⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 cybercart.pl

📁 CyberCart Pro Internet Commerce System 3.042 很好的商业购物程序.Good Shopping Cart, Can be used for Multipl
💻 PL
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
  print "us at $phone.  You creditcard number will be split up and sent \n";
  print "in two separate email messages.  Enter the first half below, and you ";
  print "will be asked for the second half later.</b><p>";
  print "<pre>";
  print "First Half of Credit Card \#:<input size=9 maxlength=8 name=\"CCN\">\n\n";
  print "               Name on Card:<input size=30 maxlength=256 name=\"card_name\">\n\n";
  print qq[           Expiration Month:<SELECT NAME="exp_month"><OPTION VALUE="">---
			 <OPTION VALUE="01">Jan
			 <OPTION VALUE="02">Feb
			 <OPTION VALUE="03">Mar
			 <OPTION VALUE="04">Apr
			 <OPTION VALUE="05">May
			 <OPTION VALUE="06">Jun
			 <OPTION VALUE="07">Jul
			 <OPTION VALUE="08">Aug
			 <OPTION VALUE="09">Sep
			 <OPTION VALUE="10">Oct
			 <OPTION VALUE="11">Nov
			 <OPTION VALUE="12">Dec
									
                   
                         </SELECT>

   ];
  print qq[                    Year:<SELECT NAME="exp_year">
			 <OPTION VALUE="">---
			 <OPTION VALUE="1998">1998
			 <OPTION VALUE="1999">1999
			 <OPTION VALUE="2000">2000
			 <OPTION VALUE="2001">2001
			 <OPTION VALUE="2002">2002
			 <OPTION VALUE="2003">2003
		         </SELECT>
  ];

} elsif ($secure && $creditcards ne "none") {
  print "<pre>";
  print "         Credit Card Number:<input size=20 maxlength=20 name=\"CCN\">\n\n";
  print "               Name on Card:<input size=30 maxlength=256 name=\"card_name\">\n\n";
  print qq[           Expiration Month:<SELECT NAME="exp_month"><OPTION VALUE="">---
                         <OPTION VALUE="01">Jan
                         <OPTION VALUE="02">Feb
                         <OPTION VALUE="03">Mar
                         <OPTION VALUE="04">Apr
                         <OPTION VALUE="05">May
                         <OPTION VALUE="06">Jun
                         <OPTION VALUE="07">Jul
                         <OPTION VALUE="08">Aug
                         <OPTION VALUE="09">Sep
                         <OPTION VALUE="10">Oct
                         <OPTION VALUE="11">Nov
                         <OPTION VALUE="12">Dec


                         </SELECT>

   ];
  print qq[                    Year:<SELECT NAME="exp_year">
                         <OPTION VALUE="">---
                         <OPTION VALUE="1998">1998
                         <OPTION VALUE="1999">1999
                         <OPTION VALUE="2000">2000
                         <OPTION VALUE="2001">2001
                         <OPTION VALUE="2002">2002
                         <OPTION VALUE="2003">2003
                         </SELECT>
  ];
}
print "</b></pre><p>";
printf "<INPUT TYPE=HIDDEN NAME=\"Total\" VALUE=\"%6.2f\">\n",  $order_total;
printf "<INPUT TYPE=HIDDEN NAME=\"Shipping\" VALUE=\"%5.2f\">\n",  $shipping;
printf "<INPUT TYPE=HIDDEN NAME=\"taxes\" VALUE=\"%5.2f\">\n", $taxes;
printf "<INPUT TYPE=HIDDEN NAME=\"discount\" VALUE=$post_query{'discount'}>\n";
printf "<INPUT TYPE=HIDDEN NAME=\"Grand Total\" VALUE=\"%6.2f\">\n", $grandtotal; 
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"invoice\">";
print "<center>";
print "To see your final order form, press this button:<p>\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Continue - Final Order Form\">\n";
print "</center>";
print "</FORM>\n";
print "</td></td></table></center><p>\n";
&print_links;
&footer;
exit;
} 
#----------------------------------------------------#

sub check_form {
# routine to check for missing info in forms

$missinginfo="no";
foreach $a (@required) {
  if ($a eq "Zip") {
    if ($post_query{'country'} eq "US" || $post_query{'country'} eq "Canada") {
      if (!$post_query{'zip'}) {
        $missing{$a}=1;
        $missinginfo="yes";
      }
    }
  } else {
    unless ($post_query{$formname{$a}}) {
      $missing{$a}=1;
      $missinginfo="yes";
    }
  }
}

if (!$post_query{'billing'}) {
  foreach $b (@requiredb) {
    unless ($post_query{$formnameb{$b}}) {
	  $missing{$b}=1;
	  $missinginfo="yes";
	}
  }
}

if ($post_query{'email'} !~ /([\w-_.]+\@[\w-_.]+)/) {
  $badmail=1;
  $missinginfo="yes";
}

if ($missinginfo =~ m/yes/) { 
  print "<h1>Missing Information</h1>";
  print "<table width=580>";
  print "Before we can process your order, ";
  print "we need you to provide all the information in the previous form.";
  print "  Please provide the following pieces of necessary information:<p>";
  print "<form method=POST action=$secure_url>\n";
  print "<input type=hidden name=merchant value=$post_query{'merchant'}>\n";
  foreach $hidval (keys %post_query) {
    if ($post_query{$hidval}) {
      print "<input type=hidden name=\"$hidval\" value=\"$post_query{$hidval}\">\n";
    }
  }

  foreach $key (keys %missing) {
    if ($key =~ m/cardtype/) {
      print "<tr valign=top><td align=right><b>Payment<br>Method</b></td><td align=left>\n";
      foreach $a (@credit) {
        print "<input type=\"radio\" name=\"cardtype\" value=\"$a\">$a<br>";
      }
      print "</td></tr>\n";
    } elsif ($key ne "Email") {
    print "<tr valign=middle><td align=right><b>$key<br></b></td>\n";
    print "<td align=left><input type=text name=\"$formname{$key}\" size=40></td></tr>\n";
    }
  }
  # Check for a valid email address
  if ($badmail) {
    print "<tr valign=top><td align=right><b>Email</b><br></td>\n";
    print "<td valign=top>Please provide a valid email address:<br>";
    print "<input type=text name=email size=40></td></tr>";
  }



  print "</table>\n";
  print "<p><center>\n";
  print "<table>";
  print "<tr valing=top><td>";
  if ($post_query{'delivery'} ne "default") {
    print "<input type=hidden name=\"del_cost\" value=$delivery_method{$post_query{'delivery'}}>\n";
  }

  print "<input type=hidden name=\"taxes\" value=\"$taxes\">\n";  
  print "<input type=hidden name=\"action\" value=\"ship\">\n";
  print "<input type=SUBMIT value=\"Please Reprocess Form!\"></form>\n";
  print "</td><td>";
  print "<FORM METHOD=POST ACTION=$script_url>\n";
  print "<input type=hidden name=merchant value=>\n";
  print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"clear\">";
  print "<INPUT TYPE=SUBMIT VALUE=\"Clear Order\">\n";
  print "</FORM>\n";
  print "</td></tr>";
  print "</table></center>\n";
  &print_links;
  &footer;
  exit(0);
  }
}
# End sub check_form
#----------------------------------------------------#

sub checkstatus {
# Print out the order status.  To use this feature, you have to add 
# some hidden form variables.

($status, $ordate) = &get_status;

print qq(
<table cellspacing=0 cellpadding=10 bgcolor=$Table_Header_Color Border=1>
<tr><td align=center colspan=4>
<h2>Status for Order \#$order_number</h2>
</td></tr>
<tr align=left>
<th>Name</th><th>Order Number</th><th>Date Received</th><th>Order Status</th>
</tr><tr align=left bgcolor=$Table_Body_Color>
<td>$customer</td><td>$order_number</td><td align=center>$ordate</td>
<td>$status</td></td></tr>
</table>);
&print_links;
&footer;
}
#-----------------------------------------------------------------------------


sub cleanup {
#Open merchant temp directory, delete files older than 2 days

opendir(ORD, "$order_dir") || &error("cant open $order_dir in sub cleanup.");
while ($name = readdir(ORD)) {
  if ($name =~ m/tmp/) {
    $name = $order_dir . "\\$name";
    if (-A $name > 2) {
      unlink($name);
    }
  } #close if
}  #close while
close(ORD);
}
# End Cleanup
#---------------------------------------------------------------

sub clear {
# Clear order
if (-s $order_file) {
  unlink($order_file) || &error("Cant unlink $order_file in sub clear!");
  print "<h1>Order Cleared</h1>";
  print "Your order has been cleared.<p>";
} else {
  $script_order = $home_page;
  print "<h1>Clear Order Failed</h1>\n";
  print "No order to clear!<p>\n";
}
&return_page;
&print_links;
&footer;
exit;
}
# End sub clear
#----------------------------------------------------#

sub credit_card_check {

# Check to see if creditcard number valid.  0000 is for debugging purposes.
if ($post_query{'CCN'} ne "0000" && -s $ccmod) {
  $creditcheck = &validate($post_query{'CCN'});
  if ($creditcheck == 0 || $cardname eq "Unknown" || $post_query{'CCN'} =~ m/[a-zA-Z]/i) {
    print qq[
<h1>Invalid Card Number</h1>
The $post_query{'cardtype'} card number you provided, $post_query{'CCN'},
does not appear to be a valid card number.  Please check the number
provided.  If there is an error, please contact 
<a href="mailto:$recipient">$recipient</a>.
 ];
&print_links;
&footer;
exit;
  }

}
}
#-----------------------------------------------------#

sub creditcard2_form {
# Get second part of credit card if not secure

print "<h3>Second Half of CC Number</h3>\n";
print "<table border=1 cellspacing=0 cellpadding=1 width=\"$Table_width\" bgcolor=\"$Table_Body_Color\">"; 
print "<td>";
print "To make sending your CC number safer, the number ";
print "is sent via to separate network packets, making interception ";
print "more difficult.</p>\n";
print "<form method=post action=$script_url>\n";
print "<input type=hidden name=merchant value=$post_query{'merchant'}>\n";
print "<input type=hidden name=email value=$post_query{'email'}>\n";
print "<input type=hidden name=zip value=$post_query{'zip'}>\n";
print "<input type=hidden name=exp_month value=$post_query{'exp_month'}>\n";
print "<input type=hidden name=exp_year value=$post_query{'exp_year'}>\n";
print "<input type=hidden name=\"Grand Total\" value=$post_query{'Grand Total'}>\n";
if (@dlfiles > 0) {
  print "<input type=hidden name=dlfiles value=yes>\n";
}
print "<b>Second Half of Number:</b>";
print "<input type=text name=\"CCN2\" size=8 maxlength=8>\n";
print "<input type=hidden name=\"action\" value=\"cc2\"><p>\n";
print "<center>";
print "<input type=submit value=\"Send 2nd Half\">\n";
print "</center>\n";
print "</form>\n";
print "</td></table><p>";
}
# sub End creditcard2_form
#----------------------------------------------------#

sub cc2 {
# Mail second half of credit card
if (!$post_query{'CCN2'} || $post_query{'CCN2'} eq "") {
  &header;
print qq[
<h3>Missing Second Half of Credit Card Info</h3>
In order to complete processing of your order, you must provide the
second half of your creditcard number.  Splitting up your creditcard
information greatly reduces the chance of interception.  Please use the
back button, provide the second half of the number, and resubmit the form.
];
  &print_links;
  &footer;
  exit;
}

$order_num = $session_id;
$order_num =~ s/\.//g;

$sec_file = "$invoice_dir" . "\\$order_num" . ".order";
$order_file = $order_dir . "\\$order_num" . ".tmp";

open(ORDER, "<$sec_file") || &error("Can't open sec_file $sec_file");
while (<ORDER>) {
  if ($_ =~ m/1st Half of Number/i) {
    ($gar,$fhnum) = split(/:/,$_);
    $fhnum =~ s/ //ig;
    last;
  }
}
close(ORDER);

$fullnum = $fhnum . "$post_query{'CCN2'}";

# Check to see if creditcard number valid.  0000 is for debugging purposes.
if ($fullnum =~ m/[a-zA-Z]/) {
  &header;
  print qq[<html><body>
<h3>Invalid Card Number</h3>
The $post_query{'cardtype'} card number you provided,
does not appear to be a valid card number. Credit card numbers cannot contain
letters.  Please check the number provided.  If there is an error, please contact
<a href="mailto:$recipient">$recipient</a>.
 ];
    &print_links;
    &footer;
    exit;
}

if ($fullnum ne "0000" && -s $ccmod) {
  $cardname = &cardtype($fullnum);
  $creditcheck = &validate($fullnum);
  if ($creditcheck == 0 || $cardname eq "Unknown") {
    &header;
    print qq[<html><body>
<h3>Invalid Card Number</h3>
The $post_query{'cardtype'} card number you provided,
does not appear to be a valid card number.  Please check the number
provided.  If there is an error, please contact
<a href="mailto:$recipient">$recipient</a>.
 ];
    &print_links;
    &footer;
    exit;
  } 
}


if ($onanalysis) {
  $post_query{'CCN'}=$fullnum;
  &run_transaction;
  &print_results;
} else {  
  $tempsec = $order_dir . "\\$order_num" . "cc.tmp";
  open(MAIL, ">$tempsec") || &error("Cant open $mail_loc in sub cc2.");
  print MAIL "Second half of CC: $post_query{'CCN2'}\n";
  close(MAIL);
  $subject = "Order \#$order_num Part 2";
  $mailcc ="$mail_loc $tempsec \-t $recipient \-s \"$subject\" -server $mail_server";
  system("$mailcc");
  unlink($tempsec);
}

if ($post_query{'dlfiles'}) {
  open(DL, "<$order_file") || &error("Couldn't open order_file $order_file");
  while (<DL>) {
    chop;
    ($name,$current_code,$amount,$price,$hand,$item_ship,
     $wt,$prop[1],$prop[2],$prop[3],$dl_file)=split(/:/);    
    if ($dl_file) {
      push(@dlfiles,$dl_file);
    }
  }
  close(DL);
  if (!$delorder) {
    unlink($order_file);
  }
  &download(@dlfiles);
} else {
  if (!$delorder) {
    unlink($order_file);
  }
  &print_thanks;
}

&footer;
}
# End sub cc2
#----------------------------------------------------#

sub debug {
# Debug routine used in development
%cookies = split('[;=] *',$ENV{'HTTP_COOKIE'});

if (!$header) {
  # print header if one hasn't been printed
  &header;
}
print "action = $action<BR>\n";
print "shipping = $shipping_cost<br>\n";
print "session_id = $session_id<br>\n";
print "Variables passed through form:<br>";
foreach $key (keys %post_query) {
  print "$key - $post_query{$key}<br>";
}
print "<br>\n";
foreach $cook (keys %cookies) {
  print "$cook = $cookies{$cook}<br>";
}

print "cookies_id = $cookies{'ID'}<br>";

print "merchant = $merchant_data<br>\n";
print "script url = $script_url<br>\n";
print "order directory = $order_dir<br>\n";
print "pathinfo = $ENV{'PATH_INFO'}<br>\n";
print "client = $client<br>\n";
print "clientemail = $clientemail<br>";
print "order_file = $order_file<br>";
print "ordertotal = $ordertotal<br>";
exit;
}
# End sub debug
#----------------------------------------------------#


# New, more secure decoding routine from Matt's Script Archive Programs
sub decode2 {
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
  @pairs = split(/&/, $ENV{'QUERY_STRING'});
} elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
  @pairs = split(/&/, $buffer);
}
# print "Content-type: text/html\n\n";

foreach $pair (@pairs) {
  ($name, $value) = split(/=/, $pair);
  $name =~ tr/+/ /;
  $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

  # Take care of server side includes
  $value =~ s/<!--(.|\n)*-->//g;
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -