#!/usr/bin/perl
# 
# order2.cgi
#
$mailprog = "/usr/sbin/sendmail";
print "Content-type:text/html\n\n";

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/\n/ /g;		# added to strip line breaks 
    $FORM{$name} = $value;
}

# here we check to make sure they actually filled out all the forms.
# if they didn't, generate an error.

print "<html><head><title>Results</title></head>\n<body>\n";

@required = ("name","ship_addr","ship_city","ship_state","ship_zip",
"email");
foreach $i (@required) {
    if ($FORM{$i} eq "") {
       &dienice("You must fill out the fields for your name, e-mail
address, and shipping address."); 
    }
}

# if they're not paying by check, we also must make sure they filled
# out the fields for credit card number, expiration date, and billing
# address.
if ($FORM{'paytype'} ne "check") {
    @cc_required = ("ccno","ccexp","bill_addr","bill_zip");
    foreach $i (@cc_required) {
        if ($FORM{$i} eq "") {
            &dienice("You must fill out the fields for credit card
number, expiration date, and billing address.");
        }
    }
}

# now we proceed.

open(INF,"data.db") or &dienice("Can't open data.db.");
@grok = <INF>;
close(INF);

# Generate the receipt by storing it in $receipt
$receipt = "Order From: $FORM{'name'}\n";

$receipt .= "Shipping Address: $FORM{'ship_addr'}\n";
$receipt .= "City: $FORM{'ship_city'}\n";
$receipt .= "State: $FORM{'ship_state'}\n";
$receipt .= "ZIP: $FORM{'ship_zip'}\n";
$receipt .= "Address: $FORM{'ship_country'}\n";
$receipt .= "Phone: $FORM{'phone'}\n";
$receipt .= "Email: $FORM{'email'}\n\n";
$receipt .= "Payment Method: $FORM{'paytype'}\n";
$receipt .= "Items Ordered:\n";


$subtotal = 0;
foreach $i (@grok) {
    chomp($i);
    ($stocknum,$name,$status,$price) = split(/\|/,$i);
    if (exists $FORM{$stocknum}) {
	$subtotal = $subtotal + ($price * $FORM{$stocknum});
        $receipt .= "$name (#$stocknum) - \$$price ea., qty:
$FORM{$stocknum}\n";
    }
}

$total = $subtotal + 3;

$receipt .= "Subtotal: \$$subtotal\n";
$receipt .= "Shipping: \$3.00\n";
$receipt .= "Total: \$$total\n";

# print the receipt on the web page
print <<EndHead;
<h2>Thank You!</h2>
Here's your receipt (print this out for your records):<p>
<pre>
$receipt
</pre>
EndHead
;

# print the receipt to the mail message
open(MAIL,"|$mailprog -t") or &dienice("Couldn't send mail.");
print MAIL "To: kites\@cgi101.com\n";
print MAIL "Subject: Kite Order from $FORM{'email'}\n\n";
print MAIL $receipt;

# credit card info only input to MAIL
if ($FORM{'paytype'} ne "check") {
   print MAIL "Card#: $FORM{'ccno'}  Exp: $FORM{'ccexp'}\n";
   print MAIL "Billing Address: $FORM{'bill_addr'}\n";
   print MAIL "City: $FORM{'bill_city'}\n";
   print MAIL "State: $FORM{'bill_state'}\n";
   print MAIL "ZIP: $FORM{'bill_zip'}\n";
   print "Thank you for your order. Your $FORM{'paytype'} will be billed
for \$$total; you'll receive your order within 7-10 days.<p>\n";
} else {
   print "Thank you for your order.  Please send a check or money order
for \$$total to: Kite Store, 555 Anystreet, Somecity, TX 12345.<p>\n";
}

# send the mail!
close(MAIL);

print "</body></html>\n";

sub dienice {
   ($msg) = @_;
   print "<h2>Error</h2>\n";
   print $msg;
   exit;
}