order2.cgi


#!/usr/bin/perl -wT
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
use Fcntl qw(:flock :seek);
use strict;

print header;
print start_html("Results");

# put all the form data into a hash
my %FORM = ();
foreach my $i (param()) {
   $FORM{$i} = param($i);
}

# here we check to make sure they actually filled out all 
# the fields. if they didn't, generate an error.

my @required = ("name","ship_addr","ship_city","ship_state","ship_zip",
"phone", "email");
foreach my $i (@required) {
   if (!(param($i))) {
      &dienice("You must fill out the fields for your name,
e-mail address, phone number and shipping address."); 
   }
}
# try to be sure the e-mail address is valid
# this uses the binding operator to see if an "@" character
# appears in the e-mail address.
if ($FORM{email} !~ /\@/) {
   &dienice("$FORM{email} doesn't seem to be a valid e-mail address.");
}

open(INF, "data.db" ) or &dienice("Can't open data.db:<br> $! \n");
flock(INF, LOCK_SH );    # shared lock
seek(INF, 0, SEEK_SET ); # rewind to beginning
my @data = <INF>;
close(INF);

my $subtotal = 0;
my $items_ordered = "";
foreach my $i (@data) {
    chomp($i);
    my($stocknum, $name, $status, $price ) = split (/\|/, $i );
    if (param($stocknum)) {
        my($qty) = param($stocknum);
        $subtotal = $subtotal + ($price * $qty);
        $items_ordered .= qq($name (#$stocknum) - $price ea., qty: $qty\n);
    }
}

# add $3 for shipping
my $total = $subtotal + 3;

my $ordermsg = <<End1;
Order From: $FORM{name}
Shipping Address: $FORM{ship_addr}
City: $FORM{ship_city}
State: $FORM{ship_state}
ZIP: $FORM{ship_zip}
Country: $FORM{ship_country}
Phone: $FORM{phone}
Email: $FORM{email}

Payment Method: $FORM{paytype}
Items Ordered:
$items_ordered

Subtotal: \$$subtotal
Shipping: \$3.00
Total: \$$total

Thank you for your order!
End1

# Tell them how to send us payment...
if ($FORM{paytype} eq "check") {
   $ordermsg .= qq(Please send a check or money order for \$$total to: 
      Kite Store, 555 Anystreet, Somecity, TX 12345.\n);
} elsif ($FORM{paytype} eq "cc") {
   $ordermsg .=  qq(Please call us at (555) 555-5555 with your credit card 
      information, or fax your card number, billing address and expiration date 
      to our fax number at (555) 555-5555.\n);
} else {
   $ordermsg .= qq(Please <a href="http://www.paypal.com">click here</a> to 
      complete your payment on Paypal.\n);
}

# send the order to the store
&sendmail('webmaster@cgi101.com', 'nullbox@cgi101.com', 'Kite Store Order', $ordermsg);

# print a thank-you page.
print <<EndHTML;
<h2>Thank You!</h2>
Here's what you ordered:<br>
<pre>
$ordermsg
</pre>
EndHTML

sub dienice {
    my($msg) = @_;
    print "<h2>Error</h2>\n";
    print $msg;
    exit;
}

sub sendmail {
    my($from, $to, $subject, $msg) = @_;
    $ENV{PATH} = "/usr/sbin";
    my $mailprog = "/usr/sbin/sendmail";
    open (MAIL, "|/usr/sbin/sendmail -t -oi") or 
        &dienice("Can't fork for sendmail: $!\n");
    print MAIL "To: $to\n";
    print MAIL "From: $from\n";
    print MAIL "Subject: $subject\n\n";
    print MAIL $msg;
    close(MAIL);
}