .5) / (10 ** 2); $totalprice = $totalprice + $taxtotal; } ## Always tax elsif ($tax eq '2') { $taxtotal = $totalprice * $taxamt; $taxtotal = int($taxtotal * (10 ** 2) + .5) / (10 ** 2); $totalprice = $totalprice + $taxtotal; } ## Format and print the tax $taxtotal = round($taxtotal); $taxtotal = pad($taxtotal); ## Format and print the totalprice $totalprice = round($totalprice); $totalprice = pad($totalprice); ## Print all the variables on the order form undef %is_exclude; for (@exclude) { $is_exclude{$_} = 1 } if ($CONFIG{'sort'} eq 'alphabetic') { foreach $key (sort keys %FORM) { # Print the name and value pairs in FORM array to mail. # print MAIL "$key: $FORM{$key}\n\n" unless $is_exclude{$key}; } } elsif ($CONFIG{'sort'} =~ /^order:.*,.*/) { $CONFIG{'sort'} =~ s/order://; @sorted_fields = split(/,/, $CONFIG{'sort'}); foreach $sorted_field (@sorted_fields) { # Print the name and value pairs in FORM array to mail. if ($FORM{$sorted_field}) { # print MAIL "$sorted_field: $FORM{$sorted_field}\n\n" unless $is_exclude{$sorted_field}; } } } else { foreach $key (keys %FORM) { # Print the name and value pairs in FORM array to html. #print MAIL "$key: $FORM{$key}\n\n" unless $is_exclude{$key}; } } $totalprice = 0; #print MAIL "\n\nIf this appears incorrect please contact us ASAP.\n\n"; #close (MAIL); } # Get the hostname, for file reference sub get_host { $host = $ENV{'REMOTE_HOST'}; $reffile = "$tmpdir$delim$storename-$host"; } sub check_file { $exists = '1' if -e "$reffile"; if ($exists eq '1') { &parse_file; } else { &make_file; } } # Parse the cart sub parse_file { open (REFFILE,"$reffile") || die "Can't Open $reffile(r): $!\n"; @LINES=; close(REFFILE); $SIZE=@LINES; $_=$LINES[0]; ($usertime, $userhost, $useragent, $usercurr, $usership, $usertax) = split(/\|/,$_); } # If they don't have a cart, make them one. sub make_file { open(REFFILE,">$reffile"); print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|"; if ($multicurr == 1) { print REFFILE "NULL\|"; } else { print REFFILE "1\|"; } if ($multiship == 1) { open (SHIPDB, "$basepath$delim$shipdb"); my(@SHIP) = ; close(SHIPDB); my(@ships)=split(/\|/,$SHIP[0]); print REFFILE "$ships[0]\|\n"; } else { print REFFILE "\|\n" } close(REFFILE); } #Delete a cart sub delete_cart { unlink($reffile); } # Delete an item from the cart sub delete_item { open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; @LINES=; close(REFFILE); $SIZE=@LINES; open (REFFILE,">$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n"; print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|\n"; for ($i=1;$i<$SIZE;$i++) { $_=$LINES[$i]; my($itemname, $itemprice, $itemquant, $weight, $itemid) = split(/\|/,$_); unless ($FORM{$itemid} eq $itemid) { print REFFILE $_; } } close(REFFILE); &review_items; } # Get the date. sub get_date { @days = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday'); @months = ('January','February','March','April','May','June','July', 'August','September','October','November','December'); ($sec,$min,$hour,$mday,$mon,$year,$wday) = localtime(time); if ($hour < 10) { $hour = "0$hour"; } if ($min < 10) { $min = "0$min"; } if ($sec < 10) { $sec = "0$sec"; } $date = "$days[$wday], $months[$mon] $mday, 19$year at $hour\:$min\:$sec"; } # Did they fill out all necasary info? sub check_required { foreach $require (@required) { if ($require eq 'bgcolor' || $require eq 'background' || $require eq 'link_color' || $require eq 'vlink_color' || $require eq 'alink_color' || $require eq 'text_color' || $require eq 'sort' || $require eq 'title' || $require eq 'print_config' || $require eq 'return_link_title' || $require eq 'return_link_url') { if (!($CONFIG{$require}) || $CONFIG{$require} eq ' ') { push(@ERROR,$require); } } elsif (!($FORM{$require}) || $FORM{$require} eq ' ') { push(@ERROR,$require); } } if (@ERROR) { &error('missing_fields', @ERROR); } } # Warning Warning. sub error { &print_header; ($error,@error_fields) = @_; if ($error eq 'missing_fields') { print "

Error: Blank Fields

\n\n"; print "The following fields were left blank in your submission form:

\n"; # Print Out Missing Fields in a List. print "

$missing_field\n"; } print "

\n"; # Provide Explanation for Error and Offer Link Back to Form. print "

\n"; print "These fields must be filled out before you can successfully submit\n"; print "the form. Please return to the Fill Out Form and try again.\n"; } elsif ($error eq 'noship') { print "

Error: Shipping not Set!

Please go back and calcualte shipping!\n"; } &print_footer; exit; } sub track_order { ## First make a tracking id. A combo of the current time, and the PID. $orderid = time() . "-" . $$; # Write the order to the tracking DB. open (TRACK, ">>$trackdb"); print TRACK $orderid . "\|"; foreach $key (%FORM) { print TRACK "$key\=$FORM{$key}\&"; } print TRACK "\|pending\|NONE\|\n"; close(TRACK); } sub number { $a <=> $b } sub round { my $number = shift; $number = int($number * (10 ** 2) + .5) / (10 ** 2); return $number; } sub pad { my $number = shift; if (index($number,".") >= 0) { my($left,$right) = split(/\./,$number); if (length($right) == 0) { $number = $number . "00"; } elsif (length($right) == 1) { $number = $number . "0"; } } else { $number = $number . ".00"; } return $number; } # END smart.cgi