#!/usr/bin/perl
# CollapsedSubs: Main_HTML_Doc my_read_CGI_input ConnectToDB DisConnectFromDB render_price_list_html Read_Inventory_DB urlencode
################################################################################
################################################################################
##### This code tells the browser what MIME type the content is. #####
##### All content delivered by this script is HTML #####
##### #####
################################################################################
################################################################################
#use CGI::Carp qw(fatalsToBrowser);
#comment out the above line when you're done debugging this script
# start user configuration
################################################################################
print "Content-type: text/html \n\n\r\n\r\n\r" unless ($content_type_printed);
$content_type_printed++;
################################################################################
# the mysql database table name that this script will use for the products table.
$Feature_Name = "Cue Repair Price List";
$Feature_Link_Name = "price list";
$Inv_Table="services";
$Cart_Table = "repair_carts";
#$Sales_Order_Table = "service_orders";
#$Dealer_Table ="dealer_db";
$item_number_field = "Service_ID";
$item_name_field = "Service_Name";
$item_amount_field = "Reg_Price";
$item_sale_price_amount_field = "Sale_Price";
$item_active_field = "Active";
#$item_View_Permits_field ="View_Permits";
#$default_View_Permits ="%R%";
$item_category_field = "Category";
$cart_long_name ="Repair Ticket";
$cart_short_name ="Ticket";
$cart_url = "/cgi-bin/cue-shop.pl";
# Enter the currency symbols PayPal uses to designate US dollars
# or Euros or Pounds Sterlings. Enter a backslash before the $ symbol.
# US: $
# Euros: �
# Pounds Sterling: �
# Canadian Dollar (C$)
# Japanese Yen (�)
$m_symbol = "\$";
# The currency of the payment is U.S.Dollars: USD
# The currency of the payment is British Pounds Sterling: GBP
# The currency of the payment is Euros: EUR
# The currency of the payment is Canadian Dollar: CAD
# The currency of the payment is Yen: JPY
$currency_code = "CAD";
################################################################################
################################################################################
# end user configuration ---> Begin Main Exec
$selfURL = $ENV{SCRIPT_NAME};
#$selfURL = "/cgi-bin/price-list.pl";
$|++; #dont't buffer output
# find out the OS
if ($^O eq 'MSWin32' || $ENV{'OS'} eq 'Windows_NT') {
# this one for windows
$windows = 'Yes';
$slash = '\\';
}
else
{
$windows = 'No';
$slash = '/';
}
#load required perl modules or libraries
#my $dbh;
my $db_params = "admin/params.pl";
my $db_common = "wsdbi_params.pm";
eval {
#use strict;
use DBI;
require $db_common;
require $db_params;
require 'cookie.pl';
};
#check for load errors
if ($@) {
&my_load_error_doc($@);
exit(0);
}
# connect to DB, read CGI data, verify Login,
SITe_ConnectToDB();
my_read_CGI_input();
##### define time variables
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$mon = $mon + 1;
$year = $year + 1900;
$accessTime = "$hour:$min:$sec";
$AN = int(rand(10000));
Main_HTML_Doc();
DisConnectFromDB();
#End of main perl code
################################################################################
####### this sub returns the script specific load error doc
################################################################################
sub Main_HTML_Doc(){
#Determine Page Content
$main_content = render_price_list_html() if ($data{cmd} eq ""); #Default Content
$main_content = Read_Inventory_DB() if ($data{cmd} eq "List");
$main_content = Read_Inventory_DB() if ($data{cmd} eq "ShowItem");
print "Content-type: text/html \n\n\r\n\r\n\r" unless ($content_type_printed);
$content_type_printed++;
print qq~
$Feature_Name at $my_Business_name
~;
}
sub my_read_CGI_input() {
my($buffer) = undef;
my($item);
return(&SIT_read_CGI_input_multi_part()) if($ENV{'CONTENT_TYPE'} =~ /multi/i);
if ($ENV{'REQUEST_METHOD'} =~ /POST/i) {
read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'});
}
else {
$buffer=$ENV{'QUERY_STRING'};
}
$buffer = $ARGV[0] if (not $buffer);
my @pairs=split(/&/,$buffer);
my $i = 0;
foreach $item(@pairs) {
my ($key,$content)=split (/=/,$item,2); # Split into key and value.
$content =~ tr/+/ /; # Convert plus's to spaces
$content =~ s/%(..)/pack("c",hex($1))/ge; # Convert %XX from hex numbers to alphanumeric
# Convert %XX from hex numbers to alphanumeric when using hidden input tags
$content =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$key =~ tr/+/ /; # Convert plus's to spaces
$key =~ s/%(..)/pack("c",hex($1))/ge; # Convert %XX from hex numbers to alphanumeric
# Convert %XX from hex numbers to alphanumeric when using hidden input tags
$key =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$key =~ s/ /_/g;
# get rid of attempts to insert illegal characters
$content =~ s/\\//g; # remove black slashes
$content =~ s/\0//g; # remove nulls
$content =~ s/[\\\&\;\`\'\"\|\*\~\^\[\]\{\}\$]//gs;
# get rid of attempts to insert HTML tags
$content =~ s/>/>/gs;
$content =~ s/finish();}
$dbh = DBI -> connect("DBI:$dbdriver:$dbname:$dbserver", $dbuser, $dbpass);
if(not $dbh){
print "
Can't connect to server.
Reason: $DBI::errstr";
exit;
}
}
sub DisConnectFromDB(){
if (defined $sth){ $sth->finish();}
if(defined $dbh){
$dbh->disconnect or die "Can't disconnect from database. Reason: $DBI::errstr" and undef $dbh;
}
}
sub render_price_list_html(){
my $html = qq~
~;
my $dbquery = qq~SELECT DISTINCT Category FROM $Inv_Table WHERE $item_active_field LIKE 'TRUE'
ORDER BY Category
~;
my $sth = $dbh -> prepare($dbquery) or print "Query syntax error. $dbquery. Reason: $DBI::errstr.";
if( not $sth -> execute())
{
print "
~;
my $dbquery = qq~SELECT * FROM $Inv_Table WHERE $item_active_field LIKE 'TRUE'
AND Category LIKE '$category' ORDER BY $item_name_field
~;
my $sth = $dbh -> prepare($dbquery) or print "Query syntax error. $dbquery. Reason: $DBI::errstr.";
if( not $sth -> execute())
{
print "
~;
return $html;
}
sub Read_Inventory_DB(){
my $dbquery;
if ($data{cmd} eq "ShowItem")
{
$dbquery = "SELECT * FROM $Inv_Table WHERE $item_number_field LIKE '$data{Item}' LIMIT 1";
$third_column_header_HTML = qq~~;
#$content_name = lc($item_number);
$content_name = uc($item_number);
}
elsif ($data{Category} ne "")
{
$dbquery = "SELECT * FROM $Inv_Table WHERE $item_category_field LIKE '$data{Category}' ORDER BY $item_name_field ";
$third_column_header_HTML = qq~
~;
# loop through the array of products and display the HTML add to cart buttons */
while($sku_ref=$sth->fetchrow_hashref())
{
if (uc($sku_ref->{$item_active_field}) eq "TRUE")
{
my $item_number = $sku_ref->{$item_number_field};
my $item_name = $sku_ref->{$item_name_field};
my $item_amount = $sku_ref->{$item_amount_field};
my $item_sale_price = "SALE! $m_symbol$sku_ref->{$item_sale_price_amount_field}" if ($sku_ref->{$item_sale_price_amount_field} < $item_amount);
if ($item_amount > 0)
{
my $number = urlencode($item_number);
$item_name =~ s/\"/ /g;
my $name_value = $item_name;
#remove characters that migh cause problems with the javascript functions
$name_value =~ s/[\,\;\`\'\|\*\~\^\[\]\{\}\$\"]/ /g;
$name_value =~ s/^\s+|\s+$/ /;
my $name = urlencode($name_value);
my $amount = urlencode($item_amount);
my $add_form_HTML = qq~
~;
$detail_link = qq~Bigger Picture...
~;
$detail_link2 = qq~
~;
$this_row_bg_color = '#FFF7F0';
if ($listIndex % 2) {$this_row_bg_color = '#ffffff'; }
# create the code for the add to cart buttons for each product
if ($data{cmd} eq "ShowItem")
{
if (-e "../httpdocs/$Inv_Table/med/$item_number.jpg")
{
$product_img_URL = qq~~;
}
else
{
$product_img_URL = "No Photo";
}
$html_row = qq~
~;
}
else
{
$product_img_URL = "No Photo";
}
$html_row = qq~
~;
}
else
{
$product_img_URL = "Photo Pending";
}
$html_row = qq~