#!/usr/local/bin/perl5.003

## Set the line at top to the location of Perl 5.003 or later
## on your system
##
## Storesoft v1.1.3
## Copyright @1997 Richards Consulting
##
## Perl Program for selling commercial products over the Internet
## with a simple text products database
## Requires PERL v5.003 or later
##
## This is an unregistered copy of Storesoft v.1.1.3
## For a registered version, with clean program code,
## and the right to make program modifications,
## See www.storesoft.com for details.
##
## YOU MUST AGREE TO THE TERMS AND CONDITIONS OF THE LICENSE
## ACCOMPANYING THIS SOFTWARE. IF YOU DO NOT HAVE A LICENSE
## READ THE LICENSE AVAILABLE AT WWW.STORESOFT.COM BEFORE
## USING THIS SOFTWARE.
##
## BY USING THIS SOFTWARE, YOU ACKNOWLEDGE THAT YOU HAVE
## READ AND AGREE TO THE TERMS OF THE LICENSE.
##

require "ss.cfg";	

## If you change the names of ss and ss.cfg, coordinate
## changes with the require line above.


if ($secure_server == 0) {$protocol="http";} elsif ($secure_server == 1) {$protocol="https";} else {$protocol="http";}&read_db;&parse_url;$store_locale="$protocol:\/\/$server_name$cgi_path?ac=st&ai=";if ((!$query_string) || ($FORM_DATA{ac} eq "")) {&print_header_2(cache);&tabletop;print "<FONT SIZE=+2 COLOR=$font_color>";print "Storesoft Administrator Page";print "</FONT>";print "<BR>";print "For managing your products database";print "<P>";print "<FONT SIZE=+1>";print "Your store is located at: <A HREF=\"$store_locale\">$store_locale</A>";print "</FONT>";print "<P>";$locale="$protocol:\/\/$server_name$cgi_path?ac=create";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<B><INPUT TYPE=SUBMIT VALUE=\"Create\">";print " Your Own Products Database</B>";print "<BR>";print "<LI> For one-step creation of your database.";print "<BR>";print "<LI> Import your data in the appropriate format from your existing database or spreadsheet.";print "<BR>";print "<LI> Recommended for advanced users or system administrators.";print "<BR>";print "<LI> Make sure your data file exists and has correct permissions for writing.";print "<BR>";print "<LI> Storesoft's config file expects the database location to be <U>$products_database</U> on your server.";print "<P>";print "</FORM>";$locale="$protocol:\/\/$server_name$cgi_path?ac=add";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<B><INPUT TYPE=SUBMIT VALUE=\"Add\">";print " Products To Your Database</B>";print "<BR>";print "<LI> For manual creation of your database one product at a time.";print "<BR>";print "<LI> Recommended for novice computer users or anyone needing to add a few products.";print "<BR>";print "<LI> Make sure your data file exists and has correct permissions for writing.";print "<BR>";print "<LI> Storesoft's config file expects the database location to be <U>$products_database</U> on your server.";print "<P>";print "</FORM>";$locale="$protocol:\/\/$server_name$cgi_path?ac=edit";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<B><INPUT TYPE=SUBMIT VALUE=\"Edit\">";print " Your Products Database</B>";print "<BR>";print "<LI> View your current products database";print "<BR>";print "<LI> Make changes to online product information and prices";print "<BR>";print "<LI> Delete specific products from your database";print "<P>";print "</FORM>";print "<P>";&print_admin_help_link;print "<CENTER>";&tablebottom;&print_common_upper_footer;&print_admin_lower_footer;} elsif ($FORM_DATA{ac} eq "create") {&parse_hidden_2;if ($current_host eq $admin_host) {if ($FORM{ADD} eq "YES") {&print_header_2(nocache);&tabletop;print "</CENTER>";$locale="$protocol:\/\/$server_name$cgi_path?ac=create";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<INPUT TYPE=HIDDEN NAME=ADD VALUE=YES>";if ($FORM{WRITEMODE} eq "APPEND") {open(OUTFILE,">>$products_database");} elsif ($FORM{WRITEMODE} eq "OVERWRITE") {open(OUTFILE,">$products_database");} else {exit(1);}if (print OUTFILE $FORM{database_text}) {		print OUTFILE "\n";				close(OUTFILE);&init_record_array;				&read_db;					&clean_database_check;				&order_and_write_database;			print "<H2>Database Saved!</H2>";print "<BR>";$locale="$protocol:\/\/$server_name$cgi_path?ac=st&ai=";print "<A HREF=\"$locale\">Go Shopping</A> to test your new database";print "<BR>";print "Be sure to press your web browser's reload button to refresh your changes";print "<P>";&print_admin_bottom;} else {&database_write_error;}} else { 	&print_header_2(nocache);&tabletop;print "</CENTER>";$locale="$protocol:\/\/$server_name$cgi_path?ac=create";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<INPUT TYPE=HIDDEN NAME=ADD VALUE=YES>";print "<FONT SIZE=+2 COLOR=$font_color>";print "Create Your Products Database";print "</FONT>";print "<P>";print "You can use this page to create your entire products database in one step. ";print "Such applications as Excel or Access can output your existing data in delimited text form for use with Storesoft. ";print "Simply copy and paste your product data in the following format to the window below. ";print "Your data should have the following format:";print "<P>";print "<B>item_type</B>$delimiter<B>item_image</B>$delimiter<B>item_description</B>$delimiter<B>item_code</B>$delimiter<B>item_price</B>$delimiter<B>item_weight</B><BR>";print "<P>";print "<U>Here is a small section from an example database (with no images):</U><BR>";print "Classical$delimiter$delimiter Mozart, Symphony no. 41 \"Jupiter\" on CD$delimiter mz02$delimiter 16.00$delimiter 0.3<BR>";print "Country$delimiter$delimiter Reba McEntire, \"Read My Mind\" on CD$delimiter rm02$delimiter 15.00$delimiter 0.3<BR>";print "Country$delimiter$delimiter Garth Brooks, \"Greatest Hits\", on CD$delimiter gb02$delimiter 16.00$delimiter 0.3<BR>";print "New_Age$delimiter$delimiter Ray Lynch, \"deep breakfast\" on CD$delimiter rl02$delimiter 13.00$delimiter 0.3<BR>";print "Rock$delimiter$delimiter Boston, \"Greatest Hits\" on cassette tape $delimiter bo02$delimiter 9.00$delimiter 0.3<BR>";print "<P>";print "<TEXTAREA NAME=database_text ROWS=40 COLS=80></TEXTAREA>";print "<P>";print "<SELECT NAME=WRITEMODE>";print "<OPTION VALUE=APPEND>Append - Add these items to your existing database";print "<OPTION VALUE=OVERWRITE>Overwrite - Start again and overwrite the current database";print "</SELECT>";}print "<P>";print "<FONT SIZE=-1>Note: data upload can take a good deal of time.. you need only press \"Do It\" once.</FONT>";print "<P>";print "<INPUT TYPE=SUBMIT VALUE=\"Do It\">";print "</FORM>";&print_admin_bottom;} else {&invalid_admin_client;}} elsif ($FORM_DATA{ac} eq "edit") {&parse_hidden_2;if ($current_host eq $admin_host) {&print_header_2(nocache);&tabletop;print "</CENTER>";print "<P>";print "<FORM METHOD=POST ACTION=\"$locale\">";print "<FONT SIZE=+2 COLOR=$font_color>";print "Modify or delete products for sale";print "</FONT>";print "<P>";$i=0;foreach (@record) {&fields;if ($FORM_DATA{item} eq $item_code) {$this_item = $item_code;$this_key = $i;}$match_flag=0;if ($FORM{item_code} eq $item_code) {$match_flag++ if (($FORM_DATA{item}) && ($FORM_DATA{item} ne $FORM{item_code}));$match_flag++;&multiple_item_codes_error if ($match_flag == 2);}$i++;}if ($FORM{DELETE}) {$record[$this_key] = "";&write_database;print "<B>Product $FORM{item_code} successfully deleted.</B>";print "<P>";} else {	if ($FORM{item_code}) {$n = 0;foreach $one (@fields_order) {$VALUES[$n] = $FORM{$one};$n++;}$record[$this_key] = join ($delimiter, @VALUES);$record[$this_key] =~ s/$/\n/;&order_and_write_database;	&read_db;			print "<B>Product $FORM{item_code} successfully modified.</B>";print "<P>";}}&define_aisles_array;	$_ = $record[$this_key];&fields;&show_selectable_product_fields;print "<INPUT TYPE=CHECKBOX NAME=DELETE> Delete this product";print "<P>";print "<INPUT TYPE=SUBMIT VALUE=\"Do It\">";print "</FORM>";print "<FONT SIZE=+2 COLOR=$font_color>";print "Your current product database";print "</FONT>";print "<P>";print "\n\n\n<TABLE BORDER=1>";$td = "</TD><TD>";print "<TR><TD>*";$i=0;print "$td Type $td Image $td Description $td Code $td Price $td Weight </TD></TR>";foreach (@record) {&fields;&edit_URL($locale, "ac\=edit.*", "ac\=edit&item=$item_code");print "<TR><TD><a href=$newlocale>*</a> ";print "$td $item_type $td $item_image $td $item_description $td $item_code $td $item_price $td $item_weight </TD></TR>";$i++;}print "</TABLE>\n\n\n";print "<P>";&print_admin_bottom;} else {&invalid_admin_client;}} elsif ($FORM_DATA{ac} eq "add") {&parse_hidden_2;if ($current_host eq $admin_host) {&print_header_2(nocache);&tabletop;print "</CENTER>";print "<FONT SIZE=+2 COLOR=$font_color>";print "Add products to your database";print "</FONT>";$i=0;$item_code_match_flag = 0;if ($FORM{ADD} eq "YES") {foreach (@record) {			&fields;if ($FORM{item_code} eq $item_code) {&multiple_item_codes_error;}}$n = 0;foreach $one (@fields_order) {$FORM{$one} =~ s/ /_/ if ($one ne "item_description");$VALUES[$n] = $FORM{$one};$n++;}$record[$total_records+1] = join ($delimiter, @VALUES);$record[$total_records+1] =~ s/$/\n/;&order_and_write_database;print "<P>";print "<B>Item $FORM{item_code} was successfully added to database.</B>";print "<BR>";print "Add more items below if needed. For ease of item entry, your keystrokes have been duplicated below. ";print "In many cases you will only have to change the item code, item description, and item price.";print "<P>";}&edit_URL($locale, "ac\=add", "ac\=add");print "<FORM METHOD=POST ACTION=\"$newlocale\">";print "<INPUT TYPE=HIDDEN NAME=ADD VALUE=YES>";			&define_aisles_array;&show_selectable_product_fields;print "<P>";print "<INPUT TYPE=SUBMIT VALUE=\"Do It\">";print "</FORM>";&print_admin_bottom;} else {&invalid_admin_client;}} elsif ($FORM_DATA{ac} eq "st") {&define_aisles_array;&print_header(cache);&print_prods;&print_num_sc_items;&print_footer;} elsif ($FORM_DATA{ac} eq "sc") {&print_header(cache);&print_sc_lower_header;&view_shopping_cart;&print_sc_footer;} elsif ($FORM_DATA{ac} eq "pi") {&parse_hidden;if ($shopping_cart_item[0] eq '') {&return_error ("page","Nothing selected", "please go back and select item(s) to purchase");}&print_header(cache);&print_pi_lower_header;&print_hidden;&view_shopping_order;&print_pi_footer;} elsif ($FORM_DATA{ac} eq "or") {&parse_hidden;&print_header(cache);&print_or_lower_header;&print_hidden;&view_shopping_order;&print_or_footer;} elsif ($FORM_DATA{ac} eq "th") {&parse_hidden;&print_header(cache);&send_shopping_order;&print_th_middle;&print_th_footer;} else {&print_header(cache);print "<B>INVALID STORE ACTION ATTEMPTED</B>";print "<P>";print "hostname and time is being logged";print "<BR>";&send_security_alert("Invalid Store Action Attempted", "Someone sent an invalid URL. Please keep this information handy for future evidence");&print_footer;exit(1);}sub invalid_admin_client{&print_header_2(nocache);print "<B>INVALID ADMINISTRATIVE HOST</B>";print "<P>";print "Your Internet IP address is not authorized to modify the product database.";print "<BR>";&send_security_alert("Invalid Host: $FORM{password}", "Someone other than the trusted administrative host attempted to access Storesoft's administrator pages.");&print_common_upper_footer;&print_common_lower_footer;exit(1);}sub tabletop{print "<TABLE WIDTH=$page_width>";print "<TR><TD>";}sub tablebottom{print "</TD></TR>";print "</TABLE>";}sub write_database{if (open(OUTFILE,"+>$products_database")) {$i=0;foreach (@record) {print OUTFILE $record[$i];$i++;}} else {&database_write_error;}}sub clean_database_check	{$i=0;foreach (@record) {&fields;if ($item_code ne '') {$this_code[$i] = $item_code;$i++;}}$last_item_number = $i;$i=0;$x=0;$n=0;for ($n=0; $n <= $last_item_number; $n++) {for ($i=0; $i <= $last_item_number; $i++) {if (($this_code[$n] eq $this_code[$i]) && ($n != $i)) {&multiple_item_codes_error;}}}}sub order_and_write_database{if (open(OUTFILE,">$products_database")) {foreach $one (sort @record) {print OUTFILE $one if ($one ne "\n");}close(OUTFILE);} else {&database_write_error;}}sub multiple_item_codes_error{&return_error ("endpage","Duplicate Item Codes Found", "Multiple products with the same item code are not permitted and would interfere with the proper operation of your online store. Please fix your data manually before continuing.");}sub database_write_error{&return_error ("endpage","Error Writing to Database", "<LI> Does your products database file exist on your server?<LI> Is the location of the database file the same as specified in Storesoft's configuration file?<LI> Are file permissions for the products database file set sufficiently for writing by your web browser?<P>");}sub edit_prods{print "<LI> copy text from a big database into a window <BR>";print "<LI> do a search for a type of product <BR>";print "<LI> do a search for a product code to edit it <BR>";print "<LI> show the entire database in a table to edit it <BR>";}sub init_record_array{for ($i=0; $i <= $total_records; $i++) {$record[$i]='';}}sub read_db{open (PRICELIST,$products_database) || &return_error ("page","Store Database Not Found", "please check the location and permissions of your store info database file");$i=0;while (<PRICELIST>) {$record[$i]=$_;$i++;}$total_records = $i;close (PRICELIST);}sub parse_url{@key_value_pairs = split (/&/, $query_string);$i=0;foreach $key_value (@key_value_pairs) {($key, $value) = split (/=/, $key_value);$value =~ tr/+/ /;$value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack("C", hex($1))/eg;if (defined($FORM_DATA{$key})) {$FORM_DATA{$key}=join("\0", $FORM_DATA{$key}, $value);} else {$FORM_DATA{$key}=$value;}if ($value =~ /[;\<>*`\|]/) {&return_error ("page","Invalid Input Characters", "We have detected strange characters in the URL. The following characters are not allowed: > ; < \ * ` \ | <BR> Please inform the webmaster of this problem.");}if ($key eq "item") {$shopping_cart_item[$i]=$value;$i++;}}$num_sc_items = $i;}sub parse_hidden{read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});@pairs = split(/&/, $buffer);foreach $pair (@pairs){($name, $value) = split(/=/, $pair);$value =~ tr/+/ /;$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;$FORM{$name} = $value;if ($value =~ /[;><&\*`\|]/) {&return_error ("page","Invalid Input Characters", "We have detected strange characters in your input. The following characters are not allowed: > ; < & \ * ` \ | <BR> Please go back and remove these characters from your input.");}if ($FORM{state} eq "Choose your state") {&return_error ("page","State Not Chosen", "Please go back and select your state of residence.");}}}sub parse_hidden_2{read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});@pairs = split(/&/, $buffer);foreach $pair (@pairs){($name, $value) = split(/=/, $pair);$value =~ tr/+/ /;$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;$value =~ s/\r//g;			$FORM{$name} = $value;}if ($FORM_DATA{ac} eq "add") {if ($FORM{ADD} eq "YES") {foreach $one (@fields_order) {if ((!$FORM{$one}) && ($one ne "item_type")) {&return_error("page","Empty Field Detected","Blank fields should not be added to the database, please go back and fill in all fields");}}if ((!$FORM{item_type}) && ($FORM{item_type2} eq "New_Item_Type")) {&return_error("page","Item Type Unspecified","Blank fields should not be added to the database, please go back and specify an item type");}}if ($FORM_DATA{ac} eq "add") {$FORM{item_type} = $FORM{item_type2} if ($FORM{item_type2} ne "New_Item_Type");}$FORM{item_image} = "" if ($FORM{item_image} eq "No_Image");} elsif ($FORM_DATA{ac} eq "create") {} elsif ($FORM_DATA{ac} eq "edit") {$FORM{item_type} = $FORM{item_type2} if ($FORM{item_type2} ne "New_Item_Type");$FORM{item_image} = "" if ($FORM{item_image} eq "No_Image");} else {exit(0);}}sub print_hidden{while (($name,$value)= each(%FORM)) {print "<INPUT TYPE=HIDDEN NAME=$name VALUE=\"$FORM{$name}\">";}}sub print_header{local ($cache)=@_;if ($cache eq "nocache") {print "Content-Type: text/html\n";print "Pragma: no-cache\n\n";} elsif ($cache eq "cache") {print "Content-Type: text/html\n\n";}print "<HTML>";print "<HEAD>";print "<TITLE>$store_name</TITLE>";print "</HEAD>";print "<BODY BGCOLOR=$background_color TEXT=$text_color LINK=$link_color VLINK=$vlink_color ALINK=$alink_color>";print "<CENTER>";print "<FONT color=$font_color Size=+3>$store_name</font><BR>";print "<IMG SRC=$banner_graphic ALT=\"$store_name\"><BR>";print "<FONT color=$font_color>$store_slogan</font><BR>";print "<FONT SIZE=-2>$company_address_line1 $company_address_line2 $my_phone_number</FONT><P>";&tabletop;print "<CENTER>";print "<FONT SIZE=-1>";$i=0;foreach (@aisles) {&edit_URL($locale, "&ai\=$FORM_DATA{ai}", "&ai\=$aisles[$i]");$aisles[$i] =~ s/_/ /;print "[<A HREF=\"$newlocale\">$aisles[$i]</A>] ";$i++;}print "</FONT>";&tablebottom;print "<HR WIDTH=$page_width><P>";}sub print_header_2{local ($cache)=@_;if ($cache eq "nocache") {print "Content-Type: text/html\n";print "Pragma: no-cache\n\n";} elsif ($cache eq "cache") {print "Content-Type: text/html\n\n";}print "<HTML>";print "<HEAD>";print "<TITLE>$store_name - Storesoft Administrator Page</TITLE>";print "</HEAD>";print "<BODY BGCOLOR=$background_color TEXT=$text_color LINK=$link_color ALINK=$alink_color>";print "<CENTER>";}sub print_prods{$n=0;$loop_flag=1;$initialize_flag=0;foreach (@record) {&fields;if ($initialize_flag == 0) {$current_type=$item_type;$initialize_flag = 1;}if ($FORM_DATA{ai} eq $item_type) {&print_aisles;} elsif ($FORM_DATA{ai} eq "all") {&print_aisles;}}print "</TABLE>";print "<P>";}sub define_aisles_array{$num=0;$current_type = 'undef';foreach (@record) {&fields;if ($current_type ne $item_type) {$aisles[$num]=$item_type;$current_type=$item_type;$num++}}}sub print_aisles{if ($current_type ne $item_type) {$current_type=$item_type;$loop_flag=1;$n++;}if (($item_type eq $current_type) && ($loop_flag == 1)) {$loop_flag=0;print "<CENTER>";$item_type =~ s/_/ /;print "<P><FONT SIZE=+1 COLOR=$font_color>$item_type</FONT><BR>";print "<P>";print "<TABLE WIDTH=$page_width BORDER=$item_table_border>";}print "<TR><TD VALIGN=BOTTOM>";if ($double_space eq 1) {print "<BR>";}if (($photo_show_level == 2) && ($item_image ne '')) {print "<IMG SRC=\"$web_photo_filepath$item_image\"><BR>";}&markup;print "$item_description (\$$item_price)";if (($photo_show_level == 1) && ($item_image ne '')) {print " <A HREF=\"$web_photo_filepath$item_image\"><B>photo</B></A><BR>";}print "</TD>";print "<TD VALIGN=BOTTOM ALIGN=RIGHT>";print "<A HREF=\"$locale&item=$item_code\">$add_to_shopping_cart_icon</A></TD></TR>";}sub print_footer{&print_common_upper_footer;&edit_URL($locale, "ac\=st", "ac\=sc");print "<CENTER>";print "<FORM METHOD=POST ACTION=\"$newlocale\">";print "<INPUT TYPE=SUBMIT VALUE=\"View Shopping Cart\"><P>";print "</FORM>";&print_common_lower_footer;}sub print_admin_help_link{print "<P>";print "Need help on using these functions?";print "<BR>";print "Go to Storesoft's ";print "<A HREF=\"$protocol:\/\/www.storesoft.com\/help.htm\">Help Page</A> on the Internet.";print "<P>";}sub print_admin_bottom{&print_admin_help_link;&edit_URL($locale, "ac=.*", '');print "<A HREF=$newlocale>Administrator Page</A>";print "<P>";print "</FONT>";print "<P>";print "<CENTER>";&tablebottom;&print_common_upper_footer;&print_admin_lower_footer;exit(0);}sub print_footer_2{&print_common_upper_footer;&print_common_lower_footer;}sub print_common_upper_footer{print "<P>";print "<HR WIDTH=$page_width>";print "<P>";}sub print_common_lower_footer{print "<P>";print "<FONT SIZE=-2>Before purchasing, please review our<BR>";print "<A HREF=$terms>Terms and Conditions of Sale</A>";print "<P>";print "<A HREF=\"$protocol://www.storesoft.com\">$powered_by</A>";print "</FONT>";print "<P>";print "</CENTER>";print "</BODY>";print "</HTML>";}sub print_admin_lower_footer{print "<P>";print "<FONT SIZE=-2>";print "Powered by ";print "<A HREF=\"$protocol://www.storesoft.com\">Storesoft</A>";print "</FONT>";print "<P>";print "</CENTER>";print "</BODY>";print "</HTML>";}sub print_sc_lower_header{&edit_URL($locale, "ac\=sc", "ac\=st");print "<FORM METHOD=POST ACTION=\"$newlocale\">";print "<INPUT TYPE=SUBMIT VALUE=\"Keep Shopping\"><P>";print "</FORM>";&edit_URL($locale, "ac\=sc", "ac\=pi");print "<FORM METHOD=POST ACTION=\"$newlocale\">";}sub print_sc_footer{&print_common_upper_footer;print "<INPUT TYPE=SUBMIT VALUE=\"Add it up!\"><P>";print "</FORM>";&print_common_lower_footer;}sub print_pi_lower_header{&edit_URL($locale, "ac\=pi", "ac\=or");print "<FORM METHOD=POST ACTION=\"$newlocale\">";}sub print_or_lower_header{&edit_URL($locale, "ac\=or", "ac\=th");print "<FORM METHOD=POST ACTION=\"$newlocale\">";}sub print_pi_footer{&print_common_upper_footer;&get_persinfo;print "<INPUT TYPE=SUBMIT VALUE=\"Continue!\"><P>";print "</FORM>";&print_common_lower_footer;}sub print_or_footer{&print_common_upper_footer;&get_credit_info;print "<INPUT TYPE=SUBMIT VALUE=\"Send This Order!\"><P>";print "</FORM>";&print_common_lower_footer;}sub print_th_middle{print "<FONT SIZE=+1 COLOR=$font_color>Thank You!</FONT><BR>";print "<P>";print "Thank you for your business.";print "Your order has been submitted and will be processed shortly.";}sub print_th_footer{print "<P>";print "<P><HR WIDTH=$page_width><P>";print "<P>";&edit_URL($locale, "ac\=th", "ac\=st");&edit_URL($newlocale, "&item\=.*", "");print "<A HREF=\"$newlocale\">$store_name</A>";print "<P>";print "</CENTER>";print "<BR><BR><BR>";print "</BODY>";print "</HTML>";}sub view_shopping_cart{print "<FONT SIZE=+1 COLOR=$font_color>Your Shopping Cart</FONT><BR>";print "<P>";$i=0;print "<TABLE WIDTH=$page_width BGCOLOR=dddddd BORDER=1>";if ($quantity_store == 1) {print "<TR bgcolor=bbffbb><TD><B> Product ID </B></TD><TD><B> Description </B></TD><TD ALIGN=RIGHT><B> Quantity </B></TD><TD ALIGN=RIGHT><B> Price Each </B></TD><TD ALIGN=RIGHT><B> Remove from Shopping Cart? </B></TD></TR>";} else {print "<TR bgcolor=bbffbb><TD><B> Product ID </B></TD><TD><B> Description </B></TD><TD ALIGN=RIGHT><B> Price </B></TD><TD ALIGN=RIGHT><B> Remove from Shopping Cart? </B></TD></TR>";}if ($quantity_store == 1) {foreach (@shopping_cart_item) {foreach (@record) {&fields;if (($shopping_cart_item[$i] eq $item_code) && ($item_code ne '')) {&edit_URL($locale, "&item\=$shopping_cart_item[$i]", '');&clean_HTML_tags($item_description);&markup;print "<TR><TD> $item_code </TD><TD> $newfield </TD><TD ALIGN=RIGHT> <INPUT SIZE=3 MAXLENGTH=3 NAME=$item_code VALUE=\"1\"> </TD><TD ALIGN=RIGHT> \$$item_price </TD><TD ALIGN=RIGHT> <A HREF=\"$newlocale\">remove</A> </TD></TR>";$i++;last;}}}} else {foreach (@shopping_cart_item) {foreach (@record) {&fields;if (($shopping_cart_item[$i] eq $item_code) && ($item_code ne '')) {&edit_URL($locale, "&item\=$shopping_cart_item[$i]", '');&clean_HTML_tags($item_description);&markup;print "<TR><TD> $item_code </TD><TD> $newfield </TD><TD ALIGN=RIGHT><INPUT TYPE=HIDDEN NAME=$item_code VALUE=\"1\"> \$$item_price </TD><TD ALIGN=RIGHT> <A HREF=\"$newlocale\">remove</A> </TD></TR>";$i++;last;}}}}print "</TABLE><P>";if ($shopping_cart_item[0] eq '') {print "<FONT SIZE=+1 COLOR=$font_color>Shopping Cart is currently empty</FONT><P>";}}sub view_shopping_order{print "<FONT SIZE=+1 COLOR=$font_color>Your Order</FONT><BR>";print "<P>";$i=0;print "<TABLE WIDTH=$page_width BGCOLOR=dddddd BORDER=1>";print "<TR bgcolor=bbffbb><TD><B> Product ID </B></TD><TD><B> Description </B></TD><TD ALIGN=RIGHT><B> Quantity </B></TD><TD ALIGN=RIGHT><B> Price Each </B></TD><TD ALIGN=RIGHT><B> Total Price </B></TD></TR>";$sub_total_items_price = 0;$weight_units = 0;$total_weight_units = 0;foreach (@shopping_cart_item) {foreach (@record) {&fields;if (($shopping_cart_item[$i] eq $item_code) && ($item_code ne '')) {&markup;$quantity_item_price = $FORM{$item_code} * $item_price;$sub_total_items_price = $sub_total_items_price + $quantity_item_price;&clean_HTML_tags($item_description);print "<TR><TD> $item_code </TD><TD> $newfield </TD><TD ALIGN=RIGHT>";if (($FORM_DATA{ac} eq "pi") || ($FORM_DATA{ac} eq "or")) {print "$FORM{$item_code} </TD><TD ALIGN=RIGHT> \$$item_price </TD><TD ALIGN=RIGHT> \$$quantity_item_price </TD></TR>";} else {print "<INPUT SIZE=3 NAME=$item_code MAXLENGTH=3 VALUE=$FORM{$item_code}> </TD><TD ALIGN=RIGHT> \$$item_price </TD><TD ALIGN=RIGHT> \$$quantity_item_price </TD></TR>";}$weight_units = $weight_units + ($item_weight * $FORM{$item_code});$i++;last;}}}$tax = 0;if ($FORM{state} eq $store_state) {$tax = $sub_total_items_price * ($tax_rate/100);}$shipping = $shipping_base_charge + ($weight_units * $shipping_rate);$total = $sub_total_items_price + $shipping + $tax;print "<TR><TD>.</TD><TD>.</TD><TD>.</TD><TD>.<TD>.</TD></TR>";print "<TR><TD>Subtotal</TD><TD>.</TD><TD ALIGN=RIGHT>.</TD><TD ALIGN=RIGHT>.<TD ALIGN=RIGHT> \$$sub_total_items_price </TD></TR>";if ($FORM_DATA{ac} eq "or") {$shipping =~ s/\.(..).*$/\.\1/;print "<TR><TD>Shipping</TD><TD>UPS Ground Shipping - est. weight $weight_units lbs.</TD><TD ALIGN=RIGHT>.</TD><TD ALIGN=RIGHT>.<TD ALIGN=RIGHT> \$$shipping </TD></TR>";if ($FORM{state} eq $store_state) {$tax =~ s/\.(..).*$/\.\1/;print "<TR><TD>Tax</TD><TD>$FORM{state} residents add $tax_rate percent tax</TD><TD ALIGN=RIGHT>.</TD><TD ALIGN=RIGHT>.<TD ALIGN=RIGHT> \$$tax </TD></TR>";}$total =~ s/\.(..).*$/\.\1/;print "<TR><TD>Total</TD><TD>.</TD><TD ALIGN=RIGHT>.</TD><TD ALIGN=RIGHT>.<TD ALIGN=RIGHT> \$$total </TD></TR>";}print "</TABLE><P>";}sub send_shopping_order{$sub_total_items_price = 0;$weight_units = 0;$i=0;open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";print MAIL "New Storesoft Virtual Store Purchase\n";print MAIL "==========================\n\n";foreach $pair (@pairs) {($name, $value) = split(/=/, $pair);$value =~ tr/+/ /;$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;$name =~ tr/+/ /;$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;$FORM{$name} = $value;}print MAIL "CUSTOMER INFO:\n";print MAIL "==============\n";print MAIL "Name:		$FORM{name}\n";print MAIL "Company:	$FORM{company}\n";print MAIL "Address1:	$FORM{addr1}\n";print MAIL "Address2:	$FORM{addr2}\n";print MAIL "City:		$FORM{city}\n";print MAIL "State:		$FORM{state}\n";print MAIL "Zipcode:	$FORM{zip}\n";print MAIL "Country:	$FORM{country}\n";print MAIL "Phone:		$FORM{phone}\n";print MAIL "Fax:		$FORM{fax}\n";print MAIL "Email:		$FORM{email}\n\n";print MAIL "ORDERING INFO:\n";print MAIL "==============\n";print MAIL "Credit Card Type:	$FORM{card_type}\n";print MAIL "Name on card:		$FORM{name_on_card}\n";print MAIL "Card number:		$FORM{card_number}\n";print MAIL "Expiration month:	$FORM{exp_month}\n";print MAIL "Expiration year:	$FORM{exp_year}\n";print MAIL "PO Number (if any):	$FORM{PO_number}\n\n";print MAIL "ORDER:\n";print MAIL "======\n";foreach (@shopping_cart_item) {foreach (@record) {&fields;if (($shopping_cart_item[$i] eq $item_code) && ($item_code ne '')) {&markup;$quantity_item_price = $FORM{$item_code} * $item_price;$sub_total_items_price = $sub_total_items_price + $quantity_item_price;print MAIL "$FORM{$item_code}	$item_type	$item_code	$item_price\n";$weight_units = $weight_units + ($item_weight * $FORM{$item_code});$i++;last;}}}print MAIL "\n";print MAIL "BILLING:\n";print MAIL "========\n";$tax = 0;if ($FORM{state} eq $store_state) {$tax = $sub_total_items_price * ($tax_rate/100);$tax =~ s/\.(..).*$/\.\1/;}$shipping = $shipping_base_charge + ($weight_units * $shipping_rate);$shipping =~ s/\.(..).*$/\.\1/;$total = $sub_total_items_price + $shipping + $tax;$total =~ s/\.(..).*$/\.\1/;print MAIL "Total Weight:		$weight_units\n";print MAIL "State Sales Tax:	$tax\n";print MAIL "Total Shipping:		$shipping\n";print MAIL "Grand Total:		$total\n";close (MAIL);}sub edit_URL{local ($loc, $old_store_area, $new_store_area) = @_;$loc =~ s/$old_store_area/$new_store_area/;$newlocale = $loc;return ($newlocale);}sub send_security_alert{local ($security_message,$security_details) = @_;open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";print MAIL "Storesoft Virtual Store SECURITY ALERT\n";print MAIL "Someone possibly tried to break into your server.\n";print MAIL "====================================\n\n";print MAIL "ALERT TYPE: $security_message\n\n";print MAIL "Potential Intruder Information:\n";print MAIL "====================================\n";print MAIL "Host Name:           ", $ENV{REMOTE_HOST}, "\n";print MAIL "IP Address:          ", $ENV{REMOTE_ADDR}, "\n";print MAIL "Web Browser:         ", $ENV{HTTP_USER_AGENT}, "\n";print MAIL "Query String:        ", $ENV{QUERY_STRING}, "\n";print MAIL "\n";print MAIL $security_details;close (MAIL);}sub clean_HTML_tags{local ($field) = @_;$field =~ s/<.*>//;$newfield = $field;return ($newfield);}sub get_persinfo{&tabletop;print "<FONT SIZE=+3 COLOR=$font_color>";print "Customer Information<BR>";print "</FONT>";print "Please include a valid email address and phone/fax ";print "number(s). If you are outside the United States or ";print "Canada, please include the country and city codes ";print "with your phone number(s).<BR>";print "<PRE>\n";print "            Name: <INPUT SIZE=34 MAXLENGTH=34 NAME=name>\n";print "         Address: <INPUT SIZE=30 MAXLENGTH=30 NAME=addr>\n";print "            City: <INPUT SIZE=19 MAXLENGTH=19 NAME=city> State: <SELECT NAME=state>\n";print "<OPTION>Choose your state\n";print "<OPTION>AK";print "<OPTION>AL";print "<OPTION>AR";print "<OPTION>AZ";print "<OPTION>CA";print "<OPTION>CO";print "<OPTION>CT";print "<OPTION>DC";print "<OPTION>DE";print "<OPTION>FL";print "<OPTION>GA";print "<OPTION>HI";print "<OPTION>IA";print "<OPTION>ID";print "<OPTION>IL";print "<OPTION>IN";print "<OPTION>KS";print "<OPTION>KY";print "<OPTION>LA";print "<OPTION>MA";print "<OPTION>MD";print "<OPTION>ME";print "<OPTION>MI";print "<OPTION>MN";print "<OPTION>MO";print "<OPTION>MS";print "<OPTION>MT";print "<OPTION>NC";print "<OPTION>ND";print "<OPTION>NE";print "<OPTION>NH";print "<OPTION>NJ";print "<OPTION>NM";print "<OPTION>NV";print "<OPTION>NY";print "<OPTION>OH";print "<OPTION>OK";print "<OPTION>OR";print "<OPTION>PA";print "<OPTION>RI";print "<OPTION>SC";print "<OPTION>SD";print "<OPTION>TN";print "<OPTION>TX";print "<OPTION>UT";print "<OPTION>VA";print "<OPTION>VT";print "<OPTION>WA";print "<OPTION>WI";print "<OPTION>WV";print "<OPTION>WY";print "</SELECT>\n";print "        Zip Code: <INPUT SIZE=10 MAXLENGTH=10 NAME=zip>\n";print "         Country: <INPUT SIZE=14 MAXLENGTH=14 NAME=country VALUE=USA>\n";print "           Phone: <INPUT SIZE=16 MAXLENGTH=16 NAME=phone>\n";print "             Fax: <INPUT SIZE=16 MAXLENGTH=16 NAME=fax>\n";print "           Email: <INPUT SIZE=46 NAME=email>\n\n";print "</PRE>";print "<P>";&tablebottom;}sub get_credit_info{&tabletop;$number_order_methods = $postal_order + $email_order + $purchase_order + $credit_order + $phone_order;print "<FONT SIZE=+3 COLOR=$font_color>";print "Ordering Options<BR>";print "</FONT>";print "We currently have $number_order_methods";if ($number_order_methods == 1) {print " method ";} else {print " methods ";}print "by which you may complete your order.<BR>";print "<P>";if ($postal_order == 1) {print "$order_icon <FONT SIZE=+1 COLOR=$font_color> Submit the order via Postal Mail</FONT><BR>";print "Postal Mail orders simply print this page for your records and click on \"Send Order\" below, then send check or money order to:<BR>";print "<P>";print "$company_name<BR>";print "$company_address_line1<BR>";print "$company_address_line2<BR>";print "<P>";print "<B>Be sure to click \"Send Order\" below</B> after you've printed this page to notify us via email of your purchase. We will then send your order upon payment.<BR>";print "<P>";print "Please allow $weeks_to_deliver weeks for delivery.<BR>";print "<P>";}if ($phone_order == 1) {print "$order_icon <FONT SIZE=+1 COLOR=$font_color> Submit the order via Phone</FONT><BR>";print "Phone orders simply call us at <B>$my_phone_number</B>.<BR>";print "<P>";}if ($email_order == 1) {print "$order_icon <FONT SIZE=+1 COLOR=$font_color> Submit the order via email</FONT><BR>";print "Email orders simply click on the \"Send This Order\" button below to finish.<BR>";print "We will then call you via phone to confirm your order.<BR>";print "<P>";}if ($purchase_order == 1) {print "$order_icon <FONT SIZE=+1 COLOR=$font_color> Submit the order via email with a Purchase Order Number (for companies)</FONT><BR>";print "Just enter your PO Number here: <INPUT size=25 type=text name=PO_number><BR>";print "Then simply click on the \"Send This Order\" button below.<BR>";print "<P>";}if ($credit_order == 1) {print "$order_icon <FONT SIZE=+1 COLOR=$font_color> Submit the order with your credit card number</FONT><BR>";print "Fill in your Credit Card information below:<BR>";print "Then simply click on the \"Send This Order\" button.<BR>";print "<P>";print "<PRE>";print "                  Name as it appears on card\n";print "                  <INPUT SIZE=46 NAME=\"name_on_card\" ALIGN=LEFT>\n";print "            Card: <SELECT NAME=\"card_type\" ALIGN=LEFT>\n";$i=0;foreach (@credit_card_options) {print "   <OPTION VALUE=\"$credit_card_options[$i]\"> $credit_card_options[$i]\n";$i++;}print "   </SELECT>\n";print "     Card Number: <INPUT TYPE=TEXT NAME=\"card_number\" ALIGN=LEFT>\n";print "         Expires: <SELECT NAME=\"exp_month\">\n";print "   <OPTION VALUE=xx> Select Month\n";print "   <OPTION VALUE=01> 01 - January\n";print "   <OPTION VALUE=02> 02 - February\n";print "   <OPTION VALUE=03> 03 - March\n";print "   <OPTION VALUE=04> 04 - April\n";print "   <OPTION VALUE=05> 05 - May\n";print "   <OPTION VALUE=06> 06 - June\n";print "   <OPTION VALUE=07> 07 - July\n";print "   <OPTION VALUE=08> 08 - August\n";print "   <OPTION VALUE=09> 09 - September\n";print "   <OPTION VALUE=10> 10 - October\n";print "   <OPTION VALUE=11> 11 - November\n";print "   <OPTION VALUE=12> 12 - December\n";print "   </SELECT>\n";print "                  <SELECT NAME=\"exp_year\">\n";print "   <OPTION VALUE=xx> Select Year\n";print "   <OPTION VALUE=97> 1997\n";print "   <OPTION VALUE=98> 1998\n";print "   <OPTION VALUE=99> 1999\n";print "   <OPTION VALUE=00> 2000\n";print "   <OPTION VALUE=01> 2001\n";print "   <OPTION VALUE=01> 2002\n";print "   <OPTION VALUE=01> 2003\n";print "   <OPTION VALUE=01> 2004\n";print "   <OPTION VALUE=01> 2005\n";print "</SELECT>\n";print "</PRE>";print "<P>";}&tablebottom;print "<P>";}sub print_num_sc_items{print "Items in cart: <B>$num_sc_items</B>";}sub return_error{local ($type, $error, $message) = @_;if ($type eq "page") {print "Content-type: text/html\n";print "Pragma: no-cache\n\n";print "<HTML>";print "<HEAD>";print "<TITLE>$store_name</TITLE>";print "</HEAD>";print "<BODY BGCOLOR=$background_color TEXT=$text_color LINK=$link_color VLINK=$vlink_color ALINK=$alink_color>";print "<CENTER>";&tabletop;}print "<P>";print "<B>Error Detected:</B>";print "<H2>$error</H2>";print "<HR>";print "$message";print "<P>";print "</TEXTAREA>";print "</SELECT>";print "</FORM>";&tablebottom;print "</BODY>";print "</HTML>";exit(1);}sub show_selectable_product_fields{print "<PRE>";print "Item Type:        ";if (!$FORM_DATA{ADD}) {print "<INPUT SIZE=30 NAME=item_type VALUE=\"$item_type\">";} else {print "<INPUT SIZE=30 NAME=item_type VALUE=\"$FORM{item_type}\">";}print " ";print "<SELECT NAME=item_type2>";if ($item_type) {print "<OPTION>$item_type";print "<OPTION>New_Item_Type";} else {print "<OPTION>New_Item_Type";}$i=0;foreach (@aisles) {if ($item_type ne $aisles[$i]) {print "<OPTION>$aisles[$i]";}$i++;}print "</SELECT>";print "<P>";print "                  <FONT SIZE=-1>Note: Pulldown menu has precedence over the fill-in, unless set to New_Item_Type</FONT>";print "<P>";print "Item Image:       ";$i=0;print "<SELECT NAME=item_image>";if ($item_image) {print "<OPTION>$item_image";} else {print "<OPTION>No_Image";}opendir(IMAGES,"$system_photo_filepath") || die "directory not found";foreach $name (sort readdir(IMAGES)) {if ((($name ne ".") && ($name ne "..")) && (($name =~ /.jpeg$/) || ($name =~ /.jpg$/) || ($name =~ /.gif$/))) {print "<OPTION>$name" if ($item_image ne $name);$flag = 1;}}closedir(pers);print "</SELECT>";print " System Photo Directory: ";print $system_photo_filepath;print " is empty" if ($flag != 1);print "<P>";print "Item Description: ";if (!$FORM_DATA{ADD}) {print "<TEXTAREA ROWS=3 COLS=50 NAME=item_description>$item_description</TEXTAREA><P>";} else {print "<TEXTAREA ROWS=3 COLS=50 NAME=item_description>$FORM{item_description}</TEXTAREA><P>";}print "<P>";print "                  <FONT SIZE=-1>You can even spice up your product descriptions with standard HTML tags!</FONT>";print "<P>";print "Item Code:        ";if (!$FORM_DATA{ADD}) {print "<INPUT SIZE=20 NAME=item_code VALUE=\"$item_code\">";} else {print "<INPUT SIZE=20 NAME=item_code VALUE=\"$FORM{item_code}\">";}print "<P>";print "Item Price:       ";if (!$FORM_DATA{ADD}) {print "<INPUT SIZE=10 NAME=item_price VALUE=\"$item_price\">";} else {print "<INPUT SIZE=10 NAME=item_price VALUE=\"$FORM{item_price}\">";}print "<P>";print "                  <FONT SIZE=-1>This should be a wholesale price.<BR>";print "                  The customer markup specified in Storesoft's config file is $markup</FONT>";print "<P>";print "Item Weight:      ";if (!$FORM_DATA{ADD}) {print "<INPUT SIZE=10 NAME=item_weight VALUE=\"$item_weight\">";} else {print "<INPUT SIZE=10 NAME=item_weight VALUE=\"$FORM{item_weight}\">";}print "<P>";print "</PRE>";}