#!/usr/bin/perl

#################################################################
#   Shopping Cart Script V1.7a                         		#
#    Feel free to use and modify this script             	#
#  Based loosely on the GUI i saw in others round the web 	#
#################################################################

require "cgi-lib.pl";

$tmppath="/home/mellowgo/HTML/tmp/";


# The SendMailprogram
$mailprog = '/usr/lib/sendmail';

# How old each tmp file can be before it is deleted in seconds. (30*60) means 30 minutes.
$timelimit=(30*60); 

# The complete path to your shopping cart (This program)
$cartpath="http://www.mellowgold.com/cgi/shop.cgi";


# Image to be displayed at the top of the order pages. If you dont want any image to be used just set it to ""
$logoimage="http://www.mellowgold.com/mgbanner.gif";


# Background Image
$bgimage="";


# If you want to use Images as buttons instead of the usual grey buttons,you set the filenames here
# submittype should be set to "img". If you dont want to use images as submit buttons, just
# set submittype to "";
$submittype="";

$imgcontinue="";
$imgupdate="";
$imgempty="";
$imgorder="";
$imgreview="";
$imgaddto="";
$imgsend="";


# The phrases/language to be used in your shopping-cart system, this text should be
# changed to fit your needs.

# The submit button text
$continue="Continue shopping";
$update="Update shoppingcart";
$empty="Empty shoppingcart";
$order="Proceed to order page";
$review="Review shoppingcart";
$addto="Add to shoppingcart";
$send="Submit Your Order so we know its coming!";

# Other text
$contentstxt="Your shopping cart contains";
$articletxt="Item";
$pricetxt="Price";
$quantitytxt="Quantity";
$totaltxt="Total";
$deletetxt="Remove";

$ordertxt="Here's your order";
$addytxt="<center>
<TABLE>
<TR>
<TD>
<UL>
<LI>Help on the ordering process is always available at our <A HREF=\"http://www.mellowgold.com/orderhelp\">help page.</A>
<LI>We accept payment in cash in ANY funds and will ship Worldwide. Currency Conversions must be done by you. 
<LI>If you use any method other than cash, we prefer Canadian or American funds.
<LI>You may WRITE our your order as opposed to printing this page out, just make sure we can read it, and that you include the important info!
</TD>
</TR>
</TABLE>

<P>You may order by Mail or Western Union.</center><br>To order via Cash, Check, or Money Order, fill out the fields below. Then, <b>print out THIS page</b> and send it, along with your Cash, Check, or Money Order to:
<FONT  COLOR=#00A000><H4>Mellow Gold<BR>
Suite 431<BR>
#104 1015 Columbia St.<BR>
New Westminster, BC V3M 6V3<BR>
Canada</H4></FONT>
<br>
<H4>Please allow 2 - 5 weeks for delivery, depending on your location.</H4><br>

To order via Western Union: Go to any place that provides western union orders(Money Mart etc) and fill out the green form as per the example below. Make sure you either get a copy of this form, or you write down the important info.  You then send us an <a href=\"mailto:orders\@mellowgold.com\">email</a> that includes your order and the following information:
<H4>Western Union The Fastest Way To Send Money Worldwide</H4>

Pay To: <FONT  COLOR=#00A000>Sanctuary</FONT><BR>
Pay At: <FONT  COLOR=#00A000>New Westminster, British Columbia</FONT><BR>
From: <FONT  COLOR=#00A000>Your Name</FONT><BR>
Password : <FONT  COLOR=#00A000>Secret Word Or Phrase</FONT><BR>
The Control Number<BR>

<B>Note: We need all of the above info to cash the Western Union order.</B>

<H4>You'll need to use the green form, when you are at the Western Union Office</H4><BR>
";
$totalpricetxt="Total In Canadian Dollars";
$totalpriceusa="Total In US Dollars";
$producttotaltxt="Product Total";
$flagusa="<img src=\"http://www.mellowgold.com/us.gif\">";
$flagca="<img src=\"http://www.mellowgold.com/ca.gif\">";

$sendtitle="Your order has been submitted";
$sendtxt="<CENTER><TABLE><TR><TD>We will ship your order as soon as we recieve your payment and the order sheet in the mail. <BR> Thanks for your order!<BR>
<BR>Remember you still have to send us your order in the mail. Your submitting it online lets us know which orders are coming in and what strains to keep in stock.<BR>
<BR>Your order will be shipped in one of many types of packages, so be on the lookout for any mail from our part of the world!<BR>
<BR>You can return to our <A HREF=\"http://www.mellowgold.com\">home page</A> now, or look at our <A HREF=\"http://www.mellowgold.com/shop\">online catalogue</A> some more.</TD></TR></TABLE></CENTER>";


# Here you specify the width in pixels of the tablefields when reviewing the Cart.

$productw=280;
$pricew=60;
$quanw=80;
$totalw=60;
$deletew=50;

# Specify your tax rate here.
# If you dont want the tax to be shown at all, just set the field vattxt to ""
# If you dont use tax then set vatpercent to 0

$vatpercent=0;
$vattxt="";

# Specify the postage text and how much the postage will cost
# If you dont want the postage to be shown at all, then set the field postagetxt to ""
# If you dont charge anything for the postage, just set postageprice to 0

$postagepricepart=10;
$postagetxt="Shipping and Handling";

# Here you specify the currency you use (eg. "$" or "£")
# note that a \ must preceed the $ sign because it is a special sign.
$currency="\$";

# You can change the text and width for your order-form fields. 
# If you don't want some of these fields to be shown then just set them to ""
#

$realname="Name        ";
$realnamel=30;

 $company="";
 $companyl=30;

   $addy1="Address    ";
   $addy1l=60;

   $addy2="";
   $addy2l=50;

     $zip="ZIP/Postal code    ";
     $zipl=8;

    $city="City        ";
    $cityl=30;

   $state="State/Province       ";
   $statel=3;

 $country="Country     ";
 $countryl=20;

   $phone="Phone(optional)       ";
   $phonel=15;

   $email="E-Mail(include if you want us to email you when we SEND out your order)      ";
   $emaill=30;


# If you want the customer to be able to pay by creditcard, you can set the text here.
# To remove a cardtype just set it to ""
#
# If you do NOT want the customer to be able to pay by creditcard, just set $cardtext to ""



 $cardtext="To pay by credit card enter your info below";

$cardtype1="VISA";
$cardtype2="American Express";
$cardtype3="Master Card";
$cardtype4="Diners Card";
$cardtype5="";

   $cardno="Creditcard number        ";
   $cardnol=16;

 $cardyear="Card expires year (####) ";
 $cardyearl=4;

$cardmonth="Card expires month (##)  ";
$cardmonthl=2;

$ccvnumber="CCV # last 3 digits on back of card (###)  ";
$ccvnumber1=3;




# Here you specify to which email address the order should be sent to
# note that the "@" sign must be preceded by a "\"
$orderemail="orders\@mellowgold.com";

# Here you specify what the order-mail subject should be
$ordersubject="An Order";


# This is a call of a subroutine. Do NOT alter this!
&parse;


#
# The itemdesc is the string that is shown in the Shoppingcart-article field when you review the 
# shoppingcart ie. a description that identifies the product that the customer 
# has added to your shopping cart. Use the syntax "$co{'<input tag name>'}" 
#
# Example:
# you want to send the value "Shirt" from your html page to the shoppingcart using the variable "clothes"
# put this line inside your <form> tags:  <input type="hidden" name="clothes" value="Shirt">
# and you could define itemdesc as:  $itemdesc="$co{'clothes'} ";
# 

#
# From version 1.6 you can also allow the customer to add up to 20 products from one html page,
# by using itemdesc0-itemdesc19.
#
# 
#

# To understand these comments you must study the file cart.htm carefully!
# Itemdesc0 will contain the description about the T-Shirt

$itemdesc0="$co{'headline0'}   $co{'size0'}       $co{'color0'} ";

# To understand these comments you must study the file cart.htm carefully!
# Itemdesc1 will contain the description of the Pants




# To understand these comments you must study the file cart.htm carefully!
# Itemdesc2 will contain the description of the Pants



# To understand these comments you must study the file cart.htm carefully!
# As we only use 2 items on our page (cart.htm) we can comment out the other 17 items with #

# $itemdesc3="$co{'headline3'} - Size: $co{'size3'}";
# $itemdesc4="$co{'headline4'} - Size: $co{'size4'}";
# $itemdesc5="$co{'headline5'} - Size: $co{'size5'}";
# $itemdesc6="$co{'headline6'} - Size: $co{'size6'}";
# $itemdesc7="$co{'headline7'} - Size: $co{'size7'}";
# $itemdesc8="$co{'headline8'} - Size: $co{'size8'}";
# $itemdesc9="$co{'headline9'} - Size: $co{'size9'}";
# $itemdesc10="$co{'headline10'} - Size: $co{'size10'}";
# $itemdesc11="$co{'headline11'} - Size: $co{'size11'}";
# $itemdesc12="$co{'headline12'} - Size: $co{'size12'}";
# $itemdesc13="$co{'headline13'} - Size: $co{'size13'}";
# $itemdesc14="$co{'headline14'} - Size: $co{'size14'}";
# $itemdesc15="$co{'headline15'} - Size: $co{'size15'}";
# $itemdesc16="$co{'headline16'} - Size: $co{'size16'}";
# $itemdesc17="$co{'headline17'} - Size: $co{'size17'}";
# $itemdesc18="$co{'headline18'} - Size: $co{'size18'}";
# $itemdesc19="$co{'headline19'} - Size: $co{'size19'}";


# This is a call of a subroutine. Do NOT alter this!
&what;


#
# Here's the real program.
#


sub parse {
   if ($ENV{'REQUEST_METHOD'} eq 'GET') {
      @pairs = split(/&/, $ENV{'QUERY_STRING'});
   }
   if ($ENV{'REQUEST_METHOD'} eq 'POST') {
      read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); 
      @pairs = split(/&/, $buffer);
   }    
   
   foreach $pair (@pairs) {        
      local($name, $value) = split(/=/, $pair);        
      $name =~ tr/+/ /;        
      $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
      $value =~ tr/+/ /;  
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;   
      $co{$name} = $value; 
   }
}

sub review {
   $data = "";
   $rowcount = 0;
   print "Content-type: text/html\n\n";
   print "<html><head><title>$contentstxt</title></head>\n";
   print "<body ";
   if ($bgimage){print"background=\"$bgimage";}
   else{print"bgcolor=\"#ffffff";}
   print "\">\n";
   if ($logoimage){print "<BR><center><img src=\"$logoimage\" border=0></center>";}
   print "<P><center><H2>$contentstxt</H2></center></P>\n";
   open (INFIL,"$tmppath$ENV{'REMOTE_ADDR'}");
   while( eof INFIL == false )
   {
      $intecken = getc INFIL;
      $data = $data . $intecken;
   }
   ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)=stat INFIL;

   close INFIL;
   
   $age = time - $ctime;
   if ($age > $timelimit)
   {
      open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
      printf HANDLE "";
      close HANDLE;
      $data="";
   }
   @rows = split(/,/, $data);
   $rowcount=0;
   foreach $row (@rows) 
   {
      ($product{$rowcount}, $price{$rowcount}, $quantity{$rowcount}) = split(/&/, $row);
      $rowcount=$rowcount+1;
   }
   
   print "<FORM ACTION=\"$cartpath\" METHOD=\"POST\">\n";    
   print "<center><table border=0><tr>\n";
   print "<td><b>$articletxt</td><td><b>$pricetxt</td><td><b>$quantitytxt</td><td><b>$totaltxt</td><td><b>$deletetxt</td></tr>\n";
   
   $rowcount=0;
   $totalprice=0;
   foreach $row (@rows)
   {
      print "<tr><td width=$productw>$product{$rowcount}</td>\n";
      print "<td width=$pricew>$currency $price{$rowcount}</td>\n";
      print "<td width=$quanw><input type=\"text\" name=\"quan-$rowcount\" SIZE=\"5\" MAXLENGTH=\"5\" value=\"$quantity{$rowcount}\"></td>\n";
      $thispricedec=($price{$rowcount}*$quantity{$rowcount}); $thisprice = sprintf ("%.2f\n", $thispricedec);
      print "<td width=$totalw>$currency $thisprice</td>\n";
      print "<td width=$deletew><input type=\"checkbox\" name=\"del-$rowcount\"></td>\n";
      print "</tr>\n";
      $totalprice=$totalprice+($price{$rowcount}*$quantity{$rowcount});
      $rowcount=$rowcount+1;
   }
   $vat1=($totalprice*($vatpercent/100)); $vat = sprintf("%.2f\n", $vat1); print "<tr><td></td><td></td><td></td><td><hr></td></tr>\n";
   print "<tr><td>$producttotaltxt</td><td></td><td></td>\n";
   $postageprice = sprintf ("%.2f\n", $postagepricepart); $totalprice1 = sprintf ("%.2f\n", $totalprice); print "<td>$currency $totalprice1</td></tr>\n";
   if ($postagetxt){
   print "<tr><td>$postagetxt</td><td></td><td></td>\n";
   print "<td>$currency $postageprice</td></tr>\n";
}

if ($vattxt){
   print "<tr><td>$vattxt</td><td></td><td></td>\n";
   print "<td>$currency $vat</td></td></tr>\n";
}

$fullpricecan=($totalprice+$vat+$postageprice); $fullprice = sprintf ("%.2f\n", $fullpricecan); $totalpricebefore = $totalprice * .75; $totalpriceagain = sprintf("%.2f\n", $totalpricebefore); $vatus=($totalpriceagain*($vatpercent/100)); $vatusa = sprintf("%.2f\n", $vatus); $fullpricepart=($totalpriceagain+$vatusa+$postageprice); $uspricenow = sprintf ("%.2f\n", $fullpricepart);
print "<tr><td></td><td></td><td></td><td><hr></td></tr>\n";
print "<tr><td><b><font color=\"#ff0000\">$totalpricetxt</font></b></td><td></td><td></td>\n";
print "<td><b><font color=\"#ff0000\">$currency $fullprice </font> $flagca</b></td></tr>\n";


print "<tr><td><b><font color=\"#0000ff\">$totalpriceusa</font></b></td><td></td><td></td><td><b><font color=\"#0000ff\">$currency $uspricenow </font> $flagusa</b></td></tr></table></center>\n";

print "<input type=\"hidden\" name=\"rowcount\" value=\"$rowcount\">\n";
print "<input type=\"hidden\" name=\"returnto\" value=\"$co{'returnto'}\">\n";if ($submittype){
print "<p><input type=\"image\" name=\"continue\" src=\"$imgcontinue\" border=0>";
print "<input type=\"image\" name=\"update\" src=\"$imgupdate\" border=0>";
print "<input type=\"image\" name=\"empty\" src=\"$imgempty\" border=0>";
print "<input type=\"image\" name=\"order\" src=\"$imgorder\" border=0><P>\n";
}
else
{
print "<center><p><input type=\"submit\" name=\"continue\" value=\"$continue\">\n";
print "<input type=\"submit\" name=\"update\" value=\"$update\">\n";
#print "<input type=\"submit\" name=\"empty\" value=\"$empty\">\n";
print "<input type=\"submit\" name=\"order\" value=\"$order\"></p></center>\n";
}
print "</FORM>\n";
print "<TABLE ALIGN=\"CENTER\"><TR><TD><A HREF=\"http://www.mellowgold.com/orderhelp\">[ Help ]</A></TD><TD><A HREF=\"http://www.mellowgold.com\">[ Home ]</A></TD></TR></TABLE>\n";
print "</body></html>\n";
}

sub addto {
   $rowcount=0;
   $data="";
   open (INFIL,"$tmppath$ENV{'REMOTE_ADDR'}");
   while( eof INFIL == false ) {
      $intecken = getc INFIL;
      if ($intecken eq ',') {
         $rowcount=$rowcount+1;
      } else {
         $data = $data . $intecken;
      }
   }
   ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)=stat INFIL;
   
   close INFIL;
   $age = time - $ctime;

   if ($age > $timelimit) {
      open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
   } else {
      open (HANDLE,">>$tmppath$ENV{'REMOTE_ADDR'}");
   }
   
   if ($co{'quan0'} > 0 ){printf HANDLE "$itemdesc0&$co{'price0'}&$co{'quan0'},";}
   if ($co{'quan1'} > 0 ){printf HANDLE "$itemdesc1&$co{'price1'}&$co{'quan1'},";}
   if ($co{'quan2'} > 0 ){printf HANDLE "$itemdesc2&$co{'price2'}&$co{'quan2'},";}
   if ($co{'quan3'} > 0 ){printf HANDLE "$itemdesc3&$co{'price3'}&$co{'quan3'},";}
   if ($co{'quan4'} > 0 ){printf HANDLE "$itemdesc4&$co{'price4'}&$co{'quan4'},";}
   if ($co{'quan5'} > 0 ){printf HANDLE "$itemdesc5&$co{'price5'}&$co{'quan5'},";}
   if ($co{'quan6'} > 0 ){printf HANDLE "$itemdesc6&$co{'price6'}&$co{'quan6'},";}
   if ($co{'quan7'} > 0 ){printf HANDLE "$itemdesc7&$co{'price7'}&$co{'quan7'},";}
   if ($co{'quan8'} > 0 ){printf HANDLE "$itemdesc8&$co{'price8'}&$co{'quan8'},";}
   if ($co{'quan9'} > 0 ){printf HANDLE "$itemdesc9&$co{'price9'}&$co{'quan9'},";}
   if ($co{'quan10'} > 0 ){printf HANDLE "$itemdesc10&$co{'price10'}&$co{'quan10'},";}
   if ($co{'quan11'} > 0 ){printf HANDLE "$itemdesc11&$co{'price11'}&$co{'quan11'},";}
   if ($co{'quan12'} > 0 ){printf HANDLE "$itemdesc12&$co{'price12'}&$co{'quan12'},";}
   if ($co{'quan13'} > 0 ){printf HANDLE "$itemdesc13&$co{'price13'}&$co{'quan13'},";}
   if ($co{'quan14'} > 0 ){printf HANDLE "$itemdesc14&$co{'price14'}&$co{'quan14'},";}
   if ($co{'quan15'} > 0 ){printf HANDLE "$itemdesc15&$co{'price15'}&$co{'quan15'},";}
   if ($co{'quan16'} > 0 ){printf HANDLE "$itemdesc16&$co{'price16'}&$co{'quan16'},";}
   if ($co{'quan17'} > 0 ){printf HANDLE "$itemdesc17&$co{'price17'}&$co{'quan17'},";}
   if ($co{'quan18'} > 0 ){printf HANDLE "$itemdesc18&$co{'price18'}&$co{'quan18'},";}
   if ($co{'quan19'} > 0 ){printf HANDLE "$itemdesc19&$co{'price19'}&$co{'quan19'},";}
   
   close HANDLE;
      
   &review;
}
   
sub update
{
$data = "";
$rowcount = 0;

open (INFIL,"$tmppath$ENV{'REMOTE_ADDR'}");
while( eof INFIL == false )
{
$intecken = getc INFIL;
$data = $data . $intecken;
}
($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)=stat INFIL;

close INFIL;

$age = time - $ctime;
if ($age > $timelimit)
{
open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
printf HANDLE "";
close HANDLE;
$data="";
}
@rows = split(/,/, $data);
$rowcount=0;
open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");

foreach $row (@rows) 
{
($product{$rowcount}, $price{$rowcount}, $quantity{$rowcount}) = split(/&/, $row);
$quant="quan-$rowcount";
$quantity{$rowcount}=$co{$quant};
$delt="del-$rowcount";

if ($co{$delt} eq 'on')
{
}
else
{
printf HANDLE "$product{$rowcount}&";
printf HANDLE "$price{$rowcount}&";
printf HANDLE "$co{$quant}";
printf HANDLE ",";
}
$rowcount=$rowcount+1;
}
close HANDLE;
&review;
}sub order {

$data = "";
$rowcount = 0;
print "Content-type: text/html\n\n";
print "<html><head><title>$ordertxt</title></head>\n";
print "<body ";
if ($bgimage){print"background=\"$bgimage";}
else{print"bgcolor=\"#ffffff";}
print "\">\n";
if ($logoimage){print "<BR><center><img src=\"$logoimage\" border=0></center>";}
print "<P><center><H2>$ordertxt</H2></center></P>\n";
open (INFIL,"$tmppath$ENV{'REMOTE_ADDR'}");
while( eof INFIL == false )
{
$intecken = getc INFIL;
$data = $data . $intecken;
}
($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)=stat INFIL;

close INFIL;

$age = time - $ctime;
if ($age > $timelimit)
{
open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
printf HANDLE "";
close HANDLE;
$data="";
}
@rows = split(/,/, $data);
$rowcount=0;
foreach $row (@rows) 
{
($product{$rowcount}, $price{$rowcount}, $quantity{$rowcount}) = split(/&/, $row);
$rowcount=$rowcount+1;
}

print "<FORM ACTION=\"$cartpath\" METHOD=\"POST\">\n";     print "<center><table border=0><tr>\n";
print "<td><b>$articletxt</td><td><b>$pricetxt</td><td><b>$quantitytxt</td><td><b>$totaltxt</td></tr>\n";
$rowcount=0;
$totalprice=0;
foreach $row (@rows)
{
print "<tr><td width=$productw>$product{$rowcount}</td>\n";
print "<td width=$pricew>$currency $price{$rowcount}</td>\n";
print "<td align=center width=$quanw>$quantity{$rowcount}</td>\n";
$thispricedec=($price{$rowcount}*$quantity{$rowcount}); $thisprice = sprintf ("%.2f\n", $thispricedec);
print "<td width=$totalw>$currency $thisprice</td>\n";
print "</tr>\n";
$totalprice=$totalprice+($price{$rowcount}*$quantity{$rowcount});
$rowcount=$rowcount+1;
}
$vat1=($totalprice*($vatpercent/100)); $vat = sprintf("%.2f\n", $vat1); $totalprice1 = sprintf ("%.2f\n", $totalprice);
print "<tr><td></td><td></td><td></td><td><hr></td></tr>\n";
print "<tr><td>$producttotaltxt</td><td></td><td></td>\n"; $postageprice = sprintf ("%.2f\n", $postagepricepart);
print "<td>$currency $totalprice1</td></tr>\n";
if ($postagetxt){
print "<tr><td>$postagetxt</td><td></td><td></td>\n";
print "<td>$currency $postageprice</td></tr>\n";
}
if ($vattxt){
print "<tr><td>$vattxt</td><td></td><td></td>\n";
print "<td>$currency $vat</td></td></tr>\n";
}
$fullpricecan=($totalprice+$vat+$postageprice); $fullprice = sprintf ("%.2f\n", $fullpricecan); $totalpricebefore = $totalprice * .75; $totalpriceagain = sprintf("%.2f\n", $totalpricebefore); $vatus=($totalpriceagain*($vatpercent/100)); $vatusa = sprintf("%.2f\n", $vatus); $fullpricepart=($totalpriceagain+$vatusa+$postageprice); $uspricenow = sprintf ("%.2f\n", $fullpricepart); print "<tr><td></td><td></td><td></td><td><hr></td></tr>\n";
print "<tr><td><b>$totalpricetxt</b></td><td></td><td></td>\n";
print "<td><b>$currency $fullprice $flagca</b></td></tr>\n";
print "<tr><td><b>$totalpriceusa</b></td><td></td><td></td><td><b>$currency $uspricenow $flagusa</b></td></tr></table></center>\n";
print "<hr>$addytxt\n";
print "<TABLE>";if ($realname){print "\n<TR>
<TD>$realname</TD><TD><input type=\"text\" name=\"realname\" size=\"$realnamel\"></TD></TR>\n";}if ($company){print "\n<TR><TD>$company</TD><TD><input type=\"text\" name=\"company\" size=\"$companyl\"></TD></TR>\n";}if ($addy1){print "\n<TR><TD>$addy1</TD><TD><input type=\"text\" name=\"addy1\" size=\"$addy1l\"></TD></TR>\n";}if ($addy2){print "\n<TR><TD>$addy2</TD><TD><input type=\"text\" name=\"addy2\" size=\"$addy2l\"></TD></TR>\n";}if ($city){print "\n<TR><TD>$city</TD><TD><input type=\"text\" name=\"city\" size=\"$cityl\"></TD></TR>\n";}if ($state){print "\n<TR><TD>$state</TD><TD><input type=\"text\" name=\"state\" size=\"$statel\"></TD></TR>\n";}if ($zip){print "\n<TR><TD>$zip</TD><TD><input type=\"text\" name=\"zip\" size=\"$zipl\"></TD></TR>\n";}if ($country){print "\n<TR><TD>$country</TD><TD><input type=\"text\" name=\"country\" size=\"$countryl\"></TD></TR>\n";}if ($phone){print "\n<TR><TD>$phone</TD><TD><input type=\"text\" name=\"phone\" size=\"$phonel\"></TD></TR>\n";}if ($email){print "\n<TR><TD


>$email</TD><TD><input type=\"text\" name=\"email\" size=\"$emaill\"></TD></TR>\n\n";}if ($cardtext) 
print "<TR><TD>$cardtext";
print "</TD><TD><select name=\"cardtype\">\n";{

if($cardtype1){print "<option>$cardtype1";}
if($cardtype2){print "<option>$cardtype2";}
if($cardtype3){print "<option>$cardtype3";}
if($cardtype4){print "<option>$cardtype4";}
if($cardtype5){print "<option>$cardtype5";}
print "</select></TD></TR>\n";print "<TR><TD>$cardno<input type=\"text\" name=\"cardno\" size=\"$cardnol\" maxlength=\"$cardnol\">\n";print "</TD><TD>$cardyear<input type=\"text\" name=\"cardyear\" size=\"$cardyearl\" maxlength=\"$cardyearl\"></TD></TR>\n";print "<TR><TD>$cardmonth<input type=\"text\" name=\"cardmonth\" size=\"$cardmonthl\" maxlength=\"$cardmonthl\"></TD><TD><TD></TR>\n";print "<TR>$ccvnumber<input type=\"text\" name=\"ccvnumber\" size=\"$ccvnumberl\" maxlength=\"$ccvnumberl\"></TD></TD></TR>\n";}
print "</TABLE>";
print "<input type=\"hidden\" name=\"returnto\" value=\"$co{'returnto'}\">";if ($submittype){
print "<P><input type=\"image\" name=\"continue\" src=\"$imgcontinue\" border=0>";
print "<input type=\"image\" name=\"send\" src=\"$imgsend\" border=0><P>";
}
else
{
print "<center><p><input type=\"submit\" name=\"continue\" value=\"$continue\">";
print "<input type=\"submit\" name=\"send\" value=\"$send\"></center>";
print "</FORM>";
}
print "</body></html>";
}sub send {

$data = "";
$sd = "";
$rowcount = 0;
open (INFIL,"$tmppath$ENV{'REMOTE_ADDR'}");
while( eof INFIL == false )
{
$intecken = getc INFIL;
$data = $data . $intecken;
}
($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)=stat INFIL;

close INFIL;
$age = time - $ctime;
if ($age > $timelimit)
{
open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
printf HANDLE "";
close HANDLE;
$data="";
}
@rows = split(/,/, $data);
$rowcount=0;
foreach $row (@rows) 
{
($product{$rowcount}, $price{$rowcount}, $quantity{$rowcount}) = split(/&/, $row);
$rowcount=$rowcount+1;
}
$rowcount=0;
$totalprice=0;
foreach $row (@rows)
{
$thispricedec=($price{$rowcount}*$quantity{$rowcount}); $thisprice = sprintf ("%.2f\n", $thispricedec);
$sd=$sd."$articletxt: $product{$rowcount}\n$quantitytxt: $quantity{$rowcount}, $pricetxt: $currency $price{$rowcount}, $totaltxt: $currency $thisprice\n\n";
$totalprice=$totalprice+($price{$rowcount}*$quantity{$rowcount});
$rowcount=$rowcount+1;
}
$totalprice1 = sprintf ("%.2f\n", $totalprice); $vat1=($totalprice*($vatpercent/100)); $vat = sprintf("%.2f\n", $vat1); $postageprice = sprintf ("%.2f\n", $postagepricepart); $fullpricecan=($totalprice+$vat+$postageprice); $fullprice = sprintf ("%.2f\n", $fullpricecan); $totalpricebefore = $totalprice * .75; $totalpriceagain = sprintf("%.2f\n", $totalpricebefore); $vatus=($totalpriceagain*($vatpercent/100)); $vatusa = sprintf("%.2f\n", $vatus); $fullpricepart=($totalpriceagain+$vatusa+$postageprice); $uspricenow = sprintf ("%.2f\n", $fullpricepart); $sd=$sd."\n$producttotaltxt: $currency $totalprice1\n";
if ($postagetxt){$sd=$sd."\n$postagetxt: $currency $postageprice\n";}
if ($vattxt){$sd=$sd."\n$vattxt: $currency $vat\n";}
$fullpricepart=($totalprice+$vat+$postageprice); $fullprice = sprintf ("%.2f\n", $fullpricepart);
$sd=$sd."\n$totalpricetxt: $currency $fullprice\n";
$sd=$sd."\n$totalpriceusa: $currency $uspricenow\n";    open(MAIL,"|$mailprog -t");    print MAIL "To: $orderemail\n";    print MAIL "From: $co{'email'} ($co{'realname'})\n";    print MAIL "Subject: $ordersubject\n";    print MAIL "--------------------\n";if ($realname){print MAIL "$co{'realname'}\n";}if ($company){print MAIL "$co{'company'}\n";}if ($addy1){print MAIL "$co{'addy1'}\n";}if ($addy2){print MAIL "$co{'addy2'}\n";}if ($city){print MAIL "$co{'city'}\n";}if ($state){print MAIL "$co{'state'}\n";}if ($zip){print MAIL "$co{'zip'}\n";}if ($country){print MAIL "$co{'country'}\n";}if ($phone){print MAIL "$co{'phone'}\n\n";}if ($cardtext){print MAIL "  CREDITCARD: $co{'cardtype'}\n";print MAIL "CARDITCARDNO: $co{'cardno'}\n";print MAIL "     EXPIRES: $co{'cardyear'}-$co{'cardmonth'}\n";}    print MAIL "--------------------\n";    print MAIL $sd;    print MAIL "--------------------\n";    close (MAIL);
print "Content-type: text/html\n\n";
print "<html><head><title>$sendtitle</title></head>\n";
print "<body ";
if ($bgimage){print"background=\"$bgimage";}
else{print"bgcolor=\"#ffffff";}
print "\">\n";
if ($logoimage){print "<BR><center><img src=\"$logoimage\" border=0></center>";}
print "<P><CENTER><H2>$sendtitle</H2></CENTER></P>\n";
print "<p>$sendtxt</p>";
print "<CENTER><FORM ACTION=\"$cartpath\" METHOD=\"POST\">\n";
print "<input type=\"hidden\" name=\"returnto\" value=\"$co{'returnto'}\">";if ($submittype){
print "<p><input type=\"image\" name=\"continue\" src=\"$imgcontinue\" border=0>";
}
else
{
print "<p><input type=\"submit\" name=\"continue\" value=\"$continue\">";
}
print "</FORM></CENTER>\n";
print "</body></html>\n";
}

sub what {
   if ($co{'review'} || $co{'review.x'}){&review;}
   elsif ($co{'addto'} || $co{'addto.x'}){&addto;}
   elsif ($co{'order'} || $co{'order.x'}){&order;}
   elsif ($co{'empty'} || $co{'empty.x'})
   {
 open (HANDLE,">$tmppath$ENV{'REMOTE_ADDR'}");
 printf HANDLE "";
 close HANDLE;
 &review;
 }
elsif ($co{'continue'} || $co{'continue.x'})
 {
 print "Location: $co{'returnto'}\n\n";
 }
elsif ($co{'update'} || $co{'update.x'}){&update;}
elsif ($co{'send'} || $co{'send.x'}){&send;}
else {
print "Content-type: text/html\n\n";
print "<html><head><title>ERROR</title></head><body>\n";
print "<center><h2>ERROR</h2></center><br><p><h4>One of three things happened: <ol><li>You pressed ENTER, instead of hitting the \"Add To shopping cart\" button. You must use the buttons for the script to work.<li>You entered an invalid number or letter. No decimals or letters allowed.<li>Some other unspecified error occured. Please email the webmaster with what happened so we can fix it!</ol></h4>\n";
print "</body></html>\n";
}
}