Perl - Register/Checkout

Code for Register.pl (called when 'Go to Checkout' is clicked)

#!perl -w
# $RCSfile: register.pl,v $
# $Revision: 1.0 $
# retrieve currently selected pids from cookie
# display form for customer info.

use CGI;
use CGI::Carp "fatalsToBrowser";
use DBI;
use Utilities;


$q			= new CGI;
%products		= $q->cookie("products");

# assume there's nothing in the cart if %products is not defined
if (! defined(%products))
{
	print $q->header(), $q->start_html();
	print "Nothing in cart.";
	exit();
}

@pids		= keys(%products);
# quote strings for SQL statement
for (@pids)
{
	$_ =~ s/$_/'$_'/;
}
$pidstr		= join("OR pid=", @pids);
($dbh, $sth);
$user 		= "";
$auth		= "";
$dsn		= "demo";
$driver		= "ODBC";

$total		= 0;
$sql		= << SQL;
SELECT * FROM products WHERE pid=$pidstr
SQL

print $q->header();
print $q->start_html();
print qq(< form action="/cgi-bin/checkout.pl">);
print qq(< center>< table>);
print qq(< tr>< th>ProductID< /th>< th>Title< /th>< th>Price< /th>< th>Qty< /th>< /tr>);
eval {
	$dbh = DBI->connect("dbi:$driver:$dsn",$user,$auth,{RaiseError=>1});
	$sth = $dbh->prepare($sql);
	$sth->execute();
	while (@rs = $sth->fetchrow())
	{
		$rs[5] = sprintf("%.2f", $rs[5]);
                print qq(< tr>< td>< input size=3 name="pID" value=$rs[0]>< /td>);
		print qq(< td>$rs[1]< /td>);
		print qq(< td>< input size=7 name="price" value=$rs[5]>< /td>);
		print qq(< td>< input size=5 name="qty");
		print qq(value="$products{$rs[0]}">< /td>< /tr>);
		
		$total += $rs[5] * $products{$rs[0]};
            
	}
};

print qq(< /table>);
$total = sprintf("%.2f",$total);
print "< b>TOTAL: < u>\$$total< /u>< /b>< br>< br>";

print (<< FORM);
< table>
  < tr>< td>Lastname:< /td>< td>< input name="lastname">< /td>< /tr>
  < tr>< td>Firstname:< /td>< td>< input name="firstname">< /td>< /tr>
   < tr> < td>    Telephone number:< /td>< td> < input name="phone">< /td>< /tr>
   < tr> < td>    E-mail address: < /td>< td>< input name="email">< /td>< /tr> 
  < tr>  < td>    Mailing address: < /td>< td>< input name="address">< /td>< /tr>
  < tr>  < td>   Are you a new customer?: < /td>< td>< input type="radio" value="yes" name="response">Yes< input type="radio" value="no" name="response">No< /td>< /tr>  
  < tr>  < td>   Enter your User name:< br>(If you're a new customer, enter a 6-8 letter name.)< /td>< td>< input name="userid">< /td>< /tr>
    
< /table>
< br>< input type="submit" value="SEND ORDER">< /form>< /center>
FORM

if ($@)
{
	cleanup(-error=>$@,-dbh=>$dbh,-sth=>$sth);
	exit(1);
}

print $q->end_html();

cleanup(-dbh=>$dbh,-sth=>$sth);
exit();



Code for Checkout.pl (called when form is submitted)
#!perl -w
# $RCSfile: checkout.pl,v $
# $Revision: 1.0 $
# verify form and update database.

use CGI;
use CGI::Carp "fatalsToBrowser";
use DBI;
use Utilities;

$dbh		= "";
$sth		= "";
$user 		= "";
$auth		= "";
$dsn		= "demo";
$driver		= "ODBC";
$found		= 0;
$sqluname	= qq{SELECT username FROM Customers WHERE username = '$userid'};
$sqlemail       = qq{SELECT email FROM Customers WHERE username = '$userid'};


$q	    = new CGI;
$lastname   = $q->param("lastname");
$firstname  = $q->param("firstname");
$address    = $q->param("address");
$email      = $q->param("email");
$phone      = $q->param("phone");
$userid     = $q->param("userid");
@pID        = $q->param("pID");
@qty        = $q->param("qty");
@price      = $q->param("price");
$response   = $q->param("response");


print($q->header());
print($q->start_html());

if($lastname eq "" ||$firstname eq ""|| $address eq "" || $email eq "" || $phone eq "" ||
$userid eq "" || $response eq "")
{
      print("No field can be empty.");
      print(qq{< a href="register.pl">Go Back.< /a>});
      print($q->end_html());
      exit();
}
if($userid !~ /\w{6,8}/) 
{
      print("Invalid user name, must be 6-8 letters.");
      print(qq{< a href="register.pl">Go Back.< /a>});
      print($q->end_html());
      exit();
}

	
$dbh = DBI->connect("dbi:$driver:$dsn",$user,$auth) || die(DBI->errstr);

if($response eq "yes")
{
	$sth = $dbh->prepare($sqluname) || die($dbh->errstr);
	$sth->execute() || die($sth->errstr);
        $name1 = $sth->fetchrow();
	if($name1 eq $userid)
	{
	
		print("User name already exists, please choose another.");
        	print(qq{< a href="register.pl">Go Back.< /a>});
		print($q->end_html());
        	exit();
	}
	$sth->finish();
}

if($response eq "no")
{
	$sth = $dbh->prepare($sqlemail) || die($dbh->errstr);
	$sth->execute() || die($sth->errstr);
	$email1 = $sth->fetchrow();
        if($email1 ne $email)
        {
		print("User name does not validate!");
		print(qq{< a href="register.pl">Go Back.< /a>});
		print($q->end_html());
        	exit();
	}
	$sth->finish();
}

$dbh->do(qq{INSERT INTO Customers VALUES('$userid','$lastname','$firstname','$address','$email','$phone')});

for($i=0;$i<=$#pID;$i++)
{
	$totalprice=$price[$i] * $qty[$i];
	$dbh->do(qq{INSERT INTO Orders VALUES('$userid','$pID[$i]','$qty[$i]',
	'$totalprice')});
}

print("Your order has been processed. Thank-you!");


$sth->finish();

$dbh->disconnect();

print($q->end_html());

exit();
Go Back Home

Jump to:
Book Search | Add/Update | View Cart

Go to top