#!/usr/bin/perl use strict; # avoids unintentional variable declarations use warnings; use CGI qw(:all *table *Tr *td); # 'standard' allows most of CGI.pm methods to be used as functions # '*table' allows use of start_table() and end_table() functions # '*Tr' allows use of start_Tr() and end_Tr() functions use CGI::Carp "fatalsToBrowser"; use DBI; require "CCvalidate.inc"; # PRODUCT INFORMATION: my $dbh = do_connect(); my $productID = "".param("productID"); my $query = "select product_name, product_price, product_image from product"; my $sth = $dbh->prepare($query); $sth->execute(); # these variables hold information about the products selected by the customer my ($productName, $price, $productImage); ($productName, $price, $productImage) = $sth->fetchrow_array; my $quantity = param("quantity"); my $subtotal = $quantity * $price; my $GST = sprintf ('%.2f', $subtotal * 0.07); my $PST = sprintf ('%.2f', $subtotal * 0.08); my $total= $subtotal + $GST + $PST; # CUSTOMER INFORMATION: # these variables hold the personal information entered by the customer my $name = param("name"); my $email = param("email"); my $phone = param("phone"); my $address1 = param("address1"); my $address2 = param("address2"); my $city = param("city"); my $province = param("province"); my $postalCode = param("postalCode"); my $creditCardType = param("creditCardType"); my $creditCardNumber = param("creditCardNumber"); my $creditCardExpiry = param("creditCardExpiry"); my $creditCardName = param("creditCardName"); my $confirmationNumber; my $password; my $userID; # ERROR FLAGS: my $quantityError = 0; my $nameError = 0; my $emailError = 0; my $phoneError = 0; my $addressError = 0; my $cityError = 0; my $provinceError = 0; my $postalCodeError = 0; my $creditCardError = 0; my $creditCardNameError = 0; # MAIN SECTION: # create the html header print header(); # determines the correct page to display if(param("page") eq "catalogue") { checkQuantity(); if ($quantityError) { catalogue(); } else { calculations(); } } elsif(param("page") eq "goToCreateAccount") { personalInfo(); } elsif(param("page") eq "personalInfo") { validatePersonalInfo(); if ( $nameError || $emailError || $phoneError || $addressError || $cityError || $provinceError || $postalCodeError || $creditCardError || $creditCardNameError ) { personalInfo(); } else { confirmation(); } } elsif(param("page") eq "helpWindow"){helpWindow();} else{catalogue();} print end_html(); # SUBROUTINES: # Student Assignment Submission Form as required by assignment specifications sub submissionForm { print hr(), "", h3("Student Assignment Submission Form"), span ({-class=>"fineprint"}, "I declare that the attached assignment is wholly my own work in accordance with Seneca Academic Policy. No part of this assignment has been copied manually or electronically from any other source (including web sites)"), br, br, span ({-class=>"fineprint"},"Meledy Ang"), br, span ({-class=>"fineprint"},"Student# 016 518 029"), br, span ({-class=>"fineprint"},"April 8, 2003"), br, br; } # end of submissionForm() # CREATES THE MAIN CATALOGUE PAGE sub catalogue { print start_html( { -title=>"The Catalogue Page", -style=>{-src=>"./mymanager1.css"} } ); #pagetop(); print h2("Welcome to our company!"); print br, "Please select one of our remarcable products:", br, br, br, br; print start_form( { -action=>"index.cgi", -method=>"get" } ), start_table({-align=>"center"}); my $startRow; my $rowNumber; if(param("rowNumber") eq "") { $startRow = 0; } else { $startRow = param("row"); } print start_Tr(); my $dbh = do_connect(); my $query = "select product_id, product_name, product_desc, product_price, product_image from product where product_notforsale = '0' order by product_id LIMIT $startRow , 3;"; my $sth = $dbh->prepare($query); $sth->execute(); my ($product_id, $product_name, $product_desc, $product_price, $product_image); while(($product_id, $product_name, $product_desc, $product_price, $product_image) = $sth->fetchrow_array) { print td( {-align=>"center"}, img( { -src=>$product_image, -height=>"87", -width=>"80", -alt=>$product_name } ), br, "", br, span ( {-class=>"fineprint"}, $product_name, br, '$', $product_price ) ); } print end_Tr(); print start_Tr(), start_td({-align=>"center", -colspan=>'3'}); if(param("rowNumber") eq "") { $rowNumber = getNumberOfRows("select * from product where product_notforsale = '0';"); } else { $rowNumber = param("rowNumber"); } if($rowNumber != 0) { my $previous = ($startRow - 3) >= 0 ? ($startRow - 3) : 0; my $next = ($startRow + 3) < $rowNumber ? ($startRow + 3) : $5; print "
[<< Previous]"; print ' '; print "[Next >>]"; } print end_td(), end_Tr(); if ($quantityError == 1) # for product or quantity errors { print Tr( td( {-align=>"center", -colspan=>'3'}, comment("this cell only appears if any invalid product or quantity is selected"), span( {-class=>"invalid"}, "Please select a product and quantity." ) ) ); } print Tr( td( {-align=>"center", -colspan=>'3'}, "Quantity", popup_menu( -name=>"quantity", -values=>["--","0","1","2","3","4","5","6","7","8","9","10","11","12","13","14","15","16","17","18","19","20","23","22","23","24","25"], -default=>"--" ) ) ); print Tr( td( {-align=>"center",-colspan=>"3"}, hr ) ), Tr( ### button row ### td({-align=>"center",-colspan=>"3",-valign=>"middle"}, comment(" this cell contains all the buttons "), comment(" submit button to choose product and quantity"), # submit button q(), ' ', comment(" clear form button"), # clear form button q(), ' ', comment(" Manager Options button "), # mangaer options button a( {-href=>"manager.cgi"}, img( { -src=>"./images/manager_mode.jpg", -height=>"40", -width=>"125", -alt=>"Manager Mode", -border=>"0" } ) ), ' ', br ) # end td ), # end of Tr end_table(), comment(" hidden fields to pass along necessary variables "), hidden(-name=>'page',-default=>'catalogue', -override=>'catalog'), # this names the page currently displayed end_form; submissionForm(); } # end of catalogue() # CREATES THE PRODUCT CALCULATIONS PAGE sub calculations { print start_html( { -title=>"Product Calculations", -style=>{-src=>"./mymanager1.css"} } ); #pagetop(); print h2("Your Order Information"), br, comment("This table shows the costs for the product the customer wants to purchase"), start_table({-align=>"center"}), Tr( td({-align=>"right",-valign=>"middle"}, 'Product :',br, 'Quantity:',br, 'Price :',br, 'Subtotal:',br, 'GST :',br, 'PST :',br, 'Total:' ), # end of td td({-align=>"left"}, $productName, br, $quantity, br, '$',$price, br, '$',$subtotal, br, '$',$GST, br, '$',$PST, br, '$',$total ), # end of td td({-valign=>"top",-valign=>"middle"}, img( { -src=>$productImage, -height=>"289", -width=>"266", -alt=>$productName } ) ) ), # end of Tr Tr( td( {-align=>"center",-colspan=>"3"}, hr ) ), Tr( ### button row ### td({-align=>"center",-valign=>"middle",-colspan=>"3"}, comment(" this cell contains all the buttons "), br, # submit button to order, customer already has account comment("submit button to order, customer already has account"), a( {-href=>"index.cgi?page=goToAccountLogin"}, img( { -src=>"./images/haveAccount.jpg", -height=>"40", -width=>"125", -alt=>"Place order, already have account", -border=>"0" } ) ), ' ', # submit button to order, customer needs to create account comment("submit button to order, customer needs to create account"), a( {-href=>"index.cgi?page=goToCreateAccount"}, img( { -src=>"./images/createAccount.jpg", -height=>"40", -width=>"125", -alt=>"Place order, do not already have account", -border=>"0" } ) ), ' ', # cancel order button, return to catalogue comment("cancel order button, return to catalogue"), a( {-href=>"index.cgi?page=cancel"}, img( { -src=>"./images/cancel.jpg", -height=>"35", -width=>"125", -alt=>"Cancel and Return to Catalogue", -border=>"0" } ) ), br, br ) # end of td ), # end of Tr end_table(); # end of product info table } # end of submissionForm() # CREATES THE PERSONAL INFORMATION ENTRY PAGE sub personalInfo { print start_html( { -title=>"Customer Information", -style=>{-src=>"./mymanager1.css"} } ); #pagetop(); print h2("Your Order Information"), "If the product information displayed here is correct,", br, "please fill in the form below so that we can process your order.", br, br, comment("This table is for the customer to fill in their shipping and payment info."), start_form({ -action=>"index.cgi", -method=>"get"}), start_table({-align=>"center", -border=>"2"}); if ($nameError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the name entered is invalid"), span({-class=>"invalid"}, "Invalid name! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"Full Name"), td({-align=>"left"}, textfield( { -name=>"name", -size=>"40", -maxlength=>"40" } ) ) ); if ($emailError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the email entered is invalid"), span({-class=>"invalid"}, "Invalid email address! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"Email Address"), td({-align=>"left"}, textfield( { -name=>"email", -size=>"40" } ) ) ); if ($phoneError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the phone number entered is invalid"), span({-class=>"invalid"}, "Invalid telephone number! Please re-enter. Click on Help button for more information." ) ) ); } print Tr(td({-align=>"right"},"Phone Number"), td({-align=>"left"}, textfield( { -name=>"phone", -size=>"15" } ) ) ); if ($addressError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the address entered is invalid"), span({-class=>"invalid"}, "Invalid address! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"Address"), td({-align=>"left"}, textfield( { -name=>"address1", -size=>"40", -maxlength=>"40" } ), br, textfield( { -name=>"address2", -size=>"40", -maxlength=>"40" } ) ) ); if ($cityError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the city entered is invalid"), span({-class=>"invalid"}, "Invalid city! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"City"), td({-align=>"left"}, textfield( { -name=>"city", -size=>"40", -maxlength=>"40" } ) ) ); if ($provinceError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the province entered is invalid"), span({-class=>"invalid"}, "Invalid province! Please re-select. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"Province"), td({-align=>"left"}, popup_menu( -name=>"province", -values=>["---","AB","BC","MB","NB","NF","NS","NT","ON","PE","QC","SK","YT"], -default=>"---" ), " ", " ", "Postal Code ", textfield( { -name=>"postalCode", -size=>"7", -maxlength=>"7" } ), ) ), Tr( td({-align=>"center",-colspan=>"2"}, " ") ); if ($creditCardError) { print Tr( td({-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the credit card info entered is invalid"), span({-class=>"invalid"}, "Invalid credit card! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"},"Credit Card"), td({-align=>"left"}, radio_group( -name=>"creditCardType", -values=>["VISA", "MasterCard", "AmericanExpress"], -default=>"noSelection", -rows=>"1", -columns=>"3" ) ) ), Tr( td({-align=>"right"},"Credit Card Number"), td({-align=>"left"}, textfield( { -name=>"creditCardNumber", -size=>"16", -maxlength=>"16" } ), " ", "Expiry Date ", textfield( { -name=>"creditCardExpiry", -size=>"5", -maxlength=>"5" } ), ) ); if ($creditCardNameError) { print Tr( td( {-align=>"center", -valign=>"bottom", -colspan=>"2"}, comment("this cell only appears if the card holder name entered is invalid"), span({-class=>"invalid"}, "Invalid name! Please re-enter. Click on Help button for more information." ) ) ); } print Tr( td({-align=>"right"}, "Card Holder's Name", br, span({-class=>"fineprint"},"(required only if", br, "different from above)") ), td({-align=>"left"}, textfield( { -name=>"creditCardName", -size=>"40", -maxlength=>"40" } ) ) ), Tr( td({-align=>"center",-colspan=>"2"}, " ") ), Tr( ### button row ### td( {-align=>"center",-colspan=>"2",-valign=>"middle"}, comment(" this cell contains all the buttons "), comment(" submit button to place order"), # submit button to place order q(), ' ', comment(" clear form button"), # clear form button q(), ' ', comment(" cancel order, return to catalogue/home button "), # cancel button a( {-href=>"index.cgi"}, img( { -src=>"./images/cancel.jpg", -height=>"40", -width=>"125", -alt=>"Cancel and Return to Catalogue", -border=>"0" } ) ), ' ', comment("clicking this button creates a new window displaying the validation rules for the customer's personal information"), q(), br, ' ' ) # end of td ), # end of Tr end_table(), # end of customer info table comment(" hidden fields to pass along necessary variables "), hidden( -name=>'page', -default=>'personalInfo', -override=>'personalInfo' ), # this names the page currently displayed hidden(-name=>'productID',-default=>$productID), hidden(-name=>'quantity',-default=>$quantity), end_form(); } # end of personalInfo() # CREATES THE ORDER CONFIRMATION PAGE sub confirmation { open DICT, "/usr/share/dict/words"; # Get all the 4-6 letter words (no capitals!) my @dictionary=grep(/^[a-z]{4,6}$/,