#!/usr/bin/perl
$| = 1;
$|++;
 print "Content-type: text/html\n\n";
require "./Library2/web_store.setup.frames.javascript";
require "./Library2/pulldown_menu.txt";
require "./Library2/page_format.cfg";
require "./Library2/web_store_db_lib.pl";
require "./Library2/mail-lib.pl";
require "./Library2/web_store_html_lib.pl";
require "./Library2/credit_card_validation_lib.pl";
&ReadParse; 
  use DBI; 

$page = $form_data{'page'};
$page =~ s/\0//g;
$form_data{'page'} =~ s/\0//g;
$search_request = $form_data{'search_request_button'};
$cart_id = $form_data{'cart_id'};
$sc_cart_path = "$sc_user_carts_directory_path/$cart_id.cart";
 &error_check_form_data;
if ($cart_id eq "")
  {
  &delete_old_carts;
  &assign_a_unique_shopping_cart_id;
  }
 $are_any_query_fields_filled_in = "no";
foreach $query_field (@sc_db_query_criteria) {
  @criteria = split(/\|/, $query_field);
  if ($form_data{$criteria[0]} ne "") {
    $are_any_query_fields_filled_in = "yes";
  }
}

if ($form_data{'add_to_cart_button'} ne "")
  {
  &add_to_the_cart;
  exit;
  }

elsif ($form_data{'modify_cart_button'} ne "")
  {
  &display_cart_contents;
  exit;
  }

elsif ($form_data{'change_quantity_button'} ne "")
  {
  &output_modify_quantity_form;
  exit;
  }

elsif ($form_data{'submit_change_quantity_button'} ne "")
  {
  &modify_quantity_of_items_in_cart;
  exit;
  }

elsif ($form_data{'delete_item_button'} ne "")
  {
  &output_delete_item_form;
  exit;
  }

elsif ($form_data{'submit_deletion_button'} ne "")
  {   
  &delete_from_cart;
  exit;
  }

elsif ($form_data{'order_form_button'} ne "")
  {
  &require_supporting_libraries (__FILE__, __LINE__,    "$sc_order_lib_path"); 
  &display_order_form;
  exit;
  }

elsif ($form_data{'submit_order_form_button'} ne "")
  {
  &require_supporting_libraries (__FILE__, __LINE__,  "$sc_order_lib_path"); 
  &process_order_form;
  exit;
  }

elsif (($page ne "" || $form_data{'search_request_button'} ne ""
		    || $form_data{'continue_shopping_button'}
                    || $are_any_query_fields_filled_in =~ /yes/i) &&
	($form_data{'return_to_frontpage_button'} eq "")) 
  {
  &display_products_for_sale;
  exit;
  }

else
  {
  &output_frontpage;
  exit;
  }
#######################################################################
#                       Require Supporting Libraries.		      #
#######################################################################
sub require_supporting_libraries
  {
  local ($file, $line, @require_files) = @_;
  local ($require_file);
  foreach $require_file (@require_files)
    {
    if (-e "$require_file" && -r "$require_file")      {      require "$require_file";      }
    else
      {  print qq~<font face="Arial" size="2">I am sorry, there is a problem with your request.  Please try again.</font>~;
      exit;      }
    } # End of foreach $require_file (@require_files)
  } # End of sub require_supporting_libraries
#######################################################################
#                     Error Check Form Data.                          #   
####################################################################### 
 sub error_check_form_data
  {
  foreach $file_extension (@acceptable_file_extensions_to_display)
    {
    if ($page =~ /$file_extension/ || $page eq "")     {      $valid_extension = "yes";      }
    }
  if ($valid_extension ne "yes")
    {
    print "$sc_page_load_security_warning";
    &update_error_log("PAGE LOAD WARNING", __FILE__, __LINE__);
    exit;
    }        
  }
#######################################################################
#                        Delete Old Carts. 	                      #
#######################################################################
sub delete_old_carts
  {
  opendir (USER_CARTS, "$sc_user_carts_directory_path") ||&file_open_error("$sc_user_carts_directory_path",   "Delete Old Carts", __FILE__, __LINE__);
  @carts = grep(/\.cart/,readdir(USER_CARTS));
  closedir (USER_CARTS);
  foreach $cart (@carts)
    {
    if (-M "$sc_user_carts_directory_path/$cart" > $sc_number_days_keep_old_carts)
      {
      unlink("$sc_user_carts_directory_path/$cart");
      }
    }
  } # End of sub delete_old_carts
#######################################################################
#                        Assign a Shopping Cart.                      #   
#######################################################################  
 sub assign_a_unique_shopping_cart_id
  {
     if ($sc_shall_i_log_accesses eq "yes")
      {
      $date = &get_date;
      &get_file_lock("$sc_access_log_path.lockfile");
      open (ACCESS_LOG, ">>$sc_access_log_path");
      @env_keys = keys(%ENV);
      $new_access = "$date\|";
      foreach $env_key (@env_keys)
        {
        $new_access .= "$ENV{$env_key}\|";
        }
      chop $new_access;
      print ACCESS_LOG "$new_access\n";
      close (ACCESS_LOG);
      &release_file_lock("$sc_access_log_path.lockfile");
      }
     srand (time|$$);
    $cart_id = int(rand(10000000));
    $cart_id .= ".$$";
    $sc_cart_path = "$sc_user_carts_directory_path/${cart_id}.cart";
    $cart_count = 0;
    while (-e "$sc_cart_path")
      {
      if ($cart_count == 3)
        {
        print "$sc_randomizer_error_message";
        &update_error_log("COULD NOT CREATE UNIQUE CART ID", __FILE__,
   			  __LINE__);
        exit;
        }
      srand (time|$$);
      $cart_id = int(rand(10000000));
      $cart_id .= ".$$";    
      $cart_count++;
      } # End of while (-e $sc_cart_path)
     open (CART, ">$sc_cart_path") ||&file_open_error("$sc_cart_path",  "Assign a Shopping Cart", __FILE__, __LINE__);
  }
#######################################################################   
#                       Output Frontpage.                             #
#######################################################################  
 sub output_frontpage  {  &display_page("$sc_store_front_path", "Output Frontpage", __FILE__, __LINE__);  }
#######################################################################
#                    Add to Shopping Cart                             #
#######################################################################
sub add_to_the_cart
  {
  @items_ordered = keys (%form_data);
   foreach $item (@items_ordered)
    {
    if (($item =~ /^item-/i ||
        $item =~ /^option/i) &&
        $form_data{$item} ne "")
      {
        $item =~ s/^item-//i;
        if ($item =~ /^option/i){push (@options, $item);}
        else
          {
          if (($form_data{"item-$item"} =~ /\D/) || ($form_data{"item-$item"} == 0))
		             {
	    &bad_order_note;
            }
          else
            {
            $quantity = $form_data{"item-$item"};
            push (@items_ordered_with_options, "$quantity\|$item\|");
	    }
 	  }
        } # End of if ($item ne "$variable" && $form_data{$item} ne "")
    } #End of foreach $item (@items_ordered)
 
  foreach $item_ordered_with_options (@items_ordered_with_options)  
    {

		# First, clear out a few variables that we are going to
		# use for each item. 
		#
		# $options will be used to keep track of all of the
		# options selected for any given item. 
		#
		# $option_subtotal will be used to determine the total
		# cost of each option.
		#
		# $option_grand_total will be used to calculate the
		# total cost of all ordered options.  
		#
		# $item_grand_total will be used to calculate the total
		# cost of the item ordered factoring in quantity and
		# options.

    $options = "";
    $option_subtotal = "";
    $option_grand_total = "";
    $item_grand_total = "";
     $item_ordered_with_options =~ s/~qq~/\"/g;
     $item_ordered_with_options =~ s/~gt~/\>/g;
     $item_ordered_with_options =~ s/~lt~/\</g;
     @cart_row = split (/\|/, $item_ordered_with_options);
     $item_quantity = $cart_row[$sc_cart_index_of_quantity];
     $item_id_number = $cart_row[$sc_cart_index_of_item_id];
     $item_price = $cart_row[$sc_cart_index_of_price];
    foreach $option (@options)
      {
      ($option_marker, $option_number, $option_item_number) = split (/\|/, $option);
       if ($option_item_number eq "$item_id_number")
	{

		# Since it must apply this option to this item, the script
		# splits out the value associated with the option and
		# appends it to $options.  Once it has gone through all of
		# the options, using .=, the script will have one big string
		# containing all the options so that it can print them
		# out. Note that in the form on which the client chooses
		# options, each option is denoted with the form 
		#
		#            NAME = "a|b|c" VALUE = "d|e"
		#
		# where 
		# 
		# a is the option marker "option" 
		# b is the option number (you might have multiple options
		#	which all modify the same item.  Option number
		#	identifies each option uniquely) 
		# c is the option item number (the unique item id number
		#	which the option modifies)
		# d is the option name (the descriptive name of the
		#	option)
		# e is the option price. 
		# 
		# For example, consider this option from the default
		# Vowels.html file which modifies item number 0001:
		# 
		#      <INPUT TYPE = "radio" NAME = "option|2|0001"
                #             VALUE = "Red|0.00" CHECKED>Red<BR>
		#
		# This is the second option modifying item number 0001.
		# When displayed in the display cart sscreen, it will read
		# "Red 0.00, and will not affect the cost of the item.
		
        ($option_name, $option_price) = split (/\|/,$form_data{$option});
        $options .= "$option_name $option_price,";
  	$unformatted_option_grand_total = $option_grand_total + $option_price;
        $option_grand_total = &format_price($unformatted_option_grand_total);

  	} # End of if ($option_item_number eq "$item_id_number")
      } # End of foreach $option (@options)
   chop $options;
   $options =~ s/,/, /g;
   $item_number = &counter ($sc_counter_file_path, __FILE__, __LINE__);
   $unformatted_item_grand_total = $item_price + $option_grand_total;
  $item_grand_total = &format_price("$unformatted_item_grand_total");
   foreach $field (@cart_row)  { $cart_row .= "$field\|";  }
   $cart_row .= "$options\|$item_grand_total\|$item_number\n";
   } # End of foreach $item_ordered_with_options.....
 open (CART, ">>$sc_cart_path") ||  &file_open_error("$sc_cart_path",  "Add to Shopping Cart", __FILE__, __LINE__);
  print CART "$cart_row";
  close (CART);

  if ($sc_use_html_product_pages eq "yes")
    {
    if ($sc_should_i_display_cart_after_purchase eq "yes") {  &display_cart_contents;       }
    else { &display_page("$sc_html_product_directory_path/$page",  "Display Products for Sale");  }
    }
  else
    {
# this will show the cart if the itempur tag was not sent, which means there is no accessories for that product. 
 if (!$form_data{'item_pur'})

   # if ($sc_should_i_display_cart_after_purchase eq "yes")
      {  
      &display_cart_contents;
      }

    elsif ($are_any_query_fields_filled_in =~ /yes/i) 
      {
      $page = "";
      &display_products_for_sale;
      }
    else  {  &create_html_page_from_db;   }
    }
  } 

#######################################################################
#                  Output Modify Quantity Form                        #
#######################################################################
sub output_modify_quantity_form
  {
  &standard_page_header("Change Quantity");
  &display_cart_table("changequantity");
  &modify_form_footer;
  }
#######################################################################
#                Modify Quantity of Items in the Cart                 #
#######################################################################
sub modify_quantity_of_items_in_cart
   {
   @incoming_data = keys (%form_data);
  foreach $key (@incoming_data)
    {
    if ((($key =~ /[\d]/) && ($form_data{$key} =~ /\D/)) ||
        $form_data{$key} eq "0")
      {
      &update_error_log("BAD QUANTITY CHANGE", __FILE__, __LINE__);
      &bad_order_note;
      }
   unless ($key =~ /[\D]/ && $form_data{$key} =~ /[\D]/)
      {
      if ($form_data{$key} ne "")
        {
        push (@modify_items, $key);
        }
      }
    } # End of foreach $key (@incoming_data)
    open (CART, "$sc_cart_path") || &file_open_error("$sc_cart_path", "Modify Quantity of Items in the Cart", __FILE__, __LINE__);
  while (<CART>)
    {
    @database_row = split (/\|/, $_);
    $cart_row_number = pop (@database_row);
    push (@database_row, $cart_row_number);
    $old_quantity = shift (@database_row);

    chop $cart_row_number;
    foreach $item (@modify_items)
      {
      if ($item eq $cart_row_number)
        {
       $shopper_row .= "$form_data{$item}\|";
        foreach $field (@database_row)  { $shopper_row .= "$field\|";     }
        $quantity_modified = "yes";
        chop $shopper_row; # Get rid of last pipe symbol but not the
			   # newline character

        } # End of if ($item eq $cart_row_number)
      } # End of foreach $item (@modify_items)

     if ($quantity_modified ne "yes")   {  $shopper_row .= $_;   }

     $quantity_modified = "";
     } # End of while (<CART>)
  close (CART);

 open (CART, ">$sc_cart_path") ||   &file_open_error("$sc_cart_path", "Modify Quantity of Items in the Cart", __FILE__,  __LINE__);
  print CART "$shopper_row";
  close (CART);
  &display_cart_contents;
  } # End of if ($form_data{'submit_change_quantity'} ne "")
#######################################################################
#                 Output Delete Item Form                             #
#######################################################################
 sub output_delete_item_form
  {
  &standard_page_header("Delete Item");
  &display_cart_table("delete");
  &delete_form_footer;
  } # End of if ($form_data{'delete_item'} ne "")
#######################################################################
#                 Delete Item From Cart                               #
#######################################################################
  sub delete_from_cart
  {
  @incoming_data = keys (%form_data);
  foreach $key (@incoming_data)
    {

   unless ($key =~ /[\D]/)
      {
      if ($form_data{$key} ne "")
        {
        push (@delete_items, $key);
        }
      } # End of unless ($key =~ /[\D]/...
    } # End of foreach $key (@incoming_data)
  open (CART, "$sc_cart_path") || &file_open_error("$sc_cart_path",    "Delete Item From Cart", __FILE__, __LINE__);

  while (<CART>)
    {
    @database_row = split (/\|/, $_);
    $cart_row_number = pop (@database_row);
    $db_id_number = pop (@database_row);
    push (@database_row, $db_id_number);
    push (@database_row, $cart_row_number);
    chop $cart_row_number;
    $old_quantity = shift (@database_row);

    $delete_item = "";
    foreach $item (@delete_items)
      {
      if ($item eq $cart_row_number)        {        $delete_item = "yes";        }
      } # End of foreach $item (@add_items)
    if ($delete_item ne "yes")      {      $shopper_row .= $_;      }
    } # End of while (<CART>)
  close (CART);
  open (CART, ">$sc_cart_path") ||  &file_open_error("$sc_cart_path",   "Delete Item From Cart", __FILE__, __LINE__);
  print CART "$shopper_row";
  close (CART);
  &display_cart_contents;
  } # End of if ($form_data{'submit_deletion'} ne "") 
#######################################################################
#                    Display Products for Sale                        #
#######################################################################
 sub display_products_for_sale
  {

  if ($sc_use_html_product_pages eq "yes")
    {
    if ($form_data{'search_request_button'} ne "")
      {
      &standard_page_header("Search Results");
      require "$sc_html_search_routines_library_path";
      &html_search;
      &html_search_page_footer;
      exit;
      }
    &display_page("$sc_html_product_directory_path/$page",  "Display Products for Sale", __FILE__, __LINE__);
    }
 else    {    &create_html_page_from_db;    }
  }

&show_page_format;

#######################################################################   
#                   display_cart_contents Subroutine                  #  
#######################################################################   
sub display_cart_contents
  {
  local (@cart_fields);
  local ($field, $cart_id_number, $quantity, $display_number, $unformatted_subtotal, $subtotal, $unformatted_grand_total, $grand_total);
  &standard_page_header("View/Modify Cart");    
  &display_cart_table("");
  &cart_footer;
  exit;
  } # End of sub display_cart_contents
#######################################################################
#                    file_open_error Subroutine                       #
#######################################################################
sub file_open_error
  {
  local ($bad_file, $script_section, $this_file, $line_number) = @_;
  &update_error_log("FILE OPEN ERROR-$bad_file", $this_file, $line_number);
  &CgiDie ("I am sorry, but I was not able to access $bad_file in the
 	$script_section routine of $this_file at line number $line_number.
	Would you please make sure the path is correctly defined in
	web_store.setup and that the permissions are correct.")
  }
#######################################################################
#                     display_page Subroutine                         #
#######################################################################
sub display_page
  {
  local ($page, $routine, $file, $line) = @_;

		# the subroutine begins by opening the requested file for
		# reading, exiting with file_open_error if there is a
		# problem as usual.
# here I'm going to try and make it open a new page for the first time viewers ft will equal yes
if ($form_data{'ft'})       {  $page = "./Html/Products/main_page.html";      }

  open (PAGE, "$page") ||  &file_open_error("$page", "$routine", $file, $line);
  while (<PAGE>)
    {  
    s/cart_id=/cart_id=$cart_id/g;
    s/%%cart_id%%/$cart_id/g;
    s/%%page%%/$form_data{'page'}/g;
    if ($form_data{'add_to_cart_button'} ne "" &&    $sc_shall_i_let_client_know_item_added eq "yes")
      {
      if ($_ =~ /<FORM/)
        {
        print "$_";
        print "$sc_item_ordered_message";
        }
      }
    print $_;
    }
    close (PAGE);
  } # End of sub display_page

#################################################################
#                  counter Subroutine                           #
#################################################################
sub counter
  {
  local($counter_file, $file, $line) = @_; 
  local ($item_number);
  if (!(-e $counter_file)) 
    {
    open(COUNTER_FILE, ">$counter_file") ||   &file_open_error("$counter_file", "Counter", $file, $line);
    print COUNTER_FILE "1\n";
    close(COUNTER_FILE);
    }
  open (COUNTER_FILE, "$counter_file") ||   &file_open_error("$counter_file", "Counter", $file, $line);
  while (<COUNTER_FILE>)    {    $item_number = "$_";    }
  close (COUNTER_FILE);
  $item_number += 1;
  open (NOTE, ">$counter_file") ||  &file_open_error("$counter_file", "Counter", $file, $line); 
  print NOTE "$item_number\n";
  close (NOTE);
  return $item_number;
  } # End of sub counter
#################################################################
#                  update_error_log Subroutine                  #
#################################################################
sub update_error_log
  {
  local ($type_of_error, $file_name, $line_number) = @_;
  local ($log_entry, $email_body, $variable, @env_vars);
  @env_vars = keys(%ENV);
  $date = &get_date;
  if ($sc_shall_i_log_errors eq "yes")
    {
    $log_entry = "$type_of_error\|FILE=$file_name\|LINE=$line_number\|";
    $log_entry .= "DATE=$date\|";
    &get_file_lock("$sc_error_log_path.lockfile");
    open (ERROR_LOG, ">>$sc_error_log_path") || &CgiDie ("The Error Log	could not be opened");
    foreach $variable (@env_vars)      {      $log_entry .= "$ENV{$variable}\|";      }  
    print ERROR_LOG "$log_entry\n";
    close (ERROR_LOG);  
    &release_file_lock("$sc_error_log_path.lockfile");
    } # End of if ($sc_shall_i_log_errors eq "yes")

  if ($sc_shall_i_email_if_error eq "yes")
    {
    $email_body = "$type_of_error\n\n";
    $email_body .= "FILE = $file_name\n";
    $email_body .= "LINE = $line_number\n";
    $email_body .= "DATE=$date\|"; 
    foreach $variable (@env_vars)      {      $email_body .= "$variable = $ENV{$variable}\n";      }  
    &send_mail("$sc_admin_email", "$sc_admin_email", "Web Store Error",
  	       "$email_body");
    } # End of if ($sc_shall_i_email_if_error eq "yes")
  }
#################################################################
#                      get_date Subroutine                      #   
#################################################################
sub get_date
  {
  local ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst,$date);
  local (@days, @months); 
  @days = ('Sunday','Monday','Tuesday','Wednesday','Thursday', 'Friday','Saturday');
  @months = ('January','February','March','April','May','June','July',
             'August','September','October','November','December');
  ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
  if ($hour < 10)     {     $hour = "0$hour";     }
  if ($min < 10)     {     $min = "0$min";     }
  if ($sec < 10)     { $sec = "0$sec";     }
  $year = ($sc_current_century-1) . "$year";
  $date = "$days[$wday], $months[$mon] $mday, $year at $hour\:$min\:$sec";
  return $date;
  }       
#################################################################
#                     display_price Subroutine                  #
#################################################################
sub display_price
  {
  local ($price) = @_;
  local ($format_price);
   if ($sc_money_symbol_placement eq "front")    {    $format_price = "$sc_money_symbol $price";    }
  else    {    $format_price = "$price $sc_money_symbol";    }
  return $format_price;
  }
#######################################################################
#                            get_file_lock                            #
#######################################################################
sub get_file_lock 
  {
  local ($lock_file) = @_;
  local ($endtime);
  $endtime = 20;
  $endtime = time + $endtime;
  while (-e $lock_file && time < $endtime)     {    sleep(1);    }
  open(LOCK_FILE, ">$lock_file") || CgiDie ("I could not open the lock     file");
# flock(LOCK_FILE, 2); # 2 exclusively locks the file
  } 
#######################################################################
#                            release_file_lock                        #
#######################################################################
sub release_file_lock 
  {
  local ($lock_file) = @_;
    # flock(LOCK_FILE, 8); # 8 unlocks the file
  close(LOCK_FILE);
  unlink($lock_file);
  } 
#######################################################################
#                            format_price                             #
#######################################################################
 
		# $price =&format_price(xxx.yyyyy);
 
		#
		# Also notice that this routine takes a value even if it
		# is longer than two decimal places and formats it with
		# rounding.  Thus, you can utilize price calculations such
		# as 12.99 * 7.985 (where 7.985 might be some tax value.
 
sub format_price
  {
   local ($unformatted_price) = @_;
  local ($formatted_price);
  $formatted_price = sprintf ("%.2f", $unformatted_price);
  return $formatted_price;
  }
  
  sub ReadParse {
   if ($ENV{'REQUEST_METHOD'} eq 'GET') { @pairs = split(/&/, $ENV{'QUERY_STRING'}); }
   elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
     @pairs = split(/&/, $buffer);  }
   else {  &error('request_method');  }
foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair);
       $name =~ tr/+/ /;
       $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
       $value =~ tr/+/ /;
       $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
       if ($name eq 'env_report') {  @env_report = split(/,/,$value);   }
       else {
         if ($form_data{$name} && ($value)) { $form_data{$name} = "$form_data{$name}, $value";  }
         elsif ($value) {   $form_data{$name} = $value;   }
      }
   }
}