#!perl -w
# $RCSfile: view.pl,v $
# $Revision: 1.4 $
# retrieve currently selected pids from cookie
# use the pids to query the db

use CGI;
use CGI::Carp "fatalsToBrowser";
use DBI;
use Utilities;


$q			= new CGI;
%products		= $q->cookie("products");

# assume there's nothing in the cart if %products is not defined
if (! defined(%products))
{
	print $q->header(), $q->start_html();
	print "Nothing in cart.";
	exit();
}

@pids		= keys(%products);
# quote strings for SQL statement
for (@pids)
{
	$_ =~ s/$_/'$_'/;
}
$pidstr		= join("OR pid=", @pids);
($dbh, $sth);
$user 		= "";
$auth		= "";
$dsn		= "demo";
$driver		= "ODBC";

$total		= 0;
$sql		= << SQL;
SELECT * FROM products WHERE pid=$pidstr
SQL

print $q->header();
print $q->start_html();
print qq(< form action="/cgi-bin/update.pl">);
print qq(< table>);
print qq(< tr>< th>Title< /th>< th>Qty< /th>< th>Check to remove item< /th>< /tr>);
eval {
	$dbh = DBI->connect("dbi:$driver:$dsn",$user,$auth,{RaiseError=>1});
	$sth = $dbh->prepare($sql);
	$sth->execute();
	while (@rs = $sth->fetchrow())
	{
		$rs[5] = sprintf("%.2f", $rs[5]);
		print qq(< tr>< td>$rs[1] $rs[5]< /td>);
		print qq(< td>< input size=5 name="$rs[0]");
		print qq(value="$products{$rs[0]}">< /td>);
		print qq( < input type="checkbox" name="del");
		print qq( value="$rs[0]"> DEL< /td>< /tr>);
		$total += $rs[5] * $products{$rs[0]};
	}
};

print qq(< /table>);
print qq(< input type="submit" value="UPDATE ORDER">);

$total = sprintf("%.2f",$total);
print "< /form> < b>TOTAL: < u>\$$total< /u>< /b>", $q->end_html();

if ($@)
{
	cleanup(-error=>$@,-dbh=>$dbh,-sth=>$sth);
	exit(1);
}

print $q->end_html();

cleanup(-dbh=>$dbh,-sth=>$sth);
exit();